001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.usersadmin.search;
016    
017    import com.liferay.portal.kernel.dao.search.RowChecker;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.model.Organization;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.security.permission.ActionKeys;
023    import com.liferay.portal.security.permission.PermissionChecker;
024    import com.liferay.portal.security.permission.PermissionThreadLocal;
025    import com.liferay.portal.service.UserLocalServiceUtil;
026    import com.liferay.portal.service.permission.UserPermissionUtil;
027    import com.liferay.portal.util.PropsValues;
028    
029    import javax.portlet.RenderResponse;
030    
031    /**
032     * @author Brian Wing Shun Chan
033     */
034    public class UserOrganizationChecker extends RowChecker {
035    
036            public UserOrganizationChecker(
037                    RenderResponse renderResponse, Organization organization) {
038    
039                    super(renderResponse);
040    
041                    _organization = organization;
042            }
043    
044            @Override
045            public boolean isChecked(Object obj) {
046                    User user = (User)obj;
047    
048                    try {
049                            return UserLocalServiceUtil.hasOrganizationUser(
050                                    _organization.getOrganizationId(), user.getUserId());
051                    }
052                    catch (Exception e) {
053                            _log.error(e, e);
054    
055                            return false;
056                    }
057            }
058    
059            @Override
060            public boolean isDisabled(Object obj) {
061                    if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT) {
062                            return false;
063                    }
064    
065                    User user = (User)obj;
066    
067                    try {
068                            PermissionChecker permissionChecker =
069                                    PermissionThreadLocal.getPermissionChecker();
070    
071                            if (UserPermissionUtil.hasMembershipProtected(
072                                            permissionChecker, _organization, user)) {
073    
074                                    return true;
075                            }
076    
077                            return !UserPermissionUtil.contains(
078                                    permissionChecker, user.getUserId(), ActionKeys.UPDATE);
079                    }
080                    catch (Exception e) {
081                            _log.error(e, e);
082    
083                            return false;
084                    }
085            }
086    
087            private static Log _log = LogFactoryUtil.getLog(
088                    UserOrganizationChecker.class);
089    
090            private Organization _organization;
091    
092    }