001: /**
002: * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
003: *
004: * Permission is hereby granted, free of charge, to any person obtaining a copy
005: * of this software and associated documentation files (the "Software"), to deal
006: * in the Software without restriction, including without limitation the rights
007: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
008: * copies of the Software, and to permit persons to whom the Software is
009: * furnished to do so, subject to the following conditions:
010: *
011: * The above copyright notice and this permission notice shall be included in
012: * all copies or substantial portions of the Software.
013: *
014: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
015: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
016: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
017: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
018: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
019: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
020: * SOFTWARE.
021: */package com.liferay.portal.service.impl;
022:
023: import com.liferay.portal.NoSuchPermissionException;
024: import com.liferay.portal.NoSuchResourceException;
025: import com.liferay.portal.PortalException;
026: import com.liferay.portal.SystemException;
027: import com.liferay.portal.kernel.security.permission.PermissionCheckerBag;
028: import com.liferay.portal.kernel.util.GetterUtil;
029: import com.liferay.portal.kernel.util.Validator;
030: import com.liferay.portal.model.Group;
031: import com.liferay.portal.model.OrgGroupPermission;
032: import com.liferay.portal.model.Organization;
033: import com.liferay.portal.model.Permission;
034: import com.liferay.portal.model.Resource;
035: import com.liferay.portal.model.ResourceCode;
036: import com.liferay.portal.model.Role;
037: import com.liferay.portal.model.User;
038: import com.liferay.portal.model.UserGroup;
039: import com.liferay.portal.model.impl.ResourceImpl;
040: import com.liferay.portal.security.permission.PermissionCacheUtil;
041: import com.liferay.portal.security.permission.PermissionCheckerImpl;
042: import com.liferay.portal.security.permission.ResourceActionsUtil;
043: import com.liferay.portal.service.base.PermissionLocalServiceBaseImpl;
044: import com.liferay.portal.service.persistence.OrgGroupPermissionPK;
045: import com.liferay.portal.util.comparator.PermissionComparator;
046:
047: import java.util.ArrayList;
048: import java.util.Iterator;
049: import java.util.List;
050:
051: import org.apache.commons.lang.time.StopWatch;
052: import org.apache.commons.logging.Log;
053: import org.apache.commons.logging.LogFactory;
054:
055: /**
056: * <a href="PermissionLocalServiceImpl.java.html"><b><i>View Source</i></b></a>
057: *
058: * @author Charles May
059: * @author Brian Wing Shun Chan
060: *
061: */
062: public class PermissionLocalServiceImpl extends
063: PermissionLocalServiceBaseImpl {
064:
065: public Permission addPermission(long companyId, String actionId,
066: long resourceId) throws PortalException, SystemException {
067:
068: Permission permission = permissionPersistence.fetchByA_R(
069: actionId, resourceId);
070:
071: if (permission == null) {
072: long permissionId = counterLocalService
073: .increment(Permission.class.getName());
074:
075: permission = permissionPersistence.create(permissionId);
076:
077: permission.setCompanyId(companyId);
078: permission.setActionId(actionId);
079: permission.setResourceId(resourceId);
080:
081: permissionPersistence.update(permission);
082: }
083:
084: return permission;
085: }
086:
087: public List addPermissions(long companyId, String name,
088: long resourceId, boolean portletActions)
089: throws PortalException, SystemException {
090:
091: List permissions = new ArrayList();
092:
093: List actions = null;
094:
095: if (portletActions) {
096: actions = ResourceActionsUtil.getPortletResourceActions(
097: companyId, name);
098: } else {
099: actions = ResourceActionsUtil.getModelResourceActions(name);
100: }
101:
102: for (int i = 0; i < actions.size(); i++) {
103: String actionId = (String) actions.get(i);
104:
105: Permission permission = addPermission(companyId, actionId,
106: resourceId);
107:
108: permissions.add(permission);
109: }
110:
111: return permissions;
112: }
113:
114: public void addUserPermissions(long userId, String[] actionIds,
115: long resourceId) throws PortalException, SystemException {
