1
14
15 package com.liferay.portlet.shopping.service.permission;
16
17 import com.liferay.portal.kernel.exception.PortalException;
18 import com.liferay.portal.kernel.exception.SystemException;
19 import com.liferay.portal.security.auth.PrincipalException;
20 import com.liferay.portal.security.permission.ActionKeys;
21 import com.liferay.portal.security.permission.PermissionChecker;
22 import com.liferay.portal.util.PropsValues;
23 import com.liferay.portlet.shopping.model.ShoppingCategory;
24 import com.liferay.portlet.shopping.model.ShoppingCategoryConstants;
25 import com.liferay.portlet.shopping.model.ShoppingItem;
26 import com.liferay.portlet.shopping.service.ShoppingItemLocalServiceUtil;
27
28
33 public class ShoppingItemPermission {
34
35 public static void check(
36 PermissionChecker permissionChecker, long itemId, String actionId)
37 throws PortalException, SystemException {
38
39 if (!contains(permissionChecker, itemId, actionId)) {
40 throw new PrincipalException();
41 }
42 }
43
44 public static void check(
45 PermissionChecker permissionChecker, ShoppingItem item,
46 String actionId)
47 throws PortalException, SystemException {
48
49 if (!contains(permissionChecker, item, actionId)) {
50 throw new PrincipalException();
51 }
52 }
53
54 public static boolean contains(
55 PermissionChecker permissionChecker, long itemId, String actionId)
56 throws PortalException, SystemException {
57
58 ShoppingItem item = ShoppingItemLocalServiceUtil.getItem(itemId);
59
60 return contains(permissionChecker, item, actionId);
61 }
62
63 public static boolean contains(
64 PermissionChecker permissionChecker, ShoppingItem item,
65 String actionId)
66 throws PortalException, SystemException {
67
68 if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
69 if (item.getCategoryId() !=
70 ShoppingCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) {
71
72 ShoppingCategory category = item.getCategory();
73
74 if (!ShoppingCategoryPermission.contains(
75 permissionChecker, category, ActionKeys.VIEW)) {
76
77 return false;
78 }
79 }
80 }
81
82 if (permissionChecker.hasOwnerPermission(
83 item.getCompanyId(), ShoppingItem.class.getName(),
84 item.getItemId(), item.getUserId(), actionId)) {
85
86 return true;
87 }
88
89 return permissionChecker.hasPermission(
90 item.getGroupId(), ShoppingItem.class.getName(), item.getItemId(),
91 actionId);
92 }
93
94 }