2 * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
\r
4 * This library is free software; you can redistribute it and/or modify it under
\r
5 * the terms of the GNU Lesser General Public License as published by the Free
\r
6 * Software Foundation; either version 2.1 of the License, or (at your option)
\r
9 * This library is distributed in the hope that it will be useful, but WITHOUT
\r
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
\r
11 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
\r
15 package com.liferay.portal.service.impl;
\r
17 import com.liferay.portal.kernel.exception.PortalException;
\r
18 import com.liferay.portal.kernel.exception.SystemException;
\r
19 import com.liferay.portal.kernel.util.GetterUtil;
\r
20 import com.liferay.portal.model.AuditedModel;
\r
21 import com.liferay.portal.model.Group;
\r
22 import com.liferay.portal.model.GroupedModel;
\r
23 import com.liferay.portal.model.Layout;
\r
24 import com.liferay.portal.model.PermissionedModel;
\r
25 import com.liferay.portal.model.PortletConstants;
\r
26 import com.liferay.portal.model.Resource;
\r
27 import com.liferay.portal.model.ResourceConstants;
\r
28 import com.liferay.portal.model.ResourcePermission;
\r
29 import com.liferay.portal.model.Role;
\r
30 import com.liferay.portal.model.Team;
\r
31 import com.liferay.portal.model.User;
\r
32 import com.liferay.portal.security.auth.PrincipalException;
\r
33 import com.liferay.portal.security.permission.ActionKeys;
\r
34 import com.liferay.portal.security.permission.PermissionChecker;
\r
35 import com.liferay.portal.security.permission.PermissionCheckerBag;
\r
36 import com.liferay.portal.security.permission.ResourceActionsUtil;
\r
37 import com.liferay.portal.service.base.PermissionServiceBaseImpl;
\r
38 import com.liferay.portal.service.permission.GroupPermissionUtil;
\r
39 import com.liferay.portal.service.permission.LayoutPermissionUtil;
\r
40 import com.liferay.portal.service.permission.PortletPermissionUtil;
\r
41 import com.liferay.portal.service.permission.TeamPermissionUtil;
\r
42 import com.liferay.portal.service.permission.UserPermissionUtil;
\r
43 import com.liferay.portlet.blogs.model.BlogsEntry;
\r
44 import com.liferay.portlet.blogs.service.permission.BlogsEntryPermission;
\r
45 import com.liferay.portlet.bookmarks.model.BookmarksEntry;
\r
46 import com.liferay.portlet.bookmarks.model.BookmarksFolder;
\r
47 import com.liferay.portlet.bookmarks.service.permission.BookmarksEntryPermission;
\r
48 import com.liferay.portlet.bookmarks.service.permission.BookmarksFolderPermission;
\r
49 import com.liferay.portlet.calendar.model.CalEvent;
\r
50 import com.liferay.portlet.calendar.service.permission.CalEventPermission;
\r
51 import com.liferay.portlet.documentlibrary.model.DLFileEntry;
\r
52 import com.liferay.portlet.documentlibrary.model.DLFolder;
\r
53 import com.liferay.portlet.documentlibrary.service.DLFileEntryLocalServiceUtil;
\r
54 import com.liferay.portlet.documentlibrary.service.permission.DLFileEntryPermission;
\r
55 import com.liferay.portlet.documentlibrary.service.permission.DLFolderPermission;
\r
56 import com.liferay.portlet.journal.model.JournalArticle;
\r
57 import com.liferay.portlet.journal.model.JournalFeed;
\r
58 import com.liferay.portlet.journal.model.JournalStructure;
\r
59 import com.liferay.portlet.journal.model.JournalTemplate;
\r
60 import com.liferay.portlet.journal.service.permission.JournalArticlePermission;
\r
61 import com.liferay.portlet.journal.service.permission.JournalFeedPermission;
\r
62 import com.liferay.portlet.journal.service.permission.JournalStructurePermission;
\r
63 import com.liferay.portlet.journal.service.permission.JournalTemplatePermission;
\r
64 import com.liferay.portlet.messageboards.model.MBCategory;
\r
65 import com.liferay.portlet.messageboards.model.MBMessage;
\r
66 import com.liferay.portlet.messageboards.service.permission.MBCategoryPermission;
\r
67 import com.liferay.portlet.messageboards.service.permission.MBMessagePermission;
\r
