001
014
015 package com.liferay.portlet.messageboards.service.permission;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.staging.permission.StagingPermissionUtil;
020 import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
021 import com.liferay.portal.security.auth.PrincipalException;
022 import com.liferay.portal.security.permission.ActionKeys;
023 import com.liferay.portal.security.permission.PermissionChecker;
024 import com.liferay.portal.util.PortletKeys;
025 import com.liferay.portal.util.PropsValues;
026 import com.liferay.portlet.messageboards.NoSuchCategoryException;
027 import com.liferay.portlet.messageboards.model.MBCategory;
028 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
029 import com.liferay.portlet.messageboards.model.MBMessage;
030 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
031 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
032 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
033
034
037 public class MBMessagePermission {
038
039 public static void check(
040 PermissionChecker permissionChecker, long messageId,
041 String actionId)
042 throws PortalException, SystemException {
043
044 if (!contains(permissionChecker, messageId, actionId)) {
045 throw new PrincipalException();
046 }
047 }
048
049 public static void check(
050 PermissionChecker permissionChecker, MBMessage message,
051 String actionId)
052 throws PortalException, SystemException {
053
054 if (!contains(permissionChecker, message, actionId)) {
055 throw new PrincipalException();
056 }
057 }
058
059 public static boolean contains(
060 PermissionChecker permissionChecker, long messageId,
061 String actionId)
062 throws PortalException, SystemException {
063
064 MBMessage message = MBMessageLocalServiceUtil.getMessage(messageId);
065
066 return contains(permissionChecker, message, actionId);
067 }
068
069 public static boolean contains(
070 PermissionChecker permissionChecker, MBMessage message,
071 String actionId)
072 throws PortalException, SystemException {
073
074 if (MBBanLocalServiceUtil.hasBan(
075 message.getGroupId(), permissionChecker.getUserId())) {
076
077 return false;
078 }
079
080 Boolean hasPermission = StagingPermissionUtil.hasPermission(
081 permissionChecker, message.getGroupId(), MBMessage.class.getName(),
082 message.getMessageId(), PortletKeys.MESSAGE_BOARDS, actionId);
083
084 if (hasPermission != null) {
085 return hasPermission.booleanValue();
086 }
087
088 if (message.isDraft() || message.isScheduled()) {
089 if (actionId.equals(ActionKeys.VIEW) &&
090 !contains(permissionChecker, message, ActionKeys.UPDATE)) {
091
092 return false;
093 }
094 }
095 else if (message.isPending()) {
096 hasPermission = WorkflowPermissionUtil.hasPermission(
097 permissionChecker, message.getGroupId(),
098 message.getWorkflowClassName(), message.getMessageId(),
099 actionId);
100
101 if (hasPermission != null) {
102 return hasPermission.booleanValue();
103 }
104 }
105
106 if (actionId.equals(ActionKeys.VIEW) &&
107 PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
108
109 long categoryId = message.getCategoryId();
110
111 if ((categoryId ==
112 MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) ||
113 (categoryId == MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
114
115 if (!MBPermission.contains(
116 permissionChecker, message.getGroupId(), actionId)) {
117
118 return false;
119 }
120 }
121 else {
122 try {
123 MBCategory category =
124 MBCategoryLocalServiceUtil.getCategory(categoryId);
125
126 if (!MBCategoryPermission.contains(
127 permissionChecker, category, actionId)) {
128
129 return false;
130 }
131 }
132 catch (NoSuchCategoryException nsce) {
133 if (!message.isInTrash()) {
134 throw nsce;
135 }
136 }
137 }
138 }
139
140 if (permissionChecker.hasOwnerPermission(
141 message.getCompanyId(), MBMessage.class.getName(),
142 message.getRootMessageId(), message.getUserId(), actionId)) {
143
144 return true;
145 }
146
147 return permissionChecker.hasPermission(
148 message.getGroupId(), MBMessage.class.getName(),
149 message.getMessageId(), actionId);
150 }
151
152 }