116:
117: User user = userPersistence.findByPrimaryKey(userId);
118:
119: List permissions = permissionFinder.findByU_R(userId,
120: resourceId);
121:
122: permissions = getPermissions(user.getCompanyId(), actionIds,
123: resourceId);
124:
125: userPersistence.addPermissions(userId, permissions);
126:
127: PermissionCacheUtil.clearCache();
128: }
129:
130: public List getActions(List permissions) throws SystemException {
131: List actions = new ArrayList();
132:
133: Iterator itr = permissions.iterator();
134:
135: while (itr.hasNext()) {
136: Permission permission = (Permission) itr.next();
137:
138: actions.add(permission.getActionId());
139: }
140:
141: return actions;
142: }
143:
144: public List getGroupPermissions(long groupId, long resourceId)
145: throws SystemException {
146:
147: return permissionFinder.findByG_R(groupId, resourceId);
148: }
149:
150: public List getGroupPermissions(long groupId, long companyId,
151: String name, int scope, String primKey)
152: throws SystemException {
153:
154: return permissionFinder.findByG_C_N_S_P(groupId, companyId,
155: name, scope, primKey);
156: }
157:
158: public List getOrgGroupPermissions(long organizationId,
159: long groupId, long resourceId) throws SystemException {
160:
161: return permissionFinder.findByO_G_R(organizationId, groupId,
162: resourceId);
163: }
164:
165: public long getLatestPermissionId() throws PortalException,
166: SystemException {
167:
168: List list = permissionPersistence.findAll(0, 1,
169: new PermissionComparator());
170:
171: if (list.size() == 0) {
172: return 0;
173: } else {
174: Permission permission = (Permission) list.get(0);
175:
176: return permission.getPermissionId();
177: }
178: }
179:
180: public List getPermissions(long companyId, String[] actionIds,
181: long resourceId) throws PortalException, SystemException {
182:
183: List permissions = new ArrayList();
184:
185: for (int i = 0; i < actionIds.length; i++) {
186: Permission permission = addPermission(companyId,
187: actionIds[i], resourceId);
188:
189: permissions.add(permission);
190: }
191:
192: return permissions;
193: }
194:
195: public List getRolePermissions(long roleId) throws PortalException,
196: SystemException {
197:
198: return rolePersistence.getPermissions(roleId);
199: }
200:
201: public List getRolePermissions(long roleId, long resourceId)
202: throws SystemException {
203:
204: return permissionFinder.findByR_R(roleId, resourceId);
205: }
206:
207: public List getUserPermissions(long userId, long resourceId)
208: throws SystemException {
209:
210: return permissionFinder.findByU_R(userId, resourceId);
211: }
212:
213: public List getUserPermissions(long userId, long companyId,
214: String name, int scope, String primKey)
215: throws SystemException {
216:
217: return permissionFinder.findByU_C_N_S_P(userId, companyId,
218: name, scope, primKey);
219: }
220:
221: public boolean hasGroupPermission(long groupId, String actionId,
222: long resourceId) throws PortalException, SystemException {
223:
224: Permission permission = null;
225:
226: try {
227: permission = permissionPersistence.findByA_R(actionId,
228: resourceId);
229: } catch (NoSuchPermissionException nspe) {
230:
231: // Return false if there is no permission based on the given action
232: // id and resource id
233:
234: return false;
235: }
236:
237: return groupPersistence.containsPermission(groupId, permission
238: .getPermissionId());
239: }
240:
241: public boolean hasRolePermission(long roleId, long companyId,
242: String name, int scope, String actionId)
243: throws PortalException, SystemException {
244:
245: ResourceCode resourceCode = resourceCodeLocalService
246: .getResourceCode(companyId, name, scope);
247:
248: Iterator itr = resourcePersistence.findByCodeId(
249: resourceCode.getCodeId()).iterator();
250:
251: while (itr.hasNext()) {
252: Resource resource = (Resource) itr.next();
253:
254: try {
255: Permission permission = permissionPersistence
256: .findByA_R(actionId, resource.getResourceId());
257:
258: if (rolePersistence.containsPermission(roleId,
259: permission.getPermissionId())) {
260:
261: return true;
262: }
263: } catch (NoSuchPermissionException nspe) {
264: }
265: }
266:
267: return false;
268: }
269:
270: public boolean hasRolePermission(long roleId, long companyId,
271: String name, int scope, String primKey, String actionId)
272: throws PortalException, SystemException {
273:
274: try {
