Search in sources :

Example 1 with UserGroupRole

use of com.liferay.portal.model.UserGroupRole in project liferay-ide by liferay.

the class UserLocalServiceImpl method updateUserGroupRoles.

protected void updateUserGroupRoles(User user, long[] groupIds, long[] organizationIds, List<UserGroupRole> userGroupRoles, List<UserGroupRole> previousUserGroupRoles) throws PortalException, SystemException {
    if (userGroupRoles == null) {
        return;
    }
    userGroupRoles = new ArrayList<UserGroupRole>(userGroupRoles);
    for (UserGroupRole userGroupRole : previousUserGroupRoles) {
        if (userGroupRoles.contains(userGroupRole)) {
            userGroupRoles.remove(userGroupRole);
        } else {
            userGroupRoleLocalService.deleteUserGroupRole(userGroupRole);
        }
    }
    if (userGroupRoles.isEmpty()) {
        return;
    }
    long[] validGroupIds = null;
    if (groupIds != null) {
        validGroupIds = ArrayUtil.clone(groupIds);
    } else {
        validGroupIds = user.getGroupIds();
    }
    if (organizationIds == null) {
        organizationIds = user.getOrganizationIds();
    }
    long[] organizationGroupIds = new long[organizationIds.length];
    for (int i = 0; i < organizationIds.length; i++) {
        long organizationId = organizationIds[i];
        Organization organization = organizationPersistence.findByPrimaryKey(organizationId);
        organizationGroupIds[i] = organization.getGroupId();
    }
    validGroupIds = ArrayUtil.append(validGroupIds, organizationGroupIds);
    Arrays.sort(validGroupIds);
    for (UserGroupRole userGroupRole : userGroupRoles) {
        if (Arrays.binarySearch(validGroupIds, userGroupRole.getGroupId()) >= 0) {
            userGroupRoleLocalService.addUserGroupRole(userGroupRole);
        }
    }
}
Also used : UserGroupRole(com.liferay.portal.model.UserGroupRole) Organization(com.liferay.portal.model.Organization)

Example 2 with UserGroupRole

use of com.liferay.portal.model.UserGroupRole in project liferay-ide by liferay.

the class SearchPermissionCheckerImpl method doGetPermissionQuery.

protected Query doGetPermissionQuery(long companyId, long[] groupIds, long userId, String className, Query query, SearchContext searchContext) throws Exception {
    Indexer indexer = IndexerRegistryUtil.getIndexer(className);
    if (!indexer.isPermissionAware()) {
        return query;
    }
    PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
    AdvancedPermissionChecker advancedPermissionChecker = null;
    if ((permissionChecker != null) && (permissionChecker instanceof AdvancedPermissionChecker)) {
        advancedPermissionChecker = (AdvancedPermissionChecker) permissionChecker;
    }
    if (advancedPermissionChecker == null) {
        return query;
    }
    PermissionCheckerBag permissionCheckerBag = getPermissionCheckerBag(advancedPermissionChecker, userId);
    if (permissionCheckerBag == null) {
        return query;
    }
    List<Group> groups = new UniqueList<Group>();
    List<Role> roles = new UniqueList<Role>();
    List<UserGroupRole> userGroupRoles = new UniqueList<UserGroupRole>();
    Map<Long, List<Role>> groupIdsToRoles = new HashMap<Long, List<Role>>();
    roles.addAll(permissionCheckerBag.getRoles());
    if (ArrayUtil.isEmpty(groupIds)) {
        groups.addAll(GroupLocalServiceUtil.getUserGroups(userId, true));
        groups.addAll(permissionCheckerBag.getGroups());
        userGroupRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId);
    } else {
        groups.addAll(permissionCheckerBag.getGroups());
        for (long groupId : groupIds) {
            if (GroupLocalServiceUtil.hasUserGroup(userId, groupId)) {
                Group group = GroupLocalServiceUtil.getGroup(groupId);
                groups.add(group);
            }
            userGroupRoles.addAll(UserGroupRoleLocalServiceUtil.getUserGroupRoles(userId, groupId));
            userGroupRoles.addAll(UserGroupRoleLocalServiceUtil.getUserGroupRolesByUserUserGroupAndGroup(userId, groupId));
        }
    }
    if (advancedPermissionChecker.isSignedIn()) {
        roles.add(RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST));
    }
    for (Group group : groups) {
        PermissionCheckerBag userBag = advancedPermissionChecker.getUserBag(userId, group.getGroupId());
        List<Role> groupRoles = userBag.getRoles();
        groupIdsToRoles.put(group.getGroupId(), groupRoles);
        roles.addAll(groupRoles);
    }
    return doGetPermissionQuery_6(companyId, groupIds, userId, className, query, searchContext, advancedPermissionChecker, groups, roles, userGroupRoles, groupIdsToRoles);
}
Also used : UserGroupRole(com.liferay.portal.model.UserGroupRole) Group(com.liferay.portal.model.Group) HashMap(java.util.HashMap) PermissionCheckerBag(com.liferay.portal.security.permission.PermissionCheckerBag) UniqueList(com.liferay.portal.kernel.util.UniqueList) UserGroupRole(com.liferay.portal.model.UserGroupRole) Role(com.liferay.portal.model.Role) Indexer(com.liferay.portal.kernel.search.Indexer) SearchPermissionChecker(com.liferay.portal.kernel.search.SearchPermissionChecker) PermissionChecker(com.liferay.portal.security.permission.PermissionChecker) AdvancedPermissionChecker(com.liferay.portal.security.permission.AdvancedPermissionChecker) AdvancedPermissionChecker(com.liferay.portal.security.permission.AdvancedPermissionChecker) ArrayList(java.util.ArrayList) UniqueList(com.liferay.portal.kernel.util.UniqueList) List(java.util.List)

