001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.usersadmin.search;
016    
017    import com.liferay.portal.kernel.dao.search.RowChecker;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.model.Organization;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.security.membershippolicy.OrganizationMembershipPolicyUtil;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    import com.liferay.portal.security.permission.PermissionThreadLocal;
026    import com.liferay.portal.service.UserLocalServiceUtil;
027    import com.liferay.portal.service.permission.UserPermissionUtil;
028    import com.liferay.portal.util.PropsValues;
029    
030    import javax.portlet.RenderResponse;
031    
032    /**
033     * @author Brian Wing Shun Chan
034     * @author Jorge Ferrer
035     */
036    public class UserOrganizationChecker extends RowChecker {
037    
038            public UserOrganizationChecker(
039                    RenderResponse renderResponse, Organization organization) {
040    
041                    super(renderResponse);
042    
043                    _organization = organization;
044            }
045    
046            @Override
047            public boolean isChecked(Object obj) {
048                    User user = (User)obj;
049    
050                    try {
051                            return UserLocalServiceUtil.hasOrganizationUser(
052                                    _organization.getOrganizationId(), user.getUserId());
053                    }
054                    catch (Exception e) {
055                            _log.error(e, e);
056    
057                            return false;
058                    }
059            }
060    
061            @Override
062            public boolean isDisabled(Object obj) {
063                    if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT) {
064                            return false;
065                    }
066    
067                    User user = (User)obj;
068    
069                    try {
070                            PermissionChecker permissionChecker =
071                                    PermissionThreadLocal.getPermissionChecker();
072    
073                            if (isChecked(user)) {
074                                    if (OrganizationMembershipPolicyUtil.isMembershipProtected(
075                                                    permissionChecker, user.getUserId(),
076                                                    _organization.getOrganizationId()) ||
077                                            OrganizationMembershipPolicyUtil.isMembershipRequired(
078                                                    user.getUserId(), _organization.getOrganizationId())) {
079    
080                                            return true;
081                                    }
082                            }
083                            else {
084                                    if (!OrganizationMembershipPolicyUtil.isMembershipAllowed(
085                                                    user.getUserId(), _organization.getOrganizationId())) {
086    
087                                            return true;
088                                    }
089                            }
090    
091                            return !UserPermissionUtil.contains(
092                                    permissionChecker, user.getUserId(), ActionKeys.UPDATE);
093                    }
094                    catch (Exception e) {
095                            _log.error(e, e);
096                    }
097    
098                    return super.isDisabled(obj);
099            }
100    
101            private static Log _log = LogFactoryUtil.getLog(
102                    UserOrganizationChecker.class);
103    
104            private Organization _organization;
105    
106    }