com.dotmarketing.business
Interface PermissionAPI

All Known Implementing Classes:

PermissionBitAPIImpl

public interface PermissionAPI

Nested Class Summary

static class

PermissionAPI.PermissionableType

Field Summary

static java.lang.String	INDIVIDUAL_PERMISSION_TYPE
static int	PERMISSION_CAN_ADD_CHILDREN
static int	PERMISSION_CREATE_VIRTUAL_LINKS
static int	PERMISSION_EDIT
static int	PERMISSION_EDIT_PERMISSIONS
static int	PERMISSION_PUBLISH
static int	PERMISSION_READ
static java.lang.String[]	PERMISSION_TYPES
static int	PERMISSION_USE
static int	PERMISSION_WRITE
static java.util.Map<java.lang.String,java.lang.String>	permissionTypes

Method Summary

void	assignPermissions(java.util.List<Permission> permission, Permissionable permissionable, com.liferay.portal.model.User user, boolean respectFrontendRoles) Assigns a set of permissions to a given asset, any permissions already assigned to the asset are either updated or removed to match the provided list
void	cascadePermissionUnder(Permissionable permissionable, Role role) Navigates through the given permissionable children making sure all individual permissioned assets also have the same permission rules for the given role as the parent permissionable has.
void	clearCache() This method is to clear the permissions cache.
void	copyPermissions(Permissionable from, Permissionable to) copies permissions from one permissionable to another
boolean	doesRoleHavePermission(Permissionable permissionable, int permissionType, Role role) Return true if the role has permission over the permissionable the specified permission
boolean	doesRoleHavePermission(Permissionable permissionable, int permissionType, Role role, boolean respectFrontendRoles) Deprecated. respectFrontendRoles parameter does not makes sense and its been totally ignored. @see doesRoleHavePermission(Permissionable,int,Role)
boolean	doesUserHaveInheriablePermissions(Permissionable parent, java.lang.String type, int requiredPermissions, com.liferay.portal.model.User user) Returns if a user has proper permissions to an asset - even if not created yet based on the Permissionable parent.
boolean	doesUserHavePermission(Permissionable permissionable, int permissionType, com.liferay.portal.model.User user) Return true if the user have over the permissionable the specified permission This method is meant to be used by frontend call because assumes that frontend roles should respected
boolean	doesUserHavePermission(Permissionable permissionable, int permissionType, com.liferay.portal.model.User user, boolean respectFrontendRoles) Return true if the user have over the permissionable the specified permission
boolean	doesUserHavePermissions(Permissionable permissionable, java.lang.String requiredPermissions, com.liferay.portal.model.User user) Returns true if the user has the requiredPermissions over the specified permissionable this method is meant to be used to check multiple parent & children permissions on Hosts/Folders.
boolean	doesUserHavePermissions(Permissionable permissionable, java.lang.String requiredPermissions, com.liferay.portal.model.User user, boolean respectFrontendRoles) Returns true if the user has the requiredPermissions over the specified permissionable this method is meant to be used to check multiple parent & children permissions on Hosts/Folders.
boolean	doesUserHavePermissions(PermissionAPI.PermissionableType permType, int permissionType, com.liferay.portal.model.User user) Returns true if the user has the requiredPermissions over the specified objectType this method is meant to be used to check multiple parent & children permissions on Hosts/Folders.
boolean	doesUserOwn(Inode inode, com.liferay.portal.model.User user)
<P extends Permissionable> java.util.List<P>	filterCollection(java.util.List<P> permissionables, int requiredPermission, boolean respectFrontendRoles, com.liferay.portal.model.User user) Filters the given list of permissionables that meet the required permission mask
<P extends Permissionable> java.util.List<P>	filterCollectionByDBPermissionReference(java.util.List<P> permissionables, int requiredPermission, boolean respectFrontendRoles, com.liferay.portal.model.User user) Filters the given list of permissionables that meet the required permission mask using the permission reference table instead of hitting the cache This method can be slow if you pass in many objects or there are lots of objects in the DBs.
Permissionable	findParentPermissionable(Permissionable permissionable) Finds the permissionable instance from where permissionable is inheriting its permissions.
java.util.List<Permission>	getInheritablePermissions(Permissionable permissionable) Retrieves the list of permission that could be inherited from the given parent permissionable,
java.util.List<Permission>	getInheritablePermissions(Permissionable permissionable, boolean bitPermissions) Retrieves the list of permission that could be inherited from the given parent permissionable
java.util.List<Permission>	getInheritablePermissionsRecurse(Permissionable permissionable) Retrieves the list of ALL permission that could be inherited from the given parent and the parent's parent and so on until it hits the system_host
java.util.List<java.lang.Integer>	getPermissionIdsFromRoles(Permissionable permissionable, Role[] roles, com.liferay.portal.model.User user) Retrieves the granted permissions for a given list of roles, E.G.
java.util.List<java.lang.Integer>	getPermissionIdsFromUser(Permissionable permissionable, com.liferay.portal.model.User user) Retrieves the granted permissions for a given user, E.G.
