1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   * 
13   */
14  
15  package com.liferay.portlet.shopping.service.permission;
16  
17  import com.liferay.portal.PortalException;
18  import com.liferay.portal.SystemException;
19  import com.liferay.portal.security.auth.PrincipalException;
20  import com.liferay.portal.security.permission.ActionKeys;
21  import com.liferay.portal.security.permission.PermissionChecker;
22  import com.liferay.portal.service.permission.PortletPermissionUtil;
23  import com.liferay.portal.util.PortletKeys;
24  import com.liferay.portal.util.PropsValues;
25  import com.liferay.portlet.shopping.model.ShoppingCategory;
26  import com.liferay.portlet.shopping.model.impl.ShoppingCategoryImpl;
27  import com.liferay.portlet.shopping.service.ShoppingCategoryLocalServiceUtil;
28  
29  /**
30   * <a href="ShoppingCategoryPermission.java.html"><b><i>View Source</i></b></a>
31   *
32   * @author Brian Wing Shun Chan
33   */
34  public class ShoppingCategoryPermission {
35  
36      public static void check(
37              PermissionChecker permissionChecker, long plid, long categoryId,
38              String actionId)
39          throws PortalException, SystemException {
40  
41          if (!contains(permissionChecker, plid, categoryId, actionId)) {
42              throw new PrincipalException();
43          }
44      }
45  
46      public static void check(
47              PermissionChecker permissionChecker, long categoryId,
48              String actionId)
49          throws PortalException, SystemException {
50  
51          if (!contains(permissionChecker, categoryId, actionId)) {
52              throw new PrincipalException();
53          }
54      }
55  
56      public static void check(
57              PermissionChecker permissionChecker, ShoppingCategory category,
58              String actionId)
59          throws PortalException, SystemException {
60  
61          if (!contains(permissionChecker, category, actionId)) {
62              throw new PrincipalException();
63          }
64      }
65  
66      public static boolean contains(
67              PermissionChecker permissionChecker, long plid, long categoryId,
68              String actionId)
69          throws PortalException, SystemException {
70  
71          if (categoryId == ShoppingCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
72              return PortletPermissionUtil.contains(
73                  permissionChecker, plid, PortletKeys.SHOPPING, actionId);
74          }
75          else {
76              return contains(permissionChecker, categoryId, actionId);
77          }
78      }
79  
80      public static boolean contains(
81              PermissionChecker permissionChecker, long categoryId,
82              String actionId)
83          throws PortalException, SystemException {
84  
85          ShoppingCategory category =
86              ShoppingCategoryLocalServiceUtil.getCategory(categoryId);
87  
88          return contains(permissionChecker, category, actionId);
89      }
90  
91      public static boolean contains(
92              PermissionChecker permissionChecker, ShoppingCategory category,
93              String actionId)
94          throws PortalException, SystemException {
95  
96          if (actionId.equals(ActionKeys.ADD_CATEGORY)) {
97              actionId = ActionKeys.ADD_SUBCATEGORY;
98          }
99  
100         long categoryId = category.getCategoryId();
101 
102         if (actionId.equals(ActionKeys.VIEW)) {
103             while (categoryId !=
104                         ShoppingCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
105 
106                 category = ShoppingCategoryLocalServiceUtil.getCategory(
107                     categoryId);
108 
109                 categoryId = category.getParentCategoryId();
110 
111                 if (!permissionChecker.hasOwnerPermission(
112                         category.getCompanyId(),
113                         ShoppingCategory.class.getName(),
114                         category.getCategoryId(), category.getUserId(),
115                         actionId) &&
116                     !permissionChecker.hasPermission(
117                         category.getGroupId(), ShoppingCategory.class.getName(),
118                         category.getCategoryId(), actionId)) {
119 
120                     return false;
121                 }
122 
123                 if (!PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
124                     break;
125                 }
126             }
127 
128             return true;
129         }
130         else {
131             while (categoryId !=
132                         ShoppingCategoryImpl.DEFAULT_PARENT_CATEGORY_ID) {
133 
134                 if (permissionChecker.hasOwnerPermission(
135                         category.getCompanyId(),
136                         ShoppingCategory.class.getName(),
137                         category.getCategoryId(), category.getUserId(),
138                         actionId)) {
139 
140                     return true;
141                 }
142 
143                 if (permissionChecker.hasPermission(
144                         category.getGroupId(), ShoppingCategory.class.getName(),
145                         category.getCategoryId(), actionId)) {
146 
147                     return true;
148                 }
149 
150                 if (actionId.equals(ActionKeys.VIEW)) {
151                     break;
152                 }
153 
154                 category = ShoppingCategoryLocalServiceUtil.getCategory(
155                     categoryId);
156 
157                 categoryId = category.getParentCategoryId();
158             }
159 
160             return false;
161         }
162     }
163 
164 }