68 import com.liferay.portlet.polls.model.PollsQuestion;
\r
69 import com.liferay.portlet.polls.service.permission.PollsQuestionPermission;
\r
70 import com.liferay.portlet.shopping.model.ShoppingCategory;
\r
71 import com.liferay.portlet.shopping.model.ShoppingItem;
\r
72 import com.liferay.portlet.shopping.service.permission.ShoppingCategoryPermission;
\r
73 import com.liferay.portlet.shopping.service.permission.ShoppingItemPermission;
\r
74 import com.liferay.portlet.softwarecatalog.model.SCFrameworkVersion;
\r
75 import com.liferay.portlet.softwarecatalog.model.SCProductEntry;
\r
76 import com.liferay.portlet.softwarecatalog.service.permission.SCFrameworkVersionPermission;
\r
77 import com.liferay.portlet.softwarecatalog.service.permission.SCProductEntryPermission;
\r
78 import com.liferay.portlet.wiki.model.WikiNode;
\r
79 import com.liferay.portlet.wiki.model.WikiPage;
\r
80 import com.liferay.portlet.wiki.service.permission.WikiNodePermission;
\r
81 import com.liferay.portlet.wiki.service.permission.WikiPagePermission;
\r
83 import java.util.List;
\r
84 import java.util.Map;
\r
87 * The implementation of the permission remote service.
\r
89 * @author Brian Wing Shun Chan
\r
90 * @author Raymond Augé
\r
92 public class PermissionServiceImpl extends PermissionServiceBaseImpl {
\r
95 * Checks to see if the group has permission to the resource.
\r
97 * @param groupId the primary key of the group
\r
98 * @param resourceId the primary key of the resource
\r
99 * @throws PortalException if the group did not have permission to the
\r
100 * resource, or if a group or resource with the primary key could
\r
101 * not be found or was invalid
\r
102 * @throws SystemException if a system exception occurred
\r
104 public void checkPermission(long groupId, long resourceId)
\r
105 throws PortalException, SystemException {
\r
107 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
111 * Checks to see if the group has permission to the service.
\r
113 * @param groupId the primary key of the group
\r
114 * @param name the service name
\r
115 * @param primKey the primary key of the service
\r
116 * @throws PortalException if the group did not have permission to the
\r
117 * service, if a group with the primary key could not be found or if
\r
118 * the permission information was invalid
\r
119 * @throws SystemException if a system exception occurred
\r
121 public void checkPermission(long groupId, String name, long primKey)
\r
122 throws PortalException, SystemException {
\r
124 checkPermission(getPermissionChecker(), groupId, name, primKey);
\r
128 * Checks to see if the group has permission to the service.
\r
130 * @param groupId the primary key of the group
\r
131 * @param name the service name
\r
132 * @param primKey the primary key of the service
\r
133 * @throws PortalException if the group did not have permission to the
\r
134 * service, if a group with the primary key could not be found or if
\r
135 * the permission information was invalid
\r
136 * @throws SystemException if a system exception occurred
\r
138 public void checkPermission(long groupId, String name, String primKey)
\r
139 throws PortalException, SystemException {
\r
141 checkPermission(getPermissionChecker(), groupId, name, primKey);
\r
145 * Returns <code>true</code> if the group has permission to perform the
\r
146 * action on the resource.
\r
148 * @param groupId the primary key of the group
\r
149 * @param actionId the action's ID
\r
150 * @param resourceId the primary key of the resource
\r
151 * @return <code>true</code> if the group has permission to perform the
\r
152 * action on the resource; <code>false</code> otherwise
\r
153 * @throws SystemException if a system exception occurred
\r
155 public boolean hasGroupPermission(
\r
156 long groupId, String actionId, long resourceId)
\r
157 throws SystemException {
\r
159 return permissionLocalService.hasGroupPermission(
\r
160 groupId, actionId, resourceId);
\r
164 * Returns <code>true</code> if the user has permission to perform the
\r
165 * action on the resource.
