1   /**
2    * Copyright (c) 2000-2007 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.counter.service.CounterLocalServiceUtil;
26  import com.liferay.portal.NoSuchPermissionException;
27  import com.liferay.portal.NoSuchResourceException;
28  import com.liferay.portal.PortalException;
29  import com.liferay.portal.SystemException;
30  import com.liferay.portal.kernel.security.permission.PermissionCheckerBag;
31  import com.liferay.portal.kernel.util.GetterUtil;
32  import com.liferay.portal.kernel.util.Validator;
33  import com.liferay.portal.model.Group;
34  import com.liferay.portal.model.OrgGroupPermission;
35  import com.liferay.portal.model.Organization;
36  import com.liferay.portal.model.Permission;
37  import com.liferay.portal.model.Resource;
38  import com.liferay.portal.model.ResourceCode;
39  import com.liferay.portal.model.User;
40  import com.liferay.portal.model.UserGroup;
41  import com.liferay.portal.model.impl.ResourceImpl;
42  import com.liferay.portal.security.permission.PermissionCacheUtil;
43  import com.liferay.portal.security.permission.PermissionCheckerImpl;
44  import com.liferay.portal.security.permission.ResourceActionsUtil;
45  import com.liferay.portal.service.ResourceCodeLocalServiceUtil;
46  import com.liferay.portal.service.ResourceLocalServiceUtil;
47  import com.liferay.portal.service.base.PermissionLocalServiceBaseImpl;
48  import com.liferay.portal.service.persistence.GroupUtil;
49  import com.liferay.portal.service.persistence.OrgGroupPermissionFinder;
50  import com.liferay.portal.service.persistence.OrgGroupPermissionPK;
51  import com.liferay.portal.service.persistence.OrgGroupPermissionUtil;
52  import com.liferay.portal.service.persistence.OrganizationUtil;
53  import com.liferay.portal.service.persistence.PermissionFinder;
54  import com.liferay.portal.service.persistence.PermissionUtil;
55  import com.liferay.portal.service.persistence.ResourceUtil;
56  import com.liferay.portal.service.persistence.RoleUtil;
57  import com.liferay.portal.service.persistence.UserGroupUtil;
58  import com.liferay.portal.service.persistence.UserUtil;
59  import com.liferay.portal.util.comparator.PermissionComparator;
60  
61  import java.util.ArrayList;
62  import java.util.Iterator;
63  import java.util.List;
64  
65  import org.apache.commons.lang.time.StopWatch;
66  import org.apache.commons.logging.Log;
67  import org.apache.commons.logging.LogFactory;
68  
69  /**
70   * <a href="PermissionLocalServiceImpl.java.html"><b><i>View Source</i></b></a>
71   *
72   * @author Charles May
73   * @author Brian Wing Shun Chan
74   *
75   */
76  public class PermissionLocalServiceImpl extends PermissionLocalServiceBaseImpl {
77  
78      public Permission addPermission(
79              long companyId, String actionId, long resourceId)
80          throws PortalException, SystemException {
81  
82          Permission permission = PermissionUtil.fetchByA_R(actionId, resourceId);
83  
84          if (permission == null) {
85              long permissionId = CounterLocalServiceUtil.increment(
86                  Permission.class.getName());
87  
88              permission = PermissionUtil.create(permissionId);
89  
90              permission.setCompanyId(companyId);
91              permission.setActionId(actionId);
92              permission.setResourceId(resourceId);
93  
94              PermissionUtil.update(permission);
95          }
96  
97          return permission;
98      }
99  
100     public List addPermissions(
101             long companyId, String name, long resourceId,
102             boolean portletActions)
103         throws PortalException, SystemException {
104 
105         List permissions = new ArrayList();
106 
107         List actions = null;
108 
109         if (portletActions) {
110             actions =
111                 ResourceActionsUtil.getPortletResourceActions(companyId, name);
112         }
113         else {
114             actions = ResourceActionsUtil.getModelResourceActions(name);
115         }
116 
117         for (int i = 0; i < actions.size(); i++) {
118             String actionId = (String)actions.get(i);
119 
120             Permission permission =
121                 addPermission(companyId, actionId, resourceId);
122 
123             permissions.add(permission);
124         }
125 
126         return permissions;
127     }
128 
129     public void addUserPermissions(
130             long userId, String[] actionIds, long resourceId)
131         throws PortalException, SystemException {
132 
133         User user = UserUtil.findByPrimaryKey(userId);
134 
135         List permissions = PermissionFinder.findByU_R(userId, resourceId);
136 
137         permissions = getPermissions(
138             user.getCompanyId(), actionIds, resourceId);
139 
140         UserUtil.addPermissions(userId, permissions);
141 
142         PermissionCacheUtil.clearCache();
143     }
144 
145     public List getActions(List permissions) throws SystemException {
