001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchGroupException;
018 import com.liferay.portal.NoSuchResourceException;
019 import com.liferay.portal.ResourceActionsException;
020 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.kernel.log.Log;
024 import com.liferay.portal.kernel.log.LogFactoryUtil;
025 import com.liferay.portal.kernel.search.SearchEngineUtil;
026 import com.liferay.portal.kernel.util.ListUtil;
027 import com.liferay.portal.kernel.util.StringBundler;
028 import com.liferay.portal.model.AuditedModel;
029 import com.liferay.portal.model.ClassedModel;
030 import com.liferay.portal.model.Group;
031 import com.liferay.portal.model.GroupConstants;
032 import com.liferay.portal.model.GroupedModel;
033 import com.liferay.portal.model.Permission;
034 import com.liferay.portal.model.PermissionedModel;
035 import com.liferay.portal.model.Resource;
036 import com.liferay.portal.model.ResourceCode;
037 import com.liferay.portal.model.ResourceConstants;
038 import com.liferay.portal.model.ResourcePermission;
039 import com.liferay.portal.model.Role;
040 import com.liferay.portal.model.RoleConstants;
041 import com.liferay.portal.model.impl.ResourceImpl;
042 import com.liferay.portal.security.permission.PermissionCacheUtil;
043 import com.liferay.portal.security.permission.PermissionThreadLocal;
044 import com.liferay.portal.security.permission.PermissionsListFilter;
045 import com.liferay.portal.security.permission.PermissionsListFilterFactory;
046 import com.liferay.portal.security.permission.ResourceActionsUtil;
047 import com.liferay.portal.service.ServiceContext;
048 import com.liferay.portal.service.base.ResourceLocalServiceBaseImpl;
049 import com.liferay.portal.util.PropsValues;
050 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
051 import com.liferay.portal.util.comparator.ResourceComparator;
052
053 import java.sql.Connection;
054 import java.sql.PreparedStatement;
055 import java.sql.ResultSet;
056 import java.sql.SQLException;
057
058 import java.util.Arrays;
059 import java.util.Iterator;
060 import java.util.List;
061
062
069 public class ResourceLocalServiceImpl extends ResourceLocalServiceBaseImpl {
070
071 public void addModelResources(
072 AuditedModel auditedModel, ServiceContext serviceContext)
073 throws PortalException, SystemException {
074
075 ClassedModel classedModel = (ClassedModel)auditedModel;
076
077 if (serviceContext.isAddGroupPermissions() ||
078 serviceContext.isAddGuestPermissions()) {
079
080 addResources(
081 auditedModel.getCompanyId(), getGroupId(auditedModel),
082 auditedModel.getUserId(), classedModel.getModelClassName(),
083 String.valueOf(classedModel.getPrimaryKeyObj()), false,
084 serviceContext.isAddGroupPermissions(),
085 serviceContext.isAddGuestPermissions(),
086 getPermissionedModel(auditedModel));
087 }
088 else {
089 if (serviceContext.isDeriveDefaultPermissions()) {
090 serviceContext.deriveDefaultPermissions(
091 getGroupId(auditedModel), classedModel.getModelClassName());
092 }
093
094 addModelResources(
095 auditedModel.getCompanyId(), getGroupId(auditedModel),
096 auditedModel.getUserId(), classedModel.getModelClassName(),
097 String.valueOf(classedModel.getPrimaryKeyObj()),
098 serviceContext.getGroupPermissions(),
099 serviceContext.getGuestPermissions(),
100 getPermissionedModel(auditedModel));
101 }
102 }
103
104 public void addModelResources(
105 long companyId, long groupId, long userId, String name,
106 long primKey, String[] groupPermissions, String[] guestPermissions)
107 throws PortalException, SystemException {
108
109 addModelResources(
110 companyId, groupId, userId, name, String.valueOf(primKey),
111 groupPermissions, guestPermissions, null);
112 }
113
114 public void addModelResources(
115 long companyId, long groupId, long userId, String name,
116 String primKey, String[] groupPermissions,
117 String[] guestPermissions)
118 throws PortalException, SystemException {
119
120 addModelResources(
121 companyId, groupId, userId, name, primKey, groupPermissions,
122 guestPermissions, null);
123 }
124
125 public Resource addResource(
126 long companyId, String name, int scope, String primKey)
127 throws SystemException {
128
129 if (!PermissionThreadLocal.isAddResource()) {
130 return null;
131 }
132
133 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
134 return addResource_6(companyId, name, scope, primKey);
135 }
136 else {
137 return addResource_1to5(companyId, name, scope, primKey);
138 }
139 }
140
141 public void addResources(
142 long companyId, long groupId, long userId, String name,
143 long primKey, boolean portletActions, boolean addGroupPermissions,
144 boolean addGuestPermissions)
145 throws PortalException, SystemException {
146
147 addResources(
148 companyId, groupId, userId, name, String.valueOf(primKey),
149 portletActions, addGroupPermissions, addGuestPermissions, null);
150 }
151
152 public void addResources(
