JournalArticlePermission.java

/**
 * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
 *
 * This library is free software; you can redistribute it and/or modify it under
 * the terms of the GNU Lesser General Public License as published by the Free
 * Software Foundation; either version 2.1 of the License, or (at your option)
 * any later version.
 *
 * This library is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
 * details.
 */

package com.liferay.journal.service.permission;

import com.liferay.exportimport.kernel.staging.permission.StagingPermissionUtil;
import com.liferay.journal.configuration.JournalServiceConfiguration;
import com.liferay.journal.model.JournalArticle;
import com.liferay.journal.model.JournalFolder;
import com.liferay.journal.model.JournalFolderConstants;
import com.liferay.journal.service.JournalArticleLocalService;
import com.liferay.journal.service.JournalFolderLocalService;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.module.configuration.ConfigurationException;
import com.liferay.portal.kernel.module.configuration.ConfigurationProvider;
import com.liferay.portal.kernel.portlet.PortletProvider;
import com.liferay.portal.kernel.portlet.PortletProviderUtil;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.security.permission.ActionKeys;
import com.liferay.portal.kernel.security.permission.BaseModelPermissionChecker;
import com.liferay.portal.kernel.security.permission.PermissionChecker;
import com.liferay.portal.kernel.util.HashUtil;
import com.liferay.portal.kernel.workflow.permission.WorkflowPermissionUtil;
import com.liferay.portal.util.PropsValues;

import java.util.Map;
import java.util.Objects;

import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

/**
 * @author Brian Wing Shun Chan
 * @author Raymond Augé
 */
@Component(
	property = {"model.class.name=com.liferay.journal.model.JournalArticle"},
	service = BaseModelPermissionChecker.class
)
public class JournalArticlePermission implements BaseModelPermissionChecker {

	public static void check(
			PermissionChecker permissionChecker, JournalArticle article,
			String actionId)
		throws PortalException {

		if (!contains(permissionChecker, article, actionId)) {
			throw new PrincipalException.MustHavePermission(
				permissionChecker, JournalArticle.class.getName(),
				article.getArticleId(), actionId);
		}
	}

	public static void check(
			PermissionChecker permissionChecker, long resourcePrimKey,
			String actionId)
		throws PortalException {

		if (!contains(permissionChecker, resourcePrimKey, actionId)) {
			throw new PrincipalException.MustHavePermission(
				permissionChecker, JournalArticle.class.getName(),
				resourcePrimKey, actionId);
		}
	}

	public static void check(
			PermissionChecker permissionChecker, long groupId, String articleId,
			double version, String actionId)
		throws PortalException {

		if (!contains(
				permissionChecker, groupId, articleId, version, actionId)) {

			throw new PrincipalException.MustHavePermission(
				permissionChecker, JournalArticle.class.getName(), articleId,
				actionId);
		}
	}

	public static void check(
			PermissionChecker permissionChecker, long groupId, String articleId,
			int status, String actionId)
		throws PortalException {

		if (!contains(
				permissionChecker, groupId, articleId, status, actionId)) {

			throw new PrincipalException.MustHavePermission(
				permissionChecker, JournalArticle.class.getName(), articleId,
				actionId);
		}
	}

	public static void check(
			PermissionChecker permissionChecker, long groupId, String articleId,
			String actionId)
		throws PortalException {

		if (!contains(permissionChecker, groupId, articleId, actionId)) {
			throw new PrincipalException.MustHavePermission(
				permissionChecker, JournalArticle.class.getName(), articleId,
				actionId);
		}
	}

	public static boolean contains(
		PermissionChecker permissionChecker, JournalArticle article,
		String actionId) {

		Map<Object, Object> permissionChecksMap =
			permissionChecker.getPermissionChecksMap();

		CacheKey cacheKey = new CacheKey(
			article.getGroupId(), article.getArticleId(), actionId);

		Boolean contains = (Boolean)permissionChecksMap.get(cacheKey);

		if (contains == null) {
			contains = _contains(permissionChecker, article, actionId);

			permissionChecksMap.put(cacheKey, contains);
		}

		return contains;
	}

	public static boolean contains(
		PermissionChecker permissionChecker, long classPK, String actionId) {

		JournalArticle article = _journalArticleLocalService.fetchLatestArticle(
			classPK);

		if (article == null) {
			article = _journalArticleLocalService.fetchArticle(classPK);

			if (article == null) {
				_log.error("Unable to find journal article " + classPK);

				return false;
			}
		}

		return contains(permissionChecker, article, actionId);
	}

	public static boolean contains(
		PermissionChecker permissionChecker, long groupId, String articleId,
		double version, String actionId) {

		JournalArticle article = _journalArticleLocalService.fetchArticle(
			groupId, articleId, version);

		if (article == null) {
			_log.error(
				"Unable to get journal article with group ID " + groupId +
					", article ID " + articleId + ", and version " + version);

			return false;
		}

		return contains(permissionChecker, article, actionId);
	}

	public static boolean contains(
		PermissionChecker permissionChecker, long groupId, String articleId,
		int status, String actionId) {

		JournalArticle article = _journalArticleLocalService.fetchLatestArticle(
			groupId, articleId, status);

		if (article == null) {
			_log.error(
				"Unable to get journal article with group ID " + groupId +
					", article ID " + articleId + ", and status " + status);

			return false;
		}

		return contains(permissionChecker, article, actionId);
	}

	public static boolean contains(
		PermissionChecker permissionChecker, long groupId, String articleId,
		String actionId) {

