Example usage for com.liferay.portal.kernel.security.membershippolicy OrganizationMembershipPolicyUtil isRoleProtected

List of usage examples for com.liferay.portal.kernel.security.membershippolicy OrganizationMembershipPolicyUtil isRoleProtected

  1. HOME
  2. Java
  3. com.liferay.portal
  4. com.liferay.portal.kernel.security.membershippolicy.*
  5. OrganizationMembershipPolicyUtil
  6. isRoleProtected

Introduction

In this page you can find the example usage for com.liferay.portal.kernel.security.membershippolicy OrganizationMembershipPolicyUtil isRoleProtected.

Prototype

public static boolean isRoleProtected(PermissionChecker permissionChecker, long userId, long organizationId,
            long roleId) throws PortalException

Source Link

Usage

From source file:eu.gerhards.liferay.services.angular.service.impl.AngularRoleServiceImpl.java

License:Open Source License

public List<UserGroupRole> checkUserGroupRoles(long userId, List<UserGroupRole> userGroupRoles)
        throws PortalException {

    List<UserGroupRole> oldUserGroupRoles = null;

    PermissionChecker permissionChecker = getPermissionChecker();

    if (userId != CompanyConstants.SYSTEM) {

        // Add back any user group roles that the administrator does not
        // have the rights to remove or that have a mandatory membership
        User user = UserLocalServiceUtil.getUser(userId);
        List<UserGroup> userGroups = user.getUserGroups();

        for (UserGroup userGroup : userGroups) {
            List<UserGroupRole> roles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId,
                    userGroup.getUserGroupId());
            oldUserGroupRoles.addAll(roles);
        }//from  w w  w.ja  v  a  2  s .c  o  m

        for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
            Role role = oldUserGroupRole.getRole();
            Group group = oldUserGroupRole.getGroup();

            if (userGroupRoles.contains(oldUserGroupRole)) {
                continue;
            }

            if (role.getType() == RoleConstants.TYPE_ORGANIZATION) {
                Organization organization = OrganizationLocalServiceUtil
                        .getOrganization(group.getOrganizationId());

                if (!UserGroupRolePermissionUtil.contains(permissionChecker, group, role)
                        || OrganizationMembershipPolicyUtil.isRoleProtected(getPermissionChecker(), userId,
                                organization.getOrganizationId(), role.getRoleId())
                        || OrganizationMembershipPolicyUtil.isRoleRequired(userId,
                                organization.getOrganizationId(), role.getRoleId())) {

                    userGroupRoles.add(oldUserGroupRole);
                }
            } else if (role.getType() == RoleConstants.TYPE_SITE) {
                if (!userGroupRoles.contains(oldUserGroupRole)
                        && (!UserGroupRolePermissionUtil.contains(permissionChecker, group, role)
                                || SiteMembershipPolicyUtil.isRoleProtected(getPermissionChecker(), userId,
                                        group.getGroupId(), role.getRoleId())
                                || SiteMembershipPolicyUtil.isRoleRequired(userId, group.getGroupId(),
                                        role.getRoleId()))) {

                    userGroupRoles.add(oldUserGroupRole);
                }
            }
        }
    }

    // Check that the administrator has the permission to add a new user
    // group role and that the user group role membership is allowed

    for (UserGroupRole userGroupRole : userGroupRoles) {
        if ((oldUserGroupRoles == null) || !oldUserGroupRoles.contains(userGroupRole)) {

            UserGroupRolePermissionUtil.check(permissionChecker, userGroupRole.getGroupId(),
                    userGroupRole.getRoleId());
        }
    }

    return userGroupRoles;
}