153 long companyId, long groupId, long userId, String name,
154 String primKey, boolean portletActions, boolean addGroupPermissions,
155 boolean addGuestPermissions)
156 throws PortalException, SystemException {
157
158 addResources(
159 companyId, groupId, userId, name, primKey, portletActions,
160 addGroupPermissions, addGuestPermissions, null);
161 }
162
163 public void addResources(
164 long companyId, long groupId, String name, boolean portletActions)
165 throws PortalException, SystemException {
166
167 addResources(
168 companyId, groupId, 0, name, null, portletActions, false, false);
169 }
170
171 public void deleteResource(AuditedModel auditedModel, int scope)
172 throws PortalException, SystemException {
173
174 ClassedModel classedModel = (ClassedModel)auditedModel;
175
176 deleteResource(
177 auditedModel.getCompanyId(), classedModel.getModelClassName(),
178 scope, String.valueOf(classedModel.getPrimaryKeyObj()),
179 getPermissionedModel(auditedModel));
180 }
181
182 @Override
183 public Resource deleteResource(long resourceId) throws SystemException {
184 Resource resource = null;
185
186 try {
187 resource = resourcePersistence.findByPrimaryKey(resourceId);
188
189 deleteResource(resource);
190 }
191 catch (NoSuchResourceException nsre) {
192 if (_log.isWarnEnabled()) {
193 _log.warn(nsre);
194 }
195 }
196
197 return resource;
198 }
199
200 public void deleteResource(
201 long companyId, String name, int scope, long primKey)
202 throws PortalException, SystemException {
203
204 deleteResource(companyId, name, scope, String.valueOf(primKey), null);
205 }
206
207 public void deleteResource(
208 long companyId, String name, int scope, String primKey)
209 throws PortalException, SystemException {
210
211 deleteResource(companyId, name, scope, primKey, null);
212 }
213
214 @Override
215 public Resource deleteResource(Resource resource) throws SystemException {
216
217
218
219 List<Permission> permissions = permissionPersistence.findByResourceId(
220 resource.getResourceId());
221
222 for (Permission permission : permissions) {
223 orgGroupPermissionPersistence.removeByPermissionId(
224 permission.getPermissionId());
225 }
226
227 permissionPersistence.removeByResourceId(resource.getResourceId());
228
229
230
231 return resourcePersistence.remove(resource);
232 }
233
234 public void deleteResources(String name) throws SystemException {
235 List<Resource> resources = resourceFinder.findByName(name);
236
237 for (Resource resource : resources) {
238 deleteResource(resource);
239 }
240 }
241
242 public Resource fetchResource(
243 long companyId, String name, int scope, String primKey)
244 throws SystemException {
245
246 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
247 return getResource_6(companyId, name, scope, primKey);
248 }
249 else {
250 return fetchResource_1to5(companyId, name, scope, primKey);
251 }
252 }
253
254 public long getLatestResourceId() throws SystemException {
255 List<Resource> resources = resourcePersistence.findAll(
256 0, 1, new ResourceComparator());
257
258 if (resources.size() == 0) {
259 return 0;
260 }
261 else {
262 Resource resource = resources.get(0);
263
264 return resource.getResourceId();
265 }
266 }
267
268 public Resource getResource(
269 long companyId, String name, int scope, String primKey)
270 throws PortalException, SystemException {
271
272 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
273 return getResource_6(companyId, name, scope, primKey);
274 }
275 else {
276 return getResource_1to5(companyId, name, scope, primKey);
277 }
278 }
279
280 public List<Resource> getResources() throws SystemException {
281 return resourcePersistence.findAll();
282 }
283
284 public void updateModelResources(
285 AuditedModel auditedModel, ServiceContext serviceContext)
286 throws PortalException, SystemException {
287
288 ClassedModel classedModel = (ClassedModel)auditedModel;
289
290 updateResources(
291 auditedModel.getCompanyId(), getGroupId(auditedModel),
292 classedModel.getModelClassName(),
293 String.valueOf(classedModel.getPrimaryKeyObj()),
294 serviceContext.getGroupPermissions(),
295 serviceContext.getGuestPermissions(),
296 getPermissionedModel(auditedModel));
297 }
298
299 public void updateResources(
300 long companyId, long groupId, String name, long primKey,
301 String[] groupPermissions, String[] guestPermissions)
302 throws PortalException, SystemException {
303
304 updateResources(
305 companyId, groupId, name, String.valueOf(primKey), groupPermissions,
306 guestPermissions, null);
307 }
308
309 public void updateResources(
310 long companyId, long groupId, String name, String primKey,
311 String[] groupPermissions, String[] guestPermissions)
312 throws PortalException, SystemException {
313
314 updateResources(
315 companyId, groupId, name, primKey, groupPermissions,
316 guestPermissions, null);
317 }
318
319 public void updateResources(
