1
14
15 package com.liferay.portlet.messageboards.service.permission;
16
17 import com.liferay.portal.kernel.exception.PortalException;
18 import com.liferay.portal.kernel.exception.SystemException;
19 import com.liferay.portal.security.auth.PrincipalException;
20 import com.liferay.portal.security.permission.ActionKeys;
21 import com.liferay.portal.security.permission.PermissionChecker;
22 import com.liferay.portal.util.PropsValues;
23 import com.liferay.portlet.messageboards.model.MBCategory;
24 import com.liferay.portlet.messageboards.model.MBCategoryConstants;
25 import com.liferay.portlet.messageboards.model.MBMessage;
26 import com.liferay.portlet.messageboards.model.MBThread;
27 import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
28 import com.liferay.portlet.messageboards.service.MBCategoryLocalServiceUtil;
29 import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
30 import com.liferay.portlet.messageboards.service.MBThreadLocalServiceUtil;
31
32
37 public class MBMessagePermission {
38
39 public static void check(
40 PermissionChecker permissionChecker, long messageId,
41 String actionId)
42 throws PortalException, SystemException {
43
44 if (!contains(permissionChecker, messageId, actionId)) {
45 throw new PrincipalException();
46 }
47 }
48
49 public static void check(
50 PermissionChecker permissionChecker, MBMessage message,
51 String actionId)
52 throws PortalException, SystemException {
53
54 if (!contains(permissionChecker, message, actionId)) {
55 throw new PrincipalException();
56 }
57 }
58
59 public static boolean contains(
60 PermissionChecker permissionChecker, long messageId,
61 String actionId)
62 throws PortalException, SystemException {
63
64 MBMessage message = MBMessageLocalServiceUtil.getMessage(messageId);
65
66 return contains(permissionChecker, message, actionId);
67 }
68
69 public static boolean contains(
70 PermissionChecker permissionChecker, MBMessage message,
71 String actionId)
72 throws PortalException, SystemException {
73
74 long groupId = message.getGroupId();
75
76 if (MBBanLocalServiceUtil.hasBan(
77 groupId, permissionChecker.getUserId())) {
78
79 return false;
80 }
81
82 long categoryId = message.getCategoryId();
83
84 if ((categoryId != MBCategoryConstants.DEFAULT_PARENT_CATEGORY_ID) &&
85 (categoryId != MBCategoryConstants.DISCUSSION_CATEGORY_ID)) {
86
87 MBCategory category = MBCategoryLocalServiceUtil.getCategory(
88 categoryId);
89
90 if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
91 if (!MBCategoryPermission.contains(
92 permissionChecker, category, ActionKeys.VIEW)) {
93
94 return false;
95 }
96 }
97 }
98
99 MBThread thread = MBThreadLocalServiceUtil.getThread(
100 message.getThreadId());
101
102 if (permissionChecker.hasOwnerPermission(
103 message.getCompanyId(), MBMessage.class.getName(),
104 thread.getRootMessageId(), message.getUserId(), actionId)) {
105
106 return true;
107 }
108
109 return permissionChecker.hasPermission(
110 groupId, MBMessage.class.getName(), thread.getRootMessageId(),
111 actionId);
112 }
113
114 }