001
014
015 package com.liferay.portal.kernel.search;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.ArrayUtil;
020 import com.liferay.portal.kernel.util.GetterUtil;
021 import com.liferay.portal.kernel.util.Time;
022 import com.liferay.portal.kernel.workflow.WorkflowConstants;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.security.permission.PermissionChecker;
025
026 import java.util.ArrayList;
027 import java.util.List;
028
029
032 public class DefaultSearchResultPermissionFilter
033 extends BaseSearchResultPermissionFilter {
034
035 public DefaultSearchResultPermissionFilter(
036 BaseIndexer baseIndexer, PermissionChecker permissionChecker) {
037
038 _baseIndexer = baseIndexer;
039 _permissionChecker = permissionChecker;
040 }
041
042 @Override
043 protected void filterHits(Hits hits, SearchContext searchContext) {
044 List<Document> docs = new ArrayList<Document>();
045 List<Float> scores = new ArrayList<Float>();
046
047 Document[] documents = hits.getDocs();
048
049 int excludeDocsSize = 0;
050
051 int status = GetterUtil.getInteger(
052 searchContext.getAttribute(Field.STATUS),
053 WorkflowConstants.STATUS_APPROVED);
054
055 for (int i = 0; i < documents.length; i++) {
056 if (_isIncludeDocument(documents[i], status)) {
057 docs.add(documents[i]);
058 scores.add(hits.score(i));
059 }
060 else {
061 excludeDocsSize++;
062 }
063 }
064
065 hits.setDocs(docs.toArray(new Document[docs.size()]));
066 hits.setScores(ArrayUtil.toFloatArray(scores));
067 hits.setSearchTime(
068 (float)(System.currentTimeMillis() - hits.getStart()) /
069 Time.SECOND);
070 hits.setLength(hits.getLength() - excludeDocsSize);
071 }
072
073 @Override
074 protected Hits getHits(SearchContext searchContext) throws SearchException {
075 return _baseIndexer.doSearch(searchContext);
076 }
077
078 @Override
079 protected boolean isGroupAdmin(SearchContext searchContext) {
080 if (_permissionChecker.isCompanyAdmin(searchContext.getCompanyId())) {
081 return true;
082 }
083
084 long[] groupIds = searchContext.getGroupIds();
085
086 if (groupIds == null) {
087 return false;
088 }
089
090 for (long groupId : groupIds) {
091 if (!_permissionChecker.isGroupAdmin(groupId)) {
092 return false;
093 }
094 }
095
096 return true;
097 }
098
099 private boolean _isIncludeDocument(Document document, int status) {
100 String entryClassName = document.get(Field.ENTRY_CLASS_NAME);
101
102 Indexer indexer = IndexerRegistryUtil.getIndexer(entryClassName);
103
104 if (indexer == null) {
105 return true;
106 }
107
108 if (!indexer.isFilterSearch() || !indexer.isPermissionAware()) {
109 return true;
110 }
111
112 long entryClassPK = GetterUtil.getLong(
113 document.get(Field.ENTRY_CLASS_PK));
114
115 try {
116 if (indexer.hasPermission(
117 _permissionChecker, entryClassName, entryClassPK,
118 ActionKeys.VIEW) &&
119 indexer.isVisibleRelatedEntry(entryClassPK, status)) {
120
121 return true;
122 }
123 }
124 catch (Exception e) {
125 if (_log.isDebugEnabled()) {
126 _log.debug(e, e);
127 }
128 }
129
130 return false;
131 }
132
133 private static Log _log = LogFactoryUtil.getLog(
134 DefaultSearchResultPermissionFilter.class);
135
136 private BaseIndexer _baseIndexer;
137 private PermissionChecker _permissionChecker;
138
139 }