List of usage examples for com.liferay.portal.kernel.model UserGroupRole getRole
public Role getRole() throws com.liferay.portal.kernel.exception.PortalException;
From source file:com.liferay.users.admin.web.internal.portlet.UsersControlPanelEntry.java
License:Open Source License
@Override protected boolean hasPermissionImplicitlyGranted(PermissionChecker permissionChecker, Group group, Portlet portlet) throws Exception { List<UserGroupRole> userGroupRoles = _userGroupRoleLocalService .getUserGroupRoles(permissionChecker.getUserId()); for (UserGroupRole userGroupRole : userGroupRoles) { Role role = userGroupRole.getRole(); String roleName = role.getName(); if (roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR) || roleName.equals(RoleConstants.ORGANIZATION_OWNER)) { return true; }//from w ww . ja v a 2 s . c o m } List<Organization> organizations = _organizationLocalService .getUserOrganizations(permissionChecker.getUserId()); for (Organization organization : organizations) { if (OrganizationPermissionUtil.contains(permissionChecker, organization, ActionKeys.MANAGE_USERS)) { return true; } if (OrganizationPermissionUtil.contains(permissionChecker, organization, ActionKeys.MANAGE_SUBORGANIZATIONS)) { return true; } /*if (OrganizationPermissionUtil.contains( permissionChecker, organization.getOrganizationId(), ActionKeys.VIEW)) { return true; }*/ } return super.hasPermissionImplicitlyGranted(permissionChecker, group, portlet); }
From source file:eu.gerhards.liferay.services.angular.service.impl.AngularRoleServiceImpl.java
License:Open Source License
public List<UserGroupRole> checkUserGroupRoles(long userId, List<UserGroupRole> userGroupRoles) throws PortalException { List<UserGroupRole> oldUserGroupRoles = null; PermissionChecker permissionChecker = getPermissionChecker(); if (userId != CompanyConstants.SYSTEM) { // Add back any user group roles that the administrator does not // have the rights to remove or that have a mandatory membership User user = UserLocalServiceUtil.getUser(userId); List<UserGroup> userGroups = user.getUserGroups(); for (UserGroup userGroup : userGroups) { List<UserGroupRole> roles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId, userGroup.getUserGroupId()); oldUserGroupRoles.addAll(roles); }/*from w w w.ja v a 2 s . c o m*/ for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) { Role role = oldUserGroupRole.getRole(); Group group = oldUserGroupRole.getGroup(); if (userGroupRoles.contains(oldUserGroupRole)) { continue; } if (role.getType() == RoleConstants.TYPE_ORGANIZATION) { Organization organization = OrganizationLocalServiceUtil .getOrganization(group.getOrganizationId()); if (!UserGroupRolePermissionUtil.contains(permissionChecker, group, role) || OrganizationMembershipPolicyUtil.isRoleProtected(getPermissionChecker(), userId, organization.getOrganizationId(), role.getRoleId()) || OrganizationMembershipPolicyUtil.isRoleRequired(userId, organization.getOrganizationId(), role.getRoleId())) { userGroupRoles.add(oldUserGroupRole); } } else if (role.getType() == RoleConstants.TYPE_SITE) { if (!userGroupRoles.contains(oldUserGroupRole) && (!UserGroupRolePermissionUtil.contains(permissionChecker, group, role) || SiteMembershipPolicyUtil.isRoleProtected(getPermissionChecker(), userId, group.getGroupId(), role.getRoleId()) || SiteMembershipPolicyUtil.isRoleRequired(userId, group.getGroupId(), role.getRoleId()))) { userGroupRoles.add(oldUserGroupRole); } } } } // Check that the administrator has the permission to add a new user // group role and that the user group role membership is allowed for (UserGroupRole userGroupRole : userGroupRoles) { if ((oldUserGroupRoles == null) || !oldUserGroupRoles.contains(userGroupRole)) { UserGroupRolePermissionUtil.check(permissionChecker, userGroupRole.getGroupId(), userGroupRole.getRoleId()); } } return userGroupRoles; }
