Java tutorial
/** * Copyright (c) 2000-present Liferay, Inc. All rights reserved. * * This library is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free * Software Foundation; either version 2.1 of the License, or (at your option) * any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more * details. */ package com.liferay.journal.service.permission; import com.liferay.exportimport.kernel.staging.permission.StagingPermissionUtil; import com.liferay.journal.configuration.JournalServiceConfiguration; import com.liferay.journal.model.JournalArticle; import com.liferay.journal.model.JournalFolder; import com.liferay.journal.model.JournalFolderConstants; import com.liferay.journal.service.JournalArticleLocalService; import com.liferay.journal.service.JournalFolderLocalService; import com.liferay.portal.kernel.exception.PortalException; import com.liferay.portal.kernel.log.Log; import com.liferay.portal.kernel.log.LogFactoryUtil; import com.liferay.portal.kernel.module.configuration.ConfigurationException; import com.liferay.portal.kernel.module.configuration.ConfigurationProvider; import com.liferay.portal.kernel.portlet.PortletProvider; import com.liferay.portal.kernel.portlet.PortletProviderUtil; import com.liferay.portal.kernel.security.auth.PrincipalException; import com.liferay.portal.kernel.security.permission.ActionKeys; import com.liferay.portal.kernel.security.permission.BaseModelPermissionChecker; import com.liferay.portal.kernel.security.permission.PermissionChecker; import com.liferay.portal.kernel.util.HashUtil; import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil; import com.liferay.portal.util.PropsValues; import java.util.Map; import java.util.Objects; import org.osgi.service.component.annotations.Component; import org.osgi.service.component.annotations.Reference; /** * @author Brian Wing Shun Chan * @author Raymond Aug */ @Component(property = { "model.class.name=com.liferay.journal.model.JournalArticle" }, service = BaseModelPermissionChecker.class) public class JournalArticlePermission implements BaseModelPermissionChecker { public static void check(PermissionChecker permissionChecker, JournalArticle article, String actionId) throws PortalException { if (!contains(permissionChecker, article, actionId)) { throw new PrincipalException.MustHavePermission(permissionChecker, JournalArticle.class.getName(), article.getArticleId(), actionId); } } public static void check(PermissionChecker permissionChecker, long resourcePrimKey, String actionId) throws PortalException { if (!contains(permissionChecker, resourcePrimKey, actionId)) { throw new PrincipalException.MustHavePermission(permissionChecker, JournalArticle.class.getName(), resourcePrimKey, actionId); } } public static void check(PermissionChecker permissionChecker, long groupId, String articleId, double version, String actionId) throws PortalException { if (!contains(permissionChecker, groupId, articleId, version, actionId)) { throw new PrincipalException.MustHavePermission(permissionChecker, JournalArticle.class.getName(), articleId, actionId); } } public static void check(PermissionChecker permissionChecker, long groupId, String articleId, int status, String actionId) throws PortalException { if (!contains(permissionChecker, groupId, articleId, status, actionId)) { throw new PrincipalException.MustHavePermission(permissionChecker, JournalArticle.class.getName(), articleId, actionId); } } public static void check(PermissionChecker permissionChecker, long groupId, String articleId, String actionId) throws PortalException { if (!contains(permissionChecker, groupId, articleId, actionId)) { throw new PrincipalException.MustHavePermission(permissionChecker, JournalArticle.class.getName(), articleId, actionId); } } public static boolean contains(PermissionChecker permissionChecker, JournalArticle article, String actionId) { Map<Object, Object> permissionChecksMap = permissionChecker.getPermissionChecksMap(); CacheKey cacheKey = new CacheKey(article.getGroupId(), article.getArticleId(), actionId); Boolean contains = (Boolean) permissionChecksMap.get(cacheKey); if (contains == null) { contains = _contains(permissionChecker, article, actionId); permissionChecksMap.put(cacheKey, contains); } return contains; } public static boolean contains(PermissionChecker permissionChecker, long classPK, String actionId) { JournalArticle article = _journalArticleLocalService.fetchLatestArticle(classPK); if (article == null) { article = _journalArticleLocalService.fetchArticle(classPK); if (article == null) { _log.error("Unable to find journal article " + classPK); return false; } } return contains(permissionChecker, article, actionId); } public static boolean contains(PermissionChecker permissionChecker, long groupId, String articleId, double version, String actionId) { JournalArticle article = _journalArticleLocalService.fetchArticle(groupId, articleId, version); if (article == null) { _log.error("Unable to get journal article with group ID " + groupId + ", article ID " + articleId + ", and version " + version); return