1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.persistence;
24  
25  import com.liferay.portal.SystemException;
26  import com.liferay.portal.kernel.dao.orm.FinderCacheUtil;
27  import com.liferay.portal.kernel.dao.orm.QueryPos;
28  import com.liferay.portal.kernel.dao.orm.SQLQuery;
29  import com.liferay.portal.kernel.dao.orm.Session;
30  import com.liferay.portal.kernel.dao.orm.Type;
31  import com.liferay.portal.kernel.util.ArrayUtil;
32  import com.liferay.portal.kernel.util.ListUtil;
33  import com.liferay.portal.kernel.util.StringUtil;
34  import com.liferay.portal.model.Group;
35  import com.liferay.portal.model.Permission;
36  import com.liferay.portal.model.Role;
37  import com.liferay.portal.model.impl.PermissionImpl;
38  import com.liferay.portal.model.impl.PermissionModelImpl;
39  import com.liferay.portal.service.persistence.impl.BasePersistenceImpl;
40  import com.liferay.util.dao.orm.CustomSQLUtil;
41  
42  import java.util.Iterator;
43  import java.util.List;
44  
45  /**
46   * <a href="PermissionFinderImpl.java.html"><b><i>View Source</i></b></a>
47   *
48   * @author Brian Wing Shun Chan
49   *
50   */
51  public class PermissionFinderImpl
52      extends BasePersistenceImpl implements PermissionFinder {
53  
54      public static String COUNT_BY_GROUPS_PERMISSIONS =
55          PermissionFinder.class.getName() + ".countByGroupsPermissions";
56  
57      public static String COUNT_BY_GROUPS_ROLES =
58          PermissionFinder.class.getName() + ".countByGroupsRoles";
59  
60      public static String COUNT_BY_ROLES_PERMISSIONS =
61          PermissionFinder.class.getName() + ".countByRolesPermissions";
62  
63      public static String COUNT_BY_USER_GROUP_ROLE =
64          PermissionFinder.class.getName() + ".countByUserGroupRole";
65  
66      public static String COUNT_BY_USERS_PERMISSIONS =
67          PermissionFinder.class.getName() + ".countByUsersPermissions";
68  
69      public static String COUNT_BY_USERS_ROLES =
70          PermissionFinder.class.getName() + ".countByUsersRoles";
71  
72      public static String FIND_BY_A_R =
73          PermissionFinder.class.getName() + ".findByA_R";
74  
75      public static String FIND_BY_G_R =
76          PermissionFinder.class.getName() + ".findByG_R";
77  
78      public static String FIND_BY_R_R =
79          PermissionFinder.class.getName() + ".findByR_R";
80  
81      public static String FIND_BY_U_R =
82          PermissionFinder.class.getName() + ".findByU_R";
83  
84      public static String FIND_BY_O_G_R =
85          PermissionFinder.class.getName() + ".findByO_G_R";
86  
87      public static String FIND_BY_U_A_R =
88          PermissionFinder.class.getName() + ".findByU_A_R";
89  
90      public static String FIND_BY_G_C_N_S_P =
91          PermissionFinder.class.getName() + ".findByG_C_N_S_P";
92  
93      public static String FIND_BY_U_C_N_S_P =
94          PermissionFinder.class.getName() + ".findByU_C_N_S_P";
95  
96      public boolean containsPermissions_2(
97              List<Permission> permissions, long userId, List<Group> groups,
98              long groupId)
99          throws SystemException {
100 
101         Session session = null;
102 
103         try {
104             session = openSession();
105 
106             String sql = null;
107 
108             StringBuilder sb = new StringBuilder();
109 
110             if (groups.size() > 0) {
111                 sb.append("(");
112                 sb.append(CustomSQLUtil.get(COUNT_BY_GROUPS_ROLES));
113                 sb.append(") ");
114 
115                 sql = sb.toString();
116 
117                 sql = StringUtil.replace(
118                     sql, "[$PERMISSION_IDS$]",
119                     getPermissionIds(permissions, "Roles_Permissions"));
120                 sql = StringUtil.replace(
121                     sql, "[$GROUP_IDS$]", getGroupIds(groups, "Groups_Roles"));
122 
123                 sb = new StringBuilder();
124 
125                 sb.append(sql);
126 
127                 sb.append("UNION ALL (");
128                 sb.append(CustomSQLUtil.get(COUNT_BY_GROUPS_PERMISSIONS));
129                 sb.append(") ");
130 
131                 sql = sb.toString();
132 
133                 sql = StringUtil.replace(
134                     sql, "[$PERMISSION_IDS$]",
135                     getPermissionIds(permissions, "Groups_Permissions"));
136                 sql = StringUtil.replace(
137                     sql, "[$GROUP_IDS$]",
