001
014
015 package com.liferay.portal.security.membershippolicy;
016
017 import com.liferay.portal.kernel.dao.orm.ActionableDynamicQuery;
018 import com.liferay.portal.kernel.dao.orm.DynamicQuery;
019 import com.liferay.portal.kernel.dao.orm.Property;
020 import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.model.Group;
024 import com.liferay.portal.model.Role;
025 import com.liferay.portal.model.RoleConstants;
026 import com.liferay.portal.model.UserGroupRole;
027 import com.liferay.portal.security.permission.PermissionChecker;
028 import com.liferay.portal.service.RoleLocalServiceUtil;
029 import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
030 import com.liferay.portal.service.persistence.GroupActionableDynamicQuery;
031 import com.liferay.portal.service.persistence.UserGroupRoleActionableDynamicQuery;
032 import com.liferay.portal.service.persistence.UserGroupRolePK;
033
034 import java.io.Serializable;
035
036 import java.util.ArrayList;
037 import java.util.List;
038 import java.util.Map;
039
040
044 public abstract class BaseSiteMembershipPolicy implements SiteMembershipPolicy {
045
046 @Override
047 @SuppressWarnings("unused")
048 public void checkRoles(
049 List<UserGroupRole> addUserGroupRoles,
050 List<UserGroupRole> removeUserGroupRoles)
051 throws PortalException, SystemException {
052 }
053
054 @Override
055 @SuppressWarnings("unused")
056 public boolean isMembershipAllowed(long userId, long groupId)
057 throws PortalException, SystemException {
058
059 try {
060 checkMembership(new long[] {userId}, new long[] {groupId}, null);
061 }
062 catch (Exception e) {
063 return false;
064 }
065
066 return true;
067 }
068
069 @Override
070 public boolean isMembershipProtected(
071 PermissionChecker permissionChecker, long userId, long groupId)
072 throws PortalException, SystemException {
073
074 if (permissionChecker.isGroupOwner(groupId)) {
075 return false;
076 }
077
078 Role siteAdministratorRole = RoleLocalServiceUtil.getRole(
079 permissionChecker.getCompanyId(), RoleConstants.SITE_ADMINISTRATOR);
080
081 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
082 userId, groupId, siteAdministratorRole.getRoleId())) {
083
084 return true;
085 }
086
087 Role siteOwnerRole = RoleLocalServiceUtil.getRole(
088 permissionChecker.getCompanyId(), RoleConstants.SITE_OWNER);
089
090 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
091 userId, groupId, siteOwnerRole.getRoleId())) {
092
093 return true;
094 }
095
096 return false;
097 }
098
099 @Override
100 @SuppressWarnings("unused")
101 public boolean isMembershipRequired(long userId, long groupId)
102 throws PortalException, SystemException {
103
104 try {
105 checkMembership(new long[] {userId}, null, new long[] {groupId});
106 }
107 catch (Exception e) {
108 return true;
109 }
110
111 return false;
112 }
113
114 @Override
115 @SuppressWarnings("unused")
116 public boolean isRoleAllowed(long userId, long groupId, long roleId)
117 throws PortalException, SystemException {
118
119 List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
120
121 UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
122 userId, groupId, roleId);
123
124 UserGroupRole userGroupRole =
125 UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
126
127 userGroupRoles.add(userGroupRole);
128
129 try {
130 checkRoles(userGroupRoles, null);
131 }
132 catch (Exception e) {
133 return false;
134 }
135
136 return true;
137 }
138
139 @Override
140 public boolean isRoleProtected(
141 PermissionChecker permissionChecker, long userId, long groupId,
142 long roleId)
143 throws PortalException, SystemException {
144
145 if (permissionChecker.isGroupOwner(groupId)) {
146 return false;
147 }
148
149 Role role = RoleLocalServiceUtil.getRole(roleId);
150
151 String roleName = role.getName();
152
153 if (!roleName.equals(RoleConstants.SITE_ADMINISTRATOR) &&
154 !roleName.equals(RoleConstants.SITE_OWNER)) {
155
156 return false;
157 }
158
159 if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
160 userId, groupId, roleId)) {
161
162 return true;
163 }
164
165 return false;
166 }
167
168 @Override
169 public boolean isRoleRequired(long userId, long groupId, long roleId) {
170 List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
171
172 UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
173 userId, groupId, roleId);
174
175 UserGroupRole userGroupRole =
176 UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
177
178 userGroupRoles.add(userGroupRole);
179
180 try {
181 checkRoles(null, userGroupRoles);
182 }
183 catch (Exception e) {
184 return true;
185 }
186
187 return false;
188 }
189
190 @Override
191 @SuppressWarnings("unused")
192 public void propagateRoles(
193 List<UserGroupRole> addUserGroupRoles,
194 List<UserGroupRole> removeUserGroupRoles)
195 throws PortalException, SystemException {
196 }
197
198 @Override
199 public void verifyPolicy() throws PortalException, SystemException {
200 ActionableDynamicQuery groupActionableDynamicQuery =
201 new GroupActionableDynamicQuery() {
202
203 @Override
204 protected void addCriteria(DynamicQuery dynamicQuery) {
205 Property property = PropertyFactoryUtil.forName("site");
206
207 dynamicQuery.add(property.eq(true));
208 }
209
210 @Override
211 protected void performAction(Object object)
212 throws PortalException, SystemException {
213
214 Group group = (Group)object;
215
216 verifyPolicy(group);
217
218 ActionableDynamicQuery userGroupRoleActionableDynamicQuery =
219 new UserGroupRoleActionableDynamicQuery() {
220
221 @Override
222 protected void performAction(Object object)
223 throws PortalException, SystemException {
224
225 UserGroupRole userGroupRole = (UserGroupRole)object;
226
227 verifyPolicy(userGroupRole.getRole());
228 }
229
230 };
231
232 userGroupRoleActionableDynamicQuery.setGroupId(
233 group.getGroupId());
234
235 userGroupRoleActionableDynamicQuery.performActions();
236 }
237
238 };
239
240 groupActionableDynamicQuery.performActions();
241 }
242
243 @Override
244 public void verifyPolicy(Group group)
245 throws PortalException, SystemException {
246
247 verifyPolicy(group, null, null, null, null, null);
248 }
249
250 @Override
251 public void verifyPolicy(Role role) {
252 }
253
254 @Override
255 public void verifyPolicy(
256 Role role, Role oldRole,
257 Map<String, Serializable> oldExpandoAttributes) {
258 }
259
260 }