001
014
015 package com.liferay.portlet.blogs.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.util.PortletKeys;
025 import com.liferay.portlet.blogs.model.BlogsEntry;
026 import com.liferay.portlet.blogs.service.BlogsEntryLocalServiceUtil;
027
028
031 public class BlogsEntryPermission {
032
033 public static void check(
034 PermissionChecker permissionChecker, BlogsEntry entry,
035 String actionId)
036 throws PortalException {
037
038 if (!contains(permissionChecker, entry, actionId)) {
039 throw new PrincipalException();
040 }
041 }
042
043 public static void check(
044 PermissionChecker permissionChecker, long entryId, String actionId)
045 throws PortalException, SystemException {
046
047 if (!contains(permissionChecker, entryId, actionId)) {
048 throw new PrincipalException();
049 }
050 }
051
052 public static boolean contains(
053 PermissionChecker permissionChecker, BlogsEntry entry,
054 String actionId) {
055
056 Boolean hasPermission = StagingPermissionUtil.hasPermission(
057 permissionChecker, entry.getGroupId(), BlogsEntry.class.getName(),
058 entry.getEntryId(), PortletKeys.BLOGS, actionId);
059
060 if (hasPermission != null) {
061 return hasPermission.booleanValue();
062 }
063
064 if (entry.isDraft() || entry.isScheduled()) {
065 if (actionId.equals(ActionKeys.VIEW) &&
066 !contains(permissionChecker, entry, ActionKeys.UPDATE)) {
067
068 return false;
069 }
070 }
071 else if (entry.isPending()) {
072 hasPermission = WorkflowPermissionUtil.hasPermission(
073 permissionChecker, entry.getGroupId(),
074 BlogsEntry.class.getName(), entry.getEntryId(), actionId);
075
076 if (hasPermission != null) {
077 return hasPermission.booleanValue();
078 }
079 }
080
081 if (permissionChecker.hasOwnerPermission(
082 entry.getCompanyId(), BlogsEntry.class.getName(),
083 entry.getEntryId(), entry.getUserId(), actionId)) {
084
085 return true;
086 }
087
088 return permissionChecker.hasPermission(
089 entry.getGroupId(), BlogsEntry.class.getName(), entry.getEntryId(),
090 actionId);
091 }
092
093 public static boolean contains(
094 PermissionChecker permissionChecker, long entryId, String actionId)
095 throws PortalException, SystemException {
096
097 BlogsEntry entry = BlogsEntryLocalServiceUtil.getEntry(entryId);
098
099 return contains(permissionChecker, entry, actionId);
100 }
101
102 }