146         List actions = new ArrayList();
147 
148         Iterator itr = permissions.iterator();
149 
150         while (itr.hasNext()) {
151             Permission permission = (Permission)itr.next();
152 
153             actions.add(permission.getActionId());
154         }
155 
156         return actions;
157     }
158 
159     public List getGroupPermissions(long groupId, long resourceId)
160         throws SystemException {
161 
162         return PermissionFinder.findByG_R(groupId, resourceId);
163     }
164 
165     public List getGroupPermissions(
166             long groupId, long companyId, String name, int scope,
167             String primKey)
168         throws SystemException {
169 
170         return PermissionFinder.findByG_C_N_S_P(
171             groupId, companyId, name, scope, primKey);
172     }
173 
174     public List getOrgGroupPermissions(
175             long organizationId, long groupId, long resourceId)
176         throws SystemException {
177 
178         return PermissionFinder.findByO_G_R(
179             organizationId, groupId, resourceId);
180     }
181 
182     public long getLatestPermissionId()
183         throws PortalException, SystemException {
184 
185         List list = PermissionUtil.findAll(0, 1, new PermissionComparator());
186 
187         if (list.size() == 0) {
188             return 0;
189         }
190         else {
191             Permission permission = (Permission)list.get(0);
192 
193             return permission.getPermissionId();
194         }
195     }
196 
197     public List getPermissions(
198             long companyId, String[] actionIds, long resourceId)
199         throws PortalException, SystemException {
200 
201         List permissions = new ArrayList();
202 
203         for (int i = 0; i < actionIds.length; i++) {
204             Permission permission =
205                 addPermission(companyId, actionIds[i], resourceId);
206 
207             permissions.add(permission);
208         }
209 
210         return permissions;
211     }
212 
213     public List getRolePermissions(long roleId)
214         throws PortalException, SystemException {
215 
216         return RoleUtil.getPermissions(roleId);
217     }
218 
219     public List getUserPermissions(long userId, long resourceId)
220         throws SystemException {
221 
222         return PermissionFinder.findByU_R(userId, resourceId);
223     }
224 
225     public List getUserPermissions(
226             long userId, long companyId, String name, int scope, String primKey)
227         throws SystemException {
228 
229         return PermissionFinder.findByU_C_N_S_P(
230             userId, companyId, name, scope, primKey);
231     }
232 
233     public boolean hasGroupPermission(
234             long groupId, String actionId, long resourceId)
235         throws PortalException, SystemException {
236 
237         Permission permission = null;
238 
239         try {
240             permission = PermissionUtil.findByA_R(actionId, resourceId);
241         }
242         catch (NoSuchPermissionException nspe) {
243 
244             // Return false if there is no permission based on the given action
245             // id and resource id
246 
247             return false;
248         }
249 
250         return GroupUtil.containsPermission(
251             groupId, permission.getPermissionId());
252     }
253 
254     public boolean hasRolePermission(
255             long roleId, long companyId, String name, int scope,
256             String actionId)
257         throws PortalException, SystemException {
258 
259         ResourceCode resourceCode =
260             ResourceCodeLocalServiceUtil.getResourceCode(
261                 companyId, name, scope);
262 
263         Iterator itr = ResourceUtil.findByCodeId(
264             resourceCode.getCodeId()).iterator();
265 
266         while (itr.hasNext()) {
267             Resource resource = (Resource)itr.next();
268 
269             try {
270                 Permission permission = PermissionUtil.findByA_R(
271                     actionId, resource.getResourceId());
272 
273                 if (RoleUtil.containsPermission(
274                         roleId, permission.getPermissionId())) {
275 
276                     return true;
277                 }
278             }
279             catch (NoSuchPermissionException nspe) {
280             }
281         }
282 
283         return false;
284     }
285 
286     public boolean hasRolePermission(
287             long roleId, long companyId, String name, int scope, String primKey,
288             String actionId)
289         throws PortalException, SystemException {
290 
291         try {
292             ResourceCode resourceCode =
293                 ResourceCodeLocalServiceUtil.getResourceCode(
294                     companyId, name, scope);
295 
296             Resource resource = ResourceUtil.findByC_P(
297                 resourceCode.getCodeId(), primKey);
298 
