--- /dev/null
+/**\r
+ * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.\r
+ *\r
+ * This library is free software; you can redistribute it and/or modify it under\r
+ * the terms of the GNU Lesser General Public License as published by the Free\r
+ * Software Foundation; either version 2.1 of the License, or (at your option)\r
+ * any later version.\r
+ *\r
+ * This library is distributed in the hope that it will be useful, but WITHOUT\r
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS\r
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more\r
+ * details.\r
+ */\r
+\r
+package com.liferay.portal.search;\r
+\r
+import com.liferay.portal.NoSuchResourceException;\r
+import com.liferay.portal.kernel.exception.SystemException;\r
+import com.liferay.portal.kernel.log.Log;\r
+import com.liferay.portal.kernel.log.LogFactoryUtil;\r
+import com.liferay.portal.kernel.search.BooleanClauseOccur;\r
+import com.liferay.portal.kernel.search.BooleanQuery;\r
+import com.liferay.portal.kernel.search.BooleanQueryFactoryUtil;\r
+import com.liferay.portal.kernel.search.Document;\r
+import com.liferay.portal.kernel.search.Field;\r
+import com.liferay.portal.kernel.search.Indexer;\r
+import com.liferay.portal.kernel.search.IndexerRegistryUtil;\r
+import com.liferay.portal.kernel.search.Query;\r
+import com.liferay.portal.kernel.search.SearchContext;\r
+import com.liferay.portal.kernel.search.SearchPermissionChecker;\r
+import com.liferay.portal.kernel.util.GetterUtil;\r
+import com.liferay.portal.kernel.util.StringPool;\r
+import com.liferay.portal.kernel.util.UniqueList;\r
+import com.liferay.portal.kernel.util.Validator;\r
+import com.liferay.portal.model.Group;\r
+import com.liferay.portal.model.GroupConstants;\r
+import com.liferay.portal.model.Permission;\r
+import com.liferay.portal.model.Resource;\r
+import com.liferay.portal.model.ResourceConstants;\r
+import com.liferay.portal.model.Role;\r
+import com.liferay.portal.model.RoleConstants;\r
+import com.liferay.portal.model.UserGroupRole;\r
+import com.liferay.portal.security.permission.ActionKeys;\r
+import com.liferay.portal.security.permission.AdvancedPermissionChecker;\r
+import com.liferay.portal.security.permission.PermissionChecker;\r
+import com.liferay.portal.security.permission.PermissionCheckerBag;\r
+import com.liferay.portal.security.permission.PermissionThreadLocal;\r
+import com.liferay.portal.security.permission.ResourceActionsUtil;\r
+import com.liferay.portal.service.GroupLocalServiceUtil;\r
+import com.liferay.portal.service.PermissionLocalServiceUtil;\r
+import com.liferay.portal.service.ResourceLocalServiceUtil;\r
+import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;\r
+import com.liferay.portal.service.RoleLocalServiceUtil;\r
+import com.liferay.portal.service.UserGroupRoleLocalServiceUtil;\r
+import com.liferay.portal.util.PropsValues;\r
+\r
+import java.util.ArrayList;\r
+import java.util.HashMap;\r
+import java.util.List;\r
+import java.util.Map;\r
+\r
+/**\r
+ * @author Allen Chiang\r
+ * @author Bruno Farache\r
+ * @author Raymond Augé\r
+ * @author Amos Fong\r
+ */\r
+public class SearchPermissionCheckerImpl implements SearchPermissionChecker {\r
+\r
+ public void addPermissionFields(long companyId, Document document) {\r
+ try {\r
