--- /dev/null
+/**\r
+ * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.\r
+ *\r
+ * This library is free software; you can redistribute it and/or modify it under\r
+ * the terms of the GNU Lesser General Public License as published by the Free\r
+ * Software Foundation; either version 2.1 of the License, or (at your option)\r
+ * any later version.\r
+ *\r
+ * This library is distributed in the hope that it will be useful, but WITHOUT\r
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS\r
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more\r
+ * details.\r
+ */\r
+\r
+package com.liferay.portal.service.impl;\r
+\r
+import com.liferay.portal.kernel.exception.PortalException;\r
+import com.liferay.portal.kernel.exception.SystemException;\r
+import com.liferay.portal.kernel.util.GetterUtil;\r
+import com.liferay.portal.model.AuditedModel;\r
+import com.liferay.portal.model.Group;\r
+import com.liferay.portal.model.GroupedModel;\r
+import com.liferay.portal.model.Layout;\r
+import com.liferay.portal.model.PermissionedModel;\r
+import com.liferay.portal.model.PortletConstants;\r
+import com.liferay.portal.model.Resource;\r
+import com.liferay.portal.model.ResourceConstants;\r
+import com.liferay.portal.model.ResourcePermission;\r
+import com.liferay.portal.model.Role;\r
+import com.liferay.portal.model.Team;\r
+import com.liferay.portal.model.User;\r
+import com.liferay.portal.security.auth.PrincipalException;\r
+import com.liferay.portal.security.permission.ActionKeys;\r
+import com.liferay.portal.security.permission.PermissionChecker;\r
+import com.liferay.portal.security.permission.PermissionCheckerBag;\r
+import com.liferay.portal.security.permission.ResourceActionsUtil;\r
+import com.liferay.portal.service.base.PermissionServiceBaseImpl;\r
+import com.liferay.portal.service.permission.GroupPermissionUtil;\r
+import com.liferay.portal.service.permission.LayoutPermissionUtil;\r
+import com.liferay.portal.service.permission.PortletPermissionUtil;\r
+import com.liferay.portal.service.permission.TeamPermissionUtil;\r
+import com.liferay.portal.service.permission.UserPermissionUtil;\r
+import com.liferay.portlet.blogs.model.BlogsEntry;\r
+import com.liferay.portlet.blogs.service.permission.BlogsEntryPermission;\r
+import com.liferay.portlet.bookmarks.model.BookmarksEntry;\r
+import com.liferay.portlet.bookmarks.model.BookmarksFolder;\r
+import com.liferay.portlet.bookmarks.service.permission.BookmarksEntryPermission;\r
+import com.liferay.portlet.bookmarks.service.permission.BookmarksFolderPermission;\r
+import com.liferay.portlet.calendar.model.CalEvent;\r
+import com.liferay.portlet.calendar.service.permission.CalEventPermission;\r
+import com.liferay.portlet.documentlibrary.model.DLFileEntry;\r
+import com.liferay.portlet.documentlibrary.model.DLFolder;\r
+import com.liferay.portlet.documentlibrary.service.DLFileEntryLocalServiceUtil;\r
+import com.liferay.portlet.documentlibrary.service.permission.DLFileEntryPermission;\r
+import com.liferay.portlet.documentlibrary.service.permission.DLFolderPermission;\r
+import com.liferay.portlet.journal.model.JournalArticle;\r
+import com.liferay.portlet.journal.model.JournalFeed;\r
+import com.liferay.portlet.journal.model.JournalStructure;\r
+import com.liferay.portlet.journal.model.JournalTemplate;\r
+import com.liferay.portlet.journal.service.permission.JournalArticlePermission;\r
+import com.liferay.portlet.journal.service.permission.JournalFeedPermission;\r
+import com.liferay.portlet.journal.service.permission.JournalStructurePermission;\r
+import com.liferay.portlet.journal.service.permission.JournalTemplatePermission;\r
+import com.liferay.portlet.messageboards.model.MBCategory;\r
+import com.liferay.portlet.messageboards.model.MBMessage;\r
+import com.liferay.portlet.messageboards.service.permission.MBCategoryPermission;\r
+import com.liferay.portlet.messageboards.service.permission.MBMessagePermission;\r
+import com.liferay.portlet.polls.model.PollsQuestion;\r
+import com.liferay.portlet.polls.service.permission.PollsQuestionPermission;\r
+import com.liferay.portlet.shopping.model.ShoppingCategory;\r
+import com.liferay.portlet.shopping.model.ShoppingItem;\r