299             Permission permission = PermissionUtil.findByA_R(
300                 actionId, resource.getResourceId());
301 
302             return RoleUtil.containsPermission(
303                 roleId, permission.getPermissionId());
304         }
305         catch (NoSuchPermissionException nspe) {
306         }
307         catch (NoSuchResourceException nsre) {
308         }
309 
310         return false;
311     }
312 
313     public boolean hasUserPermission(
314             long userId, String actionId, long resourceId)
315         throws PortalException, SystemException {
316 
317         Permission permission = null;
318 
319         try {
320             permission = PermissionUtil.findByA_R(actionId, resourceId);
321         }
322         catch (NoSuchPermissionException nspe) {
323 
324             // Return false if there is no permission based on the given action
325             // id and resource id
326 
327             return false;
328         }
329 
330         return UserUtil.containsPermission(
331             userId, permission.getPermissionId());
332     }
333 
334     public boolean hasUserPermissions(
335             long userId, long groupId, String actionId, long[] resourceIds,
336             PermissionCheckerBag permissionCheckerBag)
337         throws PortalException, SystemException {
338 
339         StopWatch stopWatch = null;
340 
341         if (_log.isDebugEnabled()) {
342             stopWatch = new StopWatch();
343 
344             stopWatch.start();
345         }
346 
347         int block = 1;
348 
349         // Return false if there is no resources
350 
351         if ((Validator.isNull(actionId)) || (resourceIds == null) ||
352             (resourceIds.length == 0)) {
353 
354             return false;
355         }
356 
357         List permissions = PermissionFinder.findByA_R(actionId, resourceIds);
358 
359         // Return false if there are no permissions
360 
361         if (permissions.size() == 0) {
362             return false;
363         }
364 
365         // Record logs with the first resource id
366 
367         long resourceId = resourceIds[0];
368 
369         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
370 
371         List userGroups = permissionCheckerBag.getUserGroups();
372         List userOrgs = permissionCheckerBag.getUserOrgs();
373         //List userOrgGroups = permissionCheckerBag.getUserOrgGroups();
374         //List userUserGroupGroups =
375         //  permissionCheckerBag.getUserUserGroupGroups();
376         List groups = permissionCheckerBag.getGroups();
377         List roles = permissionCheckerBag.getRoles();
378 
379         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
380 
381         // Check the organization and community intersection table. Break out of
382         // this method if the user has one of the permissions set at the
383         // intersection because that takes priority.
384 
385         if (checkOrgGroupPermission(userOrgs, userGroups, permissions)) {
386             return true;
387         }
388 
389         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
390 
391         if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 1) {
392             return hasUserPermissions_1(
393                 userId, actionId, resourceId, permissions, groups, groupId,
394                 stopWatch, block);
395         }
396         else if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 2) {
397             return hasUserPermissions_2(
398                 userId, actionId, resourceId, permissions, groups, groupId,
399                 stopWatch, block);
400         }
401         else if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 3) {
402             return hasUserPermissions_3(
403                 userId, actionId, resourceId, permissions, groups, roles,
404                 stopWatch, block);
405         }
406         else if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 4) {
407             return hasUserPermissions_4(
408                 userId, actionId, resourceId, permissions, groups, roles,
409                 stopWatch, block);
410         }
411 
412         return false;
413     }
414 
415     public void setGroupPermissions(
416             long groupId, String[] actionIds, long resourceId)
417         throws PortalException, SystemException {
418 
419         Group group = GroupUtil.findByPrimaryKey(groupId);
420 
421         Iterator itr = PermissionFinder.findByG_R(
422             groupId, resourceId).iterator();
423 
424         while (itr.hasNext()) {
425             Permission permission = (Permission)itr.next();
426 
427             GroupUtil.removePermission(groupId, permission);
428         }
429 
430         List permissions = getPermissions(
431             group.getCompanyId(), actionIds, resourceId);
432 
433         GroupUtil.addPermissions(groupId, permissions);
434 
435         PermissionCacheUtil.clearCache();
436     }
437 
438     public void setGroupPermissions(
