1
14
15 package com.liferay.portal.security.permission;
16
17 import com.liferay.portal.kernel.exception.PortalException;
18 import com.liferay.portal.kernel.exception.SystemException;
19 import com.liferay.portal.model.Group;
20 import com.liferay.portal.model.Organization;
21 import com.liferay.portal.model.OrganizationConstants;
22 import com.liferay.portal.model.Role;
23 import com.liferay.portal.model.RoleConstants;
24 import com.liferay.portal.service.OrganizationLocalServiceUtil;
25 import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
26 import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
27 import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
28
29 import java.util.HashMap;
30 import java.util.List;
31 import java.util.Map;
32
33
38 public class PermissionCheckerBagImpl implements PermissionCheckerBag {
39
40 public PermissionCheckerBagImpl() {
41 }
42
43 public PermissionCheckerBagImpl(
44 long userId, List<Group> userGroups, List<Organization> userOrgs,
45 List<Group> userOrgGroups, List<Group> userUserGroupGroups,
46 List<Group> groups, List<Role> roles) {
47
48 _userId = userId;
49 _userGroups = userGroups;
50 _userOrgs = userOrgs;
51 _userOrgGroups = userOrgGroups;
52 _userUserGroupGroups = userUserGroupGroups;
53 _groups = groups;
54 _roles = roles;
55 }
56
57 public List<Group> getUserGroups() {
58 return _userGroups;
59 }
60
61 public List<Organization> getUserOrgs() {
62 return _userOrgs;
63 }
64
65 public List<Group> getUserOrgGroups() {
66 return _userOrgGroups;
67 }
68
69 public List<Group> getUserUserGroupGroups() {
70 return _userUserGroupGroups;
71 }
72
73 public List<Group> getGroups() {
74 return _groups;
75 }
76
77 public List<Role> getRoles() {
78 return _roles;
79 }
80
81 public boolean isCommunityAdmin(
82 PermissionChecker permissionChecker, Group group)
83 throws Exception {
84
85 Boolean value = _communityAdmins.get(group.getGroupId());
86
87 if (value == null) {
88 value = Boolean.valueOf(
89 isCommunityAdminImpl(permissionChecker, group));
90
91 _communityAdmins.put(group.getGroupId(), value);
92 }
93
94 return value.booleanValue();
95 }
96
97 public boolean isCommunityOwner(
98 PermissionChecker permissionChecker, Group group)
99 throws Exception {
100
101 Boolean value = _communityOwners.get(group.getGroupId());
102
103 if (value == null) {
104 value = Boolean.valueOf(
105 isCommunityOwnerImpl(permissionChecker, group));
106
107 _communityOwners.put(group.getGroupId(), value);
108 }
109
110 return value.booleanValue();
111 }
112
113 protected boolean isCommunityAdminImpl(
114 PermissionChecker permissionChecker, Group group)
115 throws PortalException, SystemException {
116
117 if (group.isCommunity()) {
118 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
119 _userId, group.getGroupId(),
120 RoleConstants.COMMUNITY_ADMINISTRATOR, true) ||
121 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
122 _userId, group.getGroupId(),
123 RoleConstants.COMMUNITY_OWNER, true)) {
124
125 return true;
126 }
127 }
128 else if (group.isCompany()) {
129 if (permissionChecker.isCompanyAdmin()) {
130 return true;
131 }
132 else {
133 return false;
134 }
135 }
136 else if (group.isLayoutPrototype()) {
137 if (LayoutPrototypePermissionUtil.contains(
138 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
139
140 return true;
141 }
142 else {
143 return false;
144 }
145 }
146 else if (group.isLayoutSetPrototype()) {
147 if (LayoutSetPrototypePermissionUtil.contains(
148 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
149
150 return true;
151 }
152 else {
153 return false;
154 }
155 }
156 else if (group.isOrganization()) {
157 long organizationId = group.getClassPK();
158
159 while (organizationId !=
160 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
161
162 Organization organization =
163 OrganizationLocalServiceUtil.getOrganization(
164 organizationId);
165
166 Group organizationGroup = organization.getGroup();
167
168 long organizationGroupId = organizationGroup.getGroupId();
169
170 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
171 _userId, organizationGroupId,
172 RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
173 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
174 _userId, organizationGroupId,
175 RoleConstants.ORGANIZATION_OWNER, true)) {
176
177 return true;
178 }
179
180 organizationId = organization.getParentOrganizationId();
181 }
182 }
183 else if (group.isUser()) {
184 long userId = group.getClassPK();
185
186 if (userId == _userId) {
187 return true;
188 }
189 }
190
191 return false;
192 }
193
194 protected boolean isCommunityOwnerImpl(
195 PermissionChecker permissionChecker, Group group)
196 throws PortalException, SystemException {
197
198 if (group.isCommunity()) {
199 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
200 _userId, group.getGroupId(),
201 RoleConstants.COMMUNITY_OWNER, true)) {
202
203 return true;
204 }
205 }
206 else if (group.isLayoutPrototype()) {
207 if (LayoutPrototypePermissionUtil.contains(
208 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
209
210 return true;
211 }
212 else {
213 return false;
214 }
215 }
216 else if (group.isLayoutSetPrototype()) {
217 if (LayoutSetPrototypePermissionUtil.contains(
218 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
219
220 return true;
221 }
222 else {
223 return false;
224 }
225 }
226 else if (group.isOrganization()) {
227 long organizationId = group.getClassPK();
228
229 while (organizationId !=
230 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
231
232 Organization organization =
233 OrganizationLocalServiceUtil.getOrganization(
234 organizationId);
235
236 Group organizationGroup = organization.getGroup();
237
238 long organizationGroupId = organizationGroup.getGroupId();
239
240 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
241 _userId, organizationGroupId,
242 RoleConstants.ORGANIZATION_OWNER, true)) {
243
244 return true;
245 }
246
247 organizationId = organization.getParentOrganizationId();
248 }
249 }
250 else if (group.isUser()) {
251 long userId = group.getClassPK();
252
253 if (userId == _userId) {
254 return true;
255 }
256 }
257
258 return false;
259 }
260
261 private long _userId;
262 private List<Group> _userGroups;
263 private List<Organization> _userOrgs;
264 private List<Group> _userOrgGroups;
265 private List<Group> _userUserGroupGroups;
266 private List<Group> _groups;
267 private List<Role> _roles;
268 private Map<Long, Boolean> _communityAdmins = new HashMap<Long, Boolean>();
269 private Map<Long, Boolean> _communityOwners = new HashMap<Long, Boolean>();
270
271 }