false; } return contains(permissionChecker, article, actionId); } public static boolean contains(PermissionChecker permissionChecker, long groupId, String articleId, int status, String actionId) { JournalArticle article = _journalArticleLocalService.fetchLatestArticle(groupId, articleId, status); if (article == null) { _log.error("Unable to get journal article with group ID " + groupId + ", article ID " + articleId + ", and status " + status); return false; } return contains(permissionChecker, article, actionId); } public static boolean contains(PermissionChecker permissionChecker, long groupId, String articleId, String actionId) { JournalArticle article = _journalArticleLocalService.fetchArticle(groupId, articleId); if (article == null) { _log.error("Unable to get journal article with group ID " + groupId + " and article ID " + articleId); return false; } return contains(permissionChecker, article, actionId); } @Override public void checkBaseModel(PermissionChecker permissionChecker, long groupId, long primaryKey, String actionId) throws PortalException { check(permissionChecker, primaryKey, actionId); } @Reference(unbind = "-") protected void setConfigurationProvider(ConfigurationProvider configurationProvider) { _configurationProvider = configurationProvider; } @Reference(unbind = "-") protected void setJournalArticleLocalService(JournalArticleLocalService journalArticleLocalService) { _journalArticleLocalService = journalArticleLocalService; } @Reference(unbind = "-") protected void setJournalFolderLocalService(JournalFolderLocalService journalFolderLocalService) { _journalFolderLocalService = journalFolderLocalService; } private static boolean _contains(PermissionChecker permissionChecker, JournalArticle article, String actionId) { String portletId = PortletProviderUtil.getPortletId(JournalArticle.class.getName(), PortletProvider.Action.EDIT); Boolean hasPermission = StagingPermissionUtil.hasPermission(permissionChecker, article.getGroupId(), JournalArticle.class.getName(), article.getResourcePrimKey(), portletId, actionId); if (hasPermission != null) { return hasPermission.booleanValue(); } if (article.isDraft()) { if (actionId.equals(ActionKeys.VIEW) && !contains(permissionChecker, article, ActionKeys.UPDATE)) { return false; } } else if (article.isPending()) { hasPermission = WorkflowPermissionUtil.hasPermission(permissionChecker, article.getGroupId(), JournalArticle.class.getName(), article.getResourcePrimKey(), actionId); if (hasPermission != null) { return hasPermission.booleanValue(); } } if (actionId.equals(ActionKeys.VIEW)) { JournalServiceConfiguration journalServiceConfiguration = null; try { journalServiceConfiguration = _configurationProvider.getCompanyConfiguration( JournalServiceConfiguration.class, permissionChecker.getCompanyId()); } catch (ConfigurationException ce) { _log.error("Unable to get journal service configuration for company " + permissionChecker.getCompanyId(), ce); return false; } if (!journalServiceConfiguration.articleViewPermissionsCheckEnabled()) { return true; } if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) { long folderId = article.getFolderId(); if (folderId == JournalFolderConstants.DEFAULT_PARENT_FOLDER_ID) { if (!JournalPermission.contains(permissionChecker, article.getGroupId(), actionId)) { return false; } } else { JournalFolder folder = _journalFolderLocalService.fetchFolder(folderId); if (folder != null) { if (!JournalFolderPermission.contains(permissionChecker, folder, ActionKeys.ACCESS) && !JournalFolderPermission.contains(permissionChecker, folder, ActionKeys.VIEW)) { return false; } } else { if (!article.isInTrash()) { _log.error("Unable to get journal folder " + folderId); return false; } } } } } if (permissionChecker.hasOwnerPermission(article.getCompanyId(), JournalArticle.class.getName(), article.getResourcePrimKey(), article.getUserId(), actionId)) { return true; } return permissionChecker.hasPermission(article.getGroupId(), JournalArticle.class.getName(), article.getResourcePrimKey(), actionId); } private static final Log _log = LogFactoryUtil.getLog(JournalArticlePermission.class); private static ConfigurationProvider _configurationProvider; private static JournalArticleLocalService _journalArticleLocalService; private static JournalFolderLocalService _journalFolderLocalService; private static class CacheKey { @Override public boolean equals(Object obj) { if (this == obj) { return true; } if (!(obj instanceof CacheKey)) { return false; } CacheKey cacheKey = (CacheKey) obj; if ((_groupId == cacheKey._groupId) && Objects.equals(_articleId, cacheKey._articleId) && Objects.equals(_actionId, cacheKey._actionId)) { return true; } return false; } @Override public int hashCode() { int hash = HashUtil.hash(0, _groupId); hash = HashUtil.hash(hash, _articleId); return HashUtil.hash(hash, _actionId); } private CacheKey(long groupId, String articleId, String actionId) { _groupId = groupId; _articleId = articleId; _actionId = actionId; } private final String _actionId; private final String _articleId; private final long _groupId; } }