Example 3 with UserGroupRole

use of com.liferay.portal.model.UserGroupRole in project liferay-ide by liferay.

the class UserLocalServiceImpl method updateUser.

/**
 * Updates the user.
 *
 * @param  userId the primary key of the user
 * @param  oldPassword the user's old password
 * @param  newPassword1 the user's new password (optionally
 *         <code>null</code>)
 * @param  newPassword2 the user's new password confirmation (optionally
 *         <code>null</code>)
 * @param  passwordReset whether the user should be asked to reset their
 *         password the next time they login
 * @param  reminderQueryQuestion the user's new password reset question
 * @param  reminderQueryAnswer the user's new password reset answer
 * @param  screenName the user's new screen name
 * @param  emailAddress the user's new email address
 * @param  facebookId the user's new Facebook ID
 * @param  openId the user's new OpenID
 * @param  languageId the user's new language ID
 * @param  timeZoneId the user's new time zone ID
 * @param  greeting the user's new greeting
 * @param  comments the user's new comments
 * @param  firstName the user's new first name
 * @param  middleName the user's new middle name
 * @param  lastName the user's new last name
 * @param  prefixId the user's new name prefix ID
 * @param  suffixId the user's new name suffix ID
 * @param  male whether user is male
 * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
 *         for January)
 * @param  birthdayDay the user's new birthday day
 * @param  birthdayYear the user's birthday year
 * @param  smsSn the user's new SMS screen name
 * @param  aimSn the user's new AIM screen name
 * @param  facebookSn the user's new Facebook screen name
 * @param  icqSn the user's new ICQ screen name
 * @param  jabberSn the user's new Jabber screen name
 * @param  msnSn the user's new MSN screen name
 * @param  mySpaceSn the user's new MySpace screen name
 * @param  skypeSn the user's new Skype screen name
 * @param  twitterSn the user's new Twitter screen name
 * @param  ymSn the user's new Yahoo! Messenger screen name
 * @param  jobTitle the user's new job title
 * @param  groupIds the primary keys of the user's groups
 * @param  organizationIds the primary keys of the user's organizations
 * @param  roleIds the primary keys of the user's roles
 * @param  userGroupRoles the user user's group roles
 * @param  userGroupIds the primary keys of the user's user groups
 * @param  serviceContext the service context to be applied (optionally
 *         <code>null</code>). Can set the UUID (with the <code>uuid</code>
 *         attribute), asset category IDs, asset tag names, and expando
 *         bridge attributes for the user.
 * @return the user
 * @throws PortalException if a user with the primary key could not be found
 *         or if the new information was invalid
 * @throws SystemException if a system exception occurred
 */
@Override
@SuppressWarnings("deprecation")
public User updateUser(long userId, String oldPassword, String newPassword1, String newPassword2, boolean passwordReset, String reminderQueryQuestion, String reminderQueryAnswer, String screenName, String emailAddress, long facebookId, String openId, String languageId, String timeZoneId, String greeting, String comments, String firstName, String middleName, String lastName, int prefixId, int suffixId, boolean male, int birthdayMonth, int birthdayDay, int birthdayYear, String smsSn, String aimSn, String facebookSn, String icqSn, String jabberSn, String msnSn, String mySpaceSn, String skypeSn, String twitterSn, String ymSn, String jobTitle, long[] groupIds, long[] organizationIds, long[] roleIds, List<UserGroupRole> userGroupRoles, long[] userGroupIds, ServiceContext serviceContext) throws PortalException, SystemException {
