001    /**
002     * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.upgrade.v6_1_0;
016    
017    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018    import com.liferay.portal.kernel.exception.PortalException;
019    import com.liferay.portal.kernel.exception.SystemException;
020    import com.liferay.portal.kernel.log.Log;
021    import com.liferay.portal.kernel.log.LogFactoryUtil;
022    import com.liferay.portal.kernel.upgrade.UpgradeProcess;
023    import com.liferay.portal.kernel.util.GetterUtil;
024    import com.liferay.portal.model.GroupedModel;
025    import com.liferay.portal.model.PermissionedModel;
026    import com.liferay.portal.model.ResourceBlock;
027    import com.liferay.portal.model.ResourceBlockPermissionsContainer;
028    import com.liferay.portal.model.ResourceConstants;
029    import com.liferay.portal.model.ResourcePermission;
030    import com.liferay.portal.model.RoleConstants;
031    import com.liferay.portal.security.permission.ActionKeys;
032    import com.liferay.portal.security.permission.ResourceActionsUtil;
033    import com.liferay.portal.service.PermissionLocalServiceUtil;
034    import com.liferay.portal.service.ResourceActionLocalServiceUtil;
035    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
036    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
037    import com.liferay.portal.service.RoleLocalServiceUtil;
038    import com.liferay.portal.util.PropsValues;
039    import com.liferay.portlet.bookmarks.model.BookmarksEntry;
040    import com.liferay.portlet.bookmarks.model.BookmarksFolder;
041    
042    import java.sql.Connection;
043    import java.sql.PreparedStatement;
044    import java.sql.ResultSet;
045    
046    import java.util.List;
047    
048    /**
049     * @author Alexander Chow
050     * @author Connor McKay
051     */
052    public class UpgradePermission extends UpgradeProcess {
053    
054            protected ResourceBlock convertResourcePermissions(
055                            long companyId, String name, long primKey)
056                    throws PortalException, SystemException {
057    
058                    PermissionedModel permissionedModel =
059                            ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);
060    
061                    long groupId = 0;
062    
063                    if (permissionedModel instanceof GroupedModel) {
064                            GroupedModel groupedModel = (GroupedModel)permissionedModel;
065    
066                            groupId = groupedModel.getGroupId();
067                    }
068    
069                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
070                            getResourceBlockPermissionsContainer(
071                                            companyId, groupId, name, primKey);
072    
073                    String permissionsHash =
074                            ResourceBlockLocalServiceUtil.getPermissionsHash(
075                                    resourceBlockPermissionsContainer);
076    
077                    ResourceBlock resourceBlock =
078                            ResourceBlockLocalServiceUtil.updateResourceBlockId(
079                                    companyId, groupId, name, permissionedModel, permissionsHash,
080                                    resourceBlockPermissionsContainer);
081    
082                    return resourceBlock;
083            }
084    
085            protected void convertResourcePermissions(
086                            String name, String tableName, String pkColumnName)
087                    throws Exception {
088    
089                    Connection con = null;
090                    PreparedStatement ps = null;
091                    ResultSet rs = null;
092    
093                    try {
094                            con = DataAccess.getConnection();
095    
096                            ps = con.prepareStatement(
097                                    "select " + pkColumnName + ", companyId from " + tableName);
098    
099                            rs = ps.executeQuery();
100    
101                            while (rs.next()) {
102                                    long primKey = rs.getLong(pkColumnName);
103                                    long companyId = rs.getLong("companyId");
104    
105                                    ResourceBlock resourceBlock = convertResourcePermissions(
106                                            companyId, name, primKey);
107    
108                                    if (_log.isInfoEnabled() &&
109                                            (resourceBlock.getResourceBlockId() % 100 == 0)) {
110    
111                                            _log.info("Processed 100 resource blocks for " + name);
112                                    }
113                            }
114                    }
115                    finally {
116                            DataAccess.cleanUp(con, ps, rs);
117                    }
118    
119                    List<ResourcePermission> resourcePermissions =
120                            ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(
121                                    _scopes);
122    
123                    for (ResourcePermission resourcePermission : resourcePermissions) {
124                            int scope = resourcePermission.getScope();
125    
126                            if ((scope == ResourceConstants.SCOPE_COMPANY) ||
127                                    (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
128    
129                                    ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
130                                            resourcePermission.getCompanyId(), name,
131                                            resourcePermission.getRoleId(),
132                                            resourcePermission.getActionIds());
133                            }
134                            else if (scope == ResourceConstants.SCOPE_GROUP) {
