1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.kernel.security.permission.ActionKeys;
26 import com.liferay.portal.kernel.security.permission.PermissionChecker;
27 import com.liferay.portal.model.Location;
28 import com.liferay.portal.model.Organization;
29 import com.liferay.portal.model.User;
30 import com.liferay.portal.security.auth.PrincipalException;
31 import com.liferay.portal.security.permission.PermissionCheckerImpl;
32
33
39 public class UserPermissionImpl implements UserPermission {
40
41 public void check(
42 PermissionChecker permissionChecker, long userId,
43 long organizationId, long locationId, String actionId)
44 throws PrincipalException {
45
46 if (!contains(
47 permissionChecker, userId, organizationId, locationId,
48 actionId)) {
49
50 throw new PrincipalException();
51 }
52 }
53
54 public boolean contains(
55 PermissionChecker permissionChecker, long userId, long organizationId,
56 long locationId, String actionId) {
57
58 PermissionCheckerImpl permissionCheckerImpl =
59 (PermissionCheckerImpl)permissionChecker;
60
61 String organizationActionId = actionId + "_USER";
62
63 if (actionId.equals(ActionKeys.ADD_USER)) {
64 organizationActionId = actionId;
65 }
66
67 if (permissionCheckerImpl.getUserId() == userId) {
68 return true;
69 }
70 else if (permissionChecker.hasPermission(
71 0, User.class.getName(), userId, actionId)) {
72
73 return true;
74 }
75 else if ((organizationId > 0) &&
76 permissionChecker.hasPermission(
77 0, Organization.class.getName(), organizationId,
78 organizationActionId)) {
79
80 return true;
81 }
82 else if ((locationId > 0) &&
83 permissionChecker.hasPermission(
84 0, Location.class.getName(), locationId,
85 organizationActionId)) {
86
87 return true;
88 }
89
90 return false;
91 }
92
93 }