+ long groupId = GetterUtil.getLong(document.get(Field.GROUP_ID));\r
+\r
+ String className = document.get(Field.ENTRY_CLASS_NAME);\r
+\r
+ if (Validator.isNull(className)) {\r
+ return;\r
+ }\r
+\r
+ String classPK = document.get(Field.ROOT_ENTRY_CLASS_PK);\r
+\r
+ if (Validator.isNull(classPK)) {\r
+ classPK = document.get(Field.ENTRY_CLASS_PK);\r
+ }\r
+\r
+ if (Validator.isNull(classPK)) {\r
+ return;\r
+ }\r
+\r
+ Indexer indexer = IndexerRegistryUtil.getIndexer(className);\r
+\r
+ if (!indexer.isPermissionAware()) {\r
+ return;\r
+ }\r
+\r
+ if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {\r
+ doAddPermissionFields_5(\r
+ companyId, groupId, className, classPK, document);\r
+ }\r
+ else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {\r
+ doAddPermissionFields_6(\r
+ companyId, groupId, className, classPK, document);\r
+ }\r
+ }\r
+ catch (NoSuchResourceException nsre) {\r
+ }\r
+ catch (Exception e) {\r
+ _log.error(e, e);\r
+ }\r
+ }\r
+\r
+ public Query getPermissionQuery(\r
+ long companyId, long[] groupIds, long userId, String className,\r
+ Query query, SearchContext searchContext) {\r
+\r
+ try {\r
+ query = doGetPermissionQuery(\r
+ companyId, groupIds, userId, className, query, searchContext);\r
+ }\r
+ catch (Exception e) {\r
+ _log.error(e, e);\r
+ }\r
+\r
+ return query;\r
+ }\r
+\r
+ public void updatePermissionFields(long resourceId) {\r
+ try {\r
+ if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {\r
+ doUpdatePermissionFields_5(resourceId);\r
+ }\r
+ }\r
+ catch (Exception e) {\r
+ _log.error(e, e);\r
+ }\r
+ }\r
+\r
+ public void updatePermissionFields(\r
+ String resourceName, String resourceClassPK) {\r
+\r
+ try {\r
+ if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {\r
+ doUpdatePermissionFields_6(resourceName, resourceClassPK);\r
+ }\r
+ }\r
+ catch (Exception e) {\r
+ _log.error(e, e);\r
+ }\r
+ }\r
+\r
+ protected void addRequiredMemberRole(\r
+ Group group, BooleanQuery permissionQuery)\r
+ throws Exception {\r
+\r
+ if (group.isOrganization()) {\r
+ Role organizationUserRole = RoleLocalServiceUtil.getRole(\r
+ group.getCompanyId(), RoleConstants.ORGANIZATION_USER);\r
+\r
+ permissionQuery.addTerm(\r
+ Field.GROUP_ROLE_ID,\r
+ group.getGroupId() + StringPool.DASH +\r
+ organizationUserRole.getRoleId());\r
+ }\r
+\r
+ if (group.isSite()) {\r
+ Role siteMemberRole = RoleLocalServiceUtil.getRole(\r
+ group.getCompanyId(), RoleConstants.SITE_MEMBER);\r
+\r
+ permissionQuery.addTerm(\r
+ Field.GROUP_ROLE_ID,\r
+ group.getGroupId() + StringPool.DASH +\r
+ siteMemberRole.getRoleId());\r
+ }\r
+ }\r
+\r
+ protected void doAddPermissionFields_5(\r
+ long companyId, long groupId, String className, String classPK,\r
+ Document document)\r
+ throws Exception {\r
+\r
+ Resource resource = ResourceLocalServiceUtil.getResource(\r
+ companyId, className, ResourceConstants.SCOPE_INDIVIDUAL, classPK);\r
+\r
+ Group group = null;\r
+\r
+ if (groupId > 0) {\r
+ group = GroupLocalServiceUtil.getGroup(groupId);\r
+ }\r
+\r
+ List<Role> roles = ResourceActionsUtil.getRoles(\r
+ companyId, group, className, null);\r
+\r
+ List<Long> roleIds = new ArrayList<Long>();\r
+ List<String> groupRoleIds = new ArrayList<String>();\r
+\r
+ for (Role role : roles) {\r
+ long roleId = role.getRoleId();\r
+\r
+ if (hasPermission(roleId, resource.getResourceId())) {\r