From source file:eu.gerhards.liferay.services.angular.service.impl.AngularUserServiceImpl.java
License:Open Source License
@Override public User updateUser(long userId, String oldPassword, String newPassword1, String newPassword2, boolean passwordReset, String reminderQueryQuestion, String reminderQueryAnswer, String screenName, String emailAddress, long facebookId, String openId, boolean portrait, byte[] portraitBytes, String languageId, String timeZoneId, String greeting, String comments, String firstName, String middleName, String lastName, long prefixId, long suffixId, boolean male, int birthdayMonth, int birthdayDay, int birthdayYear, String smsSn, String facebookSn, String jabberSn, String skypeSn, String twitterSn, String jobTitle, long[] groupIds, long[] organizationIds, long[] roleIds, List<UserGroupRole> userGroupRoles, long[] userGroupIds, List<Address> addresses, List<EmailAddress> emailAddresses, List<Phone> phones, List<Website> websites, List<AnnouncementsDelivery> announcementsDelivers, ServiceContext serviceContext) throws PortalException { _log.info("Updating user ... "); _log.debug(" ... security check ..."); PortalPermissionUtil.check(getPermissionChecker(), AngularActionKeys.UPDATE_USER); _log.debug(" ... processing ... "); long creatorId = 0; try {//from ww w. j a va 2 s . c om creatorId = this.getUserId(); } catch (PrincipalException pe) { if (_log.isWarnEnabled()) { _log.warn("Unable to get current user ID", pe); } } if (StringUtils.isEmpty(emailAddress)) { throw new PortalException("A email address is needed for new users!"); } // Null safe actions if (groupIds == null) { groupIds = new long[0]; } if (organizationIds == null) { organizationIds = new long[0]; } if (roleIds == null) { roleIds = new long[0]; } if (userGroupRoles == null) { userGroupRoles = new ArrayList<UserGroupRole>(); } if (userGroupIds == null) { userGroupIds = new long[0]; } if (addresses == null) { addresses = new ArrayList<Address>(); } if (emailAddresses == null) { emailAddresses = new ArrayList<EmailAddress>(); } if (phones == null) { phones = new ArrayList<Phone>(); } if (websites == null) { websites = new ArrayList<Website>(); } if (announcementsDelivers == null) { announcementsDelivers = new ArrayList<AnnouncementsDelivery>(); } User userToUpdate = UserLocalServiceUtil.getUserById(userId); if (StringUtils.isEmpty(screenName)) { screenName = userToUpdate.getScreenName(); } this.checkUpdateUserPermission(creatorId, userId, userToUpdate.getCompanyId(), groupIds, organizationIds, roleIds, userGroupIds, serviceContext); // Update contact parts this.updateUserAddresses(userToUpdate.getContactId(), addresses); this.updateUserEmailAddress(userToUpdate.getContactId(), emailAddresses); this.updateUserPhones(userToUpdate.getContactId(), phones); this.updateUsrWebsites(userToUpdate.getContactId(), websites); this.updateAnnouncementsDeliveries(userToUpdate.getContactId(), announcementsDelivers); if (creatorId == userId) { emailAddress = StringUtil.toLowerCase(emailAddress.trim()); if (!StringUtil.equalsIgnoreCase(emailAddress, userToUpdate.getEmailAddress())) { validateEmail(emailAddress, userToUpdate); } } validateUpdatePermission(userToUpdate, screenName, emailAddress, firstName, middleName, lastName, prefixId, suffixId, birthdayMonth, birthdayDay, birthdayYear, male, jobTitle); // Group membership policy long[] oldGroupIds = userToUpdate.getGroupIds(); List<Long> addGroupIds = new ArrayList<>(); List<Long> removeGroupIds = Collections.emptyList(); if (groupIds != null) { removeGroupIds = ListUtil.toList(oldGroupIds); groupIds = angularGroupService.checkGroups(userId, groupIds); for (long groupId : groupIds) { if (ArrayUtil.contains(oldGroupIds, groupId)) { removeGroupIds.remove(groupId); } else { addGroupIds.add(groupId); } } if (!addGroupIds.isEmpty() || !removeGroupIds.isEmpty()) { SiteMembershipPolicyUtil.checkMembership(new long[] { userId }, ArrayUtil.toLongArray(addGroupIds), ArrayUtil.toLongArray(removeGroupIds)); } } // Organization membership policy long[] oldOrganizationIds = userToUpdate.getOrganizationIds(); List<Long> addOrganizationIds = new ArrayList<>(); List<Long> removeOrganizationIds = Collections.emptyList(); if (organizationIds != null) { removeOrganizationIds = ListUtil.toList(oldOrganizationIds); organizationIds = angularOrganizationService.checkOrganizations(userId, organizationIds); for (long organizationId : organizationIds) { if (ArrayUtil.contains(oldOrganizationIds, organizationId)) { removeOrganizationIds.remove(organizationId); } else { addOrganizationIds.add(organizationId); } } if (!addOrganizationIds.isEmpty() || !removeOrganizationIds.isEmpty()) { OrganizationMembershipPolicyUtil.checkMembership(new long[] { userId }, ArrayUtil.toLongArray(addOrganizationIds), ArrayUtil.toLongArray(removeOrganizationIds)); } } // Role membership policy long[] oldRoleIds = userToUpdate.getRoleIds(); List<Long> addRoleIds = new ArrayList<>(); List<Long> removeRoleIds = Collections.emptyList(); if (roleIds != null) { removeRoleIds = ListUtil.toList(oldRoleIds); roleIds = angularRoleService.checkRoles(userId, roleIds); for (long roleId : roleIds) { if (ArrayUtil.contains(oldRoleIds, roleId)) { removeRoleIds.remove(roleId); } else { addRoleIds.add(roleId); } } if (!addRoleIds.isEmpty() || !removeRoleIds.isEmpty()) { RoleMembershipPolicyUtil.checkRoles(new long[] { userId }, ArrayUtil.toLongArray(addRoleIds), ArrayUtil.toLongArray(removeRoleIds)); } } List<UserGroupRole> oldOrganizationUserGroupRoles = new ArrayList<>(); List<UserGroupRole> oldSiteUserGroupRoles = new ArrayList<>(); List<UserGroupRole> oldUserGroupRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId); for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) { Role role = oldUserGroupRole.getRole(); if (role.getType() == RoleConstants.TYPE_ORGANIZATION) { oldOrganizationUserGroupRoles.add(oldUserGroupRole); } else if (role.getType() == RoleConstants.TYPE_SITE) { oldSiteUserGroupRoles.add(oldUserGroupRole); } } List<UserGroupRole> addOrganizationUserGroupRoles = new ArrayList<>(); List<UserGroupRole> removeOrganizationUserGroupRoles = Collections.emptyList(); List<UserGroupRole> addSiteUserGroupRoles = new ArrayList<>(); List<UserGroupRole> removeSiteUserGroupRoles = Collections.emptyList(); if (userGroupRoles != null) { userGroupRoles = angularRoleService.checkUserGroupRoles(userId, userGroupRoles); removeOrganizationUserGroupRoles = ListUtil.copy(oldOrganizationUserGroupRoles); removeSiteUserGroupRoles = ListUtil.copy(oldSiteUserGroupRoles); for (UserGroupRole userGroupRole : userGroupRoles) { Role