001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portlet.rolesadmin.lar;
016    
017    import com.liferay.portal.kernel.dao.orm.DynamicQuery;
018    import com.liferay.portal.kernel.dao.orm.Junction;
019    import com.liferay.portal.kernel.dao.orm.Property;
020    import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021    import com.liferay.portal.kernel.dao.orm.QueryUtil;
022    import com.liferay.portal.kernel.dao.orm.RestrictionsFactoryUtil;
023    import com.liferay.portal.kernel.exception.PortalException;
024    import com.liferay.portal.kernel.exception.SystemException;
025    import com.liferay.portal.kernel.lar.BaseStagedModelDataHandler;
026    import com.liferay.portal.kernel.lar.ExportImportPathUtil;
027    import com.liferay.portal.kernel.lar.PortletDataContext;
028    import com.liferay.portal.kernel.log.Log;
029    import com.liferay.portal.kernel.log.LogFactoryUtil;
030    import com.liferay.portal.kernel.util.GetterUtil;
031    import com.liferay.portal.kernel.xml.Element;
032    import com.liferay.portal.model.Group;
033    import com.liferay.portal.model.GroupConstants;
034    import com.liferay.portal.model.Permission;
035    import com.liferay.portal.model.ResourceConstants;
036    import com.liferay.portal.model.ResourcePermission;
037    import com.liferay.portal.model.ResourceTypePermission;
038    import com.liferay.portal.model.Role;
039    import com.liferay.portal.model.User;
040    import com.liferay.portal.security.permission.PermissionChecker;
041    import com.liferay.portal.security.permission.PermissionConversionFilter;
042    import com.liferay.portal.security.permission.PermissionConverterUtil;
043    import com.liferay.portal.security.permission.PermissionThreadLocal;
044    import com.liferay.portal.service.GroupLocalServiceUtil;
045    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
046    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
047    import com.liferay.portal.service.ResourcePermissionServiceUtil;
048    import com.liferay.portal.service.ResourceTypePermissionLocalServiceUtil;
049    import com.liferay.portal.service.RoleLocalServiceUtil;
050    import com.liferay.portal.service.ServiceContext;
051    
052    import java.util.List;
053    
054    /**
055     * @author David Mendez Gonzalez
056     * @author Michael C. Han
057     */
058    public class RoleStagedModelDataHandler
059            extends BaseStagedModelDataHandler<Role> {
060    
061            public static final String[] CLASS_NAMES = {Role.class.getName()};
062    
063            @Override
064            public void deleteStagedModel(
065                            String uuid, long groupId, String className, String extraData)
066                    throws PortalException, SystemException {
067    
068                    Group group = GroupLocalServiceUtil.getGroup(groupId);
069    
070                    Role role = RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(
071                            uuid, group.getCompanyId());
072    
073                    if (role != null) {
074                            RoleLocalServiceUtil.deleteRole(role);
075                    }
076            }
077    
078            @Override
079            public String[] getClassNames() {
080                    return CLASS_NAMES;
081            }
082    
083            @Override
084            public String getDisplayName(Role role) {
085                    return role.getName();
086            }
087    
088            protected void deleteRolePermissions(
089                            PortletDataContext portletDataContext, Role importedRole)
090                    throws SystemException {
091    
092                    List<ResourcePermission> resourcePermissions =
093                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
094                                    importedRole.getRoleId(),
095                                    new int[] {
096                                            ResourceConstants.SCOPE_COMPANY,
097                                            ResourceConstants.SCOPE_GROUP_TEMPLATE
098                                    },
099                                    QueryUtil.ALL_POS, QueryUtil.ALL_POS);
100    
101                    for (ResourcePermission resourcePermission : resourcePermissions) {
102                            ResourcePermissionLocalServiceUtil.deleteResourcePermission(
103                                    resourcePermission);
104                    }
105    
106                    List<ResourcePermission> groupResourcePermissions =
107                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
108                                    importedRole.getRoleId(),
109                                    new int[] {ResourceConstants.SCOPE_GROUP},
110                                    QueryUtil.ALL_POS, QueryUtil.ALL_POS);
111    
112                    for (ResourcePermission groupResourcePermission :
113                                    groupResourcePermissions) {
114    
115                            long groupId = GetterUtil.getLong(
116                                    groupResourcePermission.getPrimKey());
117    
118                            if ((groupId == portletDataContext.getCompanyGroupId()) ||
119                                    (groupId == portletDataContext.getUserPersonalSiteGroupId())) {
120    
121                                    ResourcePermissionLocalServiceUtil.deleteResourcePermission(
122                                            groupResourcePermission);
123                            }
124                    }
125    
126                    List<ResourceTypePermission> resourceTypePermissions =
127                            getResourceTypePermissions(portletDataContext, importedRole);
128    
129                    for (ResourceTypePermission resourceTypePermission :
130                                    resourceTypePermissions) {