java.util.List<Permission>	getPermissions(Permissionable permissionable) Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent This method returns permissions in the old format and not the compressed bit permissions format.
java.util.List<Permission>	getPermissions(Permissionable permissionable, boolean bitPermissions) Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent If bitPermissions is set true this methods returns the permissions in the new bit compressed format so multiple permissions for the same role will be returned in one permission entry.
java.util.List<Permission>	getPermissions(Permissionable permissionable, boolean bitPermissions, boolean onlyIndividualPermissions) Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent
java.util.List<Permission>	getPermissions(Permissionable permissionable, boolean bitPermissions, boolean onlyIndividualPermissions, boolean forceLoadFromDB) Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent
java.util.List<Permission>	getPermissionsByRole(Role role, boolean onlyFoldersAndHosts) Retrieves all permissions associated to a given a role, includes individual and inheritable permissions
java.util.List<Permission>	getPermissionsByRole(Role role, boolean onlyFoldersAndHosts, boolean bitPermissions) Retrieves all permissions associated to a given a role, includes individual and inheritable permissions
java.util.Map<java.lang.String,java.lang.Integer>	getPermissionTypes() This method returns all the permission type masks configured in the system
java.util.Set<Role>	getPublishRoles(Permissionable permissionable) Deprecated. PermissionAPI.getRolesWithPermission
java.util.Set<Role>	getReadRoles(Permissionable permissionable) Deprecated. PermissionAPI.getRolesWithPermission
java.util.Set<com.liferay.portal.model.User>	getReadUsers(Permissionable permissionable) Deprecated. PermissionAPI.getUsersWithPermission
int	getRoleCount(java.lang.String permissionable, int permissionType, java.lang.String filter) Retrieves the count of roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user
int	getRoleCount(java.lang.String permissionable, int permissionType, java.lang.String filter, boolean hideSystemRoles) Retrieves the count of roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user
java.util.List<Role>	getRoles(java.lang.String permissionable, int permissionType, java.lang.String filter, int start, int limit) Retrieves the roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user
java.util.List<Role>	getRoles(java.lang.String permissionable, int permissionType, java.lang.String filter, int start, int limit, boolean hideSystemRoles) Retrieves the roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user
java.util.Set<Role>	getRolesWithPermission(Permissionable permissionable, int permission) Retrieves the list of roles that have the given permission granted on the permissionable
int	getUserCount(java.lang.String permissionable, int permissionType, java.lang.String filter) Retrieves the count of users with the given permissionType access to the given permissionable and filter the user names based on the given filter This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user
java.util.List<com.liferay.portal.model.User>	getUsers(java.lang.String permissionable, int permissionType, java.lang.String filter, int start, int limit) Retrieves the users with the given permissionType access to the given permissionable and filter the user names based on the given filter.
java.util.Set<com.liferay.portal.model.User>	getUsersWithPermission(Permissionable permissionable, int permission) Retrieves the list of users that have the given permission granted on the permissionable
java.util.Set<Role>	getWriteRoles(Permissionable permissionable) Deprecated. PermissionAPI.getRolesWithPermission
java.util.Set<com.liferay.portal.model.User>	getWriteUsers(Permissionable permissionable) Deprecated. PermissionAPI.getUsersWithPermission
boolean	isInheritingPermissions(Permissionable permissionable) Returns wherever a permissionable is inheriting its permissions or have individual permissions
void	mapAllPermissions() Get a map of all the permission that live page have
int	maskOfAllPermissions() Returns the bit mask of all system permissions
void	permissionIndividually(Permissionable parent, Permissionable permissionable, com.liferay.portal.model.User user, boolean respectFrontendRoles)
void	removePermissions(Permissionable permissionable) Remove all individual permissions attached to the asset
void	removePermissionsByRole(java.lang.String roleId) Remove all the permissions given the roleId
void	resetAllPermissionReferences() Removes all permission references
void	resetChildrenPermissionReferences(Structure structure) Removes the permission references of all content children of the given structure
void	resetPermissionReferences(Permissionable perm) Removes the given permissionable permission references forcing the api to recalculate the reference
void	resetPermissionsUnder(Permissionable parent) Recursively removes all individual and inheritable permissions of children of the given permissionable
void	save(Permission permission, Permissionable permissionable, com.liferay.portal.model.User user, boolean respectFrontendRoles) Saves an individual permission of a given permissionable
void	setDefaultCMSAdminPermissions(Permissionable permissionable) Sets the to the CMS_ADMINISTRATOR_ROLE permission over the permissionable
void	setDefaultCMSAnonymousPermissions(Permissionable permissionable) Sets reads the to the CMS_ANONYMOUS_ROLE permission over the permissionable
void	updateOwner(Permissionable asset, java.lang.String ownerId) This method updates the given permissionable owner with the given user id

