--- /dev/null
+/*******************************************************************************
+ * Copyright � Igor Barma, Alexandre Desoubeaux, Christian Martel, Eric Brun, Mathieu Amblard, Gwenael Gevet, Pierre Guillot, 2012
+ * Copyright Alexandre Desoubeaux, Christian Martel, Cedric Lecarpentier, Alexandre Lefevre, Marc Salvat 2014-2016
+ * Copyright Alexandre Desoubeaux, Christian Martel, Cedric Lecarpentier, Marc Salvat, Marc Suarez, Harifetra Ramamonjy 2017
+ *
+ * This file is part of the work and learning management system Pentila Nero.
+ *
+ * Pentila Nero is free software. You can redistribute it and/or modify since
+ * you respect the terms of either (at least one of the both license) :
+ * - under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ * - the CeCILL-C as published by CeCILL-C; either version 1 of the
+ * License, or any later version
+ * - the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the license,
+ * or (at your option) any later version.
+ *
+ * There are special exceptions to the terms and conditions of the
+ * licenses as they are applied to this software. View the full text of
+ * the exception in file LICENSE-PROJECT.txt in the directory of this software
+ * distribution.
+ *
+ * Pentila Nero is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * Licenses for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * and the CeCILL-C and the GNU Lesser General Public License along with
+ * Pentila Nero. If not, see :
+ * <http://www.gnu.org/licenses/> and
+ * <http://www.cecill.info/licences.fr.html>.
+ ******************************************************************************/
+package com.pentila.entSavoie.messageBoards;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import com.liferay.portal.kernel.exception.PortalException;
+import com.liferay.portal.kernel.exception.SystemException;
+import com.liferay.portal.model.Group;
+import com.liferay.portal.model.ResourceConstants;
+import com.liferay.portal.model.Role;
+import com.liferay.portal.model.RoleConstants;
+import com.liferay.portal.security.permission.PermissionChecker;
+import com.liferay.portal.service.GroupLocalServiceUtil;
+import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
+import com.liferay.portal.service.RoleLocalServiceUtil;
+import com.liferay.portlet.messageboards.model.MBCategory;
+import com.liferay.portlet.messageboards.model.MBMessage;
+import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
+import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
+import com.pentila.entSavoie.ENTRoleUtilFactory;
+import com.pentila.entSavoie.ENTRolesConstants;
+import com.pentila.entSavoie.utils.ENTMainUtilsLocalServiceUtil;
+
+public class MBUtils {
+
+ // Verification des permissions pour une categorie
+ public static boolean checkCategoryPermission(PermissionChecker permissionChecker, long categoryId, String actionId) throws PortalException, SystemException {
+
+ MBCategory category = MBCategoryLocalServiceUtil.getMBCategory(categoryId);
+
+ if (permissionChecker.hasOwnerPermission(category.getCompanyId(), MBCategory.class.getName(), categoryId, category.getUserId(), actionId)) {
+ return true;
+ }
+
+ return (permissionChecker.hasPermission(category.getGroupId(), MBCategory.class.getName(),category.getCategoryId(), actionId));
+
+ }
+
+ // Verification des permissions pour un message
+ public static boolean checkMessagePermission(PermissionChecker permissionChecker, long messageId, String actionId) throws PortalException, SystemException {
+
+ MBMessage message = MBMessageLocalServiceUtil.getMBMessage(messageId);
+
+ if (permissionChecker.hasOwnerPermission(message.getCompanyId(), MBMessage.class.getName(), messageId, message.getUserId(), actionId)) {
+ return true;
+ }
+
+ return (permissionChecker.hasPermission(message.getGroupId(), MBMessage.class.getName(), messageId, actionId));
+
+ }
+
+ // Ajout des permissions par defaut pour une category
+ public static void addDefaultPermissionsCategory(MBCategory category) throws PortalException, SystemException {
+ // Groupe de la resource
+ Group group = GroupLocalServiceUtil.getGroup(category.getGroupId());
+
+ // Si le groupe est de type organization, alors set des permissions des membres
+ if (group.isOrganization()) {
+ setDefaultRolePermissionsForResource(true, category.getGroupId(), category.getCategoryId(), category.getCompanyId(), "category");
+ }
+ // Sinon si le groupe est de type communaute, alors set des permissions des membres
+ else if (group.isRegularSite()) {
+ setDefaultRolePermissionsForResource(false, category.getGroupId(), category.getCategoryId(), category.getCompanyId(), "category");
+ }
+ }
+
+ // Ajout des permissions par defaut pour un message
+ public static void addDefaultPermissionsMessage(MBMessage message) throws PortalException, SystemException {
+ // Groupe de la resource
+ Group group = GroupLocalServiceUtil.getGroup(message.getGroupId());
+
+ // Si le groupe est de type organization, alors set des permissions des membres
+ if (group.isOrganization()) {
+ // Si c'est le messageRoot, alors set des permissions du thread
+ if (message.isRoot()) {
+ setDefaultRolePermissionsForResource(true, message.getGroupId(), message.getMessageId(), message.getCompanyId(), "thread");
+ } else {
+ setDefaultRolePermissionsForResource(true, message.getGroupId(), message.getMessageId(), message.getCompanyId(), "message");
+ }
+ }
+ // Sinon si le groupe est de type communaute, alors set des permissions des membres
+ else if (group.isRegularSite()) {
+ // Si c'est le messageRoot, alors set des permissions du thread
+ if (message.isRoot()) {
+ setDefaultRolePermissionsForResource(false, message.getGroupId(), message.getMessageId(), message.getCompanyId(), "thread");
+ } else {
+ setDefaultRolePermissionsForResource(false, message.getGroupId(), message.getMessageId(), message.getCompanyId(), "message");
+ }
+ }
+ }
+
+ // Set des permissions par defaut