\r
167 * @param userId the primary key of the user
\r
168 * @param actionId the action's ID
\r
169 * @param resourceId the primary key of the resource
\r
170 * @return <code>true</code> if the user has permission to perform the
\r
171 * action on the resource; <code>false</code> otherwise
\r
172 * @throws SystemException if a system exception occurred
\r
174 public boolean hasUserPermission(
\r
175 long userId, String actionId, long resourceId)
\r
176 throws SystemException {
\r
178 return permissionLocalService.hasUserPermission(
\r
179 userId, actionId, resourceId);
\r
183 * Returns <code>true</code> if the user has permission to perform the
\r
184 * action on the resources.
\r
187 * This method does not support resources managed by the resource block
\r
191 * @param userId the primary key of the user
\r
192 * @param groupId the primary key of the group containing the resource
\r
193 * @param resources representations of the resource at each scope level
\r
194 * returned by {@link
\r
195 * com.liferay.portal.security.permission.AdvancedPermissionChecker#getResources(
\r
196 * long, long, String, String, String)}
\r
197 * @param actionId the action's ID
\r
198 * @param permissionCheckerBag the permission checker bag
\r
199 * @return <code>true</code> if the user has permission to perform the
\r
200 * action on the resources; <code>false</code> otherwise
\r
201 * @throws PortalException if a resource action based on any one of the
\r
202 * resources and the action ID could not be found
\r
203 * @throws SystemException if a system exception occurred
\r
205 public boolean hasUserPermissions(
\r
206 long userId, long groupId, List<Resource> resources,
\r
207 String actionId, PermissionCheckerBag permissionCheckerBag)
\r
208 throws PortalException, SystemException {
\r
210 return permissionLocalService.hasUserPermissions(
\r
211 userId, groupId, resources, actionId, permissionCheckerBag);
\r
215 * Sets the group's permissions to perform the actions on the resource,
\r
216 * replacing the group's existing permissions on the resource.
\r
218 * @param groupId the primary key of the group
\r
219 * @param actionIds the primary keys of the actions
\r
220 * @param resourceId the primary key of the resource
\r
221 * @throws PortalException if a group with the primary key could not be
\r
222 * found or if the group did not have permission to the resource
\r
223 * @throws SystemException if a system exception occurred
\r
225 public void setGroupPermissions(
\r
226 long groupId, String[] actionIds, long resourceId)
\r
227 throws PortalException, SystemException {
\r
229 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
231 permissionLocalService.setGroupPermissions(
\r
232 groupId, actionIds, resourceId);
\r
236 * Sets the entity's group permissions to perform the actions on the
\r
237 * resource, replacing the entity's existing group permissions on the
\r
238 * resource. Only {@link com.liferay.portal.model.Organization} and {@link
\r
239 * com.liferay.portal.model.UserGroup} class entities are supported.
\r
241 * @param className the class name of an organization or user group
\r
242 * @param classPK the primary key of the class
\r
243 * @param groupId the primary key of the group
\r
244 * @param actionIds the primary keys of the actions
\r
245 * @param resourceId the primary key of the resource
\r
246 * @throws PortalException if the group did not have permission to the
\r
247 * resource, if an entity with the class name and primary key could
\r
248 * not be found, or if the entity's associated group could not be
\r
250 * @throws SystemException if a system exception occurred
\r
252 public void setGroupPermissions(
\r
253 String className, String classPK, long groupId, String[] actionIds,
\r
255 throws PortalException, SystemException {
\r
257 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
259 permissionLocalService.setGroupPermissions(
\r
260 className, classPK, groupId, actionIds, resourceId);
\r
264 * Sets the permissions of each role to perform respective actions on the
\r
265 * resource, replacing the existing permissions of each role on the
\r
268 * @param groupId the primary key of the group
\r
269 * @param companyId the primary key of the company
\r
270 * @param roleIdsToActionIds the map of roles to their new actions on the
\r
272 * @param resourceId the primary key of the resource