Field Detail

PERMISSION_READ

static final int PERMISSION_READ

See Also:

Constant Field Values

PERMISSION_USE

static final int PERMISSION_USE

See Also:

Constant Field Values

PERMISSION_EDIT

static final int PERMISSION_EDIT

See Also:

Constant Field Values

PERMISSION_WRITE

static final int PERMISSION_WRITE

See Also:

Constant Field Values

PERMISSION_PUBLISH

static final int PERMISSION_PUBLISH

See Also:

Constant Field Values

PERMISSION_EDIT_PERMISSIONS

static final int PERMISSION_EDIT_PERMISSIONS

See Also:

Constant Field Values

PERMISSION_CAN_ADD_CHILDREN

static final int PERMISSION_CAN_ADD_CHILDREN

See Also:

Constant Field Values

PERMISSION_CREATE_VIRTUAL_LINKS

static final int PERMISSION_CREATE_VIRTUAL_LINKS

See Also:

Constant Field Values

PERMISSION_TYPES

static final java.lang.String[] PERMISSION_TYPES

INDIVIDUAL_PERMISSION_TYPE

static final java.lang.String INDIVIDUAL_PERMISSION_TYPE

See Also:

Constant Field Values

permissionTypes

static final java.util.Map<java.lang.String,java.lang.String> permissionTypes

Method Detail

getPermissionTypes

java.util.Map<java.lang.String,java.lang.Integer> getPermissionTypes()

This method returns all the permission type masks configured in the system

Returns:

Since:

1.8

doesRoleHavePermission

boolean doesRoleHavePermission(Permissionable permissionable,
                               int permissionType,
                               Role role,
                               boolean respectFrontendRoles)
                               throws DotDataException

Deprecated. respectFrontendRoles parameter does not makes sense and its been totally ignored. @see doesRoleHavePermission(Permissionable,int,Role)

Return true if the role has permission over the permissionable the specified permission

Parameters:

permissionable -

permissionType -

role -

Returns:

Throws:

DotDataException

Since:

1.0

doesRoleHavePermission

boolean doesRoleHavePermission(Permissionable permissionable,
                               int permissionType,
                               Role role)
                               throws DotDataException

Return true if the role has permission over the permissionable the specified permission

Parameters:

permissionable -

permissionType -

role -

Returns:

Throws:

DotDataException

Since:

1.0

doesUserHavePermission

boolean doesUserHavePermission(Permissionable permissionable,
                               int permissionType,
                               com.liferay.portal.model.User user)
                               throws DotDataException

Return true if the user have over the permissionable the specified permission This method is meant to be used by frontend call because assumes that frontend roles should respected

Parameters:

o - permissionable

permissionId -

user -

Returns:

boolean

Throws:

DotDataException

Since:

1.0

doesUserHavePermission

boolean doesUserHavePermission(Permissionable permissionable,
                               int permissionType,
                               com.liferay.portal.model.User user,
                               boolean respectFrontendRoles)
                               throws DotDataException

Return true if the user have over the permissionable the specified permission

Parameters:

o - permissionable

permissionId -

user -

respectFrontendRoles -

Returns:

boolean

Throws:

DotDataException

Since:

1.5

removePermissions

void removePermissions(Permissionable permissionable)
                       throws DotDataException

Remove all individual permissions attached to the asset

Parameters:

o - permissionable

Throws:

DotDataException

Since:

1.0

setDefaultCMSAdminPermissions

void setDefaultCMSAdminPermissions(Permissionable permissionable)
                                   throws DotDataException

Sets the to the CMS_ADMINISTRATOR_ROLE permission over the permissionable

Parameters:

permissionable -

Throws:

DotDataException

Since:

1.0

setDefaultCMSAnonymousPermissions

void setDefaultCMSAnonymousPermissions(Permissionable permissionable)
                                       throws DotDataException

Sets reads the to the CMS_ANONYMOUS_ROLE permission over the permissionable

Parameters:

permissionable -

Throws:

DotDataException

Since:

1.8

copyPermissions

void copyPermissions(Permissionable from,
                     Permissionable to)
                     throws DotDataException

copies permissions from one permissionable to another

Parameters:

from - permissionable

to - permissionable

Throws:

DotDataException

Since:

1.0

getPermissions

java.util.List<Permission> getPermissions(Permissionable permissionable)
                                          throws DotDataException

Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent This method returns permissions in the old format and not the compressed bit permissions format.

Parameters:

permissionable -

Returns:

List

Throws:

DotDataException

Since:

1.5.0.1

getPermissions

java.util.List<Permission> getPermissions(Permissionable permissionable,
                                          boolean bitPermissions)
                                          throws DotDataException

Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent If bitPermissions is set true this methods returns the permissions in the new bit compressed format so multiple permissions for the same role will be returned in one permission entry. E.G. read and write permissions for role X will be returned in a single permission object having role = X permission = read | write. @see com.dotmarketing.beans.Permission.matchesPermissionType to identify the permission itself and @see com.dotmarketing.business.PermissionAPI for the different kind of permissions managed by the system

Parameters:

permissionable -

bitPermissions - if true returns the new compressed bit permissions format, where multiple permissions can be stored in a single permission object

Returns:

List

Throws:

DotDataException

Since:

1.7

getPermissions

java.util.List<Permission> getPermissions(Permissionable permissionable,
                                          boolean bitPermissions,
                                          boolean onlyIndividualPermissions)
                                          throws DotDataException

Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent

Parameters:

permissionable -

bitPermissions - if true returns the new compressed bit permissions format, where multiple permissions can be stored in a single permission object

onlyIndividualPermissions - If true it will only look for individually set permissions in the asset and not try to go and search through the chain of permissions inheritance

Returns:

List

Throws:

DotDataException

Since:

1.9

getPermissions

java.util.List<Permission> getPermissions(Permissionable permissionable,
                                          boolean bitPermissions,
                                          boolean onlyIndividualPermissions,
                                          boolean forceLoadFromDB)
                                          throws DotDataException

Retrieves the list of permissions associated to the given permissionable, either searching from individual permissions directly associated or permissions inheriting from a parent

Parameters:

permissionable -

bitPermissions - if true returns the new compressed bit permissions format, where multiple permissions can be stored in a single permission object

onlyIndividualPermissions - If true it will only look for individually set permissions in the asset and not try to go and search through the chain of permissions inheritance

forceLoadFromDB - Forces to load from DB

Returns:

List

Throws:

DotDataException

Since:

1.9

getInheritablePermissions

java.util.List<Permission> getInheritablePermissions(Permissionable permissionable)
                                                     throws DotDataException

Retrieves the list of permission that could be inherited from the given parent permissionable,

Parameters:

permissionable -

Returns:

Throws:

DotDataException

getInheritablePermissionsRecurse

java.util.List<Permission> getInheritablePermissionsRecurse(Permissionable permissionable)
                                                            throws DotDataException

Retrieves the list of ALL permission that could be inherited from the given parent and the parent's parent and so on until it hits the system_host

Parameters:

permissionable -

Returns:

Throws:

DotDataException

getInheritablePermissions

java.util.List<Permission> getInheritablePermissions(Permissionable permissionable,
                                                     boolean bitPermissions)
                                                     throws DotDataException

Retrieves the list of permission that could be inherited from the given parent permissionable

Parameters:

permissionable -

bitPermissions - if true the compact bit version of permissions will be returned

Returns:

Throws:

DotDataException

getReadRoles

java.util.Set<Role> getReadRoles(Permissionable permissionable)
                                 throws DotDataException

Deprecated. PermissionAPI.getRolesWithPermission

Returns a set of role names whose has read access over a specific asset. This method returns a set of string.

Parameters:

o - permissionable to get read roles for

Returns:

set of role names

Throws:

DotDataException

Since:

1.5

getReadUsers

java.util.Set<com.liferay.portal.model.User> getReadUsers(Permissionable permissionable)
                                                          throws DotDataException

Deprecated. PermissionAPI.getUsersWithPermission

Returns a set of role names whose has read access over a specific asset. This method returns a set of string.

Parameters:

o - permissionable to get read roles for

Returns:

set of User names

Throws:

DotDataException

Since:

1.5

getPublishRoles

java.util.Set<Role> getPublishRoles(Permissionable permissionable)
                                    throws DotDataException

Deprecated. PermissionAPI.getRolesWithPermission

Returns a set of role names whose has publish access over a specific asset. This method returns a set of string.

Parameters:

o - permissionable to get read roles for

Returns:

set of role names

Throws:

DotDataException

Since:

1.5

getWriteRoles

java.util.Set<Role> getWriteRoles(Permissionable permissionable)
                                  throws DotDataException

Deprecated. PermissionAPI.getRolesWithPermission

Returns a set of role names whose has write access over a specific asset. This method returns a set of string.

Parameters:

o - permissionable to get read roles for

Returns:

set of role names

Throws:

DotDataException

Since:

1.5

getWriteUsers

java.util.Set<com.liferay.portal.model.User> getWriteUsers(Permissionable permissionable)
                                                           throws DotDataException

Deprecated. PermissionAPI.getUsersWithPermission

Returns a set of role names whose has write access over a specific asset. This method returns a set of string.

Parameters:

o - permissionable to get read roles for

Returns:

set of Users

Throws:

DotDataException

Since:

1.5

getRolesWithPermission

java.util.Set<Role> getRolesWithPermission(Permissionable permissionable,
                                           int permission)
                                           throws DotDataException

Retrieves the list of roles that have the given permission granted on the permissionable

Parameters:

permissionable -

permission -

Returns:

Throws:

DotDataException

Since:

1.9

getUsersWithPermission

java.util.Set<com.liferay.portal.model.User> getUsersWithPermission(Permissionable permissionable,
                                                                    int permission)
                                                                    throws DotDataException

Retrieves the list of users that have the given permission granted on the permissionable

Parameters:

permissionable -

permission -

Returns:

Throws:

DotDataException

Since:

1.9

doesUserOwn

boolean doesUserOwn(Inode inode,
                    com.liferay.portal.model.User user)
                    throws DotDataException

Parameters:

inode - The inode to look for

user - The user to check against

Returns:

true if the given user owns the passed inode, false otherwise

Throws:

DotDataException

Since:

1.5

mapAllPermissions

void mapAllPermissions()
                       throws DotDataException

Get a map of all the permission that live page have

Throws:

DotDataException

Since:

1.5

getPermissionIdsFromRoles

java.util.List<java.lang.Integer> getPermissionIdsFromRoles(Permissionable permissionable,
                                                            Role[] roles,
                                                            com.liferay.portal.model.User user)
                                                            throws DotDataException

Retrieves the granted permissions for a given list of roles, E.G. it returns READ, WRITE if the given roles have permissions to READ and WRITE on the given permissionable

Parameters:

permissionable -

roles -

Returns:

List of PermissionIds

Throws:

DotDataException

Since:

1.5

getPermissionIdsFromUser

java.util.List<java.lang.Integer> getPermissionIdsFromUser(Permissionable permissionable,
                                                           com.liferay.portal.model.User user)
                                                           throws DotDataException

Retrieves the granted permissions for a given user, E.G. it returns READ, WRITE if any of the user roles have permissions to READ and WRITE on the given permissionable

Parameters:

permissionable -

roles -

Returns:

List of PermissionIds

Throws:

DotDataException

Since:

1.5

getRoles

java.util.List<Role> getRoles(java.lang.String permissionable,
                              int permissionType,
                              java.lang.String filter,
                              int start,
                              int limit)

Retrieves the roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user

Parameters:

permissionable -

permissionType -

filter -

start -

limit -

Returns:

Since:

1.6

getRoles

java.util.List<Role> getRoles(java.lang.String permissionable,
                              int permissionType,
                              java.lang.String filter,
                              int start,
                              int limit,
                              boolean hideSystemRoles)

Retrieves the roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user

Parameters:

permissionable -

permissionType -

filter -

start -

limit -

Returns:

Since:

1.6

getRoleCount

int getRoleCount(java.lang.String permissionable,
                 int permissionType,
                 java.lang.String filter)

Retrieves the count of roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user

Parameters:

permissionable -

permissionType -

filter -

Returns:

Since:

1.6

getRoleCount

int getRoleCount(java.lang.String permissionable,
                 int permissionType,
                 java.lang.String filter,
                 boolean hideSystemRoles)

Retrieves the count of roles associated with the given permissionable that poses permissionType access and filters them by name This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user

Parameters:

permissionable -

permissionType -

filter -

Returns:

Since:

1.8

getUsers

java.util.List<com.liferay.portal.model.User> getUsers(java.lang.String permissionable,
                                                       int permissionType,
                                                       java.lang.String filter,
                                                       int start,
                                                       int limit)

Retrieves the users with the given permissionType access to the given permissionable and filter the user names based on the given filter. This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user

Parameters:

permissionable -

permissionType -

filter -

start -

limit -

Returns:

Since:

1.6

getUserCount

int getUserCount(java.lang.String permissionable,
                 int permissionType,
                 java.lang.String filter)

Retrieves the count of users with the given permissionType access to the given permissionable and filter the user names based on the given filter This method is intended for backend usage is does not check for frontend specific roles like cms anon o logged in site user

Parameters:

permissionable -

permissionType -

filter -

Returns:

Since:

1.6

getPermissionsByRole

java.util.List<Permission> getPermissionsByRole(Role role,
                                                boolean onlyFoldersAndHosts)
                                                throws DotDataException

Retrieves all permissions associated to a given a role, includes individual and inheritable permissions

Parameters:

role -

onlyFoldersAndHosts - filters for only permissions assigned to folders and hosts

Returns:

a bit permissions list

Throws:

DotDataException

getPermissionsByRole

java.util.List<Permission> getPermissionsByRole(Role role,
                                                boolean onlyFoldersAndHosts,
                                                boolean bitPermissions)
                                                throws DotDataException

Retrieves all permissions associated to a given a role, includes individual and inheritable permissions

Parameters:

role -

onlyFoldersAndHosts - filters for only permissions assigned to folders and hosts

Returns:

a bit permissions list

Throws:

DotDataException

filterCollection

<P extends Permissionable> java.util.List<P> filterCollection(java.util.List<P> permissionables,
                                                              int requiredPermission,
                                                              boolean respectFrontendRoles,
                                                              com.liferay.portal.model.User user)
                                                          throws DotDataException,
                                                                 DotSecurityException