+ if ((role.getType() == RoleConstants.TYPE_ORGANIZATION) ||\r
+ (role.getType() == RoleConstants.TYPE_SITE)) {\r
+\r
+ groupRoleIds.add(groupId + StringPool.DASH + roleId);\r
+ }\r
+ else {\r
+ roleIds.add(roleId);\r
+ }\r
+ }\r
+ }\r
+\r
+ document.addKeyword(\r
+ Field.ROLE_ID, roleIds.toArray(new Long[roleIds.size()]));\r
+ document.addKeyword(\r
+ Field.GROUP_ROLE_ID,\r
+ groupRoleIds.toArray(new String[groupRoleIds.size()]));\r
+ }\r
+\r
+ protected void doAddPermissionFields_6(\r
+ long companyId, long groupId, String className, String classPK,\r
+ Document doc)\r
+ throws Exception {\r
+\r
+ Group group = null;\r
+\r
+ if (groupId > 0) {\r
+ group = GroupLocalServiceUtil.getGroup(groupId);\r
+ }\r
+\r
+ List<Role> roles = ResourceActionsUtil.getRoles(\r
+ companyId, group, className, null);\r
+\r
+ long[] roleIdsArray = new long[roles.size()];\r
+\r
+ for (int i = 0; i < roleIdsArray.length; i++) {\r
+ Role role = roles.get(i);\r
+\r
+ roleIdsArray[i] = role.getRoleId();\r
+ }\r
+\r
+ boolean[] hasResourcePermissions =\r
+ ResourcePermissionLocalServiceUtil.hasResourcePermissions(\r
+ companyId, className, ResourceConstants.SCOPE_INDIVIDUAL,\r
+ classPK, roleIdsArray, ActionKeys.VIEW);\r
+\r
+ List<Long> roleIds = new ArrayList<Long>();\r
+ List<String> groupRoleIds = new ArrayList<String>();\r
+\r
+ for (int i = 0; i < hasResourcePermissions.length; i++) {\r
+ if (!hasResourcePermissions[i]) {\r
+ continue;\r
+ }\r
+\r
+ Role role = roles.get(i);\r
+\r
+ if ((role.getType() == RoleConstants.TYPE_ORGANIZATION) ||\r
+ (role.getType() == RoleConstants.TYPE_SITE)) {\r
+\r
+ groupRoleIds.add(groupId + StringPool.DASH + role.getRoleId());\r
+ }\r
+ else {\r
+ roleIds.add(role.getRoleId());\r
+ }\r
+ }\r
+\r
+ doc.addKeyword(\r
+ Field.ROLE_ID, roleIds.toArray(new Long[roleIds.size()]));\r
+ doc.addKeyword(\r
+ Field.GROUP_ROLE_ID,\r
+ groupRoleIds.toArray(new String[groupRoleIds.size()]));\r
+ }\r
+\r
+ protected Query doGetPermissionQuery(\r
+ long companyId, long[] groupIds, long userId, String className,\r
+ Query query, SearchContext searchContext)\r
+ throws Exception {\r
+\r
+ if ((PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM != 5) &&\r
+ (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM != 6)) {\r
+\r
+ return query;\r
+ }\r
+\r
+ Indexer indexer = IndexerRegistryUtil.getIndexer(className);\r
+\r
+ if (!indexer.isPermissionAware()) {\r
+ return query;\r
+ }\r
+\r
+ PermissionChecker permissionChecker =\r
+ PermissionThreadLocal.getPermissionChecker();\r
+\r
+ AdvancedPermissionChecker advancedPermissionChecker = null;\r
+\r
+ if ((permissionChecker != null) &&\r
+ (permissionChecker instanceof AdvancedPermissionChecker)) {\r
+\r
+ advancedPermissionChecker =\r
+ (AdvancedPermissionChecker)permissionChecker;\r
+ }\r
+\r
+ if (advancedPermissionChecker == null) {\r
+ return query;\r
+ }\r
+\r
+ PermissionCheckerBag permissionCheckerBag = getPermissionCheckerBag(\r
+ advancedPermissionChecker, userId);\r
+\r
+ if (permissionCheckerBag == null) {\r
+ return query;\r
+ }\r
+\r
+ List<Group> groups = new UniqueList<Group>();\r
+ List<Role> roles = new UniqueList<Role>();\r
+ List<UserGroupRole> userGroupRoles = new UniqueList<UserGroupRole>();\r
+ Map<Long, List<Role>> groupIdsToRoles = new HashMap<Long, List<Role>>();\r
+\r