+import com.liferay.portlet.shopping.service.permission.ShoppingCategoryPermission;\r
+import com.liferay.portlet.shopping.service.permission.ShoppingItemPermission;\r
+import com.liferay.portlet.softwarecatalog.model.SCFrameworkVersion;\r
+import com.liferay.portlet.softwarecatalog.model.SCProductEntry;\r
+import com.liferay.portlet.softwarecatalog.service.permission.SCFrameworkVersionPermission;\r
+import com.liferay.portlet.softwarecatalog.service.permission.SCProductEntryPermission;\r
+import com.liferay.portlet.wiki.model.WikiNode;\r
+import com.liferay.portlet.wiki.model.WikiPage;\r
+import com.liferay.portlet.wiki.service.permission.WikiNodePermission;\r
+import com.liferay.portlet.wiki.service.permission.WikiPagePermission;\r
+\r
+import java.util.List;\r
+import java.util.Map;\r
+\r
+/**\r
+ * The implementation of the permission remote service.\r
+ *\r
+ * @author Brian Wing Shun Chan\r
+ * @author Raymond Augé\r
+ */\r
+public class PermissionServiceImpl extends PermissionServiceBaseImpl {\r
+\r
+ /**\r
+ * Checks to see if the group has permission to the resource.\r
+ *\r
+ * @param groupId the primary key of the group\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if the group did not have permission to the\r
+ * resource, or if a group or resource with the primary key could\r
+ * not be found or was invalid\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void checkPermission(long groupId, long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Checks to see if the group has permission to the service.\r
+ *\r
+ * @param groupId the primary key of the group\r
+ * @param name the service name\r
+ * @param primKey the primary key of the service\r
+ * @throws PortalException if the group did not have permission to the\r
+ * service, if a group with the primary key could not be found or if\r
+ * the permission information was invalid\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void checkPermission(long groupId, String name, long primKey)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, name, primKey);\r
+ }\r
+\r
+ /**\r
+ * Checks to see if the group has permission to the service.\r
+ *\r
+ * @param groupId the primary key of the group\r
+ * @param name the service name\r
+ * @param primKey the primary key of the service\r
+ * @throws PortalException if the group did not have permission to the\r
+ * service, if a group with the primary key could not be found or if\r
+ * the permission information was invalid\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void checkPermission(long groupId, String name, String primKey)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, name, primKey);\r
+ }\r
+\r
+ /**\r
+ * Returns <code>true</code> if the group has permission to perform the\r
+ * action on the resource.\r
+ *\r
+ * @param groupId the primary key of the group\r
+ * @param actionId the action's ID\r
+ * @param resourceId the primary key of the resource\r
+ * @return <code>true</code> if the group has permission to perform the\r
+ * action on the resource; <code>false</code> otherwise\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public boolean hasGroupPermission(\r
+ long groupId, String actionId, long resourceId)\r
+ throws SystemException {\r
+\r
+ return permissionLocalService.hasGroupPermission(\r
+ groupId, actionId, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Returns <code>true</code> if the user has permission to perform the\r
+ * action on the resource.\r
+ *\r
+ * @param userId the primary key of the user\r
+ * @param actionId the action's ID\r
+ * @param resourceId the primary key of the resource\r
+ * @return <code>true</code> if the user has permission to perform the\r
+ * action on the resource; <code>false</code> otherwise\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public boolean hasUserPermission(\r
+ long userId, String actionId, long resourceId)\r
+ throws SystemException {\r
+\r
+ return permissionLocalService.hasUserPermission(\r
+ userId, actionId, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Returns <code>true</code> if the user has permission to perform the\r
+ * action on the resources.\r
+ *\r
+ * <p>\r
+ * This method does not support resources managed by the resource block\r
