001
014
015 package com.liferay.portlet.admin.util;
016
017 import com.liferay.portal.model.Group;
018 import com.liferay.portal.model.GroupConstants;
019 import com.liferay.portal.model.Permission;
020 import com.liferay.portal.model.ResourceConstants;
021 import com.liferay.portal.model.ResourcePermission;
022 import com.liferay.portal.model.Role;
023 import com.liferay.portal.model.RoleConstants;
024 import com.liferay.portal.security.permission.ActionKeys;
025 import com.liferay.portal.service.GroupLocalServiceUtil;
026 import com.liferay.portal.service.PermissionLocalServiceUtil;
027 import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
028 import com.liferay.portal.service.RoleLocalServiceUtil;
029 import com.liferay.portal.util.PortalUtil;
030 import com.liferay.portal.util.PropsValues;
031
032 import java.util.List;
033
034 import javax.portlet.ActionRequest;
035
036
039 public class CleanUpPermissionsUtil {
040
041 public static void cleanUpAddToPagePermissions(ActionRequest actionRequest)
042 throws Exception {
043
044 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 5) {
045 _cleanUpAddToPagePermissions_5(actionRequest);
046 }
047 else if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
048 _cleanUpAddToPagePermissions_6(actionRequest);
049 }
050 }
051
052 private static void _cleanUpAddToPagePermissions_5(
053 ActionRequest actionRequest)
054 throws Exception {
055
056 long companyId = PortalUtil.getCompanyId(actionRequest);
057
058 Role role = RoleLocalServiceUtil.getRole(
059 companyId, RoleConstants.GUEST);
060
061 _cleanUpAddToPagePermissions_5(companyId, role.getRoleId(), false);
062
063 role = RoleLocalServiceUtil.getRole(
064 companyId, RoleConstants.POWER_USER);
065
066 _cleanUpAddToPagePermissions_5(companyId, role.getRoleId(), false);
067
068 role = RoleLocalServiceUtil.getRole(
069 companyId, RoleConstants.USER);
070
071 _cleanUpAddToPagePermissions_5(companyId, role.getRoleId(), true);
072 }
073
074 private static void _cleanUpAddToPagePermissions_5(
075 long companyId, long roleId, boolean limitScope)
076 throws Exception {
077
078 List<Permission> rolePermissions =
079 PermissionLocalServiceUtil.getRolePermissions(roleId);
080
081 Group userPersonalSite = GroupLocalServiceUtil.getGroup(
082 companyId, GroupConstants.USER_PERSONAL_SITE);
083
084 String groupIdString = String.valueOf(userPersonalSite.getGroupId());
085
086 for (Permission permission : rolePermissions) {
087 if (permission.getActionId() != ActionKeys.ADD_TO_PAGE) {
088 continue;
089 }
090
091 PermissionLocalServiceUtil.unsetRolePermission(
092 roleId, companyId, permission.getName(), permission.getScope(),
093 permission.getPrimKey(), ActionKeys.ADD_TO_PAGE);
094
095 if (!limitScope || groupIdString.equals(permission.getPrimKey())) {
096 continue;
097 }
098
099 PermissionLocalServiceUtil.setRolePermission(
100 roleId, companyId, permission.getName(),
101 ResourceConstants.SCOPE_GROUP, groupIdString,
102 ActionKeys.ADD_TO_PAGE);
103 }
104 }
105
106 private static void _cleanUpAddToPagePermissions_6(
107 ActionRequest actionRequest)
108 throws Exception {
109
110 long companyId = PortalUtil.getCompanyId(actionRequest);
111
112 Role role = RoleLocalServiceUtil.getRole(
113 companyId, RoleConstants.GUEST);
114
115 _cleanUpAddToPagePermissions_6(companyId, role.getRoleId(), false);
116
117 role = RoleLocalServiceUtil.getRole(
118 companyId, RoleConstants.POWER_USER);
119
120 _cleanUpAddToPagePermissions_6(companyId, role.getRoleId(), false);
121
122 role = RoleLocalServiceUtil.getRole(
123 companyId, RoleConstants.USER);
124
125 _cleanUpAddToPagePermissions_6(companyId, role.getRoleId(), true);
126 }
127
128 private static void _cleanUpAddToPagePermissions_6(
129 long companyId, long roleId, boolean limitScope)
130 throws Exception {
131
132 List<ResourcePermission> roleResourcePermissions =
133 ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
134 roleId);
135
136 Group userPersonalSite = GroupLocalServiceUtil.getGroup(
137 companyId, GroupConstants.USER_PERSONAL_SITE);
138
139 String groupIdString = String.valueOf(userPersonalSite.getGroupId());
140
141 for (ResourcePermission resourcePermission : roleResourcePermissions) {
142 if (!resourcePermission.hasActionId(ActionKeys.ADD_TO_PAGE)) {
143 continue;
144 }
145
146 ResourcePermissionLocalServiceUtil.removeResourcePermission(
147 companyId, resourcePermission.getName(),
148 resourcePermission.getScope(), resourcePermission.getPrimKey(),
149 roleId, ActionKeys.ADD_TO_PAGE);
150
151 if (!limitScope ||
152 groupIdString.equals(resourcePermission.getPrimKey())) {
153
154 continue;
155 }
156
157 ResourcePermissionLocalServiceUtil.addResourcePermission(
158 companyId, resourcePermission.getName(),
159 ResourceConstants.SCOPE_GROUP, groupIdString, roleId,
160 ActionKeys.ADD_TO_PAGE);
161 }
162 }
163
164 }