320 long companyId, String name, int scope, String primKey,
321 String newPrimKey)
322 throws PortalException, SystemException {
323
324 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
325 if (resourceBlockLocalService.isSupported(name)) {
326
327
328
329
330
331 }
332 else {
333 updateResources_6(companyId, name, scope, primKey, newPrimKey);
334 }
335 }
336 else {
337 updateResources_1to5(companyId, name, scope, primKey, newPrimKey);
338 }
339 }
340
341 protected void addGroupPermissions(
342 long companyId, long groupId, long userId, String name,
343 Resource resource, boolean portletActions,
344 PermissionedModel permissionedModel)
345 throws PortalException, SystemException {
346
347 List<String> actions = null;
348
349 if (portletActions) {
350 actions = ResourceActionsUtil.getPortletResourceGroupDefaultActions(
351 name);
352 }
353 else {
354 actions = ResourceActionsUtil.getModelResourceGroupDefaultActions(
355 name);
356 }
357
358 String[] actionIds = actions.toArray(new String[actions.size()]);
359
360 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
361 if (resourceBlockLocalService.isSupported(name)) {
362 addGroupPermissions_6Blocks(
363 groupId, resource, actions, permissionedModel);
364 }
365 else {
366 addGroupPermissions_6(groupId, resource, actionIds);
367 }
368 }
369 else {
370 addGroupPermissions_1to5(
371 companyId, groupId, userId, name, resource, portletActions,
372 actionIds);
373 }
374 }
375
376 protected void addGroupPermissions_1to5(
377 long companyId, long groupId, long userId, String name,
378 Resource resource, boolean portletActions, String[] actionIds)
379 throws PortalException, SystemException {
380
381 long resourceId = resource.getResourceId();
382 String primKey = resource.getPrimKey();
383
384 List<Permission> groupPermissionsList =
385 permissionLocalService.getPermissions(
386 companyId, actionIds, resourceId);
387
388 PermissionsListFilter permissionsListFilter =
389 PermissionsListFilterFactory.getInstance();
390
391 groupPermissionsList = permissionsListFilter.filterGroupPermissions(
392 companyId, groupId, userId, name, primKey, portletActions,
393 groupPermissionsList);
394
395 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
396 Role role = roleLocalService.getDefaultGroupRole(groupId);
397
398 rolePersistence.addPermissions(
399 role.getRoleId(), groupPermissionsList);
400 }
401 else {
402 groupPersistence.addPermissions(groupId, groupPermissionsList);
403 }
404 }
405
406 protected void addGroupPermissions_6(
407 long groupId, Resource resource, String[] actionIds)
408 throws PortalException, SystemException {
409
410 Role role = roleLocalService.getDefaultGroupRole(groupId);
411
412 resourcePermissionLocalService.setResourcePermissions(
413 resource.getCompanyId(), resource.getName(), resource.getScope(),
414 resource.getPrimKey(), role.getRoleId(), actionIds);
415 }
416
417 protected void addGroupPermissions_6Blocks(
418 long groupId, Resource resource, List<String> actionIds,
419 PermissionedModel permissionedModel)
420 throws PortalException, SystemException {
421
422 if (permissionedModel == null) {
423 throw new IllegalArgumentException("Permissioned model is null");
424 }
425
426
427
428 Role role = roleLocalService.getDefaultGroupRole(groupId);
429
430 resourceBlockLocalService.setIndividualScopePermissions(
431 resource.getCompanyId(), groupId, resource.getName(),
432 permissionedModel, role.getRoleId(), actionIds);
433 }
434
435 protected void addGuestPermissions(
436 long companyId, long groupId, long userId, String name,
437 Resource resource, boolean portletActions,
438 PermissionedModel permissionedModel)
439 throws PortalException, SystemException {
440
441 List<String> actions = null;
442
443 if (portletActions) {
444 actions = ResourceActionsUtil.getPortletResourceGuestDefaultActions(
445 name);
446 }
447 else {
448 actions = ResourceActionsUtil.getModelResourceGuestDefaultActions(
449 name);
450 }
451
452 String[] actionIds = actions.toArray(new String[actions.size()]);
453
454 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
455 if (resourceBlockLocalService.isSupported(name)) {
456 addGuestPermissions_6Blocks(
457 companyId, groupId, resource, actions, permissionedModel);
458 }
459 else {
460 addGuestPermissions_6(companyId, resource, actionIds);
461 }
462 }
463 else {
464 addGuestPermissions_1to5(
465 companyId, groupId, userId, name, resource, portletActions,
466 actionIds);
467 }
468 }
469
470 protected void addGuestPermissions_1to5(
471 long companyId, long groupId, long userId, String name,
472 Resource resource, boolean portletActions, String[] actionIds)
473 throws PortalException, SystemException {
474
475 List<Permission> guestPermissionsList =
476 permissionLocalService.getPermissions(
477 companyId, actionIds, resource.getResourceId());
478
479 PermissionsListFilter permissionsListFilter =
480 PermissionsListFilterFactory.getInstance();