+ * system.\r
+ * </p>\r
+ *\r
+ * @param userId the primary key of the user\r
+ * @param groupId the primary key of the group containing the resource\r
+ * @param resources representations of the resource at each scope level\r
+ * returned by {@link\r
+ * com.liferay.portal.security.permission.AdvancedPermissionChecker#getResources(\r
+ * long, long, String, String, String)}\r
+ * @param actionId the action's ID\r
+ * @param permissionCheckerBag the permission checker bag\r
+ * @return <code>true</code> if the user has permission to perform the\r
+ * action on the resources; <code>false</code> otherwise\r
+ * @throws PortalException if a resource action based on any one of the\r
+ * resources and the action ID could not be found\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public boolean hasUserPermissions(\r
+ long userId, long groupId, List<Resource> resources,\r
+ String actionId, PermissionCheckerBag permissionCheckerBag)\r
+ throws PortalException, SystemException {\r
+\r
+ return permissionLocalService.hasUserPermissions(\r
+ userId, groupId, resources, actionId, permissionCheckerBag);\r
+ }\r
+\r
+ /**\r
+ * Sets the group's permissions to perform the actions on the resource,\r
+ * replacing the group's existing permissions on the resource.\r
+ *\r
+ * @param groupId the primary key of the group\r
+ * @param actionIds the primary keys of the actions\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if a group with the primary key could not be\r
+ * found or if the group did not have permission to the resource\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void setGroupPermissions(\r
+ long groupId, String[] actionIds, long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+\r
+ permissionLocalService.setGroupPermissions(\r
+ groupId, actionIds, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Sets the entity's group permissions to perform the actions on the\r
+ * resource, replacing the entity's existing group permissions on the\r
+ * resource. Only {@link com.liferay.portal.model.Organization} and {@link\r
+ * com.liferay.portal.model.UserGroup} class entities are supported.\r
+ *\r
+ * @param className the class name of an organization or user group\r
+ * @param classPK the primary key of the class\r
+ * @param groupId the primary key of the group\r
+ * @param actionIds the primary keys of the actions\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if the group did not have permission to the\r
+ * resource, if an entity with the class name and primary key could\r
+ * not be found, or if the entity's associated group could not be\r
+ * found\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void setGroupPermissions(\r
+ String className, String classPK, long groupId, String[] actionIds,\r
+ long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+\r
+ permissionLocalService.setGroupPermissions(\r
+ className, classPK, groupId, actionIds, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Sets the permissions of each role to perform respective actions on the\r
+ * resource, replacing the existing permissions of each role on the\r
+ * resource.\r
+ *\r
+ * @param groupId the primary key of the group\r
+ * @param companyId the primary key of the company\r
+ * @param roleIdsToActionIds the map of roles to their new actions on the\r
+ * resource\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if the group did not have permission to the\r
+ * resource\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void setIndividualPermissions(\r
+ long groupId, long companyId,\r
+ Map<Long, String[]> roleIdsToActionIds, long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+\r
+ permissionLocalService.setRolesPermissions(\r
+ companyId, roleIdsToActionIds, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Sets the organization permission to perform the actions on the resource\r
+ * for a particular group, replacing the organization's existing permissions\r
+ * on the resource.\r
+ *\r
+ * @param organizationId the primary key of the organization\r
+ * @param groupId the primary key of the group in which to scope the\r
+ * permissions\r