+ roles.addAll(permissionCheckerBag.getRoles());\r
+\r
+ if ((groupIds == null) || (groupIds.length == 0)) {\r
+ groups.addAll(GroupLocalServiceUtil.getUserGroups(userId, true));\r
+ groups.addAll(permissionCheckerBag.getGroups());\r
+\r
+ userGroupRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(\r
+ userId);\r
+ }\r
+ else {\r
+ groups.addAll(permissionCheckerBag.getGroups());\r
+\r
+ for (long groupId : groupIds) {\r
+ if (GroupLocalServiceUtil.hasUserGroup(userId, groupId)) {\r
+ Group group = GroupLocalServiceUtil.getGroup(groupId);\r
+\r
+ groups.add(group);\r
+ }\r
+\r
+ userGroupRoles.addAll(\r
+ UserGroupRoleLocalServiceUtil.getUserGroupRoles(\r
+ userId, groupId));\r
+ userGroupRoles.addAll(\r
+ UserGroupRoleLocalServiceUtil.\r
+ getUserGroupRolesByUserUserGroupAndGroup(\r
+ userId, groupId));\r
+ }\r
+ }\r
+\r
+ if (advancedPermissionChecker.isSignedIn()) {\r
+ roles.add(\r
+ RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST));\r
+ }\r
+\r
+ for (Group group : groups) {\r
+ PermissionCheckerBag userBag = advancedPermissionChecker.getUserBag(\r
+ userId, group.getGroupId());\r
+\r
+ List<Role> groupRoles = userBag.getRoles();\r
+\r
+ groupIdsToRoles.put(group.getGroupId(), groupRoles);\r
+\r
+ roles.addAll(groupRoles);\r
+ }\r
+\r
+ if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {\r
+ return doGetPermissionQuery_5(\r
+ companyId, groupIds, userId, className, query, searchContext,\r
+ advancedPermissionChecker, groups, roles, userGroupRoles,\r
+ groupIdsToRoles);\r
+ }\r
+ else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {\r
+ return doGetPermissionQuery_6(\r
+ companyId, groupIds, userId, className, query, searchContext,\r
+ advancedPermissionChecker, groups, roles, userGroupRoles,\r
+ groupIdsToRoles);\r
+ }\r
+\r
+ return query;\r
+ }\r
+\r
+ protected Query doGetPermissionQuery_5(\r
+ long companyId, long[] groupIds, long userId, String className,\r
+ Query query, SearchContext searchContext,\r
+ AdvancedPermissionChecker advancedPermissionChecker,\r
+ List<Group> groups, List<Role> roles,\r
+ List<UserGroupRole> userGroupRoles,\r
+ Map<Long, List<Role>> groupIdsToRoles)\r
+ throws Exception {\r
+\r
+ long companyResourceId = 0;\r
+\r
+ try {\r
+ Resource companyResource = ResourceLocalServiceUtil.getResource(\r
+ companyId, className, ResourceConstants.SCOPE_COMPANY,\r
+ String.valueOf(companyId));\r
+\r
+ companyResourceId = companyResource.getResourceId();\r
+ }\r
+ catch (NoSuchResourceException nsre) {\r
+ }\r
+\r
+ long groupTemplateResourceId = 0;\r
+\r
+ try {\r
+ Resource groupTemplateResource =\r
+ ResourceLocalServiceUtil.getResource(\r
+ companyId, className,\r
+ ResourceConstants.SCOPE_GROUP_TEMPLATE,\r
+ String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID));\r
+\r
+ groupTemplateResourceId = groupTemplateResource.getResourceId();\r
+ }\r
+ catch (NoSuchResourceException nsre) {\r
+ }\r
+\r
+ BooleanQuery permissionQuery = BooleanQueryFactoryUtil.create(\r
+ searchContext);\r
+\r
+ if (userId > 0) {\r
+ permissionQuery.addTerm(Field.USER_ID, userId);\r
+ }\r
+\r
+ BooleanQuery groupsQuery = BooleanQueryFactoryUtil.create(\r
+ searchContext);\r
+ BooleanQuery rolesQuery = BooleanQueryFactoryUtil.create(searchContext);\r
+\r
+ for (Role role : roles) {\r
+ String roleName = role.getName();\r