135                                    ResourceBlockLocalServiceUtil.setGroupScopePermissions(
136                                            resourcePermission.getCompanyId(),
137                                            GetterUtil.getLong(resourcePermission.getPrimaryKey()),
138                                            name, resourcePermission.getRoleId(),
139                                            resourcePermission.getActionIds());
140                            }
141                    }
142            }
143    
144            @Override
145            protected void doUpgrade() throws Exception {
146    
147                    // LPS-14202 and LPS-17841
148    
149                    RoleLocalServiceUtil.checkSystemRoles();
150    
151                    updatePermissions("com.liferay.portlet.bookmarks", true, true);
152                    updatePermissions("com.liferay.portlet.documentlibrary", false, true);
153                    updatePermissions("com.liferay.portlet.imagegallery", true, true);
154                    updatePermissions("com.liferay.portlet.messageboards", true, true);
155                    updatePermissions("com.liferay.portlet.shopping", true, true);
156    
157                    if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
158                            convertResourcePermissions(
159                                    BookmarksEntry.class.getName(), "BookmarksEntry", "entryId");
160                            convertResourcePermissions(
161                                    BookmarksFolder.class.getName(), "BookmarksFolder", "folderId");
162                    }
163            }
164    
165            protected ResourceBlockPermissionsContainer
166                            getResourceBlockPermissionsContainer(
167                                    long companyId, long groupId, String name, long primKey)
168                    throws SystemException {
169    
170                    ResourceBlockPermissionsContainer resourceBlockPermissionContainer =
171                            new ResourceBlockPermissionsContainer();
172    
173                    List<ResourcePermission> resourcePermissions =
174                            ResourcePermissionLocalServiceUtil.getResourceResourcePermissions(
175                                    companyId, groupId, name, String.valueOf(primKey));
176    
177                    for (ResourcePermission resourcePermission : resourcePermissions) {
178                            resourceBlockPermissionContainer.addPermission(
179                                    resourcePermission.getRoleId(),
180                                    resourcePermission.getActionIds());
181                    }
182    
183                    return resourceBlockPermissionContainer;
184            }
185    
186            protected void updatePermissions(
187                            String name, boolean community, boolean guest)
188                    throws Exception {
189    
190                    if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
191                            updatePermissions_6(name, community, guest);
192                    }
193                    else {
194                            updatePermissions_1to5(name, community, guest);
195                    }
196            }
197    
198            protected void updatePermissions_1to5(
199                            String name, boolean community, boolean guest)
200                    throws Exception {
201    
202                    if (community) {
203                            PermissionLocalServiceUtil.setContainerResourcePermissions(
204                                    name, RoleConstants.ORGANIZATION_USER, ActionKeys.VIEW);
205                            PermissionLocalServiceUtil.setContainerResourcePermissions(
206                                    name, RoleConstants.SITE_MEMBER, ActionKeys.VIEW);
207                    }
208    
209                    if (guest) {
210                            PermissionLocalServiceUtil.setContainerResourcePermissions(
211                                    name, RoleConstants.GUEST, ActionKeys.VIEW);
212                    }
213    
214                    PermissionLocalServiceUtil.setContainerResourcePermissions(
215                            name, RoleConstants.OWNER, ActionKeys.VIEW);
216            }
217    
218            protected void updatePermissions_6(
219                            String name, boolean community, boolean guest)
220                    throws Exception {
221    
222                    List<String> modelActions =
223                            ResourceActionsUtil.getModelResourceActions(name);
224    
225                    ResourceActionLocalServiceUtil.checkResourceActions(name, modelActions);
226    
227                    int scope = ResourceConstants.SCOPE_INDIVIDUAL;
228                    long actionIdsLong = 1;
229    
230                    if (community) {
231                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
232                                    name, RoleConstants.ORGANIZATION_USER, scope, actionIdsLong);
233                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
234                                    name, RoleConstants.SITE_MEMBER, scope, actionIdsLong);
235                    }
236    
237                    if (guest) {
238                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
239                                    name, RoleConstants.GUEST, scope, actionIdsLong);
240                    }
241    
242                    ResourcePermissionLocalServiceUtil.addResourcePermissions(
243                            name, RoleConstants.OWNER, scope, actionIdsLong);
244            }
245    
246            private static Log _log = LogFactoryUtil.getLog(UpgradePermission.class);
247    
248            private static final int[] _scopes = {
249                    ResourceConstants.SCOPE_COMPANY,
250                    ResourceConstants.SCOPE_GROUP,
251                    ResourceConstants.SCOPE_GROUP_TEMPLATE
252            };
253    
254    }