001
014
015 package com.liferay.portal.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.model.Group;
020 import com.liferay.portal.model.Organization;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.service.GroupLocalServiceUtil;
025 import com.liferay.portal.service.OrganizationLocalServiceUtil;
026
027 import java.util.List;
028
029
032 public class GroupPermissionImpl implements GroupPermission {
033
034 public void check(
035 PermissionChecker permissionChecker, long groupId,
036 String actionId)
037 throws PortalException, SystemException {
038
039 if (!contains(permissionChecker, groupId, actionId)) {
040 throw new PrincipalException();
041 }
042 }
043
044 public boolean contains(
045 PermissionChecker permissionChecker, long groupId, String actionId)
046 throws PortalException, SystemException {
047
048 Group group = GroupLocalServiceUtil.getGroup(groupId);
049
050 if (group.isStagingGroup()) {
051 group = group.getLiveGroup();
052 }
053
054 if (group.isOrganization()) {
055 long organizationId = group.getOrganizationId();
056
057 return OrganizationPermissionUtil.contains(
058 permissionChecker, organizationId, actionId);
059 }
060 else if (group.isUser()) {
061
062
063
064
065
066
067 long userId = group.getClassPK();
068
069 List<Organization> organizations =
070 OrganizationLocalServiceUtil.getUserOrganizations(userId);
071
072 for (Organization organization : organizations) {
073 if (OrganizationPermissionUtil.contains(
074 permissionChecker, organization.getOrganizationId(),
075 ActionKeys.MANAGE_USERS)) {
076
077 return true;
078 }
079 }
080 }
081
082
083
084 return permissionChecker.hasPermission(
085 groupId, Group.class.getName(), groupId, actionId);
086 }
087
088 }