com.liferay.portal.kernel.security.permission

Interface PermissionChecker

All Superinterfaces:

Cloneable

@ProviderType
public interface PermissionChecker
extends Cloneable

Author:

Brian Wing Shun Chan

Field Summary

Fields

Modifier and Type	Field and Description
static long[]	DEFAULT_ROLE_IDS

Method Summary

Modifier and Type	Method and Description
PermissionChecker	clone()
long	getCompanyId() Returns the primary key of the user's company.
long[]	getGuestUserRoleIds()
List<Long>	getOwnerResourceBlockIds(long companyId, long groupId, String name, String actionId)
long	getOwnerRoleId() Returns the primary key of the owner role.
Map<Object,Object>	getPermissionChecksMap()
List<Long>	getResourceBlockIds(long companyId, long groupId, long userId, String name, String actionId)
long[]	getRoleIds(long userId, long groupId) Returns the primary keys of the roles the user has within the group.
User	getUser()
UserBag	getUserBag()
long	getUserId() Returns the primary key of the user.
boolean	hasOwnerPermission(long companyId, String name, long primKey, long ownerId, String actionId) Returns true if the user is the owner of the resource and has permission to perform the action.
boolean	hasOwnerPermission(long companyId, String name, String primKey, long ownerId, String actionId) Returns true if the user is the owner of the resource and has permission to perform the action.
boolean	hasPermission(Group group, String name, long primKey, String actionId)
boolean	hasPermission(Group group, String name, String primKey, String actionId)
boolean	hasPermission(long groupId, String name, long primKey, String actionId) Returns true if the user has permission to perform the action on the resource.
boolean	hasPermission(long groupId, String name, String primKey, String actionId) Returns true if the user has permission to perform the action on the resource.
void	init(User user) Initializes this permission checker.
boolean	isCheckGuest() Returns true if guest permissions will be used in permission checks.
boolean	isCompanyAdmin() Returns true if the user is an administrator of their company.
boolean	isCompanyAdmin(long companyId) Returns true if the user is an administrator of the company.
boolean	isContentReviewer(long companyId, long groupId) Returns true if the user is a content reviewer or has sufficient permissions to review content (i.e. the user is a company or group administrator).
boolean	isGroupAdmin(long groupId) Returns true if the user is an administrator of the group.
boolean	isGroupMember(long groupId) Returns true if the user is a member of the group.
boolean	isGroupOwner(long groupId) Returns true if the user is the owner of the group.
boolean	isOmniadmin() Returns true if the user is a universal administrator.
boolean	isOrganizationAdmin(long organizationId) Returns true if the user is an administrator of the organization.
boolean	isOrganizationOwner(long organizationId) Returns true if the user is an owner of the organization.
boolean	isSignedIn() Returns true if the user is signed in.

Field Detail

DEFAULT_ROLE_IDS

static final long[] DEFAULT_ROLE_IDS

Method Detail

clone

PermissionChecker clone()

getCompanyId

long getCompanyId()

Returns the primary key of the user's company.

Returns:

the primary key of the user's company

getGuestUserRoleIds

long[] getGuestUserRoleIds()

getOwnerResourceBlockIds

List<Long> getOwnerResourceBlockIds(long companyId,
                                    long groupId,
                                    String name,
                                    String actionId)

getOwnerRoleId

long getOwnerRoleId()

Returns the primary key of the owner role. This role is automatically given to the creator of a resource.

Returns:

the primary key of the owner role

getPermissionChecksMap

Map<Object,Object> getPermissionChecksMap()

getResourceBlockIds

List<Long> getResourceBlockIds(long companyId,
                               long groupId,
                               long userId,
                               String name,
                               String actionId)

getRoleIds

long[] getRoleIds(long userId,
                  long groupId)

Returns the primary keys of the roles the user has within the group.

Parameters:

userId - the primary key of the user

groupId - the primary key of the group

Returns:

the primary keys of the roles the user has within the group

getUser

User getUser()

getUserBag

UserBag getUserBag()
            throws Exception

Throws:

Exception

getUserId

long getUserId()

Returns the primary key of the user.

Returns:

the primary key of the user

hasOwnerPermission

boolean hasOwnerPermission(long companyId,
                           String name,
                           long primKey,
                           long ownerId,
                           String actionId)

Returns true if the user is the owner of the resource and has permission to perform the action.

