1
22
23 package com.liferay.portal.service.permission;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.model.User;
28 import com.liferay.portal.security.auth.PrincipalException;
29 import com.liferay.portal.security.permission.ActionKeys;
30 import com.liferay.portal.security.permission.PermissionChecker;
31 import com.liferay.portal.service.UserLocalServiceUtil;
32 import com.liferay.portal.util.PropsValues;
33
34
41 public class UserPermissionImpl implements UserPermission {
42
43 public void check(
44 PermissionChecker permissionChecker, long userId, String actionId)
45 throws PrincipalException {
46
47 if (!contains(permissionChecker, userId, actionId)) {
48 throw new PrincipalException();
49 }
50 }
51
52
55 public void check(
56 PermissionChecker permissionChecker, long userId,
57 long organizationId, long locationId, String actionId)
58 throws PrincipalException {
59
60 check(
61 permissionChecker, userId, new long[] {organizationId, locationId},
62 actionId);
63 }
64
65 public void check(
66 PermissionChecker permissionChecker, long userId,
67 long[] organizationIds, String actionId)
68 throws PrincipalException {
69
70 if (!contains(
71 permissionChecker, userId, organizationIds, actionId)) {
72
73 throw new PrincipalException();
74 }
75 }
76
77 public boolean contains(
78 PermissionChecker permissionChecker, long userId, String actionId) {
79
80 return contains(permissionChecker, userId, null, actionId);
81 }
82
83
86 public boolean contains(
87 PermissionChecker permissionChecker, long userId, long organizationId,
88 long locationId, String actionId) {
89
90 return contains(
91 permissionChecker, userId, new long[] {organizationId, locationId},
92 actionId);
93 }
94
95 public boolean contains(
96 PermissionChecker permissionChecker, long userId,
97 long[] organizationIds, String actionId) {
98
99 if (((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) &&
100 (permissionChecker.hasOwnerPermission(
101 permissionChecker.getCompanyId(), User.class.getName(), userId,
102 userId, actionId))) ||
103 (permissionChecker.getUserId() == userId)) {
104
105 return true;
106 }
107 else if (permissionChecker.hasPermission(
108 0, User.class.getName(), userId, actionId)) {
109
110 return true;
111 }
112 else {
113 try {
114 if (organizationIds == null) {
115 User user = UserLocalServiceUtil.getUserById(userId);
116
117 organizationIds = user.getOrganizationIds();
118 }
119
120 for (int i = 0; i < organizationIds.length; i++) {
121 long organizationId = organizationIds[i];
122
123 if (OrganizationPermissionUtil.contains(
124 permissionChecker, organizationId,
125 ActionKeys.MANAGE_USERS)) {
126
127 return true;
128 }
129 }
130 }
131 catch (Exception e) {
132 _log.error(e, e);
133 }
134 }
135
136 return false;
137 }
138
139 private static Log _log = LogFactoryUtil.getLog(UserPermissionImpl.class);
140
141 }