481
482 guestPermissionsList = permissionsListFilter.filterGuestPermissions(
483 companyId, groupId, userId, name, resource.getPrimKey(),
484 portletActions, guestPermissionsList);
485
486 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
487 Role guestRole = roleLocalService.getRole(
488 companyId, RoleConstants.GUEST);
489
490 rolePersistence.addPermissions(
491 guestRole.getRoleId(), guestPermissionsList);
492 }
493 else {
494 long defaultUserId = userLocalService.getDefaultUserId(companyId);
495
496 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
497 }
498 }
499
500 protected void addGuestPermissions_6(
501 long companyId, Resource resource, String[] actionIds)
502 throws PortalException, SystemException {
503
504 Role guestRole = roleLocalService.getRole(
505 companyId, RoleConstants.GUEST);
506
507 resourcePermissionLocalService.setResourcePermissions(
508 resource.getCompanyId(), resource.getName(), resource.getScope(),
509 resource.getPrimKey(), guestRole.getRoleId(), actionIds);
510 }
511
512 protected void addGuestPermissions_6Blocks(
513 long companyId, long groupId, Resource resource,
514 List<String> actionIds, PermissionedModel permissionedModel)
515 throws PortalException, SystemException {
516
517 if (permissionedModel == null) {
518 throw new IllegalArgumentException("Permissioned model is null");
519 }
520
521
522
523 Role guestRole = roleLocalService.getRole(
524 companyId, RoleConstants.GUEST);
525
526 resourceBlockLocalService.setIndividualScopePermissions(
527 resource.getCompanyId(), groupId, resource.getName(),
528 permissionedModel, guestRole.getRoleId(), actionIds);
529 }
530
531 protected void addModelResources(
532 long companyId, long groupId, long userId, String name,
533 String primKey, String[] groupPermissions,
534 String[] guestPermissions, PermissionedModel permissionedModel)
535 throws PortalException, SystemException {
536
537 if (!PermissionThreadLocal.isAddResource()) {
538 return;
539 }
540
541 validate(name, false);
542
543
544
545 addResource(
546 companyId, name, ResourceConstants.SCOPE_COMPANY,
547 String.valueOf(companyId));
548
549
550
551 long guestGroupId = getGuestGroupId(companyId);
552
553 addResource(
554 companyId, name, ResourceConstants.SCOPE_GROUP,
555 String.valueOf(guestGroupId));
556
557
558
559 if ((groupId > 0) && (guestGroupId != groupId)) {
560 addResource(
561 companyId, name, ResourceConstants.SCOPE_GROUP,
562 String.valueOf(groupId));
563 }
564
565 if (primKey == null) {
566 return;
567 }
568
569
570
571 Resource resource = addResource(
572 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
573
574
575
576 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
577
578 PermissionThreadLocal.setIndexEnabled(false);
579
580 try {
581 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
582 addModelResources_6(
583 companyId, groupId, userId, resource, groupPermissions,
584 guestPermissions, permissionedModel);
585 }
586 else {
587 addModelResources_1to5(
588 companyId, groupId, userId, resource, groupPermissions,
589 guestPermissions);
590 }
591 }
592 finally {
593 PermissionThreadLocal.setIndexEnabled(flushEnabled);
594
595 PermissionCacheUtil.clearCache();
596
597 SearchEngineUtil.updatePermissionFields(name, primKey);
598 }
599 }
600
601 protected void addModelResources_1to5(
602 long companyId, long groupId, long userId, Resource resource,
603 String[] groupPermissions, String[] guestPermissions)
604 throws PortalException, SystemException {
605
606 long defaultUserId = userLocalService.getDefaultUserId(companyId);
607
608 PermissionsListFilter permissionsListFilter =
609 PermissionsListFilterFactory.getInstance();
610
611 List<Permission> permissionsList =
612 permissionLocalService.addPermissions(
613 companyId, resource.getName(), resource.getResourceId(), false);
614
615 List<Permission> userPermissionsList =
616 permissionsListFilter.filterUserPermissions(
617 companyId, groupId, userId, resource.getName(),
618 resource.getPrimKey(), false, permissionsList);
619
620 filterOwnerPermissions(resource.getName(), userPermissionsList);
621
622 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
623
624
625
626 Role ownerRole = roleLocalService.getRole(
627 companyId, RoleConstants.OWNER);
628
629 rolePersistence.addPermissions(
630 ownerRole.getRoleId(), userPermissionsList);
631 }
632 else {
633
634
635
636 if ((userId > 0) && (userId != defaultUserId)) {
637 userPersistence.addPermissions(userId, userPermissionsList);
638 }
639 }
640
641
642
643 if (groupId > 0) {
644 if (groupPermissions == null) {
645 groupPermissions = new String[0];
646 }
647
648 List<Permission> groupPermissionsList =
649 permissionLocalService.getPermissions(
650 companyId, groupPermissions, resource.getResourceId());
651
652 groupPermissionsList = permissionsListFilter.filterGroupPermissions(
653 companyId, groupId, userId, resource.getName(),