		JournalArticle article = _journalArticleLocalService.fetchArticle(
			groupId, articleId);

		if (article == null) {
			_log.error(
				"Unable to get journal article with group ID " + groupId +
					" and article ID " + articleId);

			return false;
		}

		return contains(permissionChecker, article, actionId);
	}

	@Override
	public void checkBaseModel(
			PermissionChecker permissionChecker, long groupId, long primaryKey,
			String actionId)
		throws PortalException {

		check(permissionChecker, primaryKey, actionId);
	}

	@Reference(unbind = "-")
	protected void setConfigurationProvider(
		ConfigurationProvider configurationProvider) {

		_configurationProvider = configurationProvider;
	}

	@Reference(unbind = "-")
	protected void setJournalArticleLocalService(
		JournalArticleLocalService journalArticleLocalService) {

		_journalArticleLocalService = journalArticleLocalService;
	}

	@Reference(unbind = "-")
	protected void setJournalFolderLocalService(
		JournalFolderLocalService journalFolderLocalService) {

		_journalFolderLocalService = journalFolderLocalService;
	}

	private static boolean _contains(
		PermissionChecker permissionChecker, JournalArticle article,
		String actionId) {

		String portletId = PortletProviderUtil.getPortletId(
			JournalArticle.class.getName(), PortletProvider.Action.EDIT);

		Boolean hasPermission = StagingPermissionUtil.hasPermission(
			permissionChecker, article.getGroupId(),
			JournalArticle.class.getName(), article.getResourcePrimKey(),
			portletId, actionId);

		if (hasPermission != null) {
			return hasPermission.booleanValue();
		}

		if (article.isDraft()) {
			if (actionId.equals(ActionKeys.VIEW) &&
				!contains(permissionChecker, article, ActionKeys.UPDATE)) {

				return false;
			}
		}
		else if (article.isPending()) {
			hasPermission = WorkflowPermissionUtil.hasPermission(
				permissionChecker, article.getGroupId(),
				JournalArticle.class.getName(), article.getResourcePrimKey(),
				actionId);

			if (hasPermission != null) {
				return hasPermission.booleanValue();
			}
		}

		if (actionId.equals(ActionKeys.VIEW)) {
			JournalServiceConfiguration journalServiceConfiguration = null;

			try {
				journalServiceConfiguration =
					_configurationProvider.getCompanyConfiguration(
						JournalServiceConfiguration.class,
						permissionChecker.getCompanyId());
			}
			catch (ConfigurationException ce) {
				_log.error(
					"Unable to get journal service configuration for company " +
						permissionChecker.getCompanyId(),
					ce);

				return false;
			}

			if (!journalServiceConfiguration.
					articleViewPermissionsCheckEnabled()) {

				return true;
			}

			if (PropsValues.PERMISSIONS_VIEW_DYNAMIC_INHERITANCE) {
				long folderId = article.getFolderId();

				if (folderId ==
						JournalFolderConstants.DEFAULT_PARENT_FOLDER_ID) {

					if (!JournalPermission.contains(
							permissionChecker, article.getGroupId(),
							actionId)) {

						return false;
					}
				}
				else {
					JournalFolder folder =
						_journalFolderLocalService.fetchFolder(folderId);

					if (folder != null) {
						if (!JournalFolderPermission.contains(
								permissionChecker, folder, ActionKeys.ACCESS) &&
							!JournalFolderPermission.contains(
								permissionChecker, folder, ActionKeys.VIEW)) {

							return false;
						}
					}
					else {
						if (!article.isInTrash()) {
							_log.error(
								"Unable to get journal folder " + folderId);

							return false;
						}
					}
				}
			}
		}

		if (permissionChecker.hasOwnerPermission(
				article.getCompanyId(), JournalArticle.class.getName(),
				article.getResourcePrimKey(), article.getUserId(), actionId)) {

			return true;
		}

		return permissionChecker.hasPermission(
			article.getGroupId(), JournalArticle.class.getName(),
			article.getResourcePrimKey(), actionId);
	}

	private static final Log _log = LogFactoryUtil.getLog(
		JournalArticlePermission.class);

	private static ConfigurationProvider _configurationProvider;
	private static JournalArticleLocalService _journalArticleLocalService;
	private static JournalFolderLocalService _journalFolderLocalService;

	private static class CacheKey {

		@Override
		public boolean equals(Object obj) {
			if (this == obj) {
				return true;
			}

			if (!(obj instanceof CacheKey)) {
				return false;
			}

			CacheKey cacheKey = (CacheKey)obj;

			if ((_groupId == cacheKey._groupId) &&
				Objects.equals(_articleId, cacheKey._articleId) &&
				Objects.equals(_actionId, cacheKey._actionId)) {

				return true;
			}

			return false;
		}

		@Override
		public int hashCode() {
			int hash = HashUtil.hash(0, _groupId);

			hash = HashUtil.hash(hash, _articleId);

			return HashUtil.hash(hash, _actionId);
		}

		private CacheKey(long groupId, String articleId, String actionId) {
			_groupId = groupId;
			_articleId = articleId;
			_actionId = actionId;
		}

		private final String _actionId;
		private final String _articleId;
		private final long _groupId;

	}

}