275: ResourceCode resourceCode = resourceCodeLocalService
276: .getResourceCode(companyId, name, scope);
277:
278: Resource resource = resourcePersistence.findByC_P(
279: resourceCode.getCodeId(), primKey);
280:
281: Permission permission = permissionPersistence.findByA_R(
282: actionId, resource.getResourceId());
283:
284: return rolePersistence.containsPermission(roleId,
285: permission.getPermissionId());
286: } catch (NoSuchPermissionException nspe) {
287: } catch (NoSuchResourceException nsre) {
288: }
289:
290: return false;
291: }
292:
293: public boolean hasUserPermission(long userId, String actionId,
294: long resourceId) throws PortalException, SystemException {
295:
296: Permission permission = null;
297:
298: try {
299: permission = permissionPersistence.findByA_R(actionId,
300: resourceId);
301: } catch (NoSuchPermissionException nspe) {
302:
303: // Return false if there is no permission based on the given action
304: // id and resource id
305:
306: return false;
307: }
308:
309: return userPersistence.containsPermission(userId, permission
310: .getPermissionId());
311: }
312:
313: public boolean hasUserPermissions(long userId, long groupId,
314: String actionId, long[] resourceIds,
315: PermissionCheckerBag permissionCheckerBag)
316: throws PortalException, SystemException {
317:
318: StopWatch stopWatch = null;
319:
320: if (_log.isDebugEnabled()) {
321: stopWatch = new StopWatch();
322:
323: stopWatch.start();
324: }
325:
326: int block = 1;
327:
328: // Return false if there is no resources
329:
330: if ((Validator.isNull(actionId)) || (resourceIds == null)
331: || (resourceIds.length == 0)) {
332:
333: return false;
334: }
335:
336: List permissions = permissionFinder.findByA_R(actionId,
337: resourceIds);
338:
339: // Return false if there are no permissions
340:
341: if (permissions.size() == 0) {
342: return false;
343: }
344:
345: // Record logs with the first resource id
346:
347: long resourceId = resourceIds[0];
348:
349: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
350: block++);
351:
352: //List userGroups = permissionCheckerBag.getUserGroups();
353: //List userOrgs = permissionCheckerBag.getUserOrgs();
354: //List userOrgGroups = permissionCheckerBag.getUserOrgGroups();
355: //List userUserGroupGroups =
356: // permissionCheckerBag.getUserUserGroupGroups();
357: List groups = permissionCheckerBag.getGroups();
358: List roles = permissionCheckerBag.getRoles();
359:
360: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
361: block++);
362:
363: // Check the organization and community intersection table. Break out of
364: // this method if the user has one of the permissions set at the
365: // intersection because that takes priority.
366:
367: //if (checkOrgGroupPermission(userOrgs, userGroups, permissions)) {
368: // return true;
369: //}
370:
371: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
372: block++);
373:
374: if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 1) {
375: return hasUserPermissions_1(userId, actionId, resourceId,
376: permissions, groups, groupId, stopWatch, block);
377: } else if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 2) {
378: return hasUserPermissions_2(userId, actionId, resourceId,
379: permissions, groups, groupId, stopWatch, block);
380: } else if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 3) {
381: return hasUserPermissions_3(userId, actionId, resourceId,
382: permissions, groups, roles, stopWatch, block);
383: } else if (PermissionCheckerImpl.USER_CHECK_ALGORITHM == 4) {
384: return hasUserPermissions_4(userId, actionId, resourceId,
385: permissions, groups, roles, stopWatch, block);
386: }
387:
388: return false;
389: }
390:
391: public void setGroupPermissions(long groupId, String[] actionIds,
392: long resourceId) throws PortalException, SystemException {
393:
394: Group group = groupPersistence.findByPrimaryKey(groupId);
395:
396: Iterator itr = permissionFinder.findByG_R(groupId, resourceId)
397: .iterator();
398:
399: while (itr.hasNext()) {
400: Permission permission = (Permission) itr.next();
401:
402: groupPersistence.removePermission(groupId, permission);
403: }
404:
405: List permissions = getPermissions(group.getCompanyId(),
406: actionIds, resourceId);
407:
408: groupPersistence.addPermissions(groupId, permissions);
409:
410: PermissionCacheUtil.clearCache();
411: }
412:
413: public void setGroupPermissions(String className, String classPK,