Filters the given list of permissionables that meet the required permission mask

Type Parameters:

P - The type of permissionable given to the method

Parameters:

permissionables -

requiredPermission -

respectFrontendRoles -

user -

Returns:

Throws:

DotDataException

DotSecurityException

Since:

1.6

filterCollectionByDBPermissionReference

<P extends Permissionable> java.util.List<P> filterCollectionByDBPermissionReference(java.util.List<P> permissionables,
                                                                                     int requiredPermission,
                                                                                     boolean respectFrontendRoles,
                                                                                     com.liferay.portal.model.User user)
                                                                                 throws DotDataException,
                                                                                        DotSecurityException

Filters the given list of permissionables that meet the required permission mask using the permission reference table instead of hitting the cache This method can be slow if you pass in many objects or there are lots of objects in the DBs.

Type Parameters:

P - The type of permissionable given to the method

Parameters:

permissionables -

requiredPermission -

respectFrontendRoles -

user -

Returns:

Throws:

DotDataException

DotSecurityException

Since:

1.9.1.4

removePermissionsByRole

void removePermissionsByRole(java.lang.String roleId)

Remove all the permissions given the roleId

Parameters:

roleId -

Since:

1.6

save

void save(Permission permission,
          Permissionable permissionable,
          com.liferay.portal.model.User user,
          boolean respectFrontendRoles)
          throws DotDataException,
                 DotSecurityException

Saves an individual permission of a given permissionable

Parameters:

permission -

permissionable -

Throws:

DotDataException

DotSecurityException

assignPermissions

void assignPermissions(java.util.List<Permission> permission,
                       Permissionable permissionable,
                       com.liferay.portal.model.User user,
                       boolean respectFrontendRoles)
                       throws DotDataException,
                              DotSecurityException

Assigns a set of permissions to a given asset, any permissions already assigned to the asset are either updated or removed to match the provided list

Parameters:

permission -

permissionable -

Throws:

DotDataException

DotSecurityException

clearCache

void clearCache()

This method is to clear the permissions cache. Should only need to be called for maintenance or debug reasons

Since:

1.6

updateOwner

void updateOwner(Permissionable asset,
                 java.lang.String ownerId)
                 throws DotDataException

This method updates the given permissionable owner with the given user id

Parameters:

asset -

ownerId -

Throws:

DotDataException

maskOfAllPermissions

int maskOfAllPermissions()

Returns the bit mask of all system permissions

Returns:

resetPermissionsUnder

void resetPermissionsUnder(Permissionable parent)
                           throws DotDataException

Recursively removes all individual and inheritable permissions of children of the given permissionable

Parameters:

parent -

Throws:

DotDataException

cascadePermissionUnder

void cascadePermissionUnder(Permissionable permissionable,
                            Role role)
                            throws DotDataException

Navigates through the given permissionable children making sure all individual permissioned assets also have the same permission rules for the given role as the parent permissionable has. Therefore if a child that is individually permissioned (not inheriting) does not have an individual permission for the given role then the permission will be created, if the child asset already have a permission for the given role then the permission is updated, and at last if the asset has an individual permission for the role but the parent doesn't then the individual permission is removed from the child.

Parameters:

permissionable -

role -

Throws:

DotDataException

resetPermissionReferences

void resetPermissionReferences(Permissionable perm)
                               throws DotDataException

Removes the given permissionable permission references forcing the api to recalculate the reference

Parameters:

perm -

Throws:

DotDataException

resetChildrenPermissionReferences

void resetChildrenPermissionReferences(Structure structure)
                                       throws DotDataException

Removes the permission references of all content children of the given structure

Parameters:

perm -

Throws:

DotDataException

resetAllPermissionReferences

void resetAllPermissionReferences()
                                  throws DotDataException

Removes all permission references

Throws:

DotDataException

doesUserHaveInheriablePermissions

boolean doesUserHaveInheriablePermissions(Permissionable parent,
                                          java.lang.String type,
                                          int requiredPermissions,
                                          com.liferay.portal.model.User user)
                                          throws DotDataException

Returns if a user has proper permissions to an asset - even if not created yet based on the Permissionable parent. Use case: A user is trying to save and publish a new file (no permissions yet) in a folder. We need to look at the fodler to see if there are any File+Publish inheritable permissions for the user - even before we allow the user to save the file.