+ * @param actionIds the primary keys of the actions\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if the group did not have permission to the\r
+ * resource or if an organization with the primary key could not be\r
+ * found\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void setOrgGroupPermissions(\r
+ long organizationId, long groupId, String[] actionIds,\r
+ long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+\r
+ permissionLocalService.setOrgGroupPermissions(\r
+ organizationId, groupId, actionIds, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Sets the role's permissions to perform the action on the named resource,\r
+ * replacing the role's existing permissions on the resource.\r
+ *\r
+ * @param roleId the primary key of the role\r
+ * @param groupId the primary key of the group\r
+ * @param name the resource name\r
+ * @param scope the resource scope\r
+ * @param primKey the resource primKey\r
+ * @param actionId the action's ID\r
+ * @throws PortalException if the group did not have permission to the role\r
+ * or if the scope was {@link\r
+ * com.liferay.portal.model.ResourceConstants#SCOPE_INDIVIDUAL}\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void setRolePermission(\r
+ long roleId, long groupId, String name, int scope, String primKey,\r
+ String actionId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(\r
+ getPermissionChecker(), groupId, Role.class.getName(), roleId);\r
+\r
+ User user = getUser();\r
+\r
+ permissionLocalService.setRolePermission(\r
+ roleId, user.getCompanyId(), name, scope, primKey, actionId);\r
+ }\r
+\r
+ /**\r
+ * Sets the role's permissions to perform the actions on the resource,\r
+ * replacing the role's existing permissions on the resource.\r
+ *\r
+ * @param roleId the primary key of the role\r
+ * @param groupId the primary key of the group\r
+ * @param actionIds the primary keys of the actions\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if the group did not have permission to the\r
+ * resource or if a role with the primary key could not be found\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void setRolePermissions(\r
+ long roleId, long groupId, String[] actionIds, long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+\r
+ permissionLocalService.setRolePermissions(\r
+ roleId, actionIds, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Sets the user's permissions to perform the actions on the resource,\r
+ * replacing the user's existing permissions on the resource.\r
+ *\r
+ * @param userId the primary key of the user\r
+ * @param groupId the primary key of the group\r
+ * @param actionIds the primary keys of the actions\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if the group did not have permission to the\r
+ * resource or if a user with the primary key could not be found\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void setUserPermissions(\r
+ long userId, long groupId, String[] actionIds, long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+\r
+ permissionLocalService.setUserPermissions(\r
+ userId, actionIds, resourceId);\r
+ }\r
+\r
+ /**\r
+ * Removes the permission from the role.\r
+ *\r
+ * @param roleId the primary key of the role\r
+ * @param groupId the primary key of the group\r
+ * @param permissionId the primary key of the permission\r
+ * @throws PortalException if the group did not have permission to the role\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void unsetRolePermission(\r
+ long roleId, long groupId, long permissionId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(\r
+ getPermissionChecker(), groupId, Role.class.getName(), roleId);\r
+\r
+ permissionLocalService.unsetRolePermission(roleId, permissionId);\r
+ }\r
+\r
+ /**\r
+ * Removes the role's permissions to perform the action on the named\r
+ * resource with the scope and primKey.\r
+ *\r
+ * @param roleId the primary key of the role\r
+ * @param groupId the primary key of the group\r
+ * @param name the resource name\r
+ * @param scope the resource scope\r
+ * @param primKey the resource primKey\r
+ * @param actionId the action's ID\r
+ * @throws PortalException if the group did not have permission to the role\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void unsetRolePermission(\r