138                     getGroupIds(groups, "Groups_Permissions"));
139 
140                 sb = new StringBuilder();
141 
142                 sb.append(sql);
143 
144                 sb.append("UNION ALL ");
145             }
146 
147             sb.append("(");
148             sb.append(CustomSQLUtil.get(COUNT_BY_USERS_ROLES));
149             sb.append(") ");
150 
151             sql = sb.toString();
152 
153             sql = StringUtil.replace(
154                 sql, "[$PERMISSION_IDS$]",
155                 getPermissionIds(permissions, "Roles_Permissions"));
156 
157             sb = new StringBuilder();
158 
159             sb.append(sql);
160 
161             sb.append("UNION ALL (");
162             sb.append(CustomSQLUtil.get(COUNT_BY_USER_GROUP_ROLE));
163             sb.append(") ");
164 
165             sql = sb.toString();
166 
167             sql = StringUtil.replace(
168                 sql, "[$PERMISSION_IDS$]",
169                 getPermissionIds(permissions, "Roles_Permissions"));
170 
171             sb = new StringBuilder();
172 
173             sb.append(sql);
174 
175             sb.append("UNION ALL (");
176             sb.append(CustomSQLUtil.get(COUNT_BY_USERS_PERMISSIONS));
177             sb.append(") ");
178 
179             sql = sb.toString();
180 
181             sql = StringUtil.replace(
182                 sql, "[$PERMISSION_IDS$]",
183                 getPermissionIds(permissions, "Users_Permissions"));
184 
185             SQLQuery q = session.createSQLQuery(sql);
186 
187             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
188 
189             QueryPos qPos = QueryPos.getInstance(q);
190 
191             if (groups.size() > 0) {
192                 setPermissionIds(qPos, permissions);
193                 setGroupIds(qPos, groups);
194                 setPermissionIds(qPos, permissions);
195                 setGroupIds(qPos, groups);
196             }
197 
198             setPermissionIds(qPos, permissions);
199             qPos.add(userId);
200 
201             qPos.add(groupId);
202             setPermissionIds(qPos, permissions);
203             qPos.add(userId);
204 
205             setPermissionIds(qPos, permissions);
206             qPos.add(userId);
207 
208             Iterator<Long> itr = q.list().iterator();
209 
210             while (itr.hasNext()) {
211                 Long count = itr.next();
212 
213                 if ((count != null) && (count.intValue() > 0)) {
214                     return true;
215                 }
216             }
217 
218             return false;
219         }
220         catch (Exception e) {
221             throw new SystemException(e);
222         }
223         finally {
224             closeSession(session);
225         }
226     }
227 
228     public boolean containsPermissions_4(
229             List<Permission> permissions, long userId, List<Group> groups,
230             List<Role> roles)
231         throws SystemException {
232 
233         Session session = null;
234 
235         try {
236             session = openSession();
237 
238             String sql = null;
239 
240             StringBuilder sb = new StringBuilder();
241 
242             if (groups.size() > 0) {
243                 sb.append("(");
244                 sb.append(CustomSQLUtil.get(COUNT_BY_GROUPS_PERMISSIONS));
245                 sb.append(") ");
246 
247                 sql = sb.toString();
248 
249                 sql = StringUtil.replace(
250                     sql, "[$PERMISSION_IDS$]",
251                     getPermissionIds(permissions, "Groups_Permissions"));
252                 sql = StringUtil.replace(
253                     sql, "[$GROUP_IDS$]",
254                     getGroupIds(groups, "Groups_Permissions"));
255 
256                 sb = new StringBuilder();
257 
258                 sb.append(sql);
259 
260                 sb.append("UNION ALL ");
261             }
262 
263             if (roles.size() > 0) {
264                 sb.append("(");
265                 sb.append(CustomSQLUtil.get(COUNT_BY_ROLES_PERMISSIONS));
266                 sb.append(") ");
267 
268                 sql = sb.toString();
269 
270                 sql = StringUtil.replace(
271                     sql, "[$PERMISSION_IDS$]",
272                     getPermissionIds(permissions, "Roles_Permissions"));
273                 sql = StringUtil.replace(
274                     sql, "[$ROLE_IDS$]",