131    
132                            ResourceTypePermissionLocalServiceUtil.deleteResourceTypePermission(
133                                    resourceTypePermission);
134                    }
135            }
136    
137            @Override
138            protected void doExportStagedModel(
139                            PortletDataContext portletDataContext, Role role)
140                    throws Exception {
141    
142                    String permissionsPath = ExportImportPathUtil.getModelPath(
143                            role, "permissions.xml");
144    
145                    List<Permission> permissions =
146                            PermissionConverterUtil.convertPermissions(
147                                    role, _permissionConversionFilter);
148    
149                    String xml = portletDataContext.toXML(permissions);
150    
151                    portletDataContext.addZipEntry(permissionsPath, xml);
152    
153                    Element roleElement = portletDataContext.getExportDataElement(role);
154    
155                    portletDataContext.addClassedModel(
156                            roleElement, ExportImportPathUtil.getModelPath(role), role);
157            }
158    
159            @Override
160            protected void doImportStagedModel(
161                            PortletDataContext portletDataContext, Role role)
162                    throws Exception {
163    
164                    long userId = portletDataContext.getUserId(role.getUserUuid());
165    
166                    ServiceContext serviceContext = portletDataContext.createServiceContext(
167                            role);
168    
169                    Role existingRole = RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(
170                            role.getUuid(), portletDataContext.getCompanyId());
171    
172                    if (existingRole == null) {
173                            existingRole = RoleLocalServiceUtil.fetchRole(
174                                    portletDataContext.getCompanyId(), role.getName());
175                    }
176    
177                    Role importedRole = null;
178    
179                    if (existingRole == null) {
180                            serviceContext.setUuid(role.getUuid());
181    
182                            importedRole = RoleLocalServiceUtil.addRole(
183                                    userId, null, 0, role.getName(), role.getTitleMap(),
184                                    role.getDescriptionMap(), role.getType(), role.getSubtype(),
185                                    serviceContext);
186                    }
187                    else {
188                            importedRole = RoleLocalServiceUtil.updateRole(
189                                    existingRole.getRoleId(), role.getName(), role.getTitleMap(),
190                                    role.getDescriptionMap(), role.getSubtype(), serviceContext);
191    
192                            deleteRolePermissions(portletDataContext, importedRole);
193                    }
194    
195                    String permissionsPath = ExportImportPathUtil.getModelPath(
196                            role, "permissions.xml");
197    
198                    List<Permission> permissions =
199                            (List<Permission>)portletDataContext.getZipEntryAsObject(
200                                    permissionsPath);
201    
202                    for (Permission permission : permissions) {
203                            if (ResourceBlockLocalServiceUtil.isSupported(
204                                            permission.getName())) {
205    
206                                    importResourceBlock(
207                                            portletDataContext, importedRole, permission);
208                            }
209                            else {
210                                    importResourcePermissions(
211                                            portletDataContext, importedRole, permission);
212                            }
213                    }
214    
215                    portletDataContext.importClassedModel(role, importedRole);
216            }
217    
218            protected List<ResourceTypePermission> getResourceTypePermissions(
219                            PortletDataContext portletDataContext, Role importedRole)
220                    throws SystemException {
221    
222                    DynamicQuery dynamicQuery =
223                            ResourceTypePermissionLocalServiceUtil.dynamicQuery();
224    
225                    Property companyIdProperty = PropertyFactoryUtil.forName("companyId");
226    
227                    dynamicQuery.add(
228                            companyIdProperty.eq(portletDataContext.getCompanyId()));
229    
230                    Junction junction = RestrictionsFactoryUtil.disjunction();
231    
232                    long[] permissibleGroupIds = {
233                            GroupConstants.DEFAULT_PARENT_GROUP_ID,
234                            portletDataContext.getCompanyId(),
235                            portletDataContext.getCompanyGroupId(),
236                            portletDataContext.getUserPersonalSiteGroupId()
237                    };
238    
239                    for (long permissibleGroupId : permissibleGroupIds) {
240                            Property property = PropertyFactoryUtil.forName("groupId");
241    
242                            junction.add(property.eq(permissibleGroupId));
243                    }
244    
245                    dynamicQuery.add(junction);
246    
247                    Property roleIdProperty = PropertyFactoryUtil.forName("roleId");
248    
249                    dynamicQuery.add(roleIdProperty.eq(importedRole.getRoleId()));
250    
251                    return ResourceTypePermissionLocalServiceUtil.dynamicQuery(