Parameters:

companyId - the primary key of the user's company

name - the resource's name, which can be either a class name or a portlet ID

primKey - the primary key of the resource

ownerId - the primary key of the resource's owner

actionId - the action ID

Returns:

true if the user is the owner of the resource and has permission to perform the action; false otherwise

hasOwnerPermission

boolean hasOwnerPermission(long companyId,
                           String name,
                           String primKey,
                           long ownerId,
                           String actionId)

Returns true if the user is the owner of the resource and has permission to perform the action.

Parameters:

companyId - the primary key of the user's company

name - the resource's name, which can be either a class name or a portlet ID

primKey - the primary key of the resource

ownerId - the primary key of the resource's owner

actionId - the action ID

Returns:

true if the user is the owner of the resource and has permission to perform the action; false otherwise

hasPermission

boolean hasPermission(Group group,
                      String name,
                      long primKey,
                      String actionId)

hasPermission

boolean hasPermission(Group group,
                      String name,
                      String primKey,
                      String actionId)

hasPermission

boolean hasPermission(long groupId,
                      String name,
                      long primKey,
                      String actionId)

Returns true if the user has permission to perform the action on the resource.

Parameters:

groupId - the primary key of the group containing the resource

name - the resource's name, which can be either a class name or a portlet ID

primKey - the primary key of the resource

actionId - the action ID

Returns:

true if the user has permission to perform the action on the resource; false otherwise

hasPermission

boolean hasPermission(long groupId,
                      String name,
                      String primKey,
                      String actionId)

Returns true if the user has permission to perform the action on the resource.

Parameters:

groupId - the primary key of the group containing the resource

name - the resource's name, which can be either a class name or a portlet ID

primKey - the primary key of the resource

actionId - the action ID

Returns:

true if the user has permission to perform the action on the resource; false otherwise

init

void init(User user)

Initializes this permission checker.

Parameters:

user - the current user

isCheckGuest

boolean isCheckGuest()

Returns true if guest permissions will be used in permission checks.

Returns:

true if guest permissions will be used in permission checks; false otherwise

isCompanyAdmin

boolean isCompanyAdmin()

Returns true if the user is an administrator of their company.

Returns:

true if the user is an administrator of their company; false otherwise

isCompanyAdmin

boolean isCompanyAdmin(long companyId)

Returns true if the user is an administrator of the company.

Parameters:

companyId - the primary key of the company

Returns:

true if the user is an administrator of the company; false otherwise

isContentReviewer

boolean isContentReviewer(long companyId,
                          long groupId)

Returns true if the user is a content reviewer or has sufficient permissions to review content (i.e. the user is a company or group administrator).

Parameters:

companyId - the primary key of the company

groupId - the primary key of the group

Returns:

true if the user is a reviewer or has sufficient permissions to review content; false otherwise

isGroupAdmin

boolean isGroupAdmin(long groupId)

Returns true if the user is an administrator of the group.

Parameters:

groupId - the primary key of the group

Returns:

true if the user is an administrator of the group; false otherwise

isGroupMember

boolean isGroupMember(long groupId)

Returns true if the user is a member of the group.

Parameters:

groupId - the primary key of the group

Returns:

true if the user is a member of the group; false otherwise

isGroupOwner

boolean isGroupOwner(long groupId)

Returns true if the user is the owner of the group.

Parameters:

groupId - the primary key of the group

Returns:

true if the user is the owner of the group; false otherwise

isOmniadmin

boolean isOmniadmin()

Returns true if the user is a universal administrator.

Returns:

true if the user is a universal administrator; false otherwise

See Also:

OmniadminUtil

isOrganizationAdmin

boolean isOrganizationAdmin(long organizationId)

Returns true if the user is an administrator of the organization.

Parameters:

organizationId - the primary key of the organization

Returns:

true if the user is an administrator of the organization; false otherwise

isOrganizationOwner

boolean isOrganizationOwner(long organizationId)

Returns true if the user is an owner of the organization.

Parameters:

organizationId - the primary key of the organization

Returns:

true if the user is an owner of the organization; false otherwise

isSignedIn

boolean isSignedIn()

Returns true if the user is signed in.

Returns:

true if the user is signed in; false otherwise