+ long roleId, long groupId, String name, int scope, String primKey,\r
+ String actionId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(\r
+ getPermissionChecker(), groupId, Role.class.getName(), roleId);\r
+\r
+ User user = getUser();\r
+\r
+ permissionLocalService.unsetRolePermission(\r
+ roleId, user.getCompanyId(), name, scope, primKey, actionId);\r
+ }\r
+\r
+ /**\r
+ * Removes the role's permissions to perform the action on the named\r
+ * resource.\r
+ *\r
+ * @param roleId the primary key of the role\r
+ * @param groupId the primary key of the group\r
+ * @param name the resource name\r
+ * @param scope the resource scope\r
+ * @param actionId the action's ID\r
+ * @throws PortalException if the group did not have permission to the role\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void unsetRolePermissions(\r
+ long roleId, long groupId, String name, int scope, String actionId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(\r
+ getPermissionChecker(), groupId, Role.class.getName(), roleId);\r
+\r
+ User user = getUser();\r
+\r
+ permissionLocalService.unsetRolePermissions(\r
+ roleId, user.getCompanyId(), name, scope, actionId);\r
+ }\r
+\r
+ /**\r
+ * Removes the user's permissions to perform the actions on the resource.\r
+ *\r
+ * @param userId the primary key of the user\r
+ * @param groupId the primary key of the group\r
+ * @param actionIds the primary keys of the actions\r
+ * @param resourceId the primary key of the resource\r
+ * @throws PortalException if the group did not have permission to the\r
+ * resource\r
+ * @throws SystemException if a system exception occurred\r
+ */\r
+ public void unsetUserPermissions(\r
+ long userId, long groupId, String[] actionIds, long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(getPermissionChecker(), groupId, resourceId);\r
+\r
+ permissionLocalService.unsetUserPermissions(\r
+ userId, actionIds, resourceId);\r
+ }\r
+\r
+ protected void checkPermission(\r
+ PermissionChecker permissionChecker, long groupId, long resourceId)\r
+ throws PortalException, SystemException {\r
+\r
+ Resource resource = resourcePersistence.findByPrimaryKey(resourceId);\r
+\r
+ checkPermission(\r
+ permissionChecker, groupId, resource.getName(),\r
+ resource.getPrimKey().toString());\r
+ }\r
+\r
+ protected void checkPermission(\r
+ PermissionChecker permissionChecker, long groupId, String name,\r
+ long primKey)\r
+ throws PortalException, SystemException {\r
+\r
+ checkPermission(\r
+ permissionChecker, groupId, name, String.valueOf(primKey));\r
+ }\r
+\r
+ protected void checkPermission(\r
+ PermissionChecker permissionChecker, long groupId, String name,\r
+ String primKey)\r
+ throws PortalException, SystemException {\r
+\r
+ if (name.equals(BlogsEntry.class.getName())) {\r
+ BlogsEntryPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(BookmarksEntry.class.getName())) {\r
+ BookmarksEntryPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(BookmarksFolder.class.getName())) {\r
+ BookmarksFolderPermission.check(\r
+ permissionChecker, groupId, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(CalEvent.class.getName())) {\r
+ CalEventPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(DLFileEntry.class.getName())) {\r
+ DLFileEntryPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(DLFolder.class.getName())) {\r
+ DLFolderPermission.check(\r
+ permissionChecker, groupId, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(DLFileEntry.class.getName())) {\r
+ DLFileEntry fileEntry = DLFileEntryLocalServiceUtil.getDLFileEntry(GetterUtil.getLong(primKey));\r
+ DLFileEntryPermission.check(permissionChecker, fileEntry, ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(Group.class.getName())) {\r
+ GroupPermissionUtil.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(JournalArticle.class.getName())) {\r
+ JournalArticlePermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(JournalFeed.class.getName())) {\r
+ JournalFeedPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(JournalStructure.class.getName())) {\r
+ JournalStructurePermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(JournalTemplate.class.getName())) {\r
+ JournalTemplatePermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(Layout.class.getName())) {\r
+ LayoutPermissionUtil.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(MBCategory.class.getName())) {\r
+ MBCategoryPermission.check(\r
+ permissionChecker, groupId, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(MBMessage.class.getName())) {\r
+ MBMessagePermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(PollsQuestion.class.getName())) {\r
+ PollsQuestionPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(SCFrameworkVersion.class.getName())) {\r
+ SCFrameworkVersionPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(SCProductEntry.class.getName())) {\r
+ SCProductEntryPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(ShoppingCategory.class.getName())) {\r
+ ShoppingCategoryPermission.check(\r
+ permissionChecker, groupId, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(ShoppingItem.class.getName())) {\r
+ ShoppingItemPermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(Team.class.getName())) {\r
+ long teamId = GetterUtil.getLong(primKey);\r
+\r
+ Team team = teamPersistence.findByPrimaryKey(teamId);\r
+\r
+ GroupPermissionUtil.check(\r
+ permissionChecker, team.getGroupId(), ActionKeys.MANAGE_TEAMS);\r
+ }\r
+ else if (name.equals(User.class.getName())) {\r
+ long userId = GetterUtil.getLong(primKey);\r
+\r
+ User user = userPersistence.findByPrimaryKey(userId);\r
+\r
+ UserPermissionUtil.check(\r
+ permissionChecker, userId, user.getOrganizationIds(),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(WikiNode.class.getName())) {\r
+ WikiNodePermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if (name.equals(WikiPage.class.getName())) {\r
+ WikiPagePermission.check(\r
+ permissionChecker, GetterUtil.getLong(primKey),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else if ((primKey != null) &&\r
+ (primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR) != -1)) {\r
+\r
+ int pos = primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);\r
+\r
+ long plid = GetterUtil.getLong(primKey.substring(0, pos));\r
+\r
+ String portletId = primKey.substring(\r
+ pos + PortletConstants.LAYOUT_SEPARATOR.length());\r
+\r
+ PortletPermissionUtil.check(\r
+ permissionChecker, plid, portletId, ActionKeys.CONFIGURATION);\r
+ }\r
+ else if (!permissionChecker.hasPermission(\r
+ groupId, name, primKey, ActionKeys.PERMISSIONS)) {\r
+\r
+ long ownerId = 0;\r
+\r
+ if (resourceBlockLocalService.isSupported(name)) {\r
+ PermissionedModel permissionedModel =\r
+ resourceBlockLocalService.getPermissionedModel(\r
+ name, GetterUtil.getLong(primKey));\r
+\r
+ if (permissionedModel instanceof GroupedModel) {\r
+ GroupedModel groupedModel = (GroupedModel)permissionedModel;\r
+\r
+ ownerId = groupedModel.getUserId();\r
+ }\r
+ else if (permissionedModel instanceof AuditedModel) {\r
+ AuditedModel auditedModel = (AuditedModel)permissionedModel;\r
+\r
+ ownerId = auditedModel.getUserId();\r
+ }\r
+ }\r
+ else {\r
+ ResourcePermission resourcePermission =\r
+ resourcePermissionLocalService.getResourcePermission(\r
+ permissionChecker.getCompanyId(), name,\r
+ ResourceConstants.SCOPE_INDIVIDUAL, primKey,\r
+ permissionChecker.getOwnerRoleId());\r
+\r
+ ownerId = resourcePermission.getOwnerId();\r
+ }\r
+\r
+ if (permissionChecker.hasOwnerPermission(\r
+ permissionChecker.getCompanyId(), name, primKey, ownerId,\r
+ ActionKeys.PERMISSIONS)) {\r
+\r
+ return;\r
+ }\r
+\r
+ Role role = null;\r
+\r
+ if (name.equals(Role.class.getName())) {\r
+ long roleId = GetterUtil.getLong(primKey);\r
+\r
+ role = rolePersistence.findByPrimaryKey(roleId);\r
+ }\r
+\r
+ if ((role != null) && role.isTeam()) {\r
+ Team team = teamPersistence.findByPrimaryKey(role.getClassPK());\r
+\r
+ TeamPermissionUtil.check(\r
+ permissionChecker, team.getTeamId(),\r
+ ActionKeys.PERMISSIONS);\r
+ }\r
+ else {\r
+ List<String> resourceActions =\r
+ ResourceActionsUtil.getResourceActions(name);\r
+\r
+ if (!resourceActions.contains(ActionKeys.DEFINE_PERMISSIONS) ||\r
+ !permissionChecker.hasPermission(\r
+ groupId, name, primKey,\r
+ ActionKeys.DEFINE_PERMISSIONS)) {\r
+\r
+ throw new PrincipalException();\r
+ }\r
+ }\r
+ }\r
+ }\r
+\r
+}
\ No newline at end of file