252                            dynamicQuery);
253            }
254    
255            protected void importResourceBlock(
256                            PortletDataContext portletDataContext, Role importedRole,
257                            Permission permission)
258                    throws PortalException, SystemException {
259    
260                    int scope = permission.getScope();
261    
262                    if (scope == ResourceConstants.SCOPE_COMPANY) {
263                            ResourceBlockLocalServiceUtil.addCompanyScopePermission(
264                                    portletDataContext.getCompanyId(), permission.getName(),
265                                    importedRole.getRoleId(), permission.getActionId());
266                    }
267                    else if (scope == ResourceConstants.SCOPE_GROUP) {
268                            long groupId = portletDataContext.getCompanyGroupId();
269    
270                            long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());
271    
272                            if (sourceGroupId ==
273                                            portletDataContext.getSourceUserPersonalSiteGroupId()) {
274    
275                                    groupId = portletDataContext.getUserPersonalSiteGroupId();
276                            }
277    
278                            ResourceBlockLocalServiceUtil.addGroupScopePermission(
279                                    portletDataContext.getCompanyId(), groupId,
280                                    permission.getName(), importedRole.getRoleId(),
281                                    permission.getActionId());
282                    }
283                    else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
284                            ResourceBlockLocalServiceUtil.addGroupScopePermission(
285                                    portletDataContext.getCompanyId(),
286                                    GroupConstants.DEFAULT_PARENT_GROUP_ID, permission.getName(),
287                                    importedRole.getRoleId(), permission.getActionId());
288                    }
289                    else {
290                            if (_log.isDebugEnabled()) {
291                                    _log.debug("Individually scoped permissions are not exported");
292                            }
293                    }
294            }
295    
296            protected void importResourcePermissions(
297                            PortletDataContext portletDataContext, Role importedRole,
298                            Permission permission)
299                    throws PortalException, SystemException {
300    
301                    int scope = permission.getScope();
302    
303                    if (scope == ResourceConstants.SCOPE_COMPANY) {
304                            ResourcePermissionServiceUtil.addResourcePermission(
305                                    portletDataContext.getCompanyGroupId(),
306                                    portletDataContext.getCompanyId(), permission.getName(), scope,
307                                    String.valueOf(portletDataContext.getCompanyId()),
308                                    importedRole.getRoleId(), permission.getActionId());
309                    }
310                    else if (scope == ResourceConstants.SCOPE_GROUP) {
311                            long groupId = portletDataContext.getCompanyGroupId();
312                            long primaryKey = groupId;
313    
314                            long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());
315    
316                            if (sourceGroupId ==
317                                            portletDataContext.getSourceUserPersonalSiteGroupId()) {
318    
319                                    PermissionChecker permissionChecker =
320                                            PermissionThreadLocal.getPermissionChecker();
321    
322                                    User user = permissionChecker.getUser();
323    
324                                    groupId = user.getGroupId();
325    
326                                    primaryKey = portletDataContext.getUserPersonalSiteGroupId();
327                            }
328    
329                            ResourcePermissionServiceUtil.addResourcePermission(
330                                    groupId, portletDataContext.getCompanyId(),
331                                    permission.getName(), ResourceConstants.SCOPE_GROUP,
332                                    String.valueOf(primaryKey), importedRole.getRoleId(),
333                                    permission.getActionId());
334                    }
335                    else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
336                            ResourcePermissionServiceUtil.addResourcePermission(
337                                    GroupConstants.DEFAULT_PARENT_GROUP_ID,
338                                    portletDataContext.getCompanyId(), permission.getName(),
339                                    ResourceConstants.SCOPE_GROUP_TEMPLATE,
340                                    String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),
341                                    importedRole.getRoleId(), permission.getActionId());
342                    }
343                    else {
344                            if (_log.isDebugEnabled()) {
345                                    _log.debug("Individually scoped permissions are not imported");
346                            }
347                    }
348            }
349    
350            private static Log _log = LogFactoryUtil.getLog(
351                    RoleStagedModelDataHandler.class);
352    
353            private PermissionConversionFilter _permissionConversionFilter =
354                    new ImportExportPermissionConversionFilter();
355    
356    }