role = userGroupRole.getRole(); if (role.getType() == RoleConstants.TYPE_ORGANIZATION) { if (oldOrganizationUserGroupRoles.contains(userGroupRole)) { removeOrganizationUserGroupRoles.remove(userGroupRole); } else { addOrganizationUserGroupRoles.add(userGroupRole); } } else if (role.getType() == RoleConstants.TYPE_SITE) { if (oldSiteUserGroupRoles.contains(userGroupRole)) { removeSiteUserGroupRoles.remove(userGroupRole); } else { addSiteUserGroupRoles.add(userGroupRole); } } } if (!addOrganizationUserGroupRoles.isEmpty() || !removeOrganizationUserGroupRoles.isEmpty()) { OrganizationMembershipPolicyUtil.checkRoles(addOrganizationUserGroupRoles, removeOrganizationUserGroupRoles); } if (!addSiteUserGroupRoles.isEmpty() || !removeSiteUserGroupRoles.isEmpty()) { SiteMembershipPolicyUtil.checkRoles(addSiteUserGroupRoles, removeSiteUserGroupRoles); } } // User group membership policy long[] oldUserGroupIds = userToUpdate.getUserGroupIds(); List<Long> addUserGroupIds = new ArrayList<>(); List<Long> removeUserGroupIds = Collections.emptyList(); if (userGroupIds != null) { removeUserGroupIds = ListUtil.toList(oldUserGroupIds); userGroupIds = angularUserGroupService.checkUserGroupIds(userId, userGroupIds); for (long userGroupId : userGroupIds) { if (ArrayUtil.contains(oldUserGroupIds, userGroupId)) { removeUserGroupIds.remove(userGroupId); } else { addUserGroupIds.add(userGroupId); } } if (!addUserGroupIds.isEmpty() || !removeUserGroupIds.isEmpty()) { UserGroupMembershipPolicyUtil.checkMembership(new long[] { userId }, ArrayUtil.toLongArray(addUserGroupIds), ArrayUtil.toLongArray(removeUserGroupIds)); } } userToUpdate = userLocalService.updateUser(userId, oldPassword, newPassword1, newPassword2, passwordReset, reminderQueryQuestion, reminderQueryAnswer, screenName, emailAddress, facebookId, openId, portrait, portraitBytes, languageId, timeZoneId, greeting, comments, firstName, middleName, lastName, prefixId, suffixId, male, birthdayMonth, birthdayDay, birthdayYear, smsSn, facebookSn, jabberSn, skypeSn, twitterSn, jobTitle, groupIds, organizationIds, roleIds, userGroupRoles, userGroupIds, serviceContext); if (!addGroupIds.isEmpty() || !removeGroupIds.isEmpty()) { SiteMembershipPolicyUtil.propagateMembership(new long[] { userToUpdate.getUserId() }, ArrayUtil.toLongArray(addGroupIds), ArrayUtil.toLongArray(removeGroupIds)); } if (!addOrganizationIds.isEmpty() || !removeOrganizationIds.isEmpty()) { OrganizationMembershipPolicyUtil.propagateMembership(new long[] { userToUpdate.getUserId() }, ArrayUtil.toLongArray(addOrganizationIds), ArrayUtil.toLongArray(removeOrganizationIds)); } if (!addRoleIds.isEmpty() || !removeRoleIds.isEmpty()) { RoleMembershipPolicyUtil.propagateRoles(new long[] { userToUpdate.getUserId() }, ArrayUtil.toLongArray(addRoleIds), ArrayUtil.toLongArray(removeRoleIds)); } if (!addSiteUserGroupRoles.isEmpty() || !removeSiteUserGroupRoles.isEmpty()) { SiteMembershipPolicyUtil.propagateRoles(addSiteUserGroupRoles, removeSiteUserGroupRoles); } if (!addOrganizationUserGroupRoles.isEmpty() || !removeOrganizationUserGroupRoles.isEmpty()) { OrganizationMembershipPolicyUtil.propagateRoles(addOrganizationUserGroupRoles, removeOrganizationUserGroupRoles); } if (!addUserGroupIds.isEmpty() || !removeUserGroupIds.isEmpty()) { UserGroupMembershipPolicyUtil.propagateMembership(new long[] { userToUpdate.getUserId() }, ArrayUtil.toLongArray(addUserGroupIds), ArrayUtil.toLongArray(removeUserGroupIds)); } return userToUpdate; }