1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.PortalException;
26 import com.liferay.portal.SystemException;
27 import com.liferay.portal.kernel.security.permission.ActionKeys;
28 import com.liferay.portal.kernel.security.permission.PermissionChecker;
29 import com.liferay.portal.model.Location;
30 import com.liferay.portal.model.Organization;
31 import com.liferay.portal.model.User;
32 import com.liferay.portal.security.auth.PrincipalException;
33 import com.liferay.portal.security.permission.PermissionCheckerImpl;
34 import com.liferay.portal.service.OrganizationLocalServiceUtil;
35
36
42 public class LocationPermissionImpl implements LocationPermission {
43
44 public void check(
45 PermissionChecker permissionChecker, long locationId,
46 String actionId)
47 throws PortalException, SystemException {
48
49 if (!contains(permissionChecker, locationId, actionId)) {
50 throw new PrincipalException();
51 }
52 }
53
54 public boolean contains(
55 PermissionChecker permissionChecker, long locationId,
56 String actionId)
57 throws PortalException, SystemException {
58
59 PermissionCheckerImpl permissionCheckerImpl =
60 (PermissionCheckerImpl)permissionChecker;
61
62 if (permissionChecker.hasPermission(
63 0, Location.class.getName(), locationId, actionId)) {
64
65 return true;
66 }
67 else if (actionId.equals(ActionKeys.VIEW)) {
68 User user = permissionCheckerImpl.getUser();
69
70 Organization location = user.getLocation();
71
72 if (locationId == location.getOrganizationId()) {
73 return true;
74 }
75 else {
76 return false;
77 }
78 }
79 else if (actionId.endsWith("_USER")){
80 Organization location =
81 OrganizationLocalServiceUtil.getOrganization(locationId);
82
83 long parentOrganizationId = location.getParentOrganizationId();
84
85 if (permissionChecker.hasPermission(
86 0, Organization.class.getName(), parentOrganizationId,
87 actionId)) {
88
89 return true;
90 }
91 else {
92 return false;
93 }
94 }
95 else {
96 return false;
97 }
98 }
99
100 }