protected void initActionableDynamicQuery(ActionableDynamicQuery actionableDynamicQuery) { actionableDynamicQuery.setBaseLocalService( com.liferay.portal.kernel.service.UserGroupRoleLocalServiceUtil.getService()); actionableDynamicQuery.setClassLoader(getClassLoader()); actionableDynamicQuery.setModelClass(UserGroupRole.class); actionableDynamicQuery.setPrimaryKeyPropertyName("primaryKey.userId"); actionableDynamicQuery.setGroupIdPropertyName("primaryKey.groupId"); }
@Override public ActionableDynamicQuery getActionableDynamicQuery() { ActionableDynamicQuery actionableDynamicQuery = new DefaultActionableDynamicQuery(); actionableDynamicQuery.setBaseLocalService( com.liferay.portal.kernel.service.UserGroupRoleLocalServiceUtil.getService()); actionableDynamicQuery.setClassLoader(getClassLoader()); actionableDynamicQuery.setModelClass(UserGroupRole.class); actionableDynamicQuery.setPrimaryKeyPropertyName("primaryKey.userId"); actionableDynamicQuery.setGroupIdPropertyName("primaryKey.groupId"); return actionableDynamicQuery; }
@Override public boolean contains( PermissionChecker permissionChecker, long userId, long[] organizationIds, String actionId) { try { User user = null; if (userId != ResourceConstants.PRIMKEY_DNE) { user = UserLocalServiceUtil.getUserById(userId); if ((actionId.equals(ActionKeys.DELETE) || actionId.equals(ActionKeys.IMPERSONATE) || actionId.equals(ActionKeys.PERMISSIONS) || actionId.equals(ActionKeys.UPDATE) || actionId.equals(ActionKeys.VIEW)) && !permissionChecker.isOmniadmin() && (PortalUtil.isOmniadmin(user) || (!permissionChecker.isCompanyAdmin() && PortalUtil.isCompanyAdmin(user)))) { return false; } Contact contact = user.getContact(); if (permissionChecker.hasOwnerPermission( permissionChecker.getCompanyId(), User.class.getName(), userId, contact.getUserId(), actionId) || (permissionChecker.getUserId() == userId)) { return true; } } if (permissionChecker.hasPermission(0, User.class.getName(), userId, actionId)) { return true; } if (user == null) { return false; } if (organizationIds == null) { organizationIds = user.getOrganizationIds(); } for (long organizationId : organizationIds) { Organization organization = OrganizationLocalServiceUtil.getOrganization(organizationId); if (OrganizationPermissionUtil.contains( permissionChecker, organization, ActionKeys.MANAGE_USERS)) { if (permissionChecker.getUserId() == user.getUserId()) { return true; } Group organizationGroup = organization.getGroup(); // Organization administrators can only manage normal users. // Owners can only manage normal users and administrators. if (UserGroupRoleLocalServiceUtil.hasUserGroupRole( user.getUserId(), organizationGroup.getGroupId(), RoleConstants.ORGANIZATION_OWNER, true)) { continue; } else if (UserGroupRoleLocalServiceUtil.hasUserGroupRole( user.getUserId(), organizationGroup.getGroupId(), RoleConstants.ORGANIZATION_ADMINISTRATOR, true) && !UserGroupRoleLocalServiceUtil.hasUserGroupRole( permissionChecker.getUserId(), organizationGroup.getGroupId(), RoleConstants.ORGANIZATION_OWNER, true)) { continue; } return true; } } } catch (Exception e) { _log.error(e, e); } return false; }