protected void notifyCommunityAdministrators(MembershipRequest membershipRequest)
      throws IOException, PortalException, SystemException {

    List<UserGroupRole> admins = new UniqueList<UserGroupRole>();

    Role communityAdminRole =
        roleLocalService.getRole(
            membershipRequest.getCompanyId(), RoleConstants.COMMUNITY_ADMINISTRATOR);

    List<UserGroupRole> communityAdmins =
        userGroupRoleLocalService.getUserGroupRolesByGroupAndRole(
            membershipRequest.getGroupId(), communityAdminRole.getRoleId());

    admins.addAll(communityAdmins);

    Role communityOwnerRole =
        rolePersistence.findByC_N(membershipRequest.getCompanyId(), RoleConstants.COMMUNITY_OWNER);

    List<UserGroupRole> communityOwners =
        userGroupRoleLocalService.getUserGroupRolesByGroupAndRole(
            membershipRequest.getGroupId(), communityOwnerRole.getRoleId());

    admins.addAll(communityOwners);

    for (UserGroupRole userGroupRole : admins) {
      notify(
          userGroupRole.getUserId(),
          membershipRequest,
          PropsKeys.COMMUNITIES_EMAIL_MEMBERSHIP_REQUEST_SUBJECT,
          PropsKeys.COMMUNITIES_EMAIL_MEMBERSHIP_REQUEST_BODY);
    }
  }
  protected void addSearchByUserRolesCriterion(
      Criteria criteria, Boolean searchByUserRoles, ServiceContext serviceContext)
      throws SystemException {

    if (searchByUserRoles == null) {
      return;
    }

    Criteria assigneesCriteria = criteria.createCriteria("assignees");

    if (!searchByUserRoles) {
      assigneesCriteria.add(Restrictions.eq("assigneeClassName", User.class.getName()));
      assigneesCriteria.add(Restrictions.eq("assigneeClassPK", serviceContext.getUserId()));

      return;
    }

    List<Long> roleIds = RoleRetrievalUtil.getRoleIds(serviceContext);

    List<UserGroupRole> userGroupRoles =
        UserGroupRoleLocalServiceUtil.getUserGroupRoles(serviceContext.getUserId());

    if (userGroupRoles.isEmpty()) {
      assigneesCriteria.add(Restrictions.eq("assigneeClassName", Role.class.getName()));
      assigneesCriteria.add(
          Restrictions.in("assigneeClassPK", roleIds.toArray(new Long[roleIds.size()])));
    } else {
      Junction junction = Restrictions.disjunction();

      junction.add(
          Restrictions.and(
              Restrictions.eq("assigneeClassName", Role.class.getName()),
              Restrictions.in("assigneeClassPK", roleIds.toArray(new Long[roleIds.size()]))));

      for (UserGroupRole userGroupRole : userGroupRoles) {
        junction.add(
            Restrictions.and(
                Restrictions.eq("groupId", userGroupRole.getGroupId()),
                Restrictions.and(
                    Restrictions.eq("assigneeClassName", Role.class.getName()),
                    Restrictions.eq("assigneeClassPK", userGroupRole.getRoleId()))));
      }

      assigneesCriteria.add(junction);
    }
  }
  @Override
  protected boolean hasPermissionImplicitlyGranted(
      PermissionChecker permissionChecker, Group group, Portlet portlet) throws Exception {

    List<UserGroupRole> userGroupRoles =
        UserGroupRoleLocalServiceUtil.getUserGroupRoles(permissionChecker.getUserId());

    for (UserGroupRole userGroupRole : userGroupRoles) {
      Role role = userGroupRole.getRole();

      String roleName = role.getName();

      if (roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR)
          || roleName.equals(RoleConstants.ORGANIZATION_OWNER)) {

        return true;
      }
    }

    List<Organization> organizations =
        OrganizationLocalServiceUtil.getUserOrganizations(permissionChecker.getUserId());

    for (Organization organization : organizations) {
      if (OrganizationPermissionUtil.contains(
          permissionChecker, organization, ActionKeys.MANAGE_USERS)) {

        return true;
      }

      if (OrganizationPermissionUtil.contains(
          permissionChecker, organization, ActionKeys.MANAGE_SUBORGANIZATIONS)) {

        return true;
      }

      /*if (OrganizationPermissionUtil.contains(
      		permissionChecker, organization.getOrganizationId(),
      		ActionKeys.VIEW)) {

      	return true;
      }*/
    }

    return false;
  }
  @Override
  public long[] getPooledActorsIds(long companyId, long workflowTaskInstanceId)
      throws WorkflowException {

    try {
      KaleoTaskInstanceToken kaleoTaskInstanceToken =
          KaleoTaskInstanceTokenLocalServiceUtil.getKaleoTaskInstanceToken(workflowTaskInstanceId);

      List<KaleoTaskAssignment> calculatedKaleoTaskAssignments =
          getCalculatedKaleoTaskAssignments(kaleoTaskInstanceToken);

      Map<String, Long> pooledActors = new TreeMap<>(new NaturalOrderStringComparator());

      for (KaleoTaskAssignment calculatedKaleoTaskAssignment : calculatedKaleoTaskAssignments) {

        String assigneeClassName = calculatedKaleoTaskAssignment.getAssigneeClassName();
        long assigneeClassPK = calculatedKaleoTaskAssignment.getAssigneeClassPK();

        if (assigneeClassName.equals(User.class.getName())) {
          User user = UserLocalServiceUtil.fetchUser(assigneeClassPK);

          if (user != null) {
            pooledActors.put(user.getFullName(), user.getUserId());
          }

          continue;
        }

        Role role =
            RoleLocalServiceUtil.getRole(calculatedKaleoTaskAssignment.getAssigneeClassPK());

        if ((role.getType() == RoleConstants.TYPE_SITE)
            || (role.getType() == RoleConstants.TYPE_ORGANIZATION)) {