439             String className, String classPK, long groupId,
440             String[] actionIds, long resourceId)
441         throws PortalException, SystemException {
442 
443         long associatedGroupId = 0;
444 
445         if (className.equals(Organization.class.getName())) {
446             long organizationId = GetterUtil.getLong(classPK);
447 
448             Organization organization =
449                 OrganizationUtil.findByPrimaryKey(organizationId);
450 
451             OrgGroupPermissionFinder.removeByO_G_R(
452                 organizationId, groupId, resourceId);
453 
454             associatedGroupId = organization.getGroup().getGroupId();
455         }
456         else if (className.equals(UserGroup.class.getName())) {
457             long userGroupId = GetterUtil.getLong(classPK);
458 
459             UserGroup userGroup = UserGroupUtil.findByPrimaryKey(userGroupId);
460 
461             associatedGroupId = userGroup.getGroup().getGroupId();
462         }
463 
464         setGroupPermissions(associatedGroupId, actionIds, resourceId);
465     }
466 
467     public void setOrgGroupPermissions(
468             long organizationId, long groupId, String[] actionIds,
469             long resourceId)
470         throws PortalException, SystemException {
471 
472         Organization organization =
473             OrganizationUtil.findByPrimaryKey(organizationId);
474 
475         long orgGroupId = organization.getGroup().getGroupId();
476 
477         Iterator itr = PermissionUtil.findByResourceId(resourceId).iterator();
478 
479         while (itr.hasNext()) {
480             Permission permission = (Permission)itr.next();
481 
482             GroupUtil.removePermission(orgGroupId, permission);
483         }
484 
485         itr = getPermissions(
486             organization.getCompanyId(), actionIds, resourceId).iterator();
487 
488         OrgGroupPermissionFinder.removeByO_G_R(
489             organizationId, groupId, resourceId);
490 
491         while (itr.hasNext()) {
492             Permission permission = (Permission)itr.next();
493 
494             OrgGroupPermissionPK pk = new OrgGroupPermissionPK(
495                 organizationId, groupId, permission.getPermissionId());
496 
497             OrgGroupPermission orgGroupPermission =
498                 OrgGroupPermissionUtil.create(pk);
499 
500             OrgGroupPermissionUtil.update(orgGroupPermission);
501         }
502 
503         PermissionCacheUtil.clearCache();
504     }
505 
506     public void setRolePermission(
507             long roleId, long companyId, String name, int scope, String primKey,
508             String actionId)
509         throws PortalException, SystemException {
510 
511         if (scope == ResourceImpl.SCOPE_COMPANY) {
512 
513             // Remove group permission
514 
515             unsetRolePermissions(
516                 roleId, companyId, name, ResourceImpl.SCOPE_GROUP, actionId);
517         }
518         else if (scope == ResourceImpl.SCOPE_GROUP) {
519 
520             // Remove company permission
521 
522             unsetRolePermissions(
523                 roleId, companyId, name, ResourceImpl.SCOPE_COMPANY, actionId);
524         }
525         else if (scope == ResourceImpl.SCOPE_INDIVIDUAL) {
526             throw new NoSuchPermissionException();
527         }
528 
529         Resource resource = ResourceLocalServiceUtil.addResource(
530             companyId, name, scope, primKey);
531 
532         Permission permission = null;
533 
534         try {
535             permission = PermissionUtil.findByA_R(
536                 actionId, resource.getResourceId());
537         }
538         catch (NoSuchPermissionException nspe) {
539             long permissionId = CounterLocalServiceUtil.increment(
540                 Permission.class.getName());
541 
542             permission = PermissionUtil.create(permissionId);
543 
544             permission.setCompanyId(companyId);
545             permission.setActionId(actionId);
546             permission.setResourceId(resource.getResourceId());
547 
548             PermissionUtil.update(permission);
549         }
550 
551         RoleUtil.addPermission(roleId, permission);
552 
553         PermissionCacheUtil.clearCache();
554     }
555 
556     public void setRolePermissions(
557             long roleId, long companyId, String name, int scope, String primKey,
558             String[] actionIds)
559         throws PortalException, SystemException {
560 
561         for (int i = 0; i < actionIds.length; i++) {
562             String actionId = actionIds[i];
563 
564             setRolePermission(
565                 roleId, companyId, name, scope, primKey, actionId);
566         }
567     }
568 
569     public void setUserPermissions(
570             long userId, String[] actionIds, long resourceId)
571         throws PortalException, SystemException {
572 
573         User user = UserUtil.findByPrimaryKey(userId);