275                     getRoleIds(roles, "Roles_Permissions"));
276 
277                 sb = new StringBuilder();
278 
279                 sb.append(sql);
280 
281                 sb.append("UNION ALL ");
282             }
283 
284             sb.append("(");
285             sb.append(CustomSQLUtil.get(COUNT_BY_USERS_PERMISSIONS));
286             sb.append(") ");
287 
288             sql = sb.toString();
289 
290             sql = StringUtil.replace(
291                 sql, "[$PERMISSION_IDS$]",
292                 getPermissionIds(permissions, "Users_Permissions"));
293 
294             SQLQuery q = session.createSQLQuery(sql);
295 
296             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
297 
298             QueryPos qPos = QueryPos.getInstance(q);
299 
300             if (groups.size() > 0) {
301                 setPermissionIds(qPos, permissions);
302                 setGroupIds(qPos, groups);
303             }
304 
305             if (roles.size() > 0) {
306                 setPermissionIds(qPos, permissions);
307                 setRoleIds(qPos, roles);
308             }
309 
310             setPermissionIds(qPos, permissions);
311             qPos.add(userId);
312 
313             Iterator<Long> itr = q.list().iterator();
314 
315             while (itr.hasNext()) {
316                 Long count = itr.next();
317 
318                 if ((count != null) && (count.intValue() > 0)) {
319                     return true;
320                 }
321             }
322 
323             return false;
324         }
325         catch (Exception e) {
326             throw new SystemException(e);
327         }
328         finally {
329             closeSession(session);
330         }
331     }
332 
333     public int countByGroupsPermissions(
334             List<Permission> permissions, List<Group> groups)
335         throws SystemException {
336 
337         Session session = null;
338 
339         try {
340             session = openSession();
341 
342             String sql = CustomSQLUtil.get(COUNT_BY_GROUPS_PERMISSIONS);
343 
344             sql = StringUtil.replace(
345                 sql, "[$PERMISSION_IDS$]",
346                 getPermissionIds(permissions, "Groups_Permissions"));
347             sql = StringUtil.replace(
348                 sql, "[$GROUP_IDS$]",
349                 getGroupIds(groups, "Groups_Permissions"));
350 
351             SQLQuery q = session.createSQLQuery(sql);
352 
353             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
354 
355             QueryPos qPos = QueryPos.getInstance(q);
356 
357             setPermissionIds(qPos, permissions);
358             setGroupIds(qPos, groups);
359 
360             Iterator<Long> itr = q.list().iterator();
361 
362             if (itr.hasNext()) {
363                 Long count = itr.next();
364 
365                 if (count != null) {
366                     return count.intValue();
367                 }
368             }
369 
370             return 0;
371         }
372         catch (Exception e) {
373             throw new SystemException(e);
374         }
375         finally {
376             closeSession(session);
377         }
378     }
379 
380     public int countByGroupsRoles(
381             List<Permission> permissions, List<Group> groups)
382         throws SystemException {
383 
384         Session session = null;
385 
386         try {
387             session = openSession();
388 
389             String sql = CustomSQLUtil.get(COUNT_BY_GROUPS_ROLES);
390 
391             sql = StringUtil.replace(
392                 sql, "[$PERMISSION_IDS$]",
393                 getPermissionIds(permissions, "Roles_Permissions"));
394             sql = StringUtil.replace(
395                 sql, "[$GROUP_IDS$]", getGroupIds(groups, "Groups_Roles"));
396 
397             SQLQuery q = session.createSQLQuery(sql);
398 
399             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
400 
401             QueryPos qPos = QueryPos.getInstance(q);
402 
403             setPermissionIds(qPos, permissions);
404             setGroupIds(qPos, groups);
405 
406             Iterator<Long> itr = q.list().iterator();
407 
408             if (itr.hasNext()) {
409                 Long count = itr.next();
410 
411                 if (count != null) {
412                     return count.intValue();
413                 }
414             }
415 
416             return 0;
417         }
418         catch (Exception e) {