654 resource.getPrimKey(), false, groupPermissionsList);
655
656 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
657 Role role = roleLocalService.getDefaultGroupRole(groupId);
658
659 rolePersistence.addPermissions(
660 role.getRoleId(), groupPermissionsList);
661 }
662 else {
663 groupPersistence.addPermissions(groupId, groupPermissionsList);
664 }
665 }
666
667
668
669 if (guestPermissions == null) {
670 guestPermissions = new String[0];
671 }
672
673 List<Permission> guestPermissionsList =
674 permissionLocalService.getPermissions(
675 companyId, guestPermissions, resource.getResourceId());
676
677 guestPermissionsList = permissionsListFilter.filterGuestPermissions(
678 companyId, groupId, userId, resource.getName(),
679 resource.getPrimKey(), false, guestPermissionsList);
680
681 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
682 Role guestRole = roleLocalService.getRole(
683 companyId, RoleConstants.GUEST);
684
685 rolePersistence.addPermissions(
686 guestRole.getRoleId(), guestPermissionsList);
687 }
688 else {
689 userPersistence.addPermissions(defaultUserId, guestPermissionsList);
690 }
691 }
692
693 protected void addModelResources_6(
694 long companyId, long groupId, long userId, Resource resource,
695 String[] groupPermissions, String[] guestPermissions,
696 PermissionedModel permissionedModel)
697 throws PortalException, SystemException {
698
699
700
701 Role ownerRole = roleLocalService.getRole(
702 companyId, RoleConstants.OWNER);
703
704 List<String> ownerActionIds =
705 ResourceActionsUtil.getModelResourceActions(resource.getName());
706
707 ownerActionIds = ListUtil.copy(ownerActionIds);
708
709 filterOwnerActions(resource.getName(), ownerActionIds);
710
711 String[] ownerPermissions = ownerActionIds.toArray(
712 new String[ownerActionIds.size()]);
713
714
715
716 Role defaultGroupRole = null;
717
718 if (groupId > 0) {
719 defaultGroupRole = roleLocalService.getDefaultGroupRole(groupId);
720
721 if (groupPermissions == null) {
722 groupPermissions = new String[0];
723 }
724 }
725
726
727
728 Role guestRole = roleLocalService.getRole(
729 companyId, RoleConstants.GUEST);
730
731 if (guestPermissions == null) {
732 guestPermissions = new String[0];
733 }
734
735 if (resourceBlockLocalService.isSupported(resource.getName())) {
736
737 if (permissionedModel == null) {
738 throw new IllegalArgumentException(
739 "Permissioned model is null");
740 }
741
742
743
744 resourceBlockLocalService.setIndividualScopePermissions(
745 resource.getCompanyId(), groupId, resource.getName(),
746 permissionedModel, ownerRole.getRoleId(), ownerActionIds);
747
748 if (groupId > 0) {
749 resourceBlockLocalService.setIndividualScopePermissions(
750 resource.getCompanyId(), groupId, resource.getName(),
751 permissionedModel, defaultGroupRole.getRoleId(),
752 Arrays.asList(groupPermissions));
753 }
754
755 resourceBlockLocalService.setIndividualScopePermissions(
756 resource.getCompanyId(), groupId, resource.getName(),
757 permissionedModel, guestRole.getRoleId(),
758 Arrays.asList(guestPermissions));
759 }
760 else {
761 resourcePermissionLocalService.setOwnerResourcePermissions(
762 resource.getCompanyId(), resource.getName(),
763 resource.getScope(), resource.getPrimKey(),
764 ownerRole.getRoleId(), userId, ownerPermissions);
765
766 if (groupId > 0) {
767 resourcePermissionLocalService.setResourcePermissions(
768 resource.getCompanyId(), resource.getName(),
769 resource.getScope(), resource.getPrimKey(),
770 defaultGroupRole.getRoleId(), groupPermissions);
771 }
772
773 resourcePermissionLocalService.setResourcePermissions(
774 resource.getCompanyId(), resource.getName(),
775 resource.getScope(), resource.getPrimKey(),
776 guestRole.getRoleId(), guestPermissions);
777 }
778 }
779
780 protected Resource addResource_1to5(
781 long companyId, String name, int scope, String primKey)
782 throws SystemException {
783
784 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
785 companyId, name, scope);
786
787 long codeId = resourceCode.getCodeId();
788
789 Resource resource = resourcePersistence.fetchByC_P(codeId, primKey);
790
791 if (resource == null) {
792 long resourceId = counterLocalService.increment(
793 Resource.class.getName());
794
795 resource = resourcePersistence.create(resourceId);
796
797 resource.setCodeId(codeId);
798 resource.setPrimKey(primKey);
799
800 try {
801 resourcePersistence.update(resource, false);
802 }
803 catch (SystemException se) {
804 if (_log.isWarnEnabled()) {
805 _log.warn(
806 "Add failed, fetch {codeId=" + codeId + ", primKey=" +
807 primKey + "}");
808 }
809
810 resource = resourcePersistence.fetchByC_P(
811 codeId, primKey, false);
812
813 if (resource == null) {
814 throw se;
815 }
816 }
817 }
818
819 return resource;
820 }
821
822 protected Resource addResource_6(
823 long companyId, String name, int scope, String primKey) {
824
825 Resource resource = new ResourceImpl();
826
827 resource.setCompanyId(companyId);
