001
014
015 package com.liferay.portal.workflow;
016
017 import com.liferay.portal.security.auth.PrincipalException;
018 import com.liferay.portal.security.permission.PermissionChecker;
019 import com.liferay.portal.security.permission.PermissionThreadLocal;
020
021 import org.aspectj.lang.ProceedingJoinPoint;
022 import org.aspectj.lang.Signature;
023
024
027 public class WorkflowPermissionAdvice {
028
029 public Object invoke(ProceedingJoinPoint proceedingJoinPoint)
030 throws Throwable {
031
032 Signature signature = proceedingJoinPoint.getSignature();
033
034 String methodName = signature.getName();
035
036 Object[] arguments = proceedingJoinPoint.getArgs();
037
038 if (methodName.equals(_ASSIGN_WORKFLOW_TASK_TO_USER_METHOD_NAME)) {
039 long userId = (Long)arguments[1];
040
041 PermissionChecker permissionChecker =
042 PermissionThreadLocal.getPermissionChecker();
043
044 if (permissionChecker.getUserId() != userId) {
045 throw new PrincipalException();
046 }
047 }
048
049 return proceedingJoinPoint.proceed();
050 }
051
052 private static final String _ASSIGN_WORKFLOW_TASK_TO_USER_METHOD_NAME =
053 "assignWorkflowTaskToUser";
054
055 }