414: long groupId, String[] actionIds, long resourceId)
415: throws PortalException, SystemException {
416:
417: long associatedGroupId = 0;
418:
419: if (className.equals(Organization.class.getName())) {
420: long organizationId = GetterUtil.getLong(classPK);
421:
422: Organization organization = organizationPersistence
423: .findByPrimaryKey(organizationId);
424:
425: orgGroupPermissionFinder.removeByO_G_R(organizationId,
426: groupId, resourceId);
427:
428: associatedGroupId = organization.getGroup().getGroupId();
429: } else if (className.equals(UserGroup.class.getName())) {
430: long userGroupId = GetterUtil.getLong(classPK);
431:
432: UserGroup userGroup = userGroupPersistence
433: .findByPrimaryKey(userGroupId);
434:
435: associatedGroupId = userGroup.getGroup().getGroupId();
436: }
437:
438: setGroupPermissions(associatedGroupId, actionIds, resourceId);
439: }
440:
441: public void setOrgGroupPermissions(long organizationId,
442: long groupId, String[] actionIds, long resourceId)
443: throws PortalException, SystemException {
444:
445: Organization organization = organizationPersistence
446: .findByPrimaryKey(organizationId);
447:
448: long orgGroupId = organization.getGroup().getGroupId();
449:
450: Iterator itr = permissionPersistence.findByResourceId(
451: resourceId).iterator();
452:
453: while (itr.hasNext()) {
454: Permission permission = (Permission) itr.next();
455:
456: groupPersistence.removePermission(orgGroupId, permission);
457: }
458:
459: itr = getPermissions(organization.getCompanyId(), actionIds,
460: resourceId).iterator();
461:
462: orgGroupPermissionFinder.removeByO_G_R(organizationId, groupId,
463: resourceId);
464:
465: while (itr.hasNext()) {
466: Permission permission = (Permission) itr.next();
467:
468: OrgGroupPermissionPK pk = new OrgGroupPermissionPK(
469: organizationId, groupId, permission
470: .getPermissionId());
471:
472: OrgGroupPermission orgGroupPermission = orgGroupPermissionPersistence
473: .create(pk);
474:
475: orgGroupPermissionPersistence.update(orgGroupPermission);
476: }
477:
478: PermissionCacheUtil.clearCache();
479: }
480:
481: public void setRolePermission(long roleId, long companyId,
482: String name, int scope, String primKey, String actionId)
483: throws PortalException, SystemException {
484:
485: if (scope == ResourceImpl.SCOPE_COMPANY) {
486:
487: // Remove group permission
488:
489: unsetRolePermissions(roleId, companyId, name,
490: ResourceImpl.SCOPE_GROUP, actionId);
491: } else if (scope == ResourceImpl.SCOPE_GROUP) {
492:
493: // Remove company permission
494:
495: unsetRolePermissions(roleId, companyId, name,
496: ResourceImpl.SCOPE_COMPANY, actionId);
497: } else if (scope == ResourceImpl.SCOPE_INDIVIDUAL) {
498: throw new NoSuchPermissionException();
499: }
500:
501: Resource resource = resourceLocalService.addResource(companyId,
502: name, scope, primKey);
503:
504: Permission permission = null;
505:
506: try {
507: permission = permissionPersistence.findByA_R(actionId,
508: resource.getResourceId());
509: } catch (NoSuchPermissionException nspe) {
510: long permissionId = counterLocalService
511: .increment(Permission.class.getName());
512:
513: permission = permissionPersistence.create(permissionId);
514:
515: permission.setCompanyId(companyId);
516: permission.setActionId(actionId);
517: permission.setResourceId(resource.getResourceId());
518:
519: permissionPersistence.update(permission);
520: }
521:
522: rolePersistence.addPermission(roleId, permission);
523:
524: PermissionCacheUtil.clearCache();
525: }
526:
527: public void setRolePermissions(long roleId, long companyId,
528: String name, int scope, String primKey, String[] actionIds)
529: throws PortalException, SystemException {
530:
531: for (int i = 0; i < actionIds.length; i++) {
532: String actionId = actionIds[i];
533:
534: setRolePermission(roleId, companyId, name, scope, primKey,
535: actionId);
536: }
537: }
538:
539: public void setRolePermissions(long roleId, String[] actionIds,
540: long resourceId) throws PortalException, SystemException {
541:
542: Role role = rolePersistence.findByPrimaryKey(roleId);
543:
544: List permissions = permissionFinder.findByR_R(roleId,
545: resourceId);
546:
547: rolePersistence.removePermissions(roleId, permissions);
548:
549: permissions = getPermissions(role.getCompanyId(), actionIds,
550: resourceId);
551:
552: rolePersistence.addPermissions(roleId, permissions);
553:
554: PermissionCacheUtil.clearCache();
555: }
556:
557: public void setUserPermissions(long userId, String[] actionIds,
558: long resourceId) throws PortalException, SystemException {
559:
560: User user = userPersistence.findByPrimaryKey(userId);
561:
562: List permissions = permissionFinder.findByU_R(userId,
563: resourceId);
564:
565: userPersistence.removePermissions(userId, permissions);
566:
567: permissions = getPermissions(user.getCompanyId(), actionIds,
568: resourceId);
569:
570: userPersistence.addPermissions(userId, permissions);
571:
572: PermissionCacheUtil.clearCache();
573: }
574:
575: public void unsetRolePermission(long roleId, long permissionId)
576: throws SystemException, PortalException {
577:
578: try {
579: Permission permission = permissionPersistence
580: .findByPrimaryKey(permissionId);
581:
582: rolePersistence.removePermission(roleId, permission);
583: } catch (NoSuchPermissionException nspe) {
584: }
585:
586: PermissionCacheUtil.clearCache();
587: }
588:
589: public void unsetRolePermission(long roleId, long companyId,
590: String name, int scope, String primKey, String actionId)
591: throws PortalException, SystemException {
592:
593: try {
594: ResourceCode resourceCode = resourceCodeLocalService
595: .getResourceCode(companyId, name, scope);
596:
597: Resource resource = resourcePersistence.findByC_P(
598: resourceCode.getCodeId(), primKey);
599:
600: Permission permission = permissionPersistence.findByA_R(
601: actionId, resource.getResourceId());
602:
603: rolePersistence.removePermission(roleId, permission);
604: } catch (NoSuchPermissionException nspe) {
605: } catch (NoSuchResourceException nsre) {
606: }
607:
608: PermissionCacheUtil.clearCache();
609: }
610:
611: public void unsetRolePermissions(long roleId, long companyId,
612: String name, int scope, String actionId)
613: throws PortalException, SystemException {
614:
615: ResourceCode resourceCode = resourceCodeLocalService
616: .getResourceCode(companyId, name, scope);
617:
618: Iterator itr = resourcePersistence.findByCodeId(
619: resourceCode.getCodeId()).iterator();
620:
621: while (itr.hasNext()) {
622: Resource resource = (Resource) itr.next();
623:
624: try {
625: Permission permission = permissionPersistence
626: .findByA_R(actionId, resource.getResourceId());
627:
628: rolePersistence.removePermission(roleId, permission);
629: } catch (NoSuchPermissionException nspe) {
630: }
631: }
632:
633: PermissionCacheUtil.clearCache();
634: }
635:
636: public void unsetUserPermissions(long userId, String[] actionIds,
637: long resourceId) throws PortalException, SystemException {
638:
639: List permissions = permissionFinder.findByU_A_R(userId,
640: actionIds, resourceId);
641:
642: userPersistence.removePermissions(userId, permissions);
643:
644: PermissionCacheUtil.clearCache();
645: }
646:
647: protected boolean checkOrgGroupPermission(List organizations,
648: List groups, List permissions) throws PortalException,
649: SystemException {
650:
651: for (int i = 0; i < permissions.size(); i++) {
652: Permission permission = (Permission) permissions.get(i);
653:
654: if (checkOrgGroupPermission(organizations, groups,
655: permission)) {
656: return true;
657: }
658: }
659:
660: return false;
661: }
662:
663: protected boolean checkOrgGroupPermission(List organizations,
664: List groups, Permission permission) throws PortalException,
665: SystemException {
666:
667: // Do not check for an OrgGroupPermission intersection unless there is
668: // at least one organization and one group to check
669:
670: if ((organizations.size() == 0) || (groups.size() == 0)) {
671: return false;
672: }
673:
674: // Do not check unless the OrgGroupPermission intersection contains at
675: // least one permission
676:
677: List orgGroupPermissions = orgGroupPermissionPersistence
678: .findByPermissionId(permission.getPermissionId());
679:
680: if (orgGroupPermissions.size() == 0) {
681: return false;
682: }
683:
684: Iterator itr = orgGroupPermissions.iterator();
685:
686: while (itr.hasNext()) {
687: OrgGroupPermission orgGroupPermission = (OrgGroupPermission) itr
688: .next();
689:
690: if (orgGroupPermission.containsOrganization(organizations)
691: && orgGroupPermission.containsGroup(groups)) {
692:
693: return true;
694: }
695: }
696:
697: // Throw an exception so that we do not continue checking permissions.
698: // The user has a specific permission given in the OrgGroupPermission
699: // intersection that prohibits him from going further.
