001
014
015 package com.liferay.portlet.sites.search;
016
017 import com.liferay.portal.kernel.dao.search.RowChecker;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.model.Group;
021 import com.liferay.portal.model.Role;
022 import com.liferay.portal.model.User;
023 import com.liferay.portal.security.membershippolicy.SiteMembershipPolicyUtil;
024 import com.liferay.portal.security.permission.PermissionChecker;
025 import com.liferay.portal.security.permission.PermissionThreadLocal;
026 import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
027
028 import javax.portlet.RenderResponse;
029
030
033 public class UserGroupRoleRoleChecker extends RowChecker {
034
035 public UserGroupRoleRoleChecker(
036 RenderResponse renderResponse, User user, Group group) {
037
038 super(renderResponse);
039
040 _user = user;
041 _group = group;
042 }
043
044 @Override
045 public boolean isChecked(Object obj) {
046 Role role = (Role)obj;
047
048 try {
049 return UserGroupRoleLocalServiceUtil.hasUserGroupRole(
050 _user.getUserId(), _group.getGroupId(), role.getRoleId());
051 }
052 catch (Exception e) {
053 _log.error(e, e);
054
055 return false;
056 }
057 }
058
059 @Override
060 public boolean isDisabled(Object obj) {
061 Role role = (Role)obj;
062
063 try {
064 PermissionChecker permissionChecker =
065 PermissionThreadLocal.getPermissionChecker();
066
067 if (isChecked(role)) {
068 if (SiteMembershipPolicyUtil.isRoleProtected(
069 permissionChecker, _user.getUserId(),
070 _group.getGroupId(), role.getRoleId()) ||
071 SiteMembershipPolicyUtil.isRoleRequired(
072 _user.getUserId(), _group.getGroupId(),
073 role.getRoleId())) {
074
075 return true;
076 }
077 }
078 else {
079 if (!SiteMembershipPolicyUtil.isRoleAllowed(
080 _user.getUserId(), _group.getGroupId(),
081 role.getRoleId())) {
082
083 return true;
084 }
085 }
086 }
087 catch (Exception e) {
088 _log.error(e, e);
089 }
090
091 return super.isDisabled(obj);
092 }
093
094 private static Log _log = LogFactoryUtil.getLog(
095 UserGroupRoleRoleChecker.class);
096
097 private Group _group;
098 private User _user;
099
100 }