001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.membershippolicy;
016    
017    import com.liferay.portal.kernel.dao.orm.ActionableDynamicQuery;
018    import com.liferay.portal.kernel.dao.orm.DynamicQuery;
019    import com.liferay.portal.kernel.dao.orm.Property;
020    import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.model.Group;
024    import com.liferay.portal.model.Role;
025    import com.liferay.portal.model.RoleConstants;
026    import com.liferay.portal.model.UserGroupRole;
027    import com.liferay.portal.security.permission.PermissionChecker;
028    import com.liferay.portal.service.RoleLocalServiceUtil;
029    import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;
030    import com.liferay.portal.service.persistence.GroupActionableDynamicQuery;
031    import com.liferay.portal.service.persistence.UserGroupRoleActionableDynamicQuery;
032    import com.liferay.portal.service.persistence.UserGroupRolePK;
033    
034    import java.io.Serializable;
035    
036    import java.util.ArrayList;
037    import java.util.List;
038    import java.util.Map;
039    
040    /**
041     * @author Roberto D??az
042     * @author Sergio Gonz??lez
043     */
044    public abstract class BaseSiteMembershipPolicy implements SiteMembershipPolicy {
045    
046            @Override
047            @SuppressWarnings("unused")
048            public void checkRoles(
049                            List<UserGroupRole> addUserGroupRoles,
050                            List<UserGroupRole> removeUserGroupRoles)
051                    throws PortalException, SystemException {
052            }
053    
054            @Override
055            @SuppressWarnings("unused")
056            public boolean isMembershipAllowed(long userId, long groupId)
057                    throws PortalException, SystemException {
058    
059                    try {
060                            checkMembership(new long[] {userId}, new long[] {groupId}, null);
061                    }
062                    catch (Exception e) {
063                            return false;
064                    }
065    
066                    return true;
067            }
068    
069            @Override
070            public boolean isMembershipProtected(
071                            PermissionChecker permissionChecker, long userId, long groupId)
072                    throws PortalException, SystemException {
073    
074                    if (permissionChecker.isGroupOwner(groupId)) {
075                            return false;
076                    }
077    
078                    Role siteAdministratorRole = RoleLocalServiceUtil.getRole(
079                            permissionChecker.getCompanyId(), RoleConstants.SITE_ADMINISTRATOR);
080    
081                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
082                                    userId, groupId, siteAdministratorRole.getRoleId())) {
083    
084                            return true;
085                    }
086    
087                    Role siteOwnerRole = RoleLocalServiceUtil.getRole(
088                            permissionChecker.getCompanyId(), RoleConstants.SITE_OWNER);
089    
090                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
091                                    userId, groupId, siteOwnerRole.getRoleId())) {
092    
093                            return true;
094                    }
095    
096                    return false;
097            }
098    
099            @Override
100            @SuppressWarnings("unused")
101            public boolean isMembershipRequired(long userId, long groupId)
102                    throws PortalException, SystemException {
103    
104                    try {
105                            checkMembership(new long[] {userId}, null, new long[] {groupId});
106                    }
107                    catch (Exception e) {
108                            return true;
109                    }
110    
111                    return false;
112            }
113    
114            @Override
115            @SuppressWarnings("unused")
116            public boolean isRoleAllowed(long userId, long groupId, long roleId)
117                    throws PortalException, SystemException {
118    
119                    List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
120    
121                    UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
122                            userId, groupId, roleId);
123    
124                    UserGroupRole userGroupRole =
125                            UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
126    
127                    userGroupRoles.add(userGroupRole);
128    
129                    try {
130                            checkRoles(userGroupRoles, null);
131                    }
132                    catch (Exception e) {
133                            return false;
134                    }
135    
136                    return true;
137            }
138    
139            @Override
140            public boolean isRoleProtected(
141                            PermissionChecker permissionChecker, long userId, long groupId,
142                            long roleId)
143                    throws PortalException, SystemException {
144    
145                    if (permissionChecker.isGroupOwner(groupId)) {
146                            return false;
147                    }
148    
149                    Role role = RoleLocalServiceUtil.getRole(roleId);
150    
151                    String roleName = role.getName();
152    
153                    if (!roleName.equals(RoleConstants.SITE_ADMINISTRATOR) &&
154                            !roleName.equals(RoleConstants.SITE_OWNER)) {
155    
156                            return false;
157                    }
158    
159                    if (UserGroupRoleLocalServiceUtil.hasUserGroupRole(
160                                    userId, groupId, roleId)) {
161    
162                            return true;
163                    }
164    
165                    return false;
166            }
167    
168            @Override
169            public boolean isRoleRequired(long userId, long groupId, long roleId) {
170                    List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();
171    
172                    UserGroupRolePK userGroupRolePK = new UserGroupRolePK(
173                            userId, groupId, roleId);
174    
175                    UserGroupRole userGroupRole =
176                            UserGroupRoleLocalServiceUtil.createUserGroupRole(userGroupRolePK);
177    
178                    userGroupRoles.add(userGroupRole);
179    
180                    try {
181                            checkRoles(null, userGroupRoles);
182                    }
183                    catch (Exception e) {
184                            return true;
185                    }
186    
187                    return false;
188            }
189    
190            @Override
191            @SuppressWarnings("unused")
192            public void propagateRoles(
193                            List<UserGroupRole> addUserGroupRoles,
194                            List<UserGroupRole> removeUserGroupRoles)
195                    throws PortalException, SystemException {
196            }
197    
198            @Override
199            public void verifyPolicy() throws PortalException, SystemException {
200                    ActionableDynamicQuery groupActionableDynamicQuery =
201                            new GroupActionableDynamicQuery() {
202    
203                            @Override
204                            protected void addCriteria(DynamicQuery dynamicQuery) {
205                                    Property property = PropertyFactoryUtil.forName("site");
206    
207                                    dynamicQuery.add(property.eq(true));
208                            }
209    
210                            @Override
211                            protected void performAction(Object object)
212                                    throws PortalException, SystemException {
213    
214                                    Group group = (Group)object;
215    
216                                    verifyPolicy(group);
217    
218                                    ActionableDynamicQuery userGroupRoleActionableDynamicQuery =
219                                            new UserGroupRoleActionableDynamicQuery() {
220    
221                                            @Override
222                                            protected void performAction(Object object)
223                                                    throws PortalException, SystemException {
224    
225                                                    UserGroupRole userGroupRole = (UserGroupRole)object;
226    
227                                                    verifyPolicy(userGroupRole.getRole());
228                                            }
229    
230                                    };
231    
232                                    userGroupRoleActionableDynamicQuery.setGroupId(
233                                            group.getGroupId());
234    
235                                    userGroupRoleActionableDynamicQuery.performActions();
236                            }
237    
238                    };
239    
240                    groupActionableDynamicQuery.performActions();
241            }
242    
243            @Override
244            public void verifyPolicy(Group group)
245                    throws PortalException, SystemException {
246    
247                    verifyPolicy(group, null, null, null, null, null);
248            }
249    
250            @Override
251            public void verifyPolicy(Role role) {
252            }
253    
254            @Override
255            public void verifyPolicy(
256                    Role role, Role oldRole,
257                    Map<String, Serializable> oldExpandoAttributes) {
258            }
259    
260    }