\r
273 * @throws PortalException if the group did not have permission to the
\r
275 * @throws SystemException if a system exception occurred
\r
277 public void setIndividualPermissions(
\r
278 long groupId, long companyId,
\r
279 Map<Long, String[]> roleIdsToActionIds, long resourceId)
\r
280 throws PortalException, SystemException {
\r
282 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
284 permissionLocalService.setRolesPermissions(
\r
285 companyId, roleIdsToActionIds, resourceId);
\r
289 * Sets the organization permission to perform the actions on the resource
\r
290 * for a particular group, replacing the organization's existing permissions
\r
293 * @param organizationId the primary key of the organization
\r
294 * @param groupId the primary key of the group in which to scope the
\r
296 * @param actionIds the primary keys of the actions
\r
297 * @param resourceId the primary key of the resource
\r
298 * @throws PortalException if the group did not have permission to the
\r
299 * resource or if an organization with the primary key could not be
\r
301 * @throws SystemException if a system exception occurred
\r
303 public void setOrgGroupPermissions(
\r
304 long organizationId, long groupId, String[] actionIds,
\r
306 throws PortalException, SystemException {
\r
308 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
310 permissionLocalService.setOrgGroupPermissions(
\r
311 organizationId, groupId, actionIds, resourceId);
\r
315 * Sets the role's permissions to perform the action on the named resource,
\r
316 * replacing the role's existing permissions on the resource.
\r
318 * @param roleId the primary key of the role
\r
319 * @param groupId the primary key of the group
\r
320 * @param name the resource name
\r
321 * @param scope the resource scope
\r
322 * @param primKey the resource primKey
\r
323 * @param actionId the action's ID
\r
324 * @throws PortalException if the group did not have permission to the role
\r
325 * or if the scope was {@link
\r
326 * com.liferay.portal.model.ResourceConstants#SCOPE_INDIVIDUAL}
\r
327 * @throws SystemException if a system exception occurred
\r
329 public void setRolePermission(
\r
330 long roleId, long groupId, String name, int scope, String primKey,
\r
332 throws PortalException, SystemException {
\r
335 getPermissionChecker(), groupId, Role.class.getName(), roleId);
\r
337 User user = getUser();
\r
339 permissionLocalService.setRolePermission(
\r
340 roleId, user.getCompanyId(), name, scope, primKey, actionId);
\r
344 * Sets the role's permissions to perform the actions on the resource,
\r
345 * replacing the role's existing permissions on the resource.
\r
347 * @param roleId the primary key of the role
\r
348 * @param groupId the primary key of the group
\r
349 * @param actionIds the primary keys of the actions
\r
350 * @param resourceId the primary key of the resource
\r
351 * @throws PortalException if the group did not have permission to the
\r
352 * resource or if a role with the primary key could not be found
\r
353 * @throws SystemException if a system exception occurred
\r
355 public void setRolePermissions(
\r
356 long roleId, long groupId, String[] actionIds, long resourceId)
\r
357 throws PortalException, SystemException {
\r
359 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
361 permissionLocalService.setRolePermissions(
\r
362 roleId, actionIds, resourceId);
\r
366 * Sets the user's permissions to perform the actions on the resource,
\r
367 * replacing the user's existing permissions on the resource.
\r
369 * @param userId the primary key of the user
\r
370 * @param groupId the primary key of the group
\r
371 * @param actionIds the primary keys of the actions
\r
372 * @param resourceId the primary key of the resource
\r
373 * @throws PortalException if the group did not have permission to the
\r
374 * resource or if a user with the primary key could not be found
\r
375 * @throws SystemException if a system exception occurred
\r
377 public void setUserPermissions(
\r
378 long userId, long groupId, String[] actionIds, long resourceId)
\r
379 throws PortalException, SystemException {
\r
381 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
383 permissionLocalService.setUserPermissions(
\r
384 userId, actionIds, resourceId);
\r
388 * Removes the permission from the role.
