001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.sites.search;
016    
017    import com.liferay.portal.kernel.dao.search.RowChecker;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.model.Group;
021    import com.liferay.portal.model.Role;
022    import com.liferay.portal.model.User;
023    import com.liferay.portal.security.membershippolicy.SiteMembershipPolicyUtil;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    import com.liferay.portal.security.permission.PermissionThreadLocal;
026    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
027    
028    import javax.portlet.RenderResponse;
029    
030    /**
031     * @author Jorge Ferrer
032     */
033    public class UserGroupRoleRoleChecker extends RowChecker {
034    
035            public UserGroupRoleRoleChecker(
036                    RenderResponse renderResponse, User user, Group group) {
037    
038                    super(renderResponse);
039    
040                    _user = user;
041                    _group = group;
042            }
043    
044            @Override
045            public boolean isChecked(Object obj) {
046                    Role role = (Role)obj;
047    
048                    try {
049                            return UserGroupRoleLocalServiceUtil.hasUserGroupRole(
050                                    _user.getUserId(), _group.getGroupId(), role.getRoleId());
051                    }
052                    catch (Exception e) {
053                            _log.error(e, e);
054    
055                            return false;
056                    }
057            }
058    
059            @Override
060            public boolean isDisabled(Object obj) {
061                    Role role = (Role)obj;
062    
063                    try {
064                            PermissionChecker permissionChecker =
065                                    PermissionThreadLocal.getPermissionChecker();
066    
067                            if (isChecked(role)) {
068                                    if (SiteMembershipPolicyUtil.isRoleProtected(
069                                                    permissionChecker, _user.getUserId(),
070                                                    _group.getGroupId(), role.getRoleId()) ||
071                                            SiteMembershipPolicyUtil.isRoleRequired(
072                                                    _user.getUserId(), _group.getGroupId(),
073                                                    role.getRoleId())) {
074    
075                                            return true;
076                                    }
077                            }
078                            else {
079                                    if (!SiteMembershipPolicyUtil.isRoleAllowed(
080                                                    _user.getUserId(), _group.getGroupId(),
081                                                    role.getRoleId())) {
082    
083                                            return true;
084                                    }
085                            }
086                    }
087                    catch (Exception e) {
088                            _log.error(e, e);
089                    }
090    
091                    return super.isDisabled(obj);
092            }
093    
094            private static Log _log = LogFactoryUtil.getLog(
095                    UserGroupRoleRoleChecker.class);
096    
097            private Group _group;
098            private User _user;
099    
100    }