574 
575         List permissions = PermissionFinder.findByU_R(userId, resourceId);
576 
577         UserUtil.removePermissions(userId, permissions);
578 
579         permissions = getPermissions(
580             user.getCompanyId(), actionIds, resourceId);
581 
582         UserUtil.addPermissions(userId, permissions);
583 
584         PermissionCacheUtil.clearCache();
585     }
586 
587     public void unsetRolePermission(long roleId, long permissionId)
588         throws SystemException, PortalException {
589 
590         try {
591             Permission permission =
592                 PermissionUtil.findByPrimaryKey(permissionId);
593 
594             RoleUtil.removePermission(roleId, permission);
595         }
596         catch (NoSuchPermissionException nspe) {
597         }
598 
599         PermissionCacheUtil.clearCache();
600     }
601 
602     public void unsetRolePermission(
603             long roleId, long companyId, String name, int scope, String primKey,
604             String actionId)
605         throws PortalException, SystemException {
606 
607         try {
608             ResourceCode resourceCode =
609                 ResourceCodeLocalServiceUtil.getResourceCode(
610                     companyId, name, scope);
611 
612             Resource resource = ResourceUtil.findByC_P(
613                 resourceCode.getCodeId(), primKey);
614 
615             Permission permission = PermissionUtil.findByA_R(
616                 actionId, resource.getResourceId());
617 
618             RoleUtil.removePermission(roleId, permission);
619         }
620         catch (NoSuchPermissionException nspe) {
621         }
622         catch (NoSuchResourceException nsre) {
623         }
624 
625         PermissionCacheUtil.clearCache();
626     }
627 
628     public void unsetRolePermissions(
629             long roleId, long companyId, String name, int scope,
630             String actionId)
631         throws PortalException, SystemException {
632 
633         ResourceCode resourceCode =
634             ResourceCodeLocalServiceUtil.getResourceCode(
635                 companyId, name, scope);
636 
637         Iterator itr = ResourceUtil.findByCodeId(
638             resourceCode.getCodeId()).iterator();
639 
640         while (itr.hasNext()) {
641             Resource resource = (Resource)itr.next();
642 
643             try {
644                 Permission permission = PermissionUtil.findByA_R(
645                     actionId, resource.getResourceId());
646 
647                 RoleUtil.removePermission(roleId, permission);
648             }
649             catch (NoSuchPermissionException nspe) {
650             }
651         }
652 
653         PermissionCacheUtil.clearCache();
654     }
655 
656     public void unsetUserPermissions(
657             long userId, String[] actionIds, long resourceId)
658         throws PortalException, SystemException {
659 
660         List permissions = PermissionFinder.findByU_A_R(
661             userId, actionIds, resourceId);
662 
663         UserUtil.removePermissions(userId, permissions);
664 
665         PermissionCacheUtil.clearCache();
666     }
667 
668     protected boolean checkOrgGroupPermission(
669             List organizations, List groups, List permissions)
670         throws PortalException, SystemException {
671 
672         for (int i = 0; i < permissions.size(); i++) {
673             Permission permission = (Permission)permissions.get(i);
674 
675             if (checkOrgGroupPermission(organizations, groups, permission)) {
676                 return true;
677             }
678         }
679 
680         return false;
681     }
682 
683     protected boolean checkOrgGroupPermission(
684             List organizations, List groups, Permission permission)
685         throws PortalException, SystemException {
686 
687         // Do not check for an OrgGroupPermission intersection unless there is
688         // at least one organization and one group to check
689 
690         if ((organizations.size() == 0) || (groups.size() == 0)) {
691             return false;
692         }
693 
694         // Do not check unless the OrgGroupPermission intersection contains at
695         // least one permission
696 
697         List orgGroupPermissions = OrgGroupPermissionUtil.findByPermissionId(
698             permission.getPermissionId());
699 
700         if (orgGroupPermissions.size() == 0) {
701             return false;
702         }
703 
704         Iterator itr = orgGroupPermissions.iterator();
705 
706         while (itr.hasNext()) {
707             OrgGroupPermission orgGroupPermission =
708                 (OrgGroupPermission)itr.next();
709 
710             if (orgGroupPermission.containsOrganization(organizations) &&
711                 orgGroupPermission.containsGroup(groups)) {
712 
713                 return true;
714             }
715         }
716 
717         // Throw an exception so that we do not continue checking permissions.