\r
390 * @param roleId the primary key of the role
\r
391 * @param groupId the primary key of the group
\r
392 * @param permissionId the primary key of the permission
\r
393 * @throws PortalException if the group did not have permission to the role
\r
394 * @throws SystemException if a system exception occurred
\r
396 public void unsetRolePermission(
\r
397 long roleId, long groupId, long permissionId)
\r
398 throws PortalException, SystemException {
\r
401 getPermissionChecker(), groupId, Role.class.getName(), roleId);
\r
403 permissionLocalService.unsetRolePermission(roleId, permissionId);
\r
407 * Removes the role's permissions to perform the action on the named
\r
408 * resource with the scope and primKey.
\r
410 * @param roleId the primary key of the role
\r
411 * @param groupId the primary key of the group
\r
412 * @param name the resource name
\r
413 * @param scope the resource scope
\r
414 * @param primKey the resource primKey
\r
415 * @param actionId the action's ID
\r
416 * @throws PortalException if the group did not have permission to the role
\r
417 * @throws SystemException if a system exception occurred
\r
419 public void unsetRolePermission(
\r
420 long roleId, long groupId, String name, int scope, String primKey,
\r
422 throws PortalException, SystemException {
\r
425 getPermissionChecker(), groupId, Role.class.getName(), roleId);
\r
427 User user = getUser();
\r
429 permissionLocalService.unsetRolePermission(
\r
430 roleId, user.getCompanyId(), name, scope, primKey, actionId);
\r
434 * Removes the role's permissions to perform the action on the named
\r
437 * @param roleId the primary key of the role
\r
438 * @param groupId the primary key of the group
\r
439 * @param name the resource name
\r
440 * @param scope the resource scope
\r
441 * @param actionId the action's ID
\r
442 * @throws PortalException if the group did not have permission to the role
\r
443 * @throws SystemException if a system exception occurred
\r
445 public void unsetRolePermissions(
\r
446 long roleId, long groupId, String name, int scope, String actionId)
\r
447 throws PortalException, SystemException {
\r
450 getPermissionChecker(), groupId, Role.class.getName(), roleId);
\r
452 User user = getUser();
\r
454 permissionLocalService.unsetRolePermissions(
\r
455 roleId, user.getCompanyId(), name, scope, actionId);
\r
459 * Removes the user's permissions to perform the actions on the resource.
\r
461 * @param userId the primary key of the user
\r
462 * @param groupId the primary key of the group
\r
463 * @param actionIds the primary keys of the actions
\r
464 * @param resourceId the primary key of the resource
\r
465 * @throws PortalException if the group did not have permission to the
\r
467 * @throws SystemException if a system exception occurred
\r
469 public void unsetUserPermissions(
\r
470 long userId, long groupId, String[] actionIds, long resourceId)
\r
471 throws PortalException, SystemException {
\r
473 checkPermission(getPermissionChecker(), groupId, resourceId);
\r
475 permissionLocalService.unsetUserPermissions(
\r
476 userId, actionIds, resourceId);
\r
479 protected void checkPermission(
\r
480 PermissionChecker permissionChecker, long groupId, long resourceId)
\r
481 throws PortalException, SystemException {
\r
483 Resource resource = resourcePersistence.findByPrimaryKey(resourceId);
\r
486 permissionChecker, groupId, resource.getName(),
\r
487 resource.getPrimKey().toString());
\r
490 protected void checkPermission(
\r
491 PermissionChecker permissionChecker, long groupId, String name,
\r
493 throws PortalException, SystemException {
