001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.NoSuchResourceBlockException;
018    import com.liferay.portal.ResourceBlocksNotSupportedException;
019    import com.liferay.portal.kernel.exception.PortalException;
020    import com.liferay.portal.kernel.exception.SystemException;
021    import com.liferay.portal.kernel.log.Log;
022    import com.liferay.portal.kernel.log.LogFactoryUtil;
023    import com.liferay.portal.kernel.util.Digester;
024    import com.liferay.portal.kernel.util.DigesterUtil;
025    import com.liferay.portal.kernel.util.ListUtil;
026    import com.liferay.portal.model.AuditedModel;
027    import com.liferay.portal.model.GroupedModel;
028    import com.liferay.portal.model.PermissionedModel;
029    import com.liferay.portal.model.PersistedModel;
030    import com.liferay.portal.model.ResourceAction;
031    import com.liferay.portal.model.ResourceBlock;
032    import com.liferay.portal.model.ResourceBlockConstants;
033    import com.liferay.portal.model.ResourceBlockPermissionsContainer;
034    import com.liferay.portal.model.ResourceTypePermission;
035    import com.liferay.portal.security.permission.PermissionCacheUtil;
036    import com.liferay.portal.security.permission.PermissionThreadLocal;
037    import com.liferay.portal.security.permission.ResourceBlockIdsBag;
038    import com.liferay.portal.service.PersistedModelLocalService;
039    import com.liferay.portal.service.PersistedModelLocalServiceRegistryUtil;
040    import com.liferay.portal.service.base.ResourceBlockLocalServiceBaseImpl;
041    
042    import java.nio.ByteBuffer;
043    
044    import java.util.ArrayList;
045    import java.util.List;
046    import java.util.Map;
047    import java.util.SortedMap;
048    
049    /**
050     * Manages the creation and upkeep of resource blocks and the resources they
051     * contain.
052     *
053     * @author Connor McKay
054     */
055    public class ResourceBlockLocalServiceImpl
056            extends ResourceBlockLocalServiceBaseImpl {
057    
058            private static Log _log = LogFactoryUtil.getLog(
059                    ResourceBlockLocalServiceImpl.class);
060    
061            public void addCompanyScopePermission(
062                            long companyId, String name, long roleId, String actionId)
063                    throws PortalException, SystemException {
064    
065                    updateCompanyScopePermissions(
066                            companyId, name, roleId, getActionId(name, actionId),
067                            ResourceBlockConstants.OPERATOR_ADD);
068            }
069    
070            public void addCompanyScopePermissions(
071                            long companyId, String name, long roleId, long actionIdsLong)
072                    throws SystemException {
073    
074                    updateCompanyScopePermissions(
075                            companyId, name, roleId, actionIdsLong,
076                            ResourceBlockConstants.OPERATOR_ADD);
077            }
078    
079            public void addGroupScopePermission(
080                            long companyId, long groupId, String name, long roleId,
081                            String actionId)
082                    throws PortalException, SystemException {
083    
084                    updateGroupScopePermissions(
085                            companyId, groupId, name, roleId, getActionId(name, actionId),
086                            ResourceBlockConstants.OPERATOR_ADD);
087            }
088    
089            public void addGroupScopePermissions(
090                            long companyId, long groupId, String name, long roleId,
091                            long actionIdsLong)
092                    throws SystemException {
093    
094                    updateGroupScopePermissions(
095                            companyId, groupId, name, roleId, actionIdsLong,
096                            ResourceBlockConstants.OPERATOR_ADD);
097            }
098    
099            public void addIndividualScopePermission(
100                            long companyId, long groupId, String name, long primKey,
101                            long roleId, String actionId)
102                    throws PortalException, SystemException {
103    
104                    PermissionedModel permissionedModel = getPermissionedModel(
105                            name, primKey);
106    
107                    updateIndividualScopePermissions(
108                            companyId, groupId, name, permissionedModel, roleId,
109                            getActionId(name, actionId), ResourceBlockConstants.OPERATOR_ADD);
110            }
111    
112            public void addIndividualScopePermission(
113                            long companyId, long groupId, String name,
114                            PermissionedModel permissionedModel, long roleId, String actionId)
115                    throws PortalException, SystemException {
116    
117                    updateIndividualScopePermissions(
118                            companyId, groupId, name, permissionedModel, roleId,
119                            getActionId(name, actionId), ResourceBlockConstants.OPERATOR_ADD);
120            }
121    
122            public void addIndividualScopePermissions(
123                            long companyId, long groupId, String name, long primKey,
124                            long roleId, long actionIdsLong)
125                    throws PortalException, SystemException {
126    
127                    PermissionedModel permissionedModel = getPermissionedModel(
128                            name, primKey);
129    
130                    updateIndividualScopePermissions(
131                            companyId, groupId, name, permissionedModel, roleId, actionIdsLong,
132                            ResourceBlockConstants.OPERATOR_ADD);
133            }
134    
135            public void addIndividualScopePermissions(
136                            long companyId, long groupId, String name,
137                            PermissionedModel permissionedModel, long roleId,
138                            long actionIdsLong)
139                    throws SystemException {
140    
141                    updateIndividualScopePermissions(
142                            companyId, groupId, name, permissionedModel, roleId, actionIdsLong,
143                            ResourceBlockConstants.OPERATOR_ADD);
144            }
145    
146            /**
147             * Adds a resource block if necessary and associates the resource block
148             * permissions with it. The resource block will have an initial reference
149             * count of one.