419             throw new SystemException(e);
420         }
421         finally {
422             closeSession(session);
423         }
424     }
425 
426     public int countByRolesPermissions(
427             List<Permission> permissions, List<Role> roles)
428         throws SystemException {
429 
430         boolean finderClassNameCacheEnabled =
431             PermissionModelImpl.CACHE_ENABLED_ROLES_PERMISSIONS;
432         String finderClassName = Permission.class.getName();
433         String finderMethodName = "customCountByRolesPermissions";
434         String finderParams[] = new String[] {
435             java.util.List.class.getName(), java.util.List.class.getName()
436         };
437         Object finderArgs[] = new Object[] {
438             ListUtil.toString(permissions, "permissionId"),
439             ListUtil.toString(roles, "roleId")
440         };
441 
442         Object result = FinderCacheUtil.getResult(
443             finderClassName, finderMethodName, finderParams, finderArgs, this);
444 
445         if (result == null) {
446             Session session = null;
447 
448             try {
449                 session = openSession();
450 
451                 String sql = CustomSQLUtil.get(COUNT_BY_ROLES_PERMISSIONS);
452 
453                 sql = StringUtil.replace(
454                     sql, "[$PERMISSION_IDS$]",
455                     getPermissionIds(permissions, "Roles_Permissions"));
456                 sql = StringUtil.replace(
457                     sql, "[$ROLE_IDS$]",
458                     getRoleIds(roles, "Roles_Permissions"));
459 
460                 SQLQuery q = session.createSQLQuery(sql);
461 
462                 q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
463 
464                 QueryPos qPos = QueryPos.getInstance(q);
465 
466                 setPermissionIds(qPos, permissions);
467                 setRoleIds(qPos, roles);
468 
469                 int count = 0;
470 
471                 Iterator<Long> itr = q.list().iterator();
472 
473                 if (itr.hasNext()) {
474                     Long l = itr.next();
475 
476                     if (l != null) {
477                         count = l.intValue();
478                     }
479                 }
480 
481                 FinderCacheUtil.putResult(
482                     finderClassNameCacheEnabled, finderClassName,
483                     finderMethodName, finderParams, finderArgs,
484                     new Long(count));
485 
486                 return count;
487             }
488             catch (Exception e) {
489                 throw new SystemException(e);
490             }
491             finally {
492                 closeSession(session);
493             }
494         }
495         else {
496             return ((Long)result).intValue();
497         }
498     }
499 
500     public int countByUserGroupRole(
501             List<Permission> permissions, long userId, long groupId)
502         throws SystemException {
503 
504         Session session = null;
505 
506         try {
507             session = openSession();
508 
509             String sql = CustomSQLUtil.get(COUNT_BY_USER_GROUP_ROLE);
510 
511             sql = StringUtil.replace(
512                 sql, "[$PERMISSION_IDS$]",
513                 getPermissionIds(permissions, "Roles_Permissions"));
514 
515             SQLQuery q = session.createSQLQuery(sql);
516 
517             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
518 
519             QueryPos qPos = QueryPos.getInstance(q);
520 
521             qPos.add(groupId);
522             setPermissionIds(qPos, permissions);
523             qPos.add(userId);
524 
525             Iterator<Long> itr = q.list().iterator();
526 
527             if (itr.hasNext()) {
528                 Long count = itr.next();
529 
530                 if (count != null) {
531                     return count.intValue();
532                 }
533             }
534 
535             return 0;
536         }
537         catch (Exception e) {
538             throw new SystemException(e);
539         }
540         finally {
541             closeSession(session);
542         }
543     }
544 
545     public int countByUsersPermissions(
546             List<Permission> permissions, long userId)
547         throws SystemException {
548 
549         Session session = null;
550 
551         try {
552             session = openSession();
553 