\r
496 permissionChecker, groupId, name, String.valueOf(primKey));
\r
499 protected void checkPermission(
\r
500 PermissionChecker permissionChecker, long groupId, String name,
\r
502 throws PortalException, SystemException {
\r
504 if (name.equals(BlogsEntry.class.getName())) {
\r
505 BlogsEntryPermission.check(
\r
506 permissionChecker, GetterUtil.getLong(primKey),
\r
507 ActionKeys.PERMISSIONS);
\r
509 else if (name.equals(BookmarksEntry.class.getName())) {
\r
510 BookmarksEntryPermission.check(
\r
511 permissionChecker, GetterUtil.getLong(primKey),
\r
512 ActionKeys.PERMISSIONS);
\r
514 else if (name.equals(BookmarksFolder.class.getName())) {
\r
515 BookmarksFolderPermission.check(
\r
516 permissionChecker, groupId, GetterUtil.getLong(primKey),
\r
517 ActionKeys.PERMISSIONS);
\r
519 else if (name.equals(CalEvent.class.getName())) {
\r
520 CalEventPermission.check(
\r
521 permissionChecker, GetterUtil.getLong(primKey),
\r
522 ActionKeys.PERMISSIONS);
\r
524 else if (name.equals(DLFileEntry.class.getName())) {
\r
525 DLFileEntryPermission.check(
\r
526 permissionChecker, GetterUtil.getLong(primKey),
\r
527 ActionKeys.PERMISSIONS);
\r
529 else if (name.equals(DLFolder.class.getName())) {
\r
530 DLFolderPermission.check(
\r
531 permissionChecker, groupId, GetterUtil.getLong(primKey),
\r
532 ActionKeys.PERMISSIONS);
\r
534 else if (name.equals(DLFileEntry.class.getName())) {
\r
535 DLFileEntry fileEntry = DLFileEntryLocalServiceUtil.getDLFileEntry(GetterUtil.getLong(primKey));
\r
536 DLFileEntryPermission.check(permissionChecker, fileEntry, ActionKeys.PERMISSIONS);
\r
538 else if (name.equals(Group.class.getName())) {
\r
539 GroupPermissionUtil.check(
\r
540 permissionChecker, GetterUtil.getLong(primKey),
\r
541 ActionKeys.PERMISSIONS);
\r
543 else if (name.equals(JournalArticle.class.getName())) {
\r
544 JournalArticlePermission.check(
\r
545 permissionChecker, GetterUtil.getLong(primKey),
\r
546 ActionKeys.PERMISSIONS);
\r
548 else if (name.equals(JournalFeed.class.getName())) {
\r
549 JournalFeedPermission.check(
\r
550 permissionChecker, GetterUtil.getLong(primKey),
\r
551 ActionKeys.PERMISSIONS);
\r
553 else if (name.equals(JournalStructure.class.getName())) {
\r
554 JournalStructurePermission.check(
\r
555 permissionChecker, GetterUtil.getLong(primKey),
\r
556 ActionKeys.PERMISSIONS);
\r
558 else if (name.equals(JournalTemplate.class.getName())) {
\r
559 JournalTemplatePermission.check(
\r
560 permissionChecker, GetterUtil.getLong(primKey),
\r
561 ActionKeys.PERMISSIONS);
\r
563 else if (name.equals(Layout.class.getName())) {
\r
564 LayoutPermissionUtil.check(
\r
565 permissionChecker, GetterUtil.getLong(primKey),
\r
566 ActionKeys.PERMISSIONS);
\r
568 else if (name.equals(MBCategory.class.getName())) {
\r
569 MBCategoryPermission.check(
\r
570 permissionChecker, groupId, GetterUtil.getLong(primKey),
\r
571 ActionKeys.PERMISSIONS);
\r
573 else if (name.equals(MBMessage.class.getName())) {
\r
574 MBMessagePermission.check(
\r
575 permissionChecker, GetterUtil.getLong(primKey),
\r
576 ActionKeys.PERMISSIONS);
\r
578 else if (name.equals(PollsQuestion.class.getName())) {
\r
579 PollsQuestionPermission.check(
\r
580 permissionChecker, GetterUtil.getLong(primKey),
\r
581 ActionKeys.PERMISSIONS);
\r
583 else if (name.equals(SCFrameworkVersion.class.getName())) {
\r
584 SCFrameworkVersionPermission.check(
\r
585 permissionChecker, GetterUtil.getLong(primKey),
\r
586 ActionKeys.PERMISSIONS);
\r
588 else if (name.equals(SCProductEntry.class.getName())) {
\r
589 SCProductEntryPermission.check(
\r
