1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portlet.messageboards.service.permission;
16  
17  import com.liferay.portal.kernel.exception.PortalException;
18  import com.liferay.portal.kernel.exception.SystemException;
19  import com.liferay.portal.security.auth.PrincipalException;
20  import com.liferay.portal.security.permission.PermissionChecker;
21  import com.liferay.portal.security.permission.ResourceActionsUtil;
22  import com.liferay.portal.util.PortalUtil;
23  import com.liferay.portlet.messageboards.model.MBDiscussion;
24  import com.liferay.portlet.messageboards.model.MBMessage;
25  import com.liferay.portlet.messageboards.service.MBBanLocalServiceUtil;
26  import com.liferay.portlet.messageboards.service.MBDiscussionLocalServiceUtil;
27  import com.liferay.portlet.messageboards.service.MBMessageLocalServiceUtil;
28  
29  import java.util.List;
30  
31  /**
32   * <a href="MBDiscussionPermission.java.html"><b><i>View Source</i></b></a>
33   *
34   * @author Charles May
35   */
36  public class MBDiscussionPermission {
37  
38      public static void check(
39              PermissionChecker permissionChecker, long companyId, long groupId,
40              String className, long classPK, long messageId, long ownerId,
41              String actionId)
42          throws PortalException, SystemException {
43  
44          if (!contains(
45                  permissionChecker, companyId, groupId, className, classPK,
46                  messageId, ownerId, actionId)) {
47  
48              throw new PrincipalException();
49          }
50      }
51  
52      public static void check(
53              PermissionChecker permissionChecker, long companyId, long groupId,
54              String className, long classPK, long ownerId, String actionId)
55          throws PortalException, SystemException {
56  
57          if (!contains(
58                  permissionChecker, companyId, groupId, className, classPK,
59                  ownerId, actionId)) {
60  
61              throw new PrincipalException();
62          }
63      }
64  
65      public static boolean contains(
66              PermissionChecker permissionChecker, long companyId, long groupId,
67              String className, long classPK, long messageId, long ownerId,
68              String actionId)
69          throws PortalException, SystemException {
70  
71          if (!contains(
72                  permissionChecker, companyId, groupId, className, classPK,
73                  ownerId, actionId)) {
74  
75              return false;
76          }
77  
78          MBMessage message = MBMessageLocalServiceUtil.getMessage(
79              messageId);
80  
81          MBDiscussion discussion =
82              MBDiscussionLocalServiceUtil.getThreadDiscussion(
83                  message.getThreadId());
84  
85          long classNameId = PortalUtil.getClassNameId(className);
86  
87          if ((discussion.getClassNameId() == classNameId) &&
88              (discussion.getClassPK() == classPK)) {
89  
90              return true;
91          }
92  
93          return false;
94      }
95  
96      public static boolean contains(
97              PermissionChecker permissionChecker, long companyId, long groupId,
98              String className, long classPK, long ownerId, String actionId)
99          throws SystemException {
100 
101         List<String> resourceActions = ResourceActionsUtil.getResourceActions(
102             className);
103 
104         if (!resourceActions.contains(actionId)) {
105             return true;
106         }
107 
108         if (MBBanLocalServiceUtil.hasBan(
109                 groupId, permissionChecker.getUserId())) {
110 
111             return false;
112         }
113 
114         if (permissionChecker.hasOwnerPermission(
115                 companyId, className, classPK, ownerId, actionId)) {
116 
117             return true;
118         }
119 
120         return permissionChecker.hasPermission(
121             groupId, className, classPK, actionId);
122     }
123 
124 }