828 resource.setName(name);
829 resource.setScope(scope);
830 resource.setPrimKey(primKey);
831
832 return resource;
833 }
834
835 protected void addResources(
836 long companyId, long groupId, long userId, String name,
837 String primKey, boolean portletActions, boolean addGroupPermissions,
838 boolean addGuestPermissions, PermissionedModel permissionedModel)
839 throws PortalException, SystemException {
840
841 if (!PermissionThreadLocal.isAddResource()) {
842 return;
843 }
844
845 validate(name, portletActions);
846
847
848
849 addResource(
850 companyId, name, ResourceConstants.SCOPE_COMPANY,
851 String.valueOf(companyId));
852
853 if (groupId > 0) {
854 addResource(
855 companyId, name, ResourceConstants.SCOPE_GROUP,
856 String.valueOf(groupId));
857 }
858
859 if (primKey == null) {
860 return;
861 }
862
863
864
865 Resource resource = addResource(
866 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
867
868
869
870 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
871
872 PermissionThreadLocal.setIndexEnabled(false);
873
874 List<ResourcePermission> resourcePermissions =
875 resourcePermissionPersistence.findByC_N_S_P(
876 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
877
878 ResourcePermissionsThreadLocal.setResourcePermissions(
879 resourcePermissions);
880
881 try {
882 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
883 addResources_6(
884 companyId, groupId, userId, resource, portletActions,
885 permissionedModel);
886 }
887 else {
888 addResources_1to5(
889 companyId, groupId, userId, resource, portletActions);
890 }
891
892
893
894 if ((groupId > 0) && addGroupPermissions) {
895 addGroupPermissions(
896 companyId, groupId, userId, name, resource, portletActions,
897 permissionedModel);
898 }
899
900
901
902 if (addGuestPermissions) {
903
904
905
906
907 addGuestPermissions(
908 companyId, groupId, userId, name, resource, portletActions,
909 permissionedModel);
910 }
911 }
912 finally {
913 ResourcePermissionsThreadLocal.setResourcePermissions(null);
914
915 PermissionThreadLocal.setIndexEnabled(flushEnabled);
916
917 PermissionCacheUtil.clearCache();
918
919 SearchEngineUtil.updatePermissionFields(name, primKey);
920 }
921 }
922
923 protected void addResources_1to5(
924 long companyId, long groupId, long userId, Resource resource,
925 boolean portletActions)
926 throws PortalException, SystemException {
927
928 List<Permission> permissionsList =
929 permissionLocalService.addPermissions(
930 companyId, resource.getName(), resource.getResourceId(),
931 portletActions);
932
933 PermissionsListFilter permissionsListFilter =
934 PermissionsListFilterFactory.getInstance();
935
936 List<Permission> userPermissionsList =
937 permissionsListFilter.filterUserPermissions(
938 companyId, groupId, userId, resource.getName(),
939 resource.getPrimKey(), portletActions, permissionsList);
940
941 filterOwnerPermissions(resource.getName(), userPermissionsList);
942
943 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
944
945
946
947 Role ownerRole = roleLocalService.getRole(
948 companyId, RoleConstants.OWNER);
949
950 rolePersistence.addPermissions(
951 ownerRole.getRoleId(), userPermissionsList);
952 }
953 else {
954
955
956
957 long defaultUserId = userLocalService.getDefaultUserId(companyId);
958
959 if ((userId > 0) && (userId != defaultUserId)) {
960 userPersistence.addPermissions(userId, userPermissionsList);
961 }
962 }
963 }
964
965 protected void addResources_6(
966 long companyId, long groupId, long userId, Resource resource,
967 boolean portletActions, PermissionedModel permissionedModel)
968 throws PortalException, SystemException {
969
970 List<String> actionIds = null;
971
972 if (portletActions) {
973 actionIds = ResourceActionsUtil.getPortletResourceActions(
974 resource.getName());
975 }
976 else {
977 actionIds = ResourceActionsUtil.getModelResourceActions(
978 resource.getName());
979
980 actionIds = ListUtil.copy(actionIds);
981
982 filterOwnerActions(resource.getName(), actionIds);
983 }
984
985 Role role = roleLocalService.getRole(companyId, RoleConstants.OWNER);
986
987 if (resourceBlockLocalService.isSupported(resource.getName())) {
988 if (permissionedModel == null) {
989 throw new IllegalArgumentException(
990 "Permissioned model is null");
991 }
992
993
994
995 resourceBlockLocalService.setIndividualScopePermissions(
996 resource.getCompanyId(), groupId, resource.getName(),
997 permissionedModel, role.getRoleId(), actionIds);
998 }
999 else {
1000 resourcePermissionLocalService.setOwnerResourcePermissions(
1001 resource.getCompanyId(), resource.getName(),
1002 resource.getScope(), resource.getPrimKey(), role.getRoleId(),
1003 userId, actionIds.toArray(new String[actionIds.size()]));
1004 }
1005 }
1006
1007 protected void deleteResource(
1008 long companyId, String name, int scope, String primKey,
1009 PermissionedModel permissionedModel)
