001 /** 002 * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved. 003 * 004 * This library is free software; you can redistribute it and/or modify it under 005 * the terms of the GNU Lesser General Public License as published by the Free 006 * Software Foundation; either version 2.1 of the License, or (at your option) 007 * any later version. 008 * 009 * This library is distributed in the hope that it will be useful, but WITHOUT 010 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 011 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 012 * details. 013 */ 014 015 package com.liferay.portal.security.permission; 016 017 import com.liferay.portal.model.User; 018 019 import java.util.List; 020 021 import javax.portlet.PortletRequest; 022 023 /** 024 * @author Brian Wing Shun Chan 025 */ 026 public interface PermissionChecker extends Cloneable { 027 028 public static final long[] DEFAULT_ROLE_IDS = {}; 029 030 public PermissionChecker clone(); 031 032 /** 033 * Returns the primary key of the user's company. 034 * 035 * @return the primary key of the user's company 036 */ 037 public long getCompanyId(); 038 039 public List<Long> getGuestResourceBlockIds( 040 long companyId, long groupId, String name, String actionId); 041 042 public List<Long> getOwnerResourceBlockIds( 043 long companyId, long groupId, String name, String actionId); 044 045 /** 046 * Returns the primary key of the owner role. This role is automatically 047 * given to the creator of a resource. 048 * 049 * @return the primary key of the owner role 050 */ 051 public long getOwnerRoleId(); 052 053 public List<Long> getResourceBlockIds( 054 long companyId, long groupId, long userId, String name, 055 String actionId); 056 057 /** 058 * Returns the primary keys of the roles the user has within the group. 059 * 060 * @param userId the primary key of the user 061 * @param groupId the primary key of the group 062 * @return the primary keys of the roles the user has within the group 063 */ 064 public long[] getRoleIds(long userId, long groupId); 065 066 /** 067 * Returns the primary key of the user. 068 * 069 * @return the primary key of the user 070 */ 071 public long getUserId(); 072 073 /** 074 * Returns <code>true</code> if the user is the owner of the resource and 075 * has permission to perform the action. 076 * 077 * @param companyId the primary key of the user's company 078 * @param name the resource's name, which can be either a class name or a 079 * portlet ID 080 * @param primKey the primary key of the resource 081 * @param ownerId the primary key of the resource's owner 082 * @param actionId the action ID 083 * @return <code>true</code> if the user is the owner of the resource and 084 * has permission to perform the action; <code>false</code> 085 * otherwise 086 */ 087 public boolean hasOwnerPermission( 088 long companyId, String name, long primKey, long ownerId, 089 String actionId); 090 091 /** 092 * Returns <code>true</code> if the user is the owner of the resource and 093 * has permission to perform the action. 094 * 095 * @param companyId the primary key of the user's company 096 * @param name the resource's name, which can be either a class name or a 097 * portlet ID 098 * @param primKey the primary key of the resource 099 * @param ownerId the primary key of the resource's owner 100 * @param actionId the action ID 101 * @return <code>true</code> if the user is the owner of the resource and 102 * has permission to perform the action; <code>false</code> 103 * otherwise 104 */ 105 public boolean hasOwnerPermission( 106 long companyId, String name, String primKey, long ownerId, 107 String actionId); 108 109 /** 110 * Returns <code>true</code> if the user has permission to perform the 111 * action on the resource. 112 * 113 * @param groupId the primary key of the group containing the resource 114 * @param name the resource's name, which can be either a class name or a 115 * portlet ID 116 * @param primKey the primary key of the resource 117 * @param actionId the action ID 118 * @return <code>true</code> if the user has permission to perform the 119 * action on the resource; <code>false</code> otherwise 120 */ 121 public boolean hasPermission( 122 long groupId, String name, long primKey, String actionId); 123 124 /** 125 * Returns <code>true</code> if the user has permission to perform the 126 * action on the resource. 