1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portlet.messageboards.service.permission;
16  
17  import com.liferay.portal.PortalException;
18  import com.liferay.portal.SystemException;
19  import com.liferay.portal.security.auth.PrincipalException;
20  import com.liferay.portal.security.permission.PermissionChecker;
21  import com.liferay.portal.security.permission.ResourceActionsUtil;
22  import com.liferay.portal.util.PortalUtil;
23  import com.liferay.portlet.messageboards.model.MBDiscussion;
24  import com.liferay.portlet.messageboards.model.MBMessage;
25  import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
26  import com.liferay.portlet.messageboards.service.MBDiscussionLocalServiceUtil;
27  import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
28  
29  import java.util.List;
30  
31  /**
32   * <a href="MBDiscussionPermission.java.html"><b><i>View Source</i></b></a>
33   *
34   * @author Charles May
35   */
36  public class MBDiscussionPermission {
37  
38      public static void check(
39              PermissionChecker permissionChecker, long companyId, long groupId,
40              String className, long classPK, long messageId, long ownerId,
41              String actionId)
42          throws PortalException, SystemException {
43  
44          if (!contains(
45                  permissionChecker, companyId, groupId, className, classPK,
46                  messageId, ownerId, actionId)) {
47  
48              throw new PrincipalException();
49          }
50      }
51  
52      public static void check(
53              PermissionChecker permissionChecker, long companyId, long groupId,
54              String className, long classPK, long ownerId, String actionId)
55          throws PortalException, SystemException {
56  
57          if (!contains(
58                  permissionChecker, companyId, groupId, className, classPK,
59                  ownerId, actionId)) {
60  
61              throw new PrincipalException();
62          }
63      }
64  
65      public static boolean contains(
66              PermissionChecker permissionChecker, long companyId, long groupId,
67              String className, long classPK, long messageId, long ownerId,
68              String actionId)
69          throws PortalException, SystemException {
70  
71          if (!contains(
72                  permissionChecker, companyId, groupId, className, classPK,
73                  ownerId, actionId)) {
74  
75              return false;
76          }
77  
78          MBMessage message = MBMessageLocalServiceUtil.getMessage(
79              messageId);
80  
81          MBDiscussion discussion =
82              MBDiscussionLocalServiceUtil.getThreadDiscussion(
83                  message.getThreadId());
84  
85          long classNameId = PortalUtil.getClassNameId(className);
86  
87          if ((discussion.getClassNameId() == classNameId) &&
88              (discussion.getClassPK() == classPK)) {
89  
90              return true;
91          }
92  
93          return false;
94      }
95  
96      public static boolean contains(
97              PermissionChecker permissionChecker, long companyId, long groupId,
98              String className, long classPK, long ownerId, String actionId)
99          throws SystemException {
100 
101         List<String> resourceActions = ResourceActionsUtil.getResourceActions(
102             className);
103 
104         if (!resourceActions.contains(actionId)) {
105             return true;
106         }
107 
108         if (MBBanLocalServiceUtil.hasBan(
109                 groupId, permissionChecker.getUserId())) {
110 
111             return false;
112         }
113 
114         if ((ownerId > 0) &&
115                 permissionChecker.hasOwnerPermission(
116                     companyId, className, classPK, ownerId, actionId)) {
117 
118             return true;
119         }
120 
121         return permissionChecker.hasPermission(
122             groupId, className, classPK, actionId);
123     }
124 
125 }