001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.kernel.search;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.util.ArrayUtil;
020    import com.liferay.portal.kernel.util.GetterUtil;
021    import com.liferay.portal.kernel.util.Time;
022    import com.liferay.portal.kernel.workflow.WorkflowConstants;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.security.permission.PermissionChecker;
025    
026    import java.util.ArrayList;
027    import java.util.List;
028    
029    /**
030     * @author Tina Tian
031     */
032    public class DefaultSearchResultPermissionFilter
033            extends BaseSearchResultPermissionFilter {
034    
035            public DefaultSearchResultPermissionFilter(
036                    BaseIndexer baseIndexer, PermissionChecker permissionChecker) {
037    
038                    _baseIndexer = baseIndexer;
039                    _permissionChecker = permissionChecker;
040            }
041    
042            @Override
043            protected void filterHits(Hits hits, SearchContext searchContext) {
044                    List<Document> docs = new ArrayList<Document>();
045                    List<Float> scores = new ArrayList<Float>();
046    
047                    Document[] documents = hits.getDocs();
048    
049                    int excludeDocsSize = 0;
050    
051                    int status = GetterUtil.getInteger(
052                            searchContext.getAttribute(Field.STATUS),
053                            WorkflowConstants.STATUS_APPROVED);
054    
055                    for (int i = 0; i < documents.length; i++) {
056                            if (_isIncludeDocument(documents[i], status)) {
057                                    docs.add(documents[i]);
058                                    scores.add(hits.score(i));
059                            }
060                            else {
061                                    excludeDocsSize++;
062                            }
063                    }
064    
065                    hits.setDocs(docs.toArray(new Document[docs.size()]));
066                    hits.setScores(ArrayUtil.toFloatArray(scores));
067                    hits.setSearchTime(
068                            (float)(System.currentTimeMillis() - hits.getStart()) /
069                                    Time.SECOND);
070                    hits.setLength(hits.getLength() - excludeDocsSize);
071            }
072    
073            @Override
074            protected Hits getHits(SearchContext searchContext) throws SearchException {
075                    return _baseIndexer.doSearch(searchContext);
076            }
077    
078            @Override
079            protected boolean isGroupAdmin(SearchContext searchContext) {
080                    if (_permissionChecker.isCompanyAdmin(searchContext.getCompanyId())) {
081                            return true;
082                    }
083    
084                    long[] groupIds = searchContext.getGroupIds();
085    
086                    if (groupIds == null) {
087                            return false;
088                    }
089    
090                    for (long groupId : groupIds) {
091                            if (!_permissionChecker.isGroupAdmin(groupId)) {
092                                    return false;
093                            }
094                    }
095    
096                    return true;
097            }
098    
099            private boolean _isIncludeDocument(Document document, int status) {
100                    String entryClassName = document.get(Field.ENTRY_CLASS_NAME);
101    
102                    Indexer indexer = IndexerRegistryUtil.getIndexer(entryClassName);
103    
104                    if (indexer == null) {
105                            return true;
106                    }
107    
108                    if (!indexer.isFilterSearch() || !indexer.isPermissionAware()) {
109                            return true;
110                    }
111    
112                    long entryClassPK = GetterUtil.getLong(
113                            document.get(Field.ENTRY_CLASS_PK));
114    
115                    try {
116                            if (indexer.hasPermission(
117                                            _permissionChecker, entryClassName, entryClassPK,
118                                            ActionKeys.VIEW) &&
119                                    indexer.isVisibleRelatedEntry(entryClassPK, status)) {
120    
121                                    return true;
122                            }
123                    }
124                    catch (Exception e) {
125                            if (_log.isDebugEnabled()) {
126                                    _log.debug(e, e);
127                            }
128                    }
129    
130                    return false;
131            }
132    
133            private static Log _log = LogFactoryUtil.getLog(
134                    DefaultSearchResultPermissionFilter.class);
135    
136            private BaseIndexer _baseIndexer;
137            private PermissionChecker _permissionChecker;
138    
139    }