Accessing Liferay 6.1 custom/inherited Organization role

Question

I am using Liferay 6.1 CE, Tomcat, Vaadin 6.8.4
Possibly a wildly incorrect approach on my part or maybe I have missed something obvious.

I need to control crud functions for my users - allowing access to organizations they belong to and any child organizations below that. ( I am using Liferay's organization_ table)

In trying to simplify administration of permissions, I had hoped to assign a user to an organization in the hierarchy. Default privileges can then be determined from the roles assigned to that and any parent organization(s). This seems to work reasonably well for regular roles - but then I attempted a custom Organization role and I cannot get hold of the detail as expected.

I can see the correct data in the control panel definition for the user.
( Liferay knows how to retrieve and display the custom Organization Role :-)

I can see the actual data values being populated in the back-end table usergrouprole.

I am able to detect this role for the default superadmin / owner (test@liferay)
. . . but I cannot detect the role for other users :(

I have been using RoleLocalServiceUtil and GroupLocalServiceUtil without luck.

My gut feel says to abandon my "purist" notions and fall back to a familiar custom query instead, but I want to first see if anyone else has any better suggestions.

I do not currently know how to get into the Liferay code to find the relevant segment, so perhaps that may be an option if you have some reading material :)

Clues ?

Answer 1

This is going to look ugly (because it is) but I think you'll need to call:

UserGroupRoleLocalServiceUtil.hasUserGroupRole(long userId, long groupId, long roleId);

Generally speaking there is (if not always) a XYZLocalServiceUtil and XYZServiceUtil for an XYZ table.