700:
701: throw new NoSuchPermissionException(
702: "User has a permission in OrgGroupPermission that does not match");
703: }
704:
705: protected boolean hasUserPermissions_1(long userId,
706: String actionId, long resourceId, List permissions,
707: List groups, long groupId, StopWatch stopWatch, int block)
708: throws PortalException, SystemException {
709:
710: // Is the user connected to one of the permissions via group or
711: // organization roles?
712:
713: if (groups.size() > 0) {
714: if (permissionFinder
715: .countByGroupsRoles(permissions, groups) > 0) {
716: return true;
717: }
718: }
719:
720: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
721: block++);
722:
723: // Is the user associated with groups or organizations that are directly
724: // connected to one of the permissions?
725:
726: if (groups.size() > 0) {
727: if (permissionFinder.countByGroupsPermissions(permissions,
728: groups) > 0) {
729:
730: return true;
731: }
732: }
733:
734: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
735: block++);
736:
737: // Is the user connected to one of the permissions via user roles?
738:
739: if (permissionFinder.countByUsersRoles(permissions, userId) > 0) {
740: return true;
741: }
742:
743: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
744: block++);
745:
746: // Is the user connected to one of the permissions via user group roles?
747:
748: if (permissionFinder.countByUserGroupRole(permissions, userId,
749: groupId) > 0) {
750:
751: return true;
752: }
753:
754: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
755: block++);
756:
757: // Is the user directly connected to one of the permissions?
758:
759: if (permissionFinder.countByUsersPermissions(permissions,
760: userId) > 0) {
761: return true;
762: }
763:
764: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
765: block++);
766:
767: return false;
768: }
769:
770: protected boolean hasUserPermissions_2(long userId,
771: String actionId, long resourceId, List permissions,
772: List groups, long groupId, StopWatch stopWatch, int block)
773: throws PortalException, SystemException {
774:
775: // Call countByGroupsRoles, countByGroupsPermissions, countByUsersRoles,
776: // countByUserGroupRole, and countByUsersPermissions in one method
777:
778: if (permissionFinder.containsPermissions_2(permissions, userId,
779: groups, groupId)) {
780:
781: return true;
782: }
783:
784: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
785: block++);
786:
787: return false;
788: }
789:
790: protected boolean hasUserPermissions_3(long userId,
791: String actionId, long resourceId, List permissions,
792: List groups, List roles, StopWatch stopWatch, int block)
793: throws PortalException, SystemException {
794:
795: // Is the user associated with groups or organizations that are directly
796: // connected to one of the permissions?
797:
798: if (groups.size() > 0) {
799: if (permissionFinder.countByGroupsPermissions(permissions,
800: groups) > 0) {
801:
802: return true;
803: }
804: }
805:
806: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
807: block++);
808:
809: // Is the user associated with a role that is directly connected to one
810: // of the permissions?
811:
812: if (roles.size() > 0) {
813: if (permissionFinder.countByRolesPermissions(permissions,
814: roles) > 0) {
815:
816: return true;
817: }
818: }
819:
820: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
821: block++);
822:
823: // Is the user directly connected to one of the permissions?
824:
825: if (permissionFinder.countByUsersPermissions(permissions,
826: userId) > 0) {
827: return true;
828: }
829:
830: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
831: block++);
832:
833: return false;
834: }
835:
836: protected boolean hasUserPermissions_4(long userId,
837: String actionId, long resourceId, List permissions,
838: List groups, List roles, StopWatch stopWatch, int block)
839: throws PortalException, SystemException {
840:
841: // Call countByGroupsPermissions, countByRolesPermissions, and
842: // countByUsersPermissions in one method
843:
844: if (permissionFinder.containsPermissions_4(permissions, userId,
845: groups, roles)) {
846:
847: return true;
848: }
849:
850: logHasUserPermissions(userId, actionId, resourceId, stopWatch,
851: block++);
852:
853: return false;
854: }
855:
856: protected void logHasUserPermissions(long userId, String actionId,
857: long resourceId, StopWatch stopWatch, int block) {
858:
859: if (!_log.isDebugEnabled()) {
860: return;
861: }
862:
863: _log.debug("Checking user permissions block " + block + " for "
864: + userId + " " + actionId + " " + resourceId
865: + " takes " + stopWatch.getTime() + " ms");
866: }
867:
868: private static Log _log = LogFactory
869: .getLog(PermissionLocalServiceImpl.class);
870:
871: }
|