+\r
+ if (roleName.equals(RoleConstants.ADMINISTRATOR)) {\r
+ return query;\r
+ }\r
+\r
+ if (hasPermission(role.getRoleId(), companyResourceId)) {\r
+ return query;\r
+ }\r
+\r
+ if (hasPermission(role.getRoleId(), groupTemplateResourceId)) {\r
+ return query;\r
+ }\r
+\r
+ for (Group group : groups) {\r
+ try {\r
+ Resource groupResource =\r
+ ResourceLocalServiceUtil.getResource(\r
+ companyId, className, ResourceConstants.SCOPE_GROUP,\r
+ String.valueOf(group.getGroupId()));\r
+\r
+ if (hasPermission(\r
+ role.getRoleId(), groupResource.getResourceId())) {\r
+\r
+ groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());\r
+ }\r
+ }\r
+ catch (NoSuchResourceException nsre) {\r
+ }\r
+\r
+ if ((role.getType() != RoleConstants.TYPE_REGULAR) &&\r
+ hasPermission(role.getRoleId(), groupTemplateResourceId)) {\r
+\r
+ List<Role> groupRoles = groupIdsToRoles.get(\r
+ group.getGroupId());\r
+\r
+ if (groupRoles.contains(role)) {\r
+ groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());\r
+ }\r
+ }\r
+ }\r
+\r
+ rolesQuery.addTerm(Field.ROLE_ID, role.getRoleId());\r
+ }\r
+\r
+ for (Group group : groups) {\r
+ addRequiredMemberRole(group, rolesQuery);\r
+ }\r
+\r
+ for (UserGroupRole userGroupRole : userGroupRoles) {\r
+ rolesQuery.addTerm(\r
+ Field.GROUP_ROLE_ID,\r
+ userGroupRole.getGroupId() + StringPool.DASH +\r
+ userGroupRole.getRoleId());\r
+ }\r
+\r
+ if (groupsQuery.hasClauses()) {\r
+ permissionQuery.add(groupsQuery, BooleanClauseOccur.SHOULD);\r
+ }\r
+\r
+ if (rolesQuery.hasClauses()) {\r
+ permissionQuery.add(rolesQuery, BooleanClauseOccur.SHOULD);\r
+ }\r
+\r
+ BooleanQuery fullQuery = BooleanQueryFactoryUtil.create(searchContext);\r
+\r
+ fullQuery.add(query, BooleanClauseOccur.MUST);\r
+ fullQuery.add(permissionQuery, BooleanClauseOccur.MUST);\r
+\r
+ return fullQuery;\r
+ }\r
+\r
+ protected Query doGetPermissionQuery_6(\r
+ long companyId, long[] groupIds, long userId, String className,\r
+ Query query, SearchContext searchContext,\r
+ AdvancedPermissionChecker advancedPermissionChecker,\r
+ List<Group> groups, List<Role> roles,\r
+ List<UserGroupRole> userGroupRoles,\r
+ Map<Long, List<Role>> groupIdsToRoles)\r
+ throws Exception {\r
+\r
+ BooleanQuery permissionQuery = BooleanQueryFactoryUtil.create(\r
+ searchContext);\r
+\r
+ if (userId > 0) {\r
+ permissionQuery.addTerm(Field.USER_ID, userId);\r
+ }\r
+\r
+ BooleanQuery groupsQuery = BooleanQueryFactoryUtil.create(\r
+ searchContext);\r
+ BooleanQuery rolesQuery = BooleanQueryFactoryUtil.create(searchContext);\r
+\r
+ for (Role role : roles) {\r
+ String roleName = role.getName();\r
+\r
+ if (roleName.equals(RoleConstants.ADMINISTRATOR)) {\r
+ return query;\r
+ }\r
+\r
+ if (ResourcePermissionLocalServiceUtil.hasResourcePermission(\r
+ companyId, className, ResourceConstants.SCOPE_COMPANY,\r
+ String.valueOf(companyId), role.getRoleId(),\r
+ ActionKeys.VIEW)) {\r
+\r
+ return query;\r
+ }\r
+\r
+ if ((role.getType() == RoleConstants.TYPE_REGULAR) &&\r
+ ResourcePermissionLocalServiceUtil.hasResourcePermission(\r
+ companyId, className,\r
+ ResourceConstants.SCOPE_GROUP_TEMPLATE,\r
+ String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),\r
+ role.getRoleId(), ActionKeys.VIEW)) {\r
+\r
+ return query;\r
+ }\r
+\r
+ for (Group group : groups) {\r
