1
14
15 package com.liferay.portal.workflow;
16
17 import com.liferay.portal.security.auth.PrincipalException;
18 import com.liferay.portal.security.permission.ActionKeys;
19 import com.liferay.portal.security.permission.PermissionChecker;
20 import com.liferay.portal.security.permission.PermissionThreadLocal;
21 import com.liferay.portal.service.permission.PortletPermissionUtil;
22 import com.liferay.portal.util.PortletKeys;
23
24 import org.aspectj.lang.ProceedingJoinPoint;
25
26
31 public class WorkflowPermissionAdvice {
32
33 public Object invoke(ProceedingJoinPoint proceedingJoinPoint)
34 throws Throwable {
35
36 String methodName = proceedingJoinPoint.getSignature().getName();
37 Object[] arguments = proceedingJoinPoint.getArgs();
38
39 if (methodName.equals(_ASSIGN_WORKFLOW_TASK_TO_USER_METHOD_NAME)) {
40 long userId = (Long)arguments[1];
41
42 PermissionChecker permissionChecker =
43 PermissionThreadLocal.getPermissionChecker();
44
45 if (permissionChecker.getUserId() != userId) {
46 throw new PrincipalException();
47 }
48
49 PortletPermissionUtil.check(
50 permissionChecker, PortletKeys.WORKFLOW_TASKS,
51 ActionKeys.ASSIGN_USER_TASKS);
52 }
53
54 return proceedingJoinPoint.proceed();
55 }
56
57 private static final String _ASSIGN_WORKFLOW_TASK_TO_USER_METHOD_NAME =
58 "assignWorkflowTaskToUser";
59
60 }