+ private static void setDefaultRolePermissionsForResource(boolean org, long groupId, long objectId, long companyId, String type) throws PortalException, SystemException {
+
+ String name = type.equals("category")?MBCategory.class.getName():MBMessage.class.getName();
+ int scope = ResourceConstants.SCOPE_INDIVIDUAL;
+
+ List<String> listBasicActions = new ArrayList<String>();
+
+ if (type.equals("category") || type.equals("message")) {
+ listBasicActions.add("VIEW");
+
+ if(ENTMainUtilsLocalServiceUtil.isSchemaSupann(companyId)){
+ listBasicActions.add("ADD_OBJECT");
+ }
+
+ } else if (type.equals("thread")) {
+ listBasicActions.add("VIEW");
+ listBasicActions.add("ADD_OBJECT");
+ listBasicActions.add("SUBSCRIBE");
+ }
+
+ List<String> listMediumActions = new ArrayList<String>();
+
+ if (type.equals("category")) {
+ listMediumActions.add("VIEW");
+ listMediumActions.add("ADD_OBJECT");
+ listMediumActions.add("MOVE_THREAD");
+ } else if (type.equals("thread")) {
+ listMediumActions.add("VIEW");
+ listMediumActions.add("ADD_OBJECT");
+ listMediumActions.add("SUBSCRIBE");
+ listMediumActions.add("MOVE_THREAD");
+ } else if (type.equals("message")) {
+ listMediumActions.add("VIEW");
+ }
+
+ List<String> listAdvancedActions = new ArrayList<String>();
+
+ if (type.equals("category")) {
+ listAdvancedActions.add("VIEW");
+ listAdvancedActions.add("EDIT");
+ listAdvancedActions.add("DELETE");
+ listAdvancedActions.add("ADD_OBJECT");
+ listAdvancedActions.add("MOVE_THREAD");
+ listAdvancedActions.add("MANAGE_PERMISSIONS");
+ } else if (type.equals("thread")) {
+ listAdvancedActions.add("VIEW");
+ listAdvancedActions.add("EDIT");
+ listAdvancedActions.add("DELETE");
+ listAdvancedActions.add("ADD_OBJECT");
+ listAdvancedActions.add("SUBSCRIBE");
+ listAdvancedActions.add("MOVE_THREAD");
+ listAdvancedActions.add("MANAGE_PERMISSIONS");
+ } else if (type.equals("message")) {
+ listAdvancedActions.add("EDIT");
+ listAdvancedActions.add("DELETE");
+ listAdvancedActions.add("VIEW");
+ listAdvancedActions.add("MANAGE_PERMISSIONS");
+ }
+
+
+
+ Role forumAdmin = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.FORUM_ADMIN);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), forumAdmin.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+
+ Role forumMember = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.FORUM_MEMBER);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), forumMember.getRoleId(), listBasicActions.toArray(new String[listBasicActions.size()]));
+
+ Role owner = RoleLocalServiceUtil.getRole(companyId, RoleConstants.OWNER);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), owner.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+
+
+
+ if (org==true) {
+ Role eleve = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.NATIONAL_1);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), eleve.getRoleId(), listBasicActions.toArray(new String[listBasicActions.size()]));
+
+ Role parent = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.NATIONAL_2);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), parent.getRoleId(), listBasicActions.toArray(new String[listBasicActions.size()]));
+
+ Role enseignant = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.NATIONAL_3);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), enseignant.getRoleId(), listMediumActions.toArray(new String[listMediumActions.size()]));
+
+ Role personnelDirection = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.NATIONAL_4);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), personnelDirection.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+
+ Role externalRole = ENTRoleUtilFactory.getInstance(companyId).getRole(ENTRolesConstants.EXTERNAL);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), externalRole.getRoleId(), listBasicActions.toArray(new String[listBasicActions.size()]));
+
+ Role documentaliste = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.NATIONAL_24);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), documentaliste.getRoleId(), listMediumActions.toArray(new String[listMediumActions.size()]));
+
+ Role persoEducation = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.NATIONAL_25);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), persoEducation.getRoleId(), listMediumActions.toArray(new String[listMediumActions.size()]));
+
+ Role groupAdmin = RoleLocalServiceUtil.getRole(companyId, ENTRolesConstants.GROUP_ADMIN);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), groupAdmin.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+
+ Role orgMember = RoleLocalServiceUtil.getRole(companyId, RoleConstants.ORGANIZATION_USER);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), orgMember.getRoleId(), listBasicActions.toArray(new String[listBasicActions.size()]));
+
+ Role orgAdmin = RoleLocalServiceUtil.getRole(companyId, RoleConstants.ORGANIZATION_ADMINISTRATOR);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), orgAdmin.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+
+ Role orgOwner = RoleLocalServiceUtil.getRole(companyId, RoleConstants.ORGANIZATION_OWNER);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), orgOwner.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+
+ } else {
+ Role comMember = RoleLocalServiceUtil.getRole(companyId, RoleConstants.SITE_MEMBER);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), comMember.getRoleId(), listMediumActions.toArray(new String[listMediumActions.size()]));
+
+ Role comAdmin = RoleLocalServiceUtil.getRole(companyId, RoleConstants.SITE_ADMINISTRATOR);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), comAdmin.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+
+ Role comOwner = RoleLocalServiceUtil.getRole(companyId, RoleConstants.SITE_OWNER);
+ ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, name, scope, String.valueOf(objectId), comOwner.getRoleId(), listAdvancedActions.toArray(new String[listAdvancedActions.size()]));
+ }
+ }
+
+}