001
014
015 package com.liferay.portal.security.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.Group;
020 import com.liferay.portal.model.Organization;
021 import com.liferay.portal.model.OrganizationConstants;
022 import com.liferay.portal.model.Role;
023 import com.liferay.portal.model.RoleConstants;
024 import com.liferay.portal.service.OrganizationLocalServiceUtil;
025 import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
026 import com.liferay.portal.service.permission.LayoutPrototypePermissionUtil;
027 import com.liferay.portal.service.permission.LayoutSetPrototypePermissionUtil;
028
029 import java.util.Arrays;
030 import java.util.HashMap;
031 import java.util.List;
032 import java.util.Map;
033
034
037 public class PermissionCheckerBagImpl implements PermissionCheckerBag {
038
039 public PermissionCheckerBagImpl() {
040 }
041
042 public PermissionCheckerBagImpl(
043 long userId, List<Group> userGroups, List<Organization> userOrgs,
044 List<Group> userOrgGroups, List<Group> userUserGroupGroups,
045 List<Group> groups, List<Role> roles) {
046
047 _userId = userId;
048 _userGroups = userGroups;
049 _userOrgs = userOrgs;
050 _userOrgGroups = userOrgGroups;
051 _userUserGroupGroups = userUserGroupGroups;
052 _groups = groups;
053 _roles = roles;
054 }
055
056 public List<Group> getUserGroups() {
057 return _userGroups;
058 }
059
060 public List<Organization> getUserOrgs() {
061 return _userOrgs;
062 }
063
064 public List<Group> getUserOrgGroups() {
065 return _userOrgGroups;
066 }
067
068 public List<Group> getUserUserGroupGroups() {
069 return _userUserGroupGroups;
070 }
071
072 public List<Group> getGroups() {
073 return _groups;
074 }
075
076 public long[] getRoleIds() {
077 if (_roleIds == null) {
078 List<Role> roles = getRoles();
079
080 long[] roleIds = new long[roles.size()];
081
082 for (int i = 0; i < roles.size(); i++) {
083 Role role = roles.get(i);
084
085 roleIds[i] = role.getRoleId();
086 }
087
088 Arrays.sort(roleIds);
089
090 _roleIds = roleIds;
091 }
092
093 return _roleIds;
094 }
095
096 public List<Role> getRoles() {
097 return _roles;
098 }
099
100 public boolean isCommunityAdmin(
101 PermissionChecker permissionChecker, Group group)
102 throws Exception {
103
104 Boolean value = _communityAdmins.get(group.getGroupId());
105
106 if (value == null) {
107 value = Boolean.valueOf(
108 isCommunityAdminImpl(permissionChecker, group));
109
110 _communityAdmins.put(group.getGroupId(), value);
111 }
112
113 return value.booleanValue();
114 }
115
116 public boolean isCommunityOwner(
117 PermissionChecker permissionChecker, Group group)
118 throws Exception {
119
120 Boolean value = _communityOwners.get(group.getGroupId());
121
122 if (value == null) {
123 value = Boolean.valueOf(
124 isCommunityOwnerImpl(permissionChecker, group));
125
126 _communityOwners.put(group.getGroupId(), value);
127 }
128
129 return value.booleanValue();
130 }
131
132 protected boolean isCommunityAdminImpl(
133 PermissionChecker permissionChecker, Group group)
134 throws PortalException, SystemException {
135
136 if (group.isCommunity()) {
137 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
138 _userId, group.getGroupId(),
139 RoleConstants.COMMUNITY_ADMINISTRATOR, true) ||
140 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
141 _userId, group.getGroupId(),
142 RoleConstants.COMMUNITY_OWNER, true)) {
143
144 return true;
145 }
146 }
147 else if (group.isCompany()) {
148 if (permissionChecker.isCompanyAdmin()) {
149 return true;
150 }
151 else {
152 return false;
153 }
154 }
155 else if (group.isLayoutPrototype()) {
156 if (LayoutPrototypePermissionUtil.contains(
157 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
158
159 return true;
160 }
161 else {
162 return false;
163 }
164 }
165 else if (group.isLayoutSetPrototype()) {
166 if (LayoutSetPrototypePermissionUtil.contains(
167 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
168
169 return true;
170 }
171 else {
172 return false;
173 }
174 }
175 else if (group.isOrganization()) {
176 long organizationId = group.getOrganizationId();
177
178 while (organizationId !=
179 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
180
181 Organization organization =
182 OrganizationLocalServiceUtil.getOrganization(
183 organizationId);
184
185 Group organizationGroup = organization.getGroup();
186
187 long organizationGroupId = organizationGroup.getGroupId();
188
189 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
190 _userId, organizationGroupId,
191 RoleConstants.ORGANIZATION_ADMINISTRATOR, true) ||
192 UserGroupRoleLocalServiceUtil.hasUserGroupRole(
193 _userId, organizationGroupId,
194 RoleConstants.ORGANIZATION_OWNER, true)) {
195
196 return true;
197 }
198
199 organizationId = organization.getParentOrganizationId();
200 }
201 }
202 else if (group.isUser()) {
203 long userId = group.getClassPK();
204
205 if (userId == _userId) {
206 return true;
207 }
208 }
209
210 return false;
211 }
212
213 protected boolean isCommunityOwnerImpl(
214 PermissionChecker permissionChecker, Group group)
215 throws PortalException, SystemException {
216
217 if (group.isCommunity()) {
218 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
219 _userId, group.getGroupId(),
220 RoleConstants.COMMUNITY_OWNER, true)) {
221
222 return true;
223 }
224 }
225 else if (group.isLayoutPrototype()) {
226 if (LayoutPrototypePermissionUtil.contains(
227 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
228
229 return true;
230 }
231 else {
232 return false;
233 }
234 }
235 else if (group.isLayoutSetPrototype()) {
236 if (LayoutSetPrototypePermissionUtil.contains(
237 permissionChecker, group.getClassPK(), ActionKeys.UPDATE)) {
238
239 return true;
240 }
241 else {
242 return false;
243 }
244 }
245 else if (group.isOrganization()) {
246 long organizationId = group.getOrganizationId();
247
248 while (organizationId !=
249 OrganizationConstants.DEFAULT_PARENT_ORGANIZATION_ID) {
250
251 Organization organization =
252 OrganizationLocalServiceUtil.getOrganization(
253 organizationId);
254
255 Group organizationGroup = organization.getGroup();
256
257 long organizationGroupId = organizationGroup.getGroupId();
258
259 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
260 _userId, organizationGroupId,
261 RoleConstants.ORGANIZATION_OWNER, true)) {
262
263 return true;
264 }
265
266 organizationId = organization.getParentOrganizationId();
267 }
268 }
269 else if (group.isUser()) {
270 long userId = group.getClassPK();
271
272 if (userId == _userId) {
273 return true;
274 }
275 }
276
277 return false;
278 }
279
280 private long _userId;
281 private List<Group> _userGroups;
282 private List<Organization> _userOrgs;
283 private List<Group> _userOrgGroups;
284 private List<Group> _userUserGroupGroups;
285 private List<Group> _groups;
286 private long[] _roleIds;
287 private List<Role> _roles;
288 private Map<Long, Boolean> _communityAdmins = new HashMap<Long, Boolean>();
289 private Map<Long, Boolean> _communityOwners = new HashMap<Long, Boolean>();
290
291 }