+ if (ResourcePermissionLocalServiceUtil.hasResourcePermission(\r
+ companyId, className, ResourceConstants.SCOPE_GROUP,\r
+ String.valueOf(group.getGroupId()), role.getRoleId(),\r
+ ActionKeys.VIEW)) {\r
+\r
+ groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());\r
+ }\r
+\r
+ if ((role.getType() != RoleConstants.TYPE_REGULAR) &&\r
+ ResourcePermissionLocalServiceUtil.hasResourcePermission(\r
+ companyId, className,\r
+ ResourceConstants.SCOPE_GROUP_TEMPLATE,\r
+ String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),\r
+ role.getRoleId(), ActionKeys.VIEW)) {\r
+\r
+ List<Role> groupRoles = groupIdsToRoles.get(\r
+ group.getGroupId());\r
+\r
+ if (groupRoles.contains(role)) {\r
+ groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());\r
+ }\r
+ }\r
+ }\r
+\r
+ rolesQuery.addTerm(Field.ROLE_ID, role.getRoleId());\r
+ }\r
+\r
+ for (Group group : groups) {\r
+ addRequiredMemberRole(group, rolesQuery);\r
+ }\r
+\r
+ for (UserGroupRole userGroupRole : userGroupRoles) {\r
+ rolesQuery.addTerm(\r
+ Field.GROUP_ROLE_ID,\r
+ userGroupRole.getGroupId() + StringPool.DASH +\r
+ userGroupRole.getRoleId());\r
+ }\r
+\r
+ if (groupsQuery.hasClauses()) {\r
+ permissionQuery.add(groupsQuery, BooleanClauseOccur.SHOULD);\r
+ }\r
+\r
+ if (rolesQuery.hasClauses()) {\r
+ permissionQuery.add(rolesQuery, BooleanClauseOccur.SHOULD);\r
+ }\r
+\r
+ BooleanQuery fullQuery = BooleanQueryFactoryUtil.create(searchContext);\r
+\r
+ fullQuery.add(query, BooleanClauseOccur.MUST);\r
+ fullQuery.add(permissionQuery, BooleanClauseOccur.MUST);\r
+\r
+ return fullQuery;\r
+ }\r
+\r
+ protected void doUpdatePermissionFields_5(long resourceId)\r
+ throws Exception {\r
+\r
+ Resource resource = ResourceLocalServiceUtil.getResource(resourceId);\r
+\r
+ Indexer indexer = IndexerRegistryUtil.getIndexer(resource.getName());\r
+\r
+ if (indexer != null) {\r
+ indexer.reindex(\r
+ resource.getName(), GetterUtil.getLong(resource.getPrimKey()));\r
+ }\r
+ }\r
+\r
+ protected void doUpdatePermissionFields_6(\r
+ String resourceName, String resourceClassPK)\r
+ throws Exception {\r
+\r
+ Indexer indexer = IndexerRegistryUtil.getIndexer(resourceName);\r
+\r
+ if (indexer != null) {\r
+ try {\r
+ indexer.reindex(resourceName, GetterUtil.getLong(resourceClassPK));\r
+ } catch (Error e) {\r
+ _log.error("Error when reindexing resource " + resourceName, e);\r
+ }\r
+ }\r
+ }\r
+\r
+ protected PermissionCheckerBag getPermissionCheckerBag(\r
+ AdvancedPermissionChecker advancedPermissionChecker, long userId)\r
+ throws Exception {\r
+\r
+ if (!advancedPermissionChecker.isSignedIn()) {\r
+ return advancedPermissionChecker.getGuestUserBag();\r
+ }\r
+ else {\r
+ return advancedPermissionChecker.getUserBag(userId, 0);\r
+ }\r
+ }\r
+\r
+ protected boolean hasPermission(long roleId, long resourceId)\r
+ throws SystemException {\r
+\r
+ if (resourceId == 0) {\r
+ return false;\r
+ }\r
+\r
+ List<Permission> permissions =\r
+ PermissionLocalServiceUtil.getRolePermissions(roleId, resourceId);\r
+\r
+ List<String> actions = ResourceActionsUtil.getActions(permissions);\r
+\r
+ if (actions.contains(ActionKeys.VIEW)) {\r
+ return true;\r
+ }\r
+ else {\r
+ return false;\r
+ }\r
+ }\r
+\r
+ private static Log _log = LogFactoryUtil.getLog(\r
+ SearchPermissionCheckerImpl.class);\r
+\r
+}
\ No newline at end of file