554             String sql = CustomSQLUtil.get(COUNT_BY_USERS_PERMISSIONS);
555 
556             sql = StringUtil.replace(
557                 sql, "[$PERMISSION_IDS$]",
558                 getPermissionIds(permissions, "Users_Permissions"));
559 
560             SQLQuery q = session.createSQLQuery(sql);
561 
562             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
563 
564             QueryPos qPos = QueryPos.getInstance(q);
565 
566             setPermissionIds(qPos, permissions);
567             qPos.add(userId);
568 
569             Iterator<Long> itr = q.list().iterator();
570 
571             if (itr.hasNext()) {
572                 Long count = itr.next();
573 
574                 if (count != null) {
575                     return count.intValue();
576                 }
577             }
578 
579             return 0;
580         }
581         catch (Exception e) {
582             throw new SystemException(e);
583         }
584         finally {
585             closeSession(session);
586         }
587     }
588 
589     public int countByUsersRoles(List<Permission> permissions, long userId)
590         throws SystemException {
591 
592         Session session = null;
593 
594         try {
595             session = openSession();
596 
597             String sql = CustomSQLUtil.get(COUNT_BY_USERS_ROLES);
598 
599             sql = StringUtil.replace(
600                 sql, "[$PERMISSION_IDS$]",
601                 getPermissionIds(permissions, "Roles_Permissions"));
602 
603             SQLQuery q = session.createSQLQuery(sql);
604 
605             q.addScalar(COUNT_COLUMN_NAME, Type.LONG);
606 
607             QueryPos qPos = QueryPos.getInstance(q);
608 
609             setPermissionIds(qPos, permissions);
610             qPos.add(userId);
611 
612             Iterator<Long> itr = q.list().iterator();
613 
614             if (itr.hasNext()) {
615                 Long count = itr.next();
616 
617                 if (count != null) {
618                     return count.intValue();
619                 }
620             }
621 
622             return 0;
623         }
624         catch (Exception e) {
625             throw new SystemException(e);
626         }
627         finally {
628             closeSession(session);
629         }
630     }
631 
632     public List<Permission> findByA_R(String actionId, long[] resourceIds)
633         throws SystemException {
634 
635         boolean finderClassNameCacheEnabled = PermissionModelImpl.CACHE_ENABLED;
636         String finderClassName = Permission.class.getName();
637         String finderMethodName = "customFindByA_R";
638         String finderParams[] = new String[] {
639             String.class.getName(), "[L" + Long.class.getName()
640         };
641         Object finderArgs[] = new Object[] {
642             actionId, StringUtil.merge(ArrayUtil.toArray(resourceIds))
643         };
644 
645         Object result = FinderCacheUtil.getResult(
646             finderClassName, finderMethodName, finderParams, finderArgs, this);
647 
648         if (result == null) {
649             Session session = null;
650 
651             try {
652                 session = openSession();
653 
654                 String sql = CustomSQLUtil.get(FIND_BY_A_R);
655 
656                 sql = StringUtil.replace(
657                     sql, "[$RESOURCE_IDS$]", getResourceIds(resourceIds));
658 
659                 SQLQuery q = session.createSQLQuery(sql);
660 
661                 q.addEntity("Permission_", PermissionImpl.class);
662 
663                 QueryPos qPos = QueryPos.getInstance(q);
664 
665                 qPos.add(actionId);
666                 setResourceIds(qPos, resourceIds);
667 
668                 List<Permission> permissions = q.list();
669 
670                 FinderCacheUtil.putResult(
671                     finderClassNameCacheEnabled, finderClassName,
672                     finderMethodName, finderParams, finderArgs, permissions);
673 
674                 return permissions;
675             }
676             catch (Exception e) {
677                 throw new SystemException(e);
678             }
679             finally {
680                 closeSession(session);
681             }
682         }
683         else {
684             return (List<Permission>)result;
685         }
686     }
687 
688     public List<Permission> findByG_R(long groupId, long resourceId)
689         throws SystemException {
690 
691         Session session = null;
692 
