001
014
015 package com.liferay.portal.upgrade.v6_1_0;
016
017 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018 import com.liferay.portal.kernel.exception.PortalException;
019 import com.liferay.portal.kernel.exception.SystemException;
020 import com.liferay.portal.kernel.log.Log;
021 import com.liferay.portal.kernel.log.LogFactoryUtil;
022 import com.liferay.portal.kernel.upgrade.UpgradeProcess;
023 import com.liferay.portal.kernel.util.GetterUtil;
024 import com.liferay.portal.model.GroupedModel;
025 import com.liferay.portal.model.PermissionedModel;
026 import com.liferay.portal.model.ResourceBlock;
027 import com.liferay.portal.model.ResourceBlockPermissionsContainer;
028 import com.liferay.portal.model.ResourceConstants;
029 import com.liferay.portal.model.ResourcePermission;
030 import com.liferay.portal.model.RoleConstants;
031 import com.liferay.portal.security.permission.ActionKeys;
032 import com.liferay.portal.security.permission.ResourceActionsUtil;
033 import com.liferay.portal.service.PermissionLocalServiceUtil;
034 import com.liferay.portal.service.ResourceActionLocalServiceUtil;
035 import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
036 import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
037 import com.liferay.portal.service.RoleLocalServiceUtil;
038 import com.liferay.portal.util.PropsValues;
039 import com.liferay.portlet.bookmarks.model.BookmarksEntry;
040 import com.liferay.portlet.bookmarks.model.BookmarksFolder;
041
042 import java.sql.Connection;
043 import java.sql.PreparedStatement;
044 import java.sql.ResultSet;
045
046 import java.util.List;
047
048
052 public class UpgradePermission extends UpgradeProcess {
053
054 protected ResourceBlock convertResourcePermissions(
055 long companyId, String name, long primKey)
056 throws PortalException, SystemException {
057
058 PermissionedModel permissionedModel =
059 ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);
060
061 long groupId = 0;
062
063 if (permissionedModel instanceof GroupedModel) {
064 GroupedModel groupedModel = (GroupedModel)permissionedModel;
065
066 groupId = groupedModel.getGroupId();
067 }
068
069 ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
070 getResourceBlockPermissionsContainer(
071 companyId, groupId, name, primKey);
072
073 String permissionsHash =
074 ResourceBlockLocalServiceUtil.getPermissionsHash(
075 resourceBlockPermissionsContainer);
076
077 ResourceBlock resourceBlock =
078 ResourceBlockLocalServiceUtil.updateResourceBlockId(
079 companyId, groupId, name, permissionedModel, permissionsHash,
080 resourceBlockPermissionsContainer);
081
082 return resourceBlock;
083 }
084
085 protected void convertResourcePermissions(
086 String name, String tableName, String pkColumnName)
087 throws Exception {
088
089 Connection con = null;
090 PreparedStatement ps = null;
091 ResultSet rs = null;
092
093 try {
094 con = DataAccess.getConnection();
095
096 ps = con.prepareStatement(
097 "select " + pkColumnName + ", companyId from " + tableName);
098
099 rs = ps.executeQuery();
100
101 while (rs.next()) {
102 long primKey = rs.getLong(pkColumnName);
103 long companyId = rs.getLong("companyId");
104
105 ResourceBlock resourceBlock = convertResourcePermissions(
106 companyId, name, primKey);
107
108 if (_log.isInfoEnabled() &&
109 (resourceBlock.getResourceBlockId() % 100 == 0)) {
110
111 _log.info("Processed 100 resource blocks for " + name);
112 }
113 }
114 }
115 finally {
116 DataAccess.cleanUp(con, ps, rs);
117 }
118
119 List<ResourcePermission> resourcePermissions =
120 ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(
121 _scopes);
122
123 for (ResourcePermission resourcePermission : resourcePermissions) {
124 int scope = resourcePermission.getScope();
125
126 if ((scope == ResourceConstants.SCOPE_COMPANY) ||
127 (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
128
129 ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
130 resourcePermission.getCompanyId(), name,
131 resourcePermission.getRoleId(),