1010 throws PortalException, SystemException {
1011
1012 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1013 if (resourceBlockLocalService.isSupported(name)) {
1014 if (permissionedModel == null) {
1015 throw new IllegalArgumentException(
1016 "Permissioned model is null");
1017 }
1018
1019 resourceBlockLocalService.releasePermissionedModelResourceBlock(
1020 permissionedModel);
1021
1022 return;
1023 }
1024 else {
1025 resourcePermissionLocalService.deleteResourcePermissions(
1026 companyId, name, scope, primKey);
1027
1028 return;
1029 }
1030 }
1031
1032 try {
1033 Resource resource = getResource(companyId, name, scope, primKey);
1034
1035 deleteResource(resource.getResourceId());
1036 }
1037 catch (NoSuchResourceException nsre) {
1038 if (_log.isWarnEnabled()) {
1039 _log.warn(nsre);
1040 }
1041 }
1042 }
1043
1044 protected Resource fetchResource_1to5(
1045 long companyId, String name, int scope, String primKey)
1046 throws SystemException {
1047
1048 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1049 companyId, name, scope);
1050
1051 return resourcePersistence.fetchByC_P(
1052 resourceCode.getCodeId(), primKey);
1053 }
1054
1055 protected void filterOwnerActions(String name, List<String> actionIds) {
1056 List<String> defaultOwnerActions =
1057 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1058
1059 if (defaultOwnerActions.isEmpty()) {
1060 return;
1061 }
1062
1063 Iterator<String> itr = actionIds.iterator();
1064
1065 while (itr.hasNext()) {
1066 String actionId = itr.next();
1067
1068 if (!defaultOwnerActions.contains(actionId)) {
1069 itr.remove();
1070 }
1071 }
1072 }
1073
1074 protected void filterOwnerPermissions(
1075 String name, List<Permission> permissions) {
1076
1077 List<String> defaultOwnerActions =
1078 ResourceActionsUtil.getModelResourceOwnerDefaultActions(name);
1079
1080 if (defaultOwnerActions.isEmpty()) {
1081 return;
1082 }
1083
1084 Iterator<Permission> itr = permissions.iterator();
1085
1086 while (itr.hasNext()) {
1087 Permission permission = itr.next();
1088
1089 String actionId = permission.getActionId();
1090
1091 if (!defaultOwnerActions.contains(actionId)) {
1092 itr.remove();
1093 }
1094 }
1095 }
1096
1097 protected long getGroupId(AuditedModel auditedModel) {
1098 long groupId = 0;
1099
1100 if (auditedModel instanceof GroupedModel) {
1101 GroupedModel groupedModel = (GroupedModel)auditedModel;
1102
1103 groupId = groupedModel.getGroupId();
1104 }
1105
1106 return groupId;
1107 }
1108
1109 protected long getGuestGroupId(long companyId) throws NoSuchGroupException {
1110 long guestGroupId = 0;
1111
1112 try {
1113 Group guestGroup = groupLocalService.getGroup(
1114 companyId, GroupConstants.GUEST);
1115
1116 return guestGroup.getGroupId();
1117 }
1118 catch (Exception e) {
1119 if (_log.isWarnEnabled()) {
1120 _log.warn(e.getMessage());
1121 }
1122 }
1123
1124
1125
1126 guestGroupId = getGuestGroupIdBySQL(companyId);
1127
1128 if (guestGroupId > 0) {
1129 return guestGroupId;
1130 }
1131
1132 StringBundler sb = new StringBundler(5);
1133
1134 sb.append("No Group exists with the key {companyId=");
1135 sb.append(companyId);
1136 sb.append(", name=");
1137 sb.append(GroupConstants.GUEST);
1138 sb.append("}");
1139
1140 throw new NoSuchGroupException(sb.toString());
1141 }
1142
1143 protected long getGuestGroupIdBySQL(long companyId) {
1144 Connection con = null;
1145 PreparedStatement ps = null;
1146 ResultSet rs = null;
1147
1148 try {
1149 con = DataAccess.getConnection();
1150
1151 StringBundler sb = new StringBundler(5);
1152
1153 sb.append("select groupId from Group_ where companyId = ");
1154 sb.append(companyId);
1155 sb.append(" and name = '");
1156 sb.append(GroupConstants.GUEST);
1157 sb.append("'");
1158
1159 ps = con.prepareStatement(sb.toString());
1160
1161 rs = ps.executeQuery();
1162
1163 if (rs.next()) {
1164 return rs.getLong("groupId");
1165 }
1166 }
1167 catch (SQLException sqle) {
1168 _log.error(sqle, sqle);
1169 }
1170 finally {
1171 DataAccess.cleanUp(con, ps, rs);
1172 }
1173
1174 return 0;
1175 }
1176
1177 protected PermissionedModel getPermissionedModel(
1178 AuditedModel auditedModel) {
1179
1180 PermissionedModel permissionedModel = null;
1181
1182 if (auditedModel instanceof PermissionedModel) {
1183 permissionedModel = (PermissionedModel)auditedModel;
1184 }
1185
1186 return permissionedModel;
1187 }
1188
1189 protected Resource getResource_1to5(
1190 long companyId, String name, int scope, String primKey)
1191 throws PortalException, SystemException {
1192
1193 ResourceCode resourceCode = resourceCodeLocalService.getResourceCode(
1194 companyId, name, scope);
1195
1196 return resourcePersistence.findByC_P(resourceCode.getCodeId(), primKey);
1197 }
1198
1199 protected Resource getResource_6(
1200 long companyId, String name, int scope, String primKey) {
1201
1202 Resource resource = new ResourceImpl();
1203
1204 resource.setCompanyId(companyId);