693         try {
694             session = openSession();
695 
696             String sql = CustomSQLUtil.get(FIND_BY_G_R);
697 
698             SQLQuery q = session.createSQLQuery(sql);
699 
700             q.addEntity("Permission_", PermissionImpl.class);
701 
702             QueryPos qPos = QueryPos.getInstance(q);
703 
704             qPos.add(groupId);
705             qPos.add(resourceId);
706 
707             return q.list();
708         }
709         catch (Exception e) {
710             throw new SystemException(e);
711         }
712         finally {
713             closeSession(session);
714         }
715     }
716 
717     public List<Permission> findByR_R(
718             long roleId, long resourceId) throws SystemException {
719         Session session = null;
720 
721         try {
722             session = openSession();
723 
724             String sql = CustomSQLUtil.get(FIND_BY_R_R);
725 
726             SQLQuery q = session.createSQLQuery(sql);
727 
728             q.addEntity("Permission_", PermissionImpl.class);
729 
730             QueryPos qPos = QueryPos.getInstance(q);
731 
732             qPos.add(roleId);
733             qPos.add(resourceId);
734 
735             return q.list();
736         }
737         catch (Exception e) {
738             throw new SystemException(e);
739         }
740         finally {
741             closeSession(session);
742         }
743     }
744 
745     public List<Permission> findByU_R(long userId, long resourceId)
746         throws SystemException {
747 
748         Session session = null;
749 
750         try {
751             session = openSession();
752 
753             String sql = CustomSQLUtil.get(FIND_BY_U_R);
754 
755             SQLQuery q = session.createSQLQuery(sql);
756 
757             q.addEntity("Permission_", PermissionImpl.class);
758 
759             QueryPos qPos = QueryPos.getInstance(q);
760 
761             qPos.add(userId);
762             qPos.add(resourceId);
763 
764             return q.list();
765         }
766         catch (Exception e) {
767             throw new SystemException(e);
768         }
769         finally {
770             closeSession(session);
771         }
772     }
773 
774     public List<Permission> findByO_G_R(
775             long organizationId, long groupId, long resourceId)
776         throws SystemException {
777 
778         Session session = null;
779 
780         try {
781             session = openSession();
782 
783             String sql = CustomSQLUtil.get(FIND_BY_O_G_R);
784 
785             SQLQuery q = session.createSQLQuery(sql);
786 
787             q.addEntity("Permission_", PermissionImpl.class);
788 
789             QueryPos qPos = QueryPos.getInstance(q);
790 
791             qPos.add(organizationId);
792             qPos.add(groupId);
793             qPos.add(resourceId);
794 
795             return q.list();
796         }
797         catch (Exception e) {
798             throw new SystemException(e);
799         }
800         finally {
801             closeSession(session);
802         }
803     }
804 
805     public List<Permission> findByU_A_R(
806             long userId, String[] actionIds, long resourceId)
807         throws SystemException {
808 
809         Session session = null;
810 
811         try {
812             session = openSession();
813 
814             String sql = CustomSQLUtil.get(FIND_BY_U_R);
815 
816             sql = StringUtil.replace(
817                 sql, "[$ACTION_IDS$]", getActionIds(actionIds));
818 
819             SQLQuery q = session.createSQLQuery(sql);
820 
821             q.addEntity("Permission_", PermissionImpl.class);
822 
823             QueryPos qPos = QueryPos.getInstance(q);
824 
825             qPos.add(userId);
826             qPos.add(resourceId);
827 
828             return q.list();
829         }
830         catch (Exception e) {
831             throw new SystemException(e);
832         }
833         finally {
834             closeSession(session);
835         }
836     }
837 
838     public List<Permission> findByG_C_N_S_P(
839             long groupId, long companyId, String name, int scope,
840             String primKey)
841         throws SystemException {
842 
843         Session session = null;
844 
845         try {
846             session = openSession();
847 
848             String sql = CustomSQLUtil.get(FIND_BY_G_C_N_S_P);
849 
850             SQLQuery q = session.createSQLQuery(sql);
851 
