1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.security.permission;
16  
17  import com.liferay.portal.kernel.exception.PortalException;
18  import com.liferay.portal.kernel.exception.SystemException;
19  import com.liferay.portal.model.Group;
20  import com.liferay.portal.model.Organization;
21  import com.liferay.portal.model.OrganizationConstants;
22  import com.liferay.portal.model.Role;
23  import com.liferay.portal.model.RoleConstants;
24  import com.liferay.portal.service.OrganizationLocalServiceUtil;
25  import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
26  import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
27  import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
28  
29  import java.util.HashMap;
30  import java.util.List;
31  import java.util.Map;
32  
33  /**
34   * <a href="PermissionCheckerBagImpl.java.html"><b><i>View Source</i></b></a>
35   *
36   * @author Brian Wing Shun Chan
37   */
38  public class PermissionCheckerBagImpl implements PermissionCheckerBag {
39  
40      public PermissionCheckerBagImpl() {
41      }
42  
43      public PermissionCheckerBagImpl(
44          long userId, List<Group> userGroups, List<Organization> userOrgs,
45          List<Group> userOrgGroups, List<Group> userUserGroupGroups,
46          List<Group> groups, List<Role> roles) {
47  
48          _userId = userId;
49          _userGroups = userGroups;
50          _userOrgs = userOrgs;
51          _userOrgGroups = userOrgGroups;
52          _userUserGroupGroups = userUserGroupGroups;
53          _groups = groups;
54          _roles = roles;
55      }
56  
57      public List<Group> getUserGroups() {
58          return _userGroups;
59      }
60  
61      public List<Organization> getUserOrgs() {
62          return _userOrgs;
63      }
64  
65      public List<Group> getUserOrgGroups() {
66          return _userOrgGroups;
67      }
68  
69      public List<Group> getUserUserGroupGroups() {
70          return _userUserGroupGroups;
71      }
72  
73      public List<Group> getGroups() {
74          return _groups;
75      }
76  
77      public List<Role> getRoles() {
78          return _roles;
79      }
80  
81      public boolean isCommunityAdmin(
82              PermissionChecker permissionChecker, Group group)
83          throws Exception {
84  
85          Boolean value = _communityAdmins.get(group.getGroupId());
86  
87          if (value == null) {
88              value = Boolean.valueOf(
89                  isCommunityAdminImpl(permissionChecker, group));
90  
91              _communityAdmins.put(group.getGroupId(), value);
92          }
93  
94          return value.booleanValue();
95      }
96  
97      public boolean isCommunityOwner(
98              PermissionChecker permissionChecker, Group group)
99          throws Exception {
100 
101         Boolean value = _communityOwners.get(group.getGroupId());
102 
103         if (value == null) {
104             value = Boolean.valueOf(
105                 isCommunityOwnerImpl(permissionChecker, group));
106 
107             _communityOwners.put(group.getGroupId(), value);
108         }
109 
110         return value.booleanValue();
111     }
112 
113     protected boolean isCommunityAdminImpl(
114             PermissionChecker permissionChecker, Group group)
115         throws PortalException, SystemException {
116 
117         if (group.isCommunity()) {
118             if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
119                     _userId, group.getGroupId(),
120                     RoleConstants.COMMUNITY_ADMINISTRATOR, true) ||
121                 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
122                     _userId, group.getGroupId(),
123                     RoleConstants.COMMUNITY_OWNER, true)) {
124 
125                 return true;
126             }
127         }
128         else if (group.isCompany()) {
129             if (permissionChecker.isCompanyAdmin()) {
130                 return true;
131             }
132             else {
133                 return false;
134             }
135         }
136         else if (group.isLayoutPrototype()) {
137             if (LayoutPrototypePermissionUtil.contains(
138                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
139 
140                 return true;
141             }
142             else {
143                 return false;
144             }
145         }
146         else if (group.isLayoutSetPrototype()) {
147             if (LayoutSetPrototypePermissionUtil.contains(
148                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
149 
150                 return true;
151             }
152             else {
153                 return false;
154             }
155         }
156         else if (group.isOrganization()) {
157             long organizationId = group.getClassPK();
158 
159             while (organizationId !=
160                         OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
161 
162                 Organization organization =
163                     OrganizationLocalServiceUtil.getOrganization(
164                         organizationId);
165 
166                 Group organizationGroup = organization.getGroup();
167 
168                 long organizationGroupId = organizationGroup.getGroupId();
169 
170                 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
171                         _userId, organizationGroupId,
172                         RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
173                     UserGroupRoleLocalServiceUtil.hasUserGroupRole(
174                         _userId, organizationGroupId,
175                         RoleConstants.ORGANIZATION_OWNER, true)) {
176 
177                     return true;
178                 }
179 
180                 organizationId = organization.getParentOrganizationId();
181             }
182         }
183         else if (group.isUser()) {
184             long userId = group.getClassPK();
185 
186             if (userId == _userId) {
187                 return true;
188             }
189         }
190 
191         return false;
192     }
193 
194     protected boolean isCommunityOwnerImpl(
195             PermissionChecker permissionChecker, Group group)
196         throws PortalException, SystemException {
197 
198         if (group.isCommunity()) {
199             if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
200                     _userId, group.getGroupId(),
201                     RoleConstants.COMMUNITY_OWNER, true)) {
202 
203                 return true;
204             }
205         }
206         else if (group.isLayoutPrototype()) {
207             if (LayoutPrototypePermissionUtil.contains(
208                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
209 
210                 return true;
211             }
212             else {
213                 return false;
214             }
215         }
216         else if (group.isLayoutSetPrototype()) {
217             if (LayoutSetPrototypePermissionUtil.contains(
218                     permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
219 
220                 return true;
221             }
222             else {
223                 return false;
224             }
225         }
226         else if (group.isOrganization()) {
227             long organizationId = group.getClassPK();
228 
229             while (organizationId !=
230                         OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
231 
232                 Organization organization =
233                     OrganizationLocalServiceUtil.getOrganization(
234                         organizationId);
235 
236                 Group organizationGroup = organization.getGroup();
237 
238                 long organizationGroupId = organizationGroup.getGroupId();
239 
240                 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
241                         _userId, organizationGroupId,
242                         RoleConstants.ORGANIZATION_OWNER, true)) {
243 
244                     return true;
245                 }
246 
247                 organizationId = organization.getParentOrganizationId();
248             }
249         }
250         else if (group.isUser()) {
251             long userId = group.getClassPK();
252 
253             if (userId == _userId) {
254                 return true;
255             }
256         }
257 
258         return false;
259     }
260 
261     private long _userId;
262     private List<Group> _userGroups;
263     private List<Organization> _userOrgs;
264     private List<Group> _userOrgGroups;
265     private List<Group> _userUserGroupGroups;
266     private List<Group> _groups;
267     private List<Role> _roles;
268     private Map<Long, Boolean> _communityAdmins = new HashMap<Long, Boolean>();
269     private Map<Long, Boolean> _communityOwners = new HashMap<Long, Boolean>();
270 
271 }