Parameters:

parent -

type -

requiredPermissions -

user -

Returns:

Throws:

DotDataException

doesUserHavePermissions

boolean doesUserHavePermissions(Permissionable permissionable,
                                java.lang.String requiredPermissions,
                                com.liferay.portal.model.User user)
                                throws DotDataException

Returns true if the user has the requiredPermissions over the specified permissionable this method is meant to be used to check multiple parent & children permissions on Hosts/Folders.

Parameters:

permissionable -

requiredPermissions - a comma separated list of permissions of the form TYPE:PERMISSION, where TYPE is the permission type to match the permission against the permissions under the given permissionable host or folder.If no children permissionable are given the TYPE should be set to PARENT i.e : PARENT:1, this will check for READ permissions on the given permissionable while a value of PARENT:1, STRUCTURES:4 will check for READ permissions on the given permissionable AND publish permission on structures under the given permissionable.

user -

Returns:

Throws:

DotDataException

doesUserHavePermissions

boolean doesUserHavePermissions(Permissionable permissionable,
                                java.lang.String requiredPermissions,
                                com.liferay.portal.model.User user,
                                boolean respectFrontendRoles)
                                throws DotDataException

Returns true if the user has the requiredPermissions over the specified permissionable this method is meant to be used to check multiple parent & children permissions on Hosts/Folders.

Parameters:

permissionable -

requiredPermissions - a comma separated list of permissions of the form TYPE:PERMISSION, where TYPE is the permission type to match the permission against the permissions under the given permissionable host or folder.If no children permissionable are given the TYPE should be set to PARENT i.e : PARENT:1, this will check for READ permissions on the given permissionable while a value of PARENT:1, STRUCTURES:4 will check for READ permissions on the given permissionable AND publish permission on structures under the given permissionable.

user -

respectFrontendRoles -

Returns:

Throws:

DotDataException

doesUserHavePermissions

boolean doesUserHavePermissions(PermissionAPI.PermissionableType permType,
                                int permissionType,
                                com.liferay.portal.model.User user)
                                throws DotDataException

Returns true if the user has the requiredPermissions over the specified objectType this method is meant to be used to check multiple parent & children permissions on Hosts/Folders.

Parameters:

objectyType -

requiredPermissions - a comma separated list of permissions of the form TYPE:PERMISSION, where TYPE is the permission type to match the permission against the permissions under the given permissionable host or folder.If no children permissionable are given the TYPE should be set to PARENT i.e : PARENT:1, this will check for READ permissions on the given permissionable while a value of PARENT:1, STRUCTURES:4 will check for READ permissions on the given permissionable AND publish permission on structures under the given permissionable.

user -

Returns:

Throws:

DotDataException

permissionIndividually

void permissionIndividually(Permissionable parent,
                            Permissionable permissionable,
                            com.liferay.portal.model.User user,
                            boolean respectFrontendRoles)
                            throws DotDataException,
                                   DotSecurityException

Parameters:

parent -

permissionable -

user -

respectFrontendRoles -

Throws:

DotDataException

DotSecurityException

findParentPermissionable

Permissionable findParentPermissionable(Permissionable permissionable)
                                        throws DotDataException,
                                               DotSecurityException

Finds the permissionable instance from where permissionable is inheriting its permissions. It is usefull before call permissionIndividually as it requires both the permissionable and the parent from where it inherits its permissions http://jira.dotmarketing.net/browse/DOTCMS-6316

Parameters:

permissionable -

Returns:

Throws:

DotDataException

DotSecurityException

isInheritingPermissions

boolean isInheritingPermissions(Permissionable permissionable)
                                throws DotDataException

Returns wherever a permissionable is inheriting its permissions or have individual permissions

Parameters:

permissionable -

Returns:

true - is inheriting permissions / false - have individual permissions

Throws:

DotDataException