718         // The user has a specific permission given in the OrgGroupPermission
719         // intersection that prohibits him from going further.
720 
721         throw new NoSuchPermissionException(
722             "User has a permission in OrgGroupPermission that does not match");
723     }
724 
725     protected boolean hasUserPermissions_1(
726             long userId, String actionId, long resourceId, List permissions,
727             List groups, long groupId, StopWatch stopWatch, int block)
728         throws PortalException, SystemException {
729 
730         // Is the user connected to one of the permissions via group or
731         // organization roles?
732 
733         if (groups.size() > 0) {
734             if (PermissionFinder.countByGroupsRoles(permissions, groups) > 0) {
735                 return true;
736             }
737         }
738 
739         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
740 
741         // Is the user associated with groups or organizations that are directly
742         // connected to one of the permissions?
743 
744         if (groups.size() > 0) {
745             if (PermissionFinder.countByGroupsPermissions(
746                     permissions, groups) > 0) {
747 
748                 return true;
749             }
750         }
751 
752         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
753 
754         // Is the user connected to one of the permissions via user roles?
755 
756         if (PermissionFinder.countByUsersRoles(permissions, userId) > 0) {
757             return true;
758         }
759 
760         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
761 
762         // Is the user connected to one of the permissions via user group roles?
763 
764         if (PermissionFinder.countByUserGroupRole(
765                 permissions, userId, groupId) > 0) {
766 
767             return true;
768         }
769 
770         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
771 
772         // Is the user directly connected to one of the permissions?
773 
774         if (PermissionFinder.countByUsersPermissions(permissions, userId) > 0) {
775             return true;
776         }
777 
778         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
779 
780         return false;
781     }
782 
783     protected boolean hasUserPermissions_2(
784             long userId, String actionId, long resourceId, List permissions,
785             List groups, long groupId, StopWatch stopWatch, int block)
786         throws PortalException, SystemException {
787 
788         // Call countByGroupsRoles, countByGroupsPermissions, countByUsersRoles,
789         // countByUserGroupRole, and countByUsersPermissions in one method
790 
791         if (PermissionFinder.containsPermissions_2(
792                 permissions, userId, groups, groupId)) {
793 
794             return true;
795         }
796 
797         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
798 
799         return false;
800     }
801 
802     protected boolean hasUserPermissions_3(
803             long userId, String actionId, long resourceId, List permissions,
804             List groups, List roles, StopWatch stopWatch, int block)
805         throws PortalException, SystemException {
806 
807         // Is the user associated with groups or organizations that are directly
808         // connected to one of the permissions?
809 
810         if (groups.size() > 0) {
811             if (PermissionFinder.countByGroupsPermissions(
812                     permissions, groups) > 0) {
813 
814                 return true;
815             }
816         }
817 
818         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
819 
820         // Is the user associated with a role that is directly connected to one
821         // of the permissions?
822 
823         if (roles.size() > 0) {
824             if (PermissionFinder.countByRolesPermissions(
825                     permissions, roles) > 0) {
826 
827                 return true;
828             }
829         }
830 
831         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
832 
833         // Is the user directly connected to one of the permissions?
834 
835         if (PermissionFinder.countByUsersPermissions(permissions, userId) > 0) {
836             return true;
837         }
838 
839         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
840 
841         return false;
842     }
843 
844     protected boolean hasUserPermissions_4(
845             long userId, String actionId, long resourceId, List permissions,
846             List groups, List roles, StopWatch stopWatch, int block)
847         throws PortalException, SystemException {
848 
849         // Call countByGroupsPermissions, countByRolesPermissions, and
850         // countByUsersPermissions in one method
851 
852         if (PermissionFinder.containsPermissions_4(
853                 permissions, userId, groups, roles)) {
854 
855             return true;
856         }
857 
858         logHasUserPermissions(userId, actionId, resourceId, stopWatch, block++);
859 
860         return false;
861     }
862 
863     protected void logHasUserPermissions(
864         long userId, String actionId, long resourceId, StopWatch stopWatch,
865         int block) {
866 
867         if (!_log.isDebugEnabled()) {
868             return;
869         }
870 
871         _log.debug(
872             "Checking user permissions block " + block + " for " + userId +
873                 " " + actionId + " " + resourceId + " takes " +
874                     stopWatch.getTime() + " ms");
875     }
876 
877     private static Log _log =
878         LogFactory.getLog(PermissionLocalServiceImpl.class);
879 
880 }