852             q.addEntity("Permission_", PermissionImpl.class);
853 
854             QueryPos qPos = QueryPos.getInstance(q);
855 
856             qPos.add(groupId);
857             qPos.add(companyId);
858             qPos.add(name);
859             qPos.add(scope);
860             qPos.add(primKey);
861 
862             return q.list();
863         }
864         catch (Exception e) {
865             throw new SystemException(e);
866         }
867         finally {
868             closeSession(session);
869         }
870     }
871 
872     public List<Permission> findByU_C_N_S_P(
873             long userId, long companyId, String name, int scope, String primKey)
874         throws SystemException {
875 
876         Session session = null;
877 
878         try {
879             session = openSession();
880 
881             String sql = CustomSQLUtil.get(FIND_BY_U_C_N_S_P);
882 
883             SQLQuery q = session.createSQLQuery(sql);
884 
885             q.addEntity("Permission_", PermissionImpl.class);
886 
887             QueryPos qPos = QueryPos.getInstance(q);
888 
889             qPos.add(userId);
890             qPos.add(companyId);
891             qPos.add(name);
892             qPos.add(scope);
893             qPos.add(primKey);
894 
895             return q.list();
896         }
897         catch (Exception e) {
898             throw new SystemException(e);
899         }
900         finally {
901             closeSession(session);
902         }
903     }
904 
905     protected String getActionIds(String[] actionIds) {
906         StringBuilder sb = new StringBuilder();
907 
908         for (int i = 0; i < actionIds.length; i++) {
909             sb.append("Permission_.actionId = ?");
910 
911             if ((i + 1) < actionIds.length) {
912                 sb.append(" OR ");
913             }
914         }
915 
916         return sb.toString();
917     }
918 
919     protected String getGroupIds(List<Group> groups, String table) {
920         StringBuilder sb = new StringBuilder();
921 
922         for (int i = 0; i < groups.size(); i++) {
923             sb.append(table);
924             sb.append(".groupId = ?");
925 
926             if ((i + 1) < groups.size()) {
927                 sb.append(" OR ");
928             }
929         }
930 
931         return sb.toString();
932     }
933 
934     protected String getPermissionIds(
935         List<Permission> permissions, String table) {
936 
937         StringBuilder sb = new StringBuilder();
938 
939         for (int i = 0; i < permissions.size(); i++) {
940             sb.append(table);
941             sb.append(".permissionId = ?");
942 
943             if ((i + 1) < permissions.size()) {
944                 sb.append(" OR ");
945             }
946         }
947 
948         return sb.toString();
949     }
950 
951     protected String getResourceIds(long[] resourceIds) {
952         StringBuilder sb = new StringBuilder();
953 
954         for (int i = 0; i < resourceIds.length; i++) {
955             sb.append("resourceId = ?");
956 
957             if ((i + 1) < resourceIds.length) {
958                 sb.append(" OR ");
959             }
960         }
961 
962         return sb.toString();
963     }
964 
965     protected String getRoleIds(List<Role> roles, String table) {
966         StringBuilder sb = new StringBuilder();
967 
968         for (int i = 0; i < roles.size(); i++) {
969             sb.append(table);
970             sb.append(".roleId = ?");
971 
972             if ((i + 1) < roles.size()) {
973                 sb.append(" OR ");
974             }
975         }
976 
977         return sb.toString();
978     }
979 
980     protected void setGroupIds(QueryPos qPos, List<Group> groups) {
981         for (Group group : groups) {
982             qPos.add(group.getGroupId());
983         }
984     }
985 
986     protected void setPermissionIds(
987         QueryPos qPos, List<Permission> permissions) {
988 
989         for (Permission permission : permissions) {
990             qPos.add(permission.getPermissionId());
991         }
992     }
993 
994     protected void setResourceIds(QueryPos qPos, long[] resourceIds) {
995         for (long resourceId : resourceIds) {
996             qPos.add(resourceId);
997         }
998     }
999 
1000    protected void setRoleIds(QueryPos qPos, List<Role> roles) {
1001        for (Role role : roles) {
1002            qPos.add(role.getRoleId());
1003        }
1004    }
1005
1006}