001
014
015 package com.liferay.portal.workflow;
016
017 import com.liferay.portal.security.auth.PrincipalException;
018 import com.liferay.portal.security.permission.PermissionChecker;
019 import com.liferay.portal.security.permission.PermissionThreadLocal;
020
021 import org.aspectj.lang.ProceedingJoinPoint;
022
023
026 public class WorkflowPermissionAdvice {
027
028 public Object invoke(ProceedingJoinPoint proceedingJoinPoint)
029 throws Throwable {
030
031 String methodName = proceedingJoinPoint.getSignature().getName();
032 Object[] arguments = proceedingJoinPoint.getArgs();
033
034 if (methodName.equals(_ASSIGN_WORKFLOW_TASK_TO_USER_METHOD_NAME)) {
035 long userId = (Long)arguments[1];
036
037 PermissionChecker permissionChecker =
038 PermissionThreadLocal.getPermissionChecker();
039
040 if (permissionChecker.getUserId() != userId) {
041 throw new PrincipalException();
042 }
043 }
044
045 return proceedingJoinPoint.proceed();
046 }
047
048 private static final String _ASSIGN_WORKFLOW_TASK_TO_USER_METHOD_NAME =
049 "assignWorkflowTaskToUser";
050
051 }