    // User
    User user = userPersistence.findByPrimaryKey(userId);
    Company company = companyPersistence.findByPrimaryKey(user.getCompanyId());
    String password = oldPassword;
    screenName = getLogin(screenName);
    emailAddress = StringUtil.toLowerCase(emailAddress.trim());
    openId = openId.trim();
    String oldFullName = user.getFullName();
    aimSn = StringUtil.toLowerCase(aimSn.trim());
    facebookSn = StringUtil.toLowerCase(facebookSn.trim());
    icqSn = StringUtil.toLowerCase(icqSn.trim());
    jabberSn = StringUtil.toLowerCase(jabberSn.trim());
    msnSn = StringUtil.toLowerCase(msnSn.trim());
    mySpaceSn = StringUtil.toLowerCase(mySpaceSn.trim());
    skypeSn = StringUtil.toLowerCase(skypeSn.trim());
    twitterSn = StringUtil.toLowerCase(twitterSn.trim());
    ymSn = StringUtil.toLowerCase(ymSn.trim());
    Date now = new Date();
    EmailAddressGenerator emailAddressGenerator = EmailAddressGeneratorFactory.getInstance();
    if (emailAddressGenerator.isGenerated(emailAddress)) {
        emailAddress = StringPool.BLANK;
    }
    if (!PropsValues.USERS_EMAIL_ADDRESS_REQUIRED && Validator.isNull(emailAddress)) {
        emailAddress = emailAddressGenerator.generate(user.getCompanyId(), userId);
    }
    validate(userId, screenName, emailAddress, openId, firstName, middleName, lastName, smsSn);
    if (Validator.isNotNull(newPassword1) || Validator.isNotNull(newPassword2)) {
        user = updatePassword(userId, newPassword1, newPassword2, passwordReset);
        password = newPassword1;
        user.setDigest(StringPool.BLANK);
    }
    user.setModifiedDate(now);
    if (user.getContactId() <= 0) {
        user.setContactId(counterLocalService.increment());
    }
    user.setPasswordReset(passwordReset);
    if (Validator.isNotNull(reminderQueryQuestion) && Validator.isNotNull(reminderQueryAnswer)) {
        user.setReminderQueryQuestion(reminderQueryQuestion);
        user.setReminderQueryAnswer(reminderQueryAnswer);
    }
    if (!StringUtil.equalsIgnoreCase(user.getScreenName(), screenName)) {
        user.setScreenName(screenName);
        user.setDigest(StringPool.BLANK);
    }
    boolean sendEmailAddressVerification = false;
    if (!company.isStrangersVerify()) {
        setEmailAddress(user, password, firstName, middleName, lastName, emailAddress);
    } else {
        sendEmailAddressVerification = true;
    }
    if (serviceContext != null) {
        String uuid = serviceContext.getUuid();
        if (Validator.isNotNull(uuid)) {
            user.setUuid(uuid);
        }
    }
    user.setFacebookId(facebookId);
    Long ldapServerId = (Long) serviceContext.getAttribute("ldapServerId");
    if (ldapServerId != null) {
        user.setLdapServerId(ldapServerId);
    }
    user.setOpenId(openId);
    user.setLanguageId(languageId);
    user.setTimeZoneId(timeZoneId);
    user.setGreeting(greeting);
    user.setComments(comments);
    user.setFirstName(firstName);
    user.setMiddleName(middleName);
    user.setLastName(lastName);
    user.setJobTitle(jobTitle);
    user.setExpandoBridgeAttributes(serviceContext);
    userPersistence.update(user, serviceContext);
    // Contact
    Date birthday = getBirthday(birthdayMonth, birthdayDay, birthdayYear);
    long contactId = user.getContactId();
    Contact contact = contactPersistence.fetchByPrimaryKey(contactId);
    if (contact == null) {
        contact = contactPersistence.create(contactId);