132 resourcePermission.getActionIds());
133 }
134 else if (scope == ResourceConstants.SCOPE_GROUP) {
135 ResourceBlockLocalServiceUtil.setGroupScopePermissions(
136 resourcePermission.getCompanyId(),
137 GetterUtil.getLong(resourcePermission.getPrimaryKey()),
138 name, resourcePermission.getRoleId(),
139 resourcePermission.getActionIds());
140 }
141 }
142 }
143
144 @Override
145 protected void doUpgrade() throws Exception {
146
147
148
149 RoleLocalServiceUtil.checkSystemRoles();
150
151 updatePermissions("com.liferay.portlet.bookmarks", true, true);
152 updatePermissions("com.liferay.portlet.documentlibrary", false, true);
153 updatePermissions("com.liferay.portlet.imagegallery", true, true);
154 updatePermissions("com.liferay.portlet.messageboards", true, true);
155 updatePermissions("com.liferay.portlet.shopping", true, true);
156
157 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
158 convertResourcePermissions(
159 BookmarksEntry.class.getName(), "BookmarksEntry", "entryId");
160 convertResourcePermissions(
161 BookmarksFolder.class.getName(), "BookmarksFolder", "folderId");
162 }
163 }
164
165 protected ResourceBlockPermissionsContainer
166 getResourceBlockPermissionsContainer(
167 long companyId, long groupId, String name, long primKey)
168 throws SystemException {
169
170 ResourceBlockPermissionsContainer resourceBlockPermissionContainer =
171 new ResourceBlockPermissionsContainer();
172
173 List<ResourcePermission> resourcePermissions =
174 ResourcePermissionLocalServiceUtil.getResourceResourcePermissions(
175 companyId, groupId, name, String.valueOf(primKey));
176
177 for (ResourcePermission resourcePermission : resourcePermissions) {
178 resourceBlockPermissionContainer.addPermission(
179 resourcePermission.getRoleId(),
180 resourcePermission.getActionIds());
181 }
182
183 return resourceBlockPermissionContainer;
184 }
185
186 protected void updatePermissions(
187 String name, boolean community, boolean guest)
188 throws Exception {
189
190 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
191 updatePermissions_6(name, community, guest);
192 }
193 else {
194 updatePermissions_1to5(name, community, guest);
195 }
196 }
197
198 protected void updatePermissions_1to5(
199 String name, boolean community, boolean guest)
200 throws Exception {
201
202 if (community) {
203 PermissionLocalServiceUtil.setContainerResourcePermissions(
204 name, RoleConstants.ORGANIZATION_USER, ActionKeys.VIEW);
205 PermissionLocalServiceUtil.setContainerResourcePermissions(
206 name, RoleConstants.SITE_MEMBER, ActionKeys.VIEW);
207 }
208
209 if (guest) {
210 PermissionLocalServiceUtil.setContainerResourcePermissions(
211 name, RoleConstants.GUEST, ActionKeys.VIEW);
212 }
213
214 PermissionLocalServiceUtil.setContainerResourcePermissions(
215 name, RoleConstants.OWNER, ActionKeys.VIEW);
216 }
217
218 protected void updatePermissions_6(
219 String name, boolean community, boolean guest)
220 throws Exception {
221
222 List<String> modelActions =
223 ResourceActionsUtil.getModelResourceActions(name);
224
225 ResourceActionLocalServiceUtil.checkResourceActions(name, modelActions);
226
227 int scope = ResourceConstants.SCOPE_INDIVIDUAL;
228 long actionIdsLong = 1;
229
230 if (community) {
231 ResourcePermissionLocalServiceUtil.addResourcePermissions(
232 name, RoleConstants.ORGANIZATION_USER, scope, actionIdsLong);
233 ResourcePermissionLocalServiceUtil.addResourcePermissions(
234 name, RoleConstants.SITE_MEMBER, scope, actionIdsLong);
235 }
236
237 if (guest) {
238 ResourcePermissionLocalServiceUtil.addResourcePermissions(
239 name, RoleConstants.GUEST, scope, actionIdsLong);
240 }
241
242 ResourcePermissionLocalServiceUtil.addResourcePermissions(
243 name, RoleConstants.OWNER, scope, actionIdsLong);
244 }
245
246 private static Log _log = LogFactoryUtil.getLog(UpgradePermission.class);
247
248 private static final int[] _scopes = {
249 ResourceConstants.SCOPE_COMPANY,
250 ResourceConstants.SCOPE_GROUP,
251 ResourceConstants.SCOPE_GROUP_TEMPLATE
252 };
253
254 }