32e620be7a8b805c34de08ee8912a8d6d66aed32,portal-impl/src/com/liferay/portal/search/SearchPermissionCheckerImpl.java,SearchPermissionCheckerImpl,doGetPermissionQuery_5,#number#number#number#String#Query#,226

Before Change



		BooleanQuery permissionQuery = BooleanQueryFactoryUtil.create();

		List<Role> roles = RoleLocalServiceUtil.getUserRoles(userId);

		roles = ListUtil.copy(roles);

		List<UserGroupRole> userGroupRoles = null;

		if (groupId == 0) {
			userGroupRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(
				userId);
		}
		else {
			userGroupRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(
				userId, groupId);

			userGroupRoles = ListUtil.copy(userGroupRoles);

			userGroupRoles.addAll(
				UserGroupRoleLocalServiceUtil.

After Change


	}

	protected Query doGetPermissionQuery_5(
			long companyId, long groupId, long userId, String className,
			Query query)
		throws Exception {

		BooleanQuery fullQuery = BooleanQueryFactoryUtil.create();

		BooleanQuery permissionQuery = BooleanQueryFactoryUtil.create();

		PermissionCheckerBag bag = AdvancedPermissionChecker.getUserBag(
			userId, 0);

		List<Role> roles = bag.getRoles();

		List<Group> userGroups = new ArrayList<Group>();

		List<UserGroupRole> userGroupRoles = new ArrayList<UserGroupRole>();

		if (groupId == 0) {
			userGroups.addAll(
				GroupLocalServiceUtil.getUserGroups(userId, true));
			userGroups.addAll(bag.getGroups());

			userGroupRoles = UserGroupRoleLocalServiceUtil.getUserGroupRoles(
				userId);
		}
		else {
			if (GroupLocalServiceUtil.hasUserGroup(userId, groupId)) {
				Group group = GroupLocalServiceUtil.getGroup(groupId);

				userGroups.add(group);
			}

			userGroupRoles.addAll(
				UserGroupRoleLocalServiceUtil.getUserGroupRoles(
					userId, groupId));

			userGroupRoles.addAll(
				UserGroupRoleLocalServiceUtil.
					getUserGroupRolesByUserUserGroupAndGroup(userId, groupId));
		}

		long defaultUserId = UserLocalServiceUtil.getDefaultUserId(companyId);

		if (defaultUserId != userId) {
			roles.add(
				RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST));
		}

		long companyResourceId = 0;

		try {
			Resource companyResource = ResourceLocalServiceUtil.getResource(
				companyId, className, ResourceConstants.SCOPE_COMPANY,
				String.valueOf(companyId));

			companyResourceId = companyResource.getResourceId();
		}
		catch (NoSuchResourceException nsre) {
		}

		long groupResourceId = 0;

		try {
			Resource groupResource = ResourceLocalServiceUtil.getResource(
				companyId, className, ResourceConstants.SCOPE_GROUP,
				String.valueOf(groupId));

			groupResourceId = groupResource.getResourceId();
		}
		catch (NoSuchResourceException nsre) {
		}

		for (Role role : roles) {
			if (role.getName().equals(RoleConstants.ADMINISTRATOR)) {
				return query;
			}

			long roleId = role.getRoleId();

			if (hasPermission(roleId, companyResourceId) ||
				hasPermission(roleId, groupResourceId)) {

				return query;
			}

			permissionQuery.addTerm(Field.ROLE_ID, role.getRoleId());
		}

		for (Group userGroup : userGroups) {
			addRequiredMemberRole(userGroup, permissionQuery);
		}

		for (UserGroupRole userGroupRole : userGroupRoles) {