001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.permission;
016    
017    import com.liferay.portal.model.User;
018    
019    import java.util.List;
020    
021    import javax.portlet.PortletRequest;
022    
023    /**
024     * @author Brian Wing Shun Chan
025     */
026    public interface PermissionChecker extends Cloneable {
027    
028            public static final long[] DEFAULT_ROLE_IDS = {};
029    
030            public PermissionChecker clone();
031    
032            /**
033             * Returns the primary key of the user's company.
034             *
035             * @return the primary key of the user's company
036             */
037            public long getCompanyId();
038    
039            public List<Long> getGuestResourceBlockIds(
040                    long companyId, long groupId, String name, String actionId);
041    
042            public List<Long> getOwnerResourceBlockIds(
043                    long companyId, long groupId, String name, String actionId);
044    
045            /**
046             * Returns the primary key of the owner role. This role is automatically
047             * given to the creator of a resource.
048             *
049             * @return the primary key of the owner role
050             */
051            public long getOwnerRoleId();
052    
053            public List<Long> getResourceBlockIds(
054                    long companyId, long groupId, long userId, String name,
055                    String actionId);
056    
057            /**
058             * Returns the primary keys of the roles the user has within the group.
059             *
060             * @param  userId the primary key of the user
061             * @param  groupId the primary key of the group
062             * @return the primary keys of the roles the user has within the group
063             */
064            public long[] getRoleIds(long userId, long groupId);
065    
066            public User getUser();
067    
068            /**
069             * Returns the primary key of the user.
070             *
071             * @return the primary key of the user
072             */
073            public long getUserId();
074    
075            /**
076             * Returns <code>true</code> if the user is the owner of the resource and
077             * has permission to perform the action.
078             *
079             * @param  companyId the primary key of the user's company
080             * @param  name the resource's name, which can be either a class name or a
081             *         portlet ID
082             * @param  primKey the primary key of the resource
083             * @param  ownerId the primary key of the resource's owner
084             * @param  actionId the action ID
085             * @return <code>true</code> if the user is the owner of the resource and
086             *         has permission to perform the action; <code>false</code>
087             *         otherwise
088             */
089            public boolean hasOwnerPermission(
090                    long companyId, String name, long primKey, long ownerId,
091                    String actionId);
092    
093            /**
094             * Returns <code>true</code> if the user is the owner of the resource and
095             * has permission to perform the action.
096             *
097             * @param  companyId the primary key of the user's company
098             * @param  name the resource's name, which can be either a class name or a
099             *         portlet ID
100             * @param  primKey the primary key of the resource
101             * @param  ownerId the primary key of the resource's owner
102             * @param  actionId the action ID
103             * @return <code>true</code> if the user is the owner of the resource and
104             *         has permission to perform the action; <code>false</code>
105             *         otherwise
106             */
107            public boolean hasOwnerPermission(
108                    long companyId, String name, String primKey, long ownerId,
109                    String actionId);
110    
111            /**
112             * Returns <code>true</code> if the user has permission to perform the
113             * action on the resource.
114             *
115             * @param  groupId the primary key of the group containing the resource
116             * @param  name the resource's name, which can be either a class name or a
117             *         portlet ID
118             * @param  primKey the primary key of the resource
119             * @param  actionId the action ID
120             * @return <code>true</code> if the user has permission to perform the
121             *         action on the resource; <code>false</code> otherwise
122             */
123            public boolean hasPermission(
124                    long groupId, String name, long primKey, String actionId);
125    
126            /**
127             * Returns <code>true</code> if the user has permission to perform the
128             * action on the resource.
129             *
130             * @param  groupId the primary key of the group containing the resource
131             * @param  name the resource's name, which can be either a class name or a
132             *         portlet ID
133             * @param  primKey the primary key of the resource
134             * @param  actionId the action ID
135             * @return <code>true</code> if the user has permission to perform the
136             *         action on the resource; <code>false</code> otherwise
137             */
138            public boolean hasPermission(
139                    long groupId, String name, String primKey, String actionId);
140    
141            /**
142             * Returns <code>true</code> if the user has permission to perform the
143             * action on the resource without using guest permissions.