        contact.setCompanyId(user.getCompanyId());
        contact.setUserName(StringPool.BLANK);
        contact.setCreateDate(now);
        contact.setClassName(User.class.getName());
        contact.setClassPK(user.getUserId());
        contact.setAccountId(company.getAccountId());
        contact.setParentContactId(ContactConstants.DEFAULT_PARENT_CONTACT_ID);
    }
    contact.setModifiedDate(now);
    contact.setEmailAddress(user.getEmailAddress());
    contact.setFirstName(firstName);
    contact.setMiddleName(middleName);
    contact.setLastName(lastName);
    contact.setPrefixId(prefixId);
    contact.setSuffixId(suffixId);
    contact.setMale(male);
    contact.setBirthday(birthday);
    contact.setSmsSn(smsSn);
    contact.setAimSn(aimSn);
    contact.setFacebookSn(facebookSn);
    contact.setIcqSn(icqSn);
    contact.setJabberSn(jabberSn);
    contact.setMsnSn(msnSn);
    contact.setMySpaceSn(mySpaceSn);
    contact.setSkypeSn(skypeSn);
    contact.setTwitterSn(twitterSn);
    contact.setYmSn(ymSn);
    contact.setJobTitle(jobTitle);
    contactPersistence.update(contact, serviceContext);
    // Group
    Group group = groupLocalService.getUserGroup(user.getCompanyId(), userId);
    group.setFriendlyURL(StringPool.SLASH + screenName);
    groupPersistence.update(group);
    // Groups and organizations
    // See LPS-33205. Cache the user's list of user group roles because
    // adding or removing groups may add or remove user group roles
    // depending on the site default user associations.
    List<UserGroupRole> previousUserGroupRoles = userGroupRolePersistence.findByUserId(userId);
    updateGroups(userId, groupIds, serviceContext, false);
    updateOrganizations(userId, organizationIds, false);
    if (roleIds != null) {
        roleIds = UsersAdminUtil.addRequiredRoles(user, roleIds);
        userPersistence.setRoles(userId, roleIds);
    }
    // User group roles
    updateUserGroupRoles(user, groupIds, organizationIds, userGroupRoles, previousUserGroupRoles);
    if (userGroupIds != null) {
        if (PropsValues.USER_GROUPS_COPY_LAYOUTS_TO_USER_PERSONAL_SITE) {
            userGroupLocalService.copyUserGroupLayouts(userGroupIds, userId);
        }
        userPersistence.setUserGroups(userId, userGroupIds);
    }
    // Announcements
    announcementsDeliveryLocalService.getUserDeliveries(user.getUserId());
    if (serviceContext != null) {
        updateAsset(userId, user, serviceContext.getAssetCategoryIds(), serviceContext.getAssetTagNames());
    }
    if (GetterUtil.getBoolean(PropsKeys.USERS_UPDATE_USER_NAME + MBMessage.class.getName()) && !oldFullName.equals(user.getFullName())) {
        mbMessageLocalService.updateUserName(userId, user.getFullName());
    }
    if ((serviceContext == null) || serviceContext.isIndexingEnabled()) {
        Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(User.class);
        indexer.reindex(user);
    }
    if ((serviceContext != null) && sendEmailAddressVerification) {
        sendEmailAddressVerification(user, emailAddress, serviceContext);
    }
    // Permission cache
    PermissionCacheUtil.clearCache();
    return user;
}
Also used : UserGroupRole(com.liferay.portal.model.UserGroupRole) Group(com.liferay.portal.model.Group) UserGroup(com.liferay.portal.model.UserGroup) Company(com.liferay.portal.model.Company) User(com.liferay.portal.model.User) Date(java.util.Date) Contact(com.liferay.portal.model.Contact) EmailAddressGenerator(com.liferay.portal.security.auth.EmailAddressGenerator) Indexer(com.liferay.portal.kernel.search.Indexer) MBMessage(com.liferay.portlet.messageboards.model.MBMessage)

