1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portlet.messageboards.service.permission;
16  
17  import com.liferay.portal.PortalException;
18  import com.liferay.portal.SystemException;
19  import com.liferay.portal.security.auth.PrincipalException;
20  import com.liferay.portal.security.permission.ActionKeys;
21  import com.liferay.portal.security.permission.PermissionChecker;
22  import com.liferay.portal.util.PropsValues;
23  import com.liferay.portlet.messageboards.model.MBCategory;
24  import com.liferay.portlet.messageboards.model.impl.MBCategoryImpl;
25  import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
26  import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
27  
28  /**
29   * <a href="MBCategoryPermission.java.html"><b><i>View Source</i></b></a>
30   *
31   * @author Brian Wing Shun Chan
32   */
33  public class MBCategoryPermission {
34  
35      public static void check(
36              PermissionChecker permissionChecker, long groupId, long categoryId,
37              String actionId)
38          throws PortalException, SystemException {
39  
40          if (!contains(permissionChecker, groupId, categoryId, actionId)) {
41              throw new PrincipalException();
42          }
43      }
44  
45      public static void check(
46              PermissionChecker permissionChecker, long categoryId,
47              String actionId)
48          throws PortalException, SystemException {
49  
50          if (!contains(permissionChecker, categoryId, actionId)) {
51              throw new PrincipalException();
52          }
53      }
54  
55      public static void check(
56              PermissionChecker permissionChecker, MBCategory category,
57              String actionId)
58          throws PortalException, SystemException {
59  
60          if (!contains(permissionChecker, category, actionId)) {
61              throw new PrincipalException();
62          }
63      }
64  
65      public static boolean contains(
66              PermissionChecker permissionChecker, long groupId, long categoryId,
67              String actionId)
68          throws PortalException, SystemException {
69  
70          if (categoryId == MBCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
71              return MBPermission.contains(permissionChecker, groupId, actionId);
72          }
73          else {
74              return contains(permissionChecker, categoryId, actionId);
75          }
76      }
77  
78      public static boolean contains(
79              PermissionChecker permissionChecker, long categoryId,
80              String actionId)
81          throws PortalException, SystemException {
82  
83          MBCategory category =
84              MBCategoryLocalServiceUtil.getCategory(categoryId);
85  
86          return contains(permissionChecker, category, actionId);
87      }
88  
89      public static boolean contains(
90              PermissionChecker permissionChecker, MBCategory category,
91              String actionId)
92          throws PortalException, SystemException {
93  
94          if (actionId.equals(ActionKeys.ADD_CATEGORY)) {
95              actionId = ActionKeys.ADD_SUBCATEGORY;
96          }
97  
98          if (MBBanLocalServiceUtil.hasBan(
99                  category.getGroupId(), permissionChecker.getUserId())) {
100 
101             return false;
102         }
103 
104         long categoryId = category.getCategoryId();
105 
106         if (actionId.equals(ActionKeys.VIEW)) {
107             while (categoryId != MBCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
108                 category = MBCategoryLocalServiceUtil.getCategory(categoryId);
109 
110                 categoryId = category.getParentCategoryId();
111 
112                 if (!permissionChecker.hasOwnerPermission(
113                         category.getCompanyId(), MBCategory.class.getName(),
114                         category.getCategoryId(), category.getUserId(),
115                         actionId) &&
116                     !permissionChecker.hasPermission(
117                         category.getGroupId(), MBCategory.class.getName(),
118                         category.getCategoryId(), actionId)) {
119 
120                     return false;
121                 }
122 
123                 if (!PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
124                     break;
125                 }
126             }
127 
128             return true;
129         }
130         else {
131             while (categoryId != MBCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
132                 if (permissionChecker.hasOwnerPermission(
133                         category.getCompanyId(), MBCategory.class.getName(),
134                         category.getCategoryId(), category.getUserId(),
135                         actionId)) {
136 
137                     return true;
138                 }
139 
140                 if (permissionChecker.hasPermission(
141                         category.getGroupId(), MBCategory.class.getName(),
142                         category.getCategoryId(), actionId)) {
143 
144                     return true;
145                 }
146 
147                 if (actionId.equals(ActionKeys.VIEW)) {
148                     break;
149                 }
150 
151                 category = MBCategoryLocalServiceUtil.getCategory(categoryId);
152 
153                 categoryId = category.getParentCategoryId();
154             }
155 
156             return false;
157         }
158     }
159 
160 }