144             *
145             * @param  groupId the primary key of the group containing the resource
146             * @param  name the resource's name, which can be either a class name or a
147             *         portlet ID
148             * @param  primKey the primary key of the resource
149             * @param  actionId the action ID
150             * @param  checkAdmin whether to use permissions gained from administrator
151             *         roles
152             * @return <code>true</code> if the user has permission to perform the
153             *         action on the resource without using guest permissions;
154             *         <code>false</code> otherwise
155             */
156            public boolean hasUserPermission(
157                    long groupId, String name, String primKey, String actionId,
158                    boolean checkAdmin);
159    
160            /**
161             * Initializes this permission checker.
162             *
163             * @param user the current user
164             */
165            public void init(User user);
166    
167            /**
168             * Returns <code>true</code> if guest permissions will be used in permission
169             * checks.
170             *
171             * @return <code>true</code> if guest permissions will be used in permission
172             *         checks; <code>false</code> otherwise
173             */
174            public boolean isCheckGuest();
175    
176            /**
177             * @deprecated As of 6.1.0, renamed to {@link #isGroupAdmin(long)}
178             */
179            public boolean isCommunityAdmin(long groupId);
180    
181            /**
182             * @deprecated As of 6.1.0, renamed to {@link #isGroupOwner(long)}
183             */
184            public boolean isCommunityOwner(long groupId);
185    
186            /**
187             * Returns <code>true</code> if the user is an administrator of their
188             * company.
189             *
190             * @return <code>true</code> if the user is an administrator of their
191             *         company; <code>false</code> otherwise
192             */
193            public boolean isCompanyAdmin();
194    
195            /**
196             * Returns <code>true</code> if the user is an administrator of the company.
197             *
198             * @param  companyId the primary key of the company
199             * @return <code>true</code> if the user is an administrator of the company;
200             *         <code>false</code> otherwise
201             */
202            public boolean isCompanyAdmin(long companyId);
203    
204            /**
205             * Returns <code>true</code> if the user is a content reviewer or has
206             * sufficient permissions to review content (i.e. the user is a company or
207             * group administrator).
208             *
209             * @param  companyId the primary key of the company
210             * @param  groupId the primary key of the group
211             * @return <code>true</code> if the user is a reviewer or has sufficient
212             *         permissions to review content; <code>false</code> otherwise
213             */
214            public boolean isContentReviewer(long companyId, long groupId);
215    
216            /**
217             * Returns <code>true</code> if the user is an administrator of the group.
218             *
219             * @param  groupId the primary key of the group
220             * @return <code>true</code> if the user is an administrator of the group;
221             *         <code>false</code> otherwise
222             */
223            public boolean isGroupAdmin(long groupId);
224    
225            /**
226             * Returns <code>true</code> if the user is a member of the group.
227             *
228             * @param  groupId the primary key of the group
229             * @return <code>true</code> if the user is a member of the group;
230             *         <code>false</code> otherwise
231             */
232            public boolean isGroupMember(long groupId);
233    
234            /**
235             * Returns <code>true</code> if the user is the owner of the group.
236             *
237             * @param  groupId the primary key of the group
238             * @return <code>true</code> if the user is the owner of the group;
239             *         <code>false</code> otherwise
240             */
241            public boolean isGroupOwner(long groupId);
242    
243            /**
244             * Returns <code>true</code> if the user is a universal administrator.
245             *
246             * @return <code>true</code> if the user is a universal administrator;
247             *         <code>false</code> otherwise
248             * @see    com.liferay.portlet.admin.util.OmniadminUtil
249             */
250            public boolean isOmniadmin();
251    
252            /**
253             * Returns <code>true</code> if the user is an administrator of the
254             * organization.
255             *
256             * @param  organizationId the primary key of the organization
257             * @return <code>true</code> if the user is an administrator of the
258             *         organization; <code>false</code> otherwise
259             */
260            public boolean isOrganizationAdmin(long organizationId);
261    
262            /**
263             * Returns <code>true</code> if the user is an owner of the organization.
264             *
265             * @param  organizationId the primary key of the organization
266             * @return <code>true</code> if the user is an owner of the organization;
267             *         <code>false</code> otherwise
268             */
269            public boolean isOrganizationOwner(long organizationId);
270    
271            /**
272             * Returns <code>true</code> if the user is signed in.
273             *
274             * @return <code>true</code> if the user is signed in; <code>false</code>
275             *         otherwise
276             */
277            public boolean isSignedIn();
278    
279            /**
280             * @deprecated As of 6.2.0, does nothing
281             */
282            public void resetValues();
283    
284            /**
285             * @deprecated As of 6.2.0, does nothing
286             */
287            public void setValues(PortletRequest portletRequest);
288    
289    }