          List<UserGroupRole> userGroupRoles =
              UserGroupRoleLocalServiceUtil.getUserGroupRolesByGroupAndRole(
                  kaleoTaskInstanceToken.getGroupId(), assigneeClassPK);

          for (UserGroupRole userGroupRole : userGroupRoles) {
            User user = userGroupRole.getUser();

            pooledActors.put(user.getFullName(), user.getUserId());
          }

          List<UserGroupGroupRole> userGroupGroupRoles =
              UserGroupGroupRoleLocalServiceUtil.getUserGroupGroupRolesByGroupAndRole(
                  kaleoTaskInstanceToken.getGroupId(), assigneeClassPK);

          for (UserGroupGroupRole userGroupGroupRole : userGroupGroupRoles) {

            List<User> userGroupUsers =
                UserLocalServiceUtil.getUserGroupUsers(userGroupGroupRole.getUserGroupId());

            for (User user : userGroupUsers) {
              pooledActors.put(user.getFullName(), user.getUserId());
            }
          }
        } else {
          List<User> inheritedRoleUsers =
              UserLocalServiceUtil.getInheritedRoleUsers(
                  assigneeClassPK, QueryUtil.ALL_POS, QueryUtil.ALL_POS, null);

          for (User user : inheritedRoleUsers) {
            pooledActors.put(user.getFullName(), user.getUserId());
          }
        }
      }

      return ArrayUtil.toLongArray(pooledActors.values());
    } catch (Exception e) {
      throw new WorkflowException(e);
    }
  }
  protected Query doGetPermissionQuery_6(
      long companyId,
      long[] groupIds,
      long userId,
      String className,
      Query query,
      SearchContext searchContext,
      AdvancedPermissionChecker advancedPermissionChecker,
      List<Group> groups,
      List<Role> roles,
      List<UserGroupRole> userGroupRoles,
      Map<Long, List<Role>> groupIdsToRoles)
      throws Exception {

    BooleanQuery permissionQuery = BooleanQueryFactoryUtil.create(searchContext);

    if (userId > 0) {
      permissionQuery.addTerm(Field.USER_ID, userId);
    }

    BooleanQuery groupsQuery = BooleanQueryFactoryUtil.create(searchContext);
    BooleanQuery rolesQuery = BooleanQueryFactoryUtil.create(searchContext);

    for (Role role : roles) {
      String roleName = role.getName();

      if (roleName.equals(RoleConstants.ADMINISTRATOR)) {
        return query;
      }

      if (ResourcePermissionLocalServiceUtil.hasResourcePermission(
          companyId,
          className,
          ResourceConstants.SCOPE_COMPANY,
          String.valueOf(companyId),
          role.getRoleId(),
          ActionKeys.VIEW)) {

        return query;
      }

      if ((role.getType() == RoleConstants.TYPE_REGULAR)
          && ResourcePermissionLocalServiceUtil.hasResourcePermission(
              companyId,
              className,
              ResourceConstants.SCOPE_GROUP_TEMPLATE,
              String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),
              role.getRoleId(),
              ActionKeys.VIEW)) {

        return query;
      }

      for (Group group : groups) {
        if (ResourcePermissionLocalServiceUtil.hasResourcePermission(
            companyId,
            className,
            ResourceConstants.SCOPE_GROUP,
            String.valueOf(group.getGroupId()),
            role.getRoleId(),
            ActionKeys.VIEW)) {

          groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());
        }

        if ((role.getType() != RoleConstants.TYPE_REGULAR)
            && ResourcePermissionLocalServiceUtil.hasResourcePermission(
                companyId,
                className,
                ResourceConstants.SCOPE_GROUP_TEMPLATE,
                String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),
                role.getRoleId(),
                ActionKeys.VIEW)) {

          List<Role> groupRoles = groupIdsToRoles.get(group.getGroupId());

          if (groupRoles.contains(role)) {
            groupsQuery.addTerm(Field.GROUP_ID, group.getGroupId());
          }
        }

        if (group.isSite()
            && !roleName.equals(RoleConstants.SITE_MEMBER)
            && (role.getType() == RoleConstants.TYPE_SITE)) {

          rolesQuery.addTerm(
              Field.GROUP_ROLE_ID, group.getGroupId() + StringPool.DASH + role.getRoleId());
        }
      }

      rolesQuery.addTerm(Field.ROLE_ID, role.getRoleId());
    }

    for (Group group : groups) {
      addRequiredMemberRole(group, rolesQuery);
    }

    for (UserGroupRole userGroupRole : userGroupRoles) {
      rolesQuery.addTerm(
          Field.GROUP_ROLE_ID,
          userGroupRole.getGroupId() + StringPool.DASH + userGroupRole.getRoleId());
    }

    if (groupsQuery.hasClauses()) {
      permissionQuery.add(groupsQuery, BooleanClauseOccur.SHOULD);
    }

    if (rolesQuery.hasClauses()) {
      permissionQuery.add(rolesQuery, BooleanClauseOccur.SHOULD);
    }

    BooleanQuery fullQuery = BooleanQueryFactoryUtil.create(searchContext);

    fullQuery.add(query, BooleanClauseOccur.MUST);
    fullQuery.add(permissionQuery, BooleanClauseOccur.MUST);

    return fullQuery;
  }