590 permissionChecker, GetterUtil.getLong(primKey),
\r
591 ActionKeys.PERMISSIONS);
\r
593 else if (name.equals(ShoppingCategory.class.getName())) {
\r
594 ShoppingCategoryPermission.check(
\r
595 permissionChecker, groupId, GetterUtil.getLong(primKey),
\r
596 ActionKeys.PERMISSIONS);
\r
598 else if (name.equals(ShoppingItem.class.getName())) {
\r
599 ShoppingItemPermission.check(
\r
600 permissionChecker, GetterUtil.getLong(primKey),
\r
601 ActionKeys.PERMISSIONS);
\r
603 else if (name.equals(Team.class.getName())) {
\r
604 long teamId = GetterUtil.getLong(primKey);
\r
606 Team team = teamPersistence.findByPrimaryKey(teamId);
\r
608 GroupPermissionUtil.check(
\r
609 permissionChecker, team.getGroupId(), ActionKeys.MANAGE_TEAMS);
\r
611 else if (name.equals(User.class.getName())) {
\r
612 long userId = GetterUtil.getLong(primKey);
\r
614 User user = userPersistence.findByPrimaryKey(userId);
\r
616 UserPermissionUtil.check(
\r
617 permissionChecker, userId, user.getOrganizationIds(),
\r
618 ActionKeys.PERMISSIONS);
\r
620 else if (name.equals(WikiNode.class.getName())) {
\r
621 WikiNodePermission.check(
\r
622 permissionChecker, GetterUtil.getLong(primKey),
\r
623 ActionKeys.PERMISSIONS);
\r
625 else if (name.equals(WikiPage.class.getName())) {
\r
626 WikiPagePermission.check(
\r
627 permissionChecker, GetterUtil.getLong(primKey),
\r
628 ActionKeys.PERMISSIONS);
\r
630 else if ((primKey != null) &&
\r
631 (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {
\r
633 int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
\r
635 long plid = GetterUtil.getLong(primKey.substring(0, pos));
\r
637 String portletId = primKey.substring(
\r
638 pos + PortletConstants.LAYOUT_SEPARATOR.length());
\r
640 PortletPermissionUtil.check(
\r
641 permissionChecker, plid, portletId, ActionKeys.CONFIGURATION);
\r
643 else if (!permissionChecker.hasPermission(
\r
644 groupId, name, primKey, ActionKeys.PERMISSIONS)) {
\r
648 if (resourceBlockLocalService.isSupported(name)) {
\r
649 PermissionedModel permissionedModel =
\r
650 resourceBlockLocalService.getPermissionedModel(
\r
651 name, GetterUtil.getLong(primKey));
\r
653 if (permissionedModel instanceof GroupedModel) {
\r
654 GroupedModel groupedModel = (GroupedModel)permissionedModel;
\r
656 ownerId = groupedModel.getUserId();
\r
658 else if (permissionedModel instanceof AuditedModel) {
\r
659 AuditedModel auditedModel = (AuditedModel)permissionedModel;
\r
661 ownerId = auditedModel.getUserId();
\r
665 ResourcePermission resourcePermission =
\r
666 resourcePermissionLocalService.getResourcePermission(
\r
667 permissionChecker.getCompanyId(), name,
\r
668 ResourceConstants.SCOPE_INDIVIDUAL, primKey,
\r
669 permissionChecker.getOwnerRoleId());
\r
671 ownerId = resourcePermission.getOwnerId();
\r
674 if (permissionChecker.hasOwnerPermission(
\r
675 permissionChecker.getCompanyId(), name, primKey, ownerId,
\r
676 ActionKeys.PERMISSIONS)) {
\r
683 if (name.equals(Role.class.getName())) {
\r
684 long roleId = GetterUtil.getLong(primKey);
\r
686 role = rolePersistence.findByPrimaryKey(roleId);
\r
689 if ((role != null) && role.isTeam()) {
\r
690 Team team = teamPersistence.findByPrimaryKey(role.getClassPK());
\r
692 TeamPermissionUtil.check(
\r
693 permissionChecker, team.getTeamId(),
\r
694 ActionKeys.PERMISSIONS);
\r
697 List<String> resourceActions =
\r
698 ResourceActionsUtil.getResourceActions(name);
\r
700 if (!resourceActions.contains(ActionKeys.DEFINE_PERMISSIONS) ||
\r
701 !permissionChecker.hasPermission(
\r
702 groupId, name, primKey,
\r
703 ActionKeys.DEFINE_PERMISSIONS)) {
\r
705 throw new PrincipalException();
\r