Example 4 with UserGroupRole

use of com.liferay.portal.model.UserGroupRole in project liferay-ide by liferay.

the class SearchPermissionCheckerImpl method doGetPermissionQuery_6.

protected Query doGetPermissionQuery_6(long companyId, long[] groupIds, long userId, String className, Query query, SearchContext searchContext, AdvancedPermissionChecker advancedPermissionChecker, List<Group> groups, List<Role> roles, List<UserGroupRole> userGroupRoles, Map<Long, List<Role>> groupIdsToRoles) throws Exception {
    BooleanQuery permissionQuery = BooleanQueryFactoryUtil.create(searchContext);
    if (userId > 0) {
        permissionQuery.addTerm(Field.USER_ID, userId);
    }
    BooleanQuery groupsQuery = BooleanQueryFactoryUtil.create(searchContext);
    BooleanQuery rolesQuery = BooleanQueryFactoryUtil.create(searchContext);
    for (Role role : roles) {
        String roleName = role.getName();
        if (roleName.equals(RoleConstants.ADMINISTRATOR)) {
            return query;
        }
        if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, className, ResourceConstants.SCOPE_COMPANY, String.valueOf(companyId), role.getRoleId(), ActionKeys.VIEW)) {
            return query;
        }
        if ((role.getType() == RoleConstants.TYPE_REGULAR) && ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, className, ResourceConstants.SCOPE_GROUP_TEMPLATE, String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID), role.getRoleId(), ActionKeys.VIEW)) {
            return query;
        }
        for (Group group : groups) {
            if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, className, ResourceConstants.SCOPE_GROUP, String.valueOf(group.getGroupId()), role.getRoleId(), ActionKeys.VIEW)) {
                groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());
            }
            if ((role.getType() != RoleConstants.TYPE_REGULAR) && ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, className, ResourceConstants.SCOPE_GROUP_TEMPLATE, String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID), role.getRoleId(), ActionKeys.VIEW)) {
                List<Role> groupRoles = groupIdsToRoles.get(group.getGroupId());
                if (groupRoles.contains(role)) {
                    groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());
                }
            }
            if (group.isSite() && !roleName.equals(RoleConstants.SITE_MEMBER) && (role.getType() == RoleConstants.TYPE_SITE)) {
                rolesQuery.addTerm(Field.GROUP_ROLE_ID, group.getGroupId() + StringPool.DASH + role.getRoleId());
            }
        }
        rolesQuery.addTerm(Field.ROLE_ID, role.getRoleId());
    }
    for (Group group : groups) {
        addRequiredMemberRole(group, rolesQuery);
    }
    for (UserGroupRole userGroupRole : userGroupRoles) {
        rolesQuery.addTerm(Field.GROUP_ROLE_ID, userGroupRole.getGroupId() + StringPool.DASH + userGroupRole.getRoleId());
    }
    if (groupsQuery.hasClauses()) {
        permissionQuery.add(groupsQuery, BooleanClauseOccur.SHOULD);
    }
    if (rolesQuery.hasClauses()) {
        permissionQuery.add(rolesQuery, BooleanClauseOccur.SHOULD);
    }
    BooleanQuery fullQuery = BooleanQueryFactoryUtil.create(searchContext);
    fullQuery.add(query, BooleanClauseOccur.MUST);
    fullQuery.add(permissionQuery, BooleanClauseOccur.MUST);
    return fullQuery;
}
Also used : UserGroupRole(com.liferay.portal.model.UserGroupRole) Role(com.liferay.portal.model.Role) UserGroupRole(com.liferay.portal.model.UserGroupRole) BooleanQuery(com.liferay.portal.kernel.search.BooleanQuery) Group(com.liferay.portal.model.Group)

Aggregations

UserGroupRole (com.liferay.portal.model.UserGroupRole)4 Group (com.liferay.portal.model.Group)3 Indexer (com.liferay.portal.kernel.search.Indexer)2 Role (com.liferay.portal.model.Role)2 BooleanQuery (com.liferay.portal.kernel.search.BooleanQuery)1 SearchPermissionChecker (com.liferay.portal.kernel.search.SearchPermissionChecker)1 UniqueList (com.liferay.portal.kernel.util.UniqueList)1 Company (com.liferay.portal.model.Company)1 Contact (com.liferay.portal.model.Contact)1 Organization (com.liferay.portal.model.Organization)1 User (com.liferay.portal.model.User)1 UserGroup (com.liferay.portal.model.UserGroup)1 EmailAddressGenerator (com.liferay.portal.security.auth.EmailAddressGenerator)1 AdvancedPermissionChecker (com.liferay.portal.security.permission.AdvancedPermissionChecker)1 PermissionChecker (com.liferay.portal.security.permission.PermissionChecker)1 PermissionCheckerBag (com.liferay.portal.security.permission.PermissionCheckerBag)1 MBMessage (com.liferay.portlet.messageboards.model.MBMessage)1 ArrayList (java.util.ArrayList)1 Date (java.util.Date)1 HashMap (java.util.HashMap)1