001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.model.ResourceConstants;
020 import com.liferay.portal.model.User;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.service.UserLocalServiceUtil;
025 import com.liferay.portal.util.PropsValues;
026
027
031 public class UserPermissionImpl implements UserPermission {
032
033
036 public void check(
037 PermissionChecker permissionChecker, long userId,
038 long organizationId, long locationId, String actionId)
039 throws PrincipalException {
040
041 check(
042 permissionChecker, userId, new long[] {organizationId, locationId},
043 actionId);
044 }
045
046 public void check(
047 PermissionChecker permissionChecker, long userId,
048 long[] organizationIds, String actionId)
049 throws PrincipalException {
050
051 if (!contains(
052 permissionChecker, userId, organizationIds, actionId)) {
053
054 throw new PrincipalException();
055 }
056 }
057
058 public void check(
059 PermissionChecker permissionChecker, long userId, String actionId)
060 throws PrincipalException {
061
062 if (!contains(permissionChecker, userId, actionId)) {
063 throw new PrincipalException();
064 }
065 }
066
067
070 public boolean contains(
071 PermissionChecker permissionChecker, long userId, long organizationId,
072 long locationId, String actionId) {
073
074 return contains(
075 permissionChecker, userId, new long[] {organizationId, locationId},
076 actionId);
077 }
078
079 public boolean contains(
080 PermissionChecker permissionChecker, long userId,
081 long[] organizationIds, String actionId) {
082
083 if (((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5 ||
084 PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) &&
085 (permissionChecker.hasOwnerPermission(
086 permissionChecker.getCompanyId(), User.class.getName(), userId,
087 userId, actionId))) ||
088 (permissionChecker.getUserId() == userId)) {
089
090 return true;
091 }
092 else if (permissionChecker.hasPermission(
093 0, User.class.getName(), userId, actionId)) {
094
095 return true;
096 }
097 else if (userId != ResourceConstants.PRIMKEY_DNE) {
098 try {
099 if (organizationIds == null) {
100 User user = UserLocalServiceUtil.getUserById(userId);
101
102 organizationIds = user.getOrganizationIds();
103 }
104
105 for (int i = 0; i < organizationIds.length; i++) {
106 long organizationId = organizationIds[i];
107
108 if (OrganizationPermissionUtil.contains(
109 permissionChecker, organizationId,
110 ActionKeys.MANAGE_USERS)) {
111
112 return true;
113 }
114 }
115 }
116 catch (Exception e) {
117 _log.error(e, e);
118 }
119 }
120
121 return false;
122 }
123
124 public boolean contains(
125 PermissionChecker permissionChecker, long userId, String actionId) {
126
127 return contains(permissionChecker, userId, null, actionId);
128 }
129
130 private static Log _log = LogFactoryUtil.getLog(UserPermissionImpl.class);
131
132 }