1205 resource.setName(name);
1206 resource.setScope(scope);
1207 resource.setPrimKey(primKey);
1208
1209 return resource;
1210 }
1211
1212 protected void updateResources(
1213 long companyId, long groupId, String name, String primKey,
1214 String[] groupPermissions, String[] guestPermissions,
1215 PermissionedModel permissionedModel)
1216 throws PortalException, SystemException {
1217
1218 Resource resource = getResource(
1219 companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey);
1220
1221 if (groupPermissions == null) {
1222 groupPermissions = new String[0];
1223 }
1224
1225 if (guestPermissions == null) {
1226 guestPermissions = new String[0];
1227 }
1228
1229 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
1230 if (resourceBlockLocalService.isSupported(name)) {
1231 updateResources_6Blocks(
1232 companyId, groupId, resource, groupPermissions,
1233 guestPermissions, permissionedModel);
1234 }
1235 else {
1236 updateResources_6(
1237 companyId, groupId, resource, groupPermissions,
1238 guestPermissions);
1239 }
1240 }
1241 else {
1242 updateResources_1to5(
1243 companyId, groupId, resource, groupPermissions,
1244 guestPermissions);
1245 }
1246 }
1247
1248 protected void updateResources_1to5(
1249 long companyId, long groupId, Resource resource,
1250 String[] groupPermissions, String[] guestPermissions)
1251 throws PortalException, SystemException {
1252
1253 Role role = roleLocalService.getDefaultGroupRole(groupId);
1254
1255 permissionLocalService.setRolePermissions(
1256 role.getRoleId(), groupPermissions, resource.getResourceId());
1257
1258 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1259
1260 permissionLocalService.setRolePermissions(
1261 role.getRoleId(), guestPermissions, resource.getResourceId());
1262 }
1263
1264 protected void updateResources_1to5(
1265 long companyId, String name, int scope, String primKey,
1266 String newPrimKey)
1267 throws PortalException, SystemException {
1268
1269 Resource resource = getResource(companyId, name, scope, primKey);
1270
1271 resource.setPrimKey(newPrimKey);
1272
1273 resourcePersistence.update(resource, false);
1274 }
1275
1276 protected void updateResources_6(
1277 long companyId, long groupId, Resource resource,
1278 String[] groupPermissions, String[] guestPermissions)
1279 throws PortalException, SystemException {
1280
1281 Role role = roleLocalService.getDefaultGroupRole(groupId);
1282
1283 resourcePermissionLocalService.setResourcePermissions(
1284 resource.getCompanyId(), resource.getName(), resource.getScope(),
1285 resource.getPrimKey(), role.getRoleId(), groupPermissions);
1286
1287 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1288
1289 resourcePermissionLocalService.setResourcePermissions(
1290 resource.getCompanyId(), resource.getName(), resource.getScope(),
1291 resource.getPrimKey(), role.getRoleId(), guestPermissions);
1292 }
1293
1294 protected void updateResources_6(
1295 long companyId, String name, int scope, String primKey,
1296 String newPrimKey)
1297 throws SystemException {
1298
1299 List<ResourcePermission> resourcePermissions =
1300 resourcePermissionLocalService.getResourcePermissions(
1301 companyId, name, scope, primKey);
1302
1303 for (ResourcePermission resourcePermission : resourcePermissions) {
1304 resourcePermission.setPrimKey(newPrimKey);
1305
1306 resourcePermissionPersistence.update(resourcePermission, false);
1307 }
1308 }
1309
1310 protected void updateResources_6Blocks(
1311 long companyId, long groupId, Resource resource,
1312 String[] groupPermissions, String[] guestPermissions,
1313 PermissionedModel permissionedModel)
1314 throws PortalException, SystemException {
1315
1316 if (permissionedModel == null) {
1317 throw new IllegalArgumentException("Permissioned model is null");
1318 }
1319
1320
1321
1322 Role role = roleLocalService.getDefaultGroupRole(groupId);
1323
1324 resourceBlockLocalService.setIndividualScopePermissions(
1325 companyId, groupId, resource.getName(), permissionedModel,
1326 role.getRoleId(), Arrays.asList(groupPermissions));
1327
1328 role = roleLocalService.getRole(companyId, RoleConstants.GUEST);
1329
1330 resourceBlockLocalService.setIndividualScopePermissions(
1331 companyId, groupId, resource.getName(), permissionedModel,
1332 role.getRoleId(), Arrays.asList(guestPermissions));
1333 }
1334
1335 protected void validate(String name, boolean portletActions)
1336 throws PortalException {
1337
1338 List<String> actions = null;
1339
1340 if (portletActions) {
1341 actions = ResourceActionsUtil.getPortletResourceActions(name);
1342 }
1343 else {
1344 actions = ResourceActionsUtil.getModelResourceActions(name);
1345 }
1346
1347 if (actions.size() == 0) {
1348 throw new ResourceActionsException(
1349 "There are no actions associated with the resource " + name);
1350 }
1351 }
1352
1353 private static Log _log = LogFactoryUtil.getLog(
1354 ResourceLocalServiceImpl.class);
1355
1356 }