127 * 128 * @param groupId the primary key of the group containing the resource 129 * @param name the resource's name, which can be either a class name or a 130 * portlet ID 131 * @param primKey the primary key of the resource 132 * @param actionId the action ID 133 * @return <code>true</code> if the user has permission to perform the 134 * action on the resource; <code>false</code> otherwise 135 */ 136 public boolean hasPermission( 137 long groupId, String name, String primKey, String actionId); 138 139 /** 140 * Returns <code>true</code> if the user has permission to perform the 141 * action on the resource without using guest permissions. 142 * 143 * @param groupId the primary key of the group containing the resource 144 * @param name the resource's name, which can be either a class name or a 145 * portlet ID 146 * @param primKey the primary key of the resource 147 * @param actionId the action ID 148 * @param checkAdmin whether to use permissions gained from administrator 149 * roles 150 * @return <code>true</code> if the user has permission to perform the 151 * action on the resource without using guest permissions; 152 * <code>false</code> otherwise 153 */ 154 public boolean hasUserPermission( 155 long groupId, String name, String primKey, String actionId, 156 boolean checkAdmin); 157 158 /** 159 * Initializes this permission checker. 160 * 161 * @param user the current user 162 */ 163 public void init(User user); 164 165 /** 166 * Returns <code>true</code> if guest permissions will be used in permission 167 * checks. 168 * 169 * @return <code>true</code> if guest permissions will be used in permission 170 * checks; <code>false</code> otherwise 171 */ 172 public boolean isCheckGuest(); 173 174 /** 175 * @deprecated As of 6.1.0, renamed to {@link #isGroupAdmin(long)} 176 */ 177 public boolean isCommunityAdmin(long groupId); 178 179 /** 180 * @deprecated As of 6.1.0, renamed to {@link #isGroupOwner(long)} 181 */ 182 public boolean isCommunityOwner(long groupId); 183 184 /** 185 * Returns <code>true</code> if the user is an administrator of their 186 * company. 187 * 188 * @return <code>true</code> if the user is an administrator of their 189 * company; <code>false</code> otherwise 190 */ 191 public boolean isCompanyAdmin(); 192 193 /** 194 * Returns <code>true</code> if the user is an administrator of the company. 195 * 196 * @param companyId the primary key of the company 197 * @return <code>true</code> if the user is an administrator of the company; 198 * <code>false</code> otherwise 199 */ 200 public boolean isCompanyAdmin(long companyId); 201 202 /** 203 * Returns <code>true</code> if the user is an administrator of the group. 204 * 205 * @param groupId the primary key of the group 206 * @return <code>true</code> if the user is an administrator of the group; 207 * <code>false</code> otherwise 208 */ 209 public boolean isGroupAdmin(long groupId); 210 211 /** 212 * Returns <code>true</code> if the user is a member of the group. 213 * 214 * @param groupId the primary key of the group 215 * @return <code>true</code> if the user is a member of the group; 216 * <code>false</code> otherwise 217 */ 218 public boolean isGroupMember(long groupId); 219 220 /** 221 * Returns <code>true</code> if the user is the owner of the group. 222 * 223 * @param groupId the primary key of the group 224 * @return <code>true</code> if the user is the owner of the group; 225 * <code>false</code> otherwise 226 */ 227 public boolean isGroupOwner(long groupId); 228 229 /** 230 * Returns <code>true</code> if the user is a universal administrator. 231 * 232 * @return <code>true</code> if the user is a universal administrator; 233 * <code>false</code> otherwise 234 * @see com.liferay.portlet.admin.util.OmniadminUtil 235 */ 236 public boolean isOmniadmin(); 237 238 /** 239 * Returns <code>true</code> if the user is an administrator of the 240 * organization. 241 * 242 * @param organizationId the primary key of the organization 243 * @return <code>true</code> if the user is an administrator of the 244 * organization; <code>false</code> otherwise 245 */ 246 public boolean isOrganizationAdmin(long organizationId); 247 248 /** 249 * Returns <code>true</code> if the user is an owner of the organization. 250 * 251 * @param organizationId the primary key of the organization 252 * @return <code>true</code> if the user is an owner of the organization; 253 * <code>false</code> otherwise 254 */ 255 public boolean isOrganizationOwner(long organizationId); 256 257 /** 258 * Returns <code>true</code> if the user is signed in. 259 * 260 * @return <code>true</code> if the user is signed in; <code>false</code> 261 * otherwise 262 */ 263 public boolean isSignedIn(); 264 265 /** 266 * @deprecated Does nothing 267 */ 268 public void resetValues(); 269 270 /** 271 * @deprecated Does nothing 272 */ 273 public void setValues(PortletRequest portletRequest); 274 275 }