150             *
151             * @param  companyId the primary key of the resource block's company
152             * @param  groupId the primary key of the resource block's group
153             * @return the new resource block
154             * @throws SystemException if a system exception occurred
155             */
156            public ResourceBlock addResourceBlock(
157                            long companyId, long groupId, String name, String permissionsHash,
158                            ResourceBlockPermissionsContainer resourceBlockPermissionsContainer)
159                    throws SystemException {
160    
161                    long resourceBlockId = counterLocalService.increment(
162                            ResourceBlock.class.getName());
163    
164                    ResourceBlock resourceBlock = resourceBlockPersistence.create(
165                            resourceBlockId);
166    
167                    resourceBlock.setCompanyId(companyId);
168                    resourceBlock.setGroupId(groupId);
169                    resourceBlock.setName(name);
170                    resourceBlock.setPermissionsHash(permissionsHash);
171                    resourceBlock.setReferenceCount(1);
172    
173                    updateResourceBlock(resourceBlock);
174    
175                    resourceBlockPermissionLocalService.addResourceBlockPermissions(
176                            resourceBlockId, resourceBlockPermissionsContainer);
177    
178                    return resourceBlock;
179            }
180    
181            @Override
182            public void deleteResourceBlock(long resourceBlockId)
183                    throws PortalException, SystemException {
184    
185                    ResourceBlock resourceBlock = resourceBlockPersistence.findByPrimaryKey(
186                            resourceBlockId);
187    
188                    deleteResourceBlock(resourceBlock);
189            }
190    
191            @Override
192            public void deleteResourceBlock(ResourceBlock resourceBlock)
193                    throws SystemException {
194    
195                    resourceBlockPermissionLocalService.deleteResourceBlockPermissions(
196                            resourceBlock.getPrimaryKey());
197    
198                    resourceBlockPersistence.remove(resourceBlock);
199            }
200    
201            public long getActionId(String name, String actionId)
202                    throws PortalException {
203    
204                    ResourceAction resourcAction =
205                            resourceActionLocalService.getResourceAction(name, actionId);
206    
207                    return resourcAction.getBitwiseValue();
208            }
209    
210            public long getActionIds(String name, List<String> actionIds)
211                    throws PortalException {
212    
213                    long actionIdsLong = 0;
214    
215                    for (String actionId : actionIds) {
216                            ResourceAction resourceAction =
217                                    resourceActionLocalService.getResourceAction(name, actionId);
218    
219                            actionIdsLong |= resourceAction.getBitwiseValue();
220                    }
221    
222                    return actionIdsLong;
223            }
224    
225            public List<String> getActionIds(String name, long actionIdsLong)
226                    throws SystemException {
227    
228                    List<ResourceAction> resourceActions =
229                            resourceActionLocalService.getResourceActions(name);
230    
231                    List<String> actionIds = new ArrayList<String>();
232    
233                    for (ResourceAction resourceAction : resourceActions) {
234                            if ((actionIdsLong & resourceAction.getBitwiseValue()) ==
235                                            resourceAction.getBitwiseValue()) {
236    
237                                    actionIds.add(resourceAction.getActionId());
238                            }
239                    }
240    
241                    return actionIds;
242            }
243    
244            public List<String> getCompanyScopePermissions(
245                            ResourceBlock resourceBlock, long roleId)
246                    throws SystemException {
247    
248                    long actionIdsLong =
249                            resourceTypePermissionLocalService.getCompanyScopeActionIds(
250                                    resourceBlock.getCompanyId(), resourceBlock.getName(), roleId);
251    
252                    return getActionIds(resourceBlock.getName(), actionIdsLong);
253            }
254    
255            public List<String> getGroupScopePermissions(
256                            ResourceBlock resourceBlock, long roleId)
257                    throws SystemException {
258    
259                    long actionIdsLong =
260                            resourceTypePermissionLocalService.getGroupScopeActionIds(
261                                    resourceBlock.getCompanyId(), resourceBlock.getGroupId(),
262                                    resourceBlock.getName(), roleId);
263    
264                    return getActionIds(resourceBlock.getName(), actionIdsLong);
265            }
266    
267            public PermissionedModel getPermissionedModel(String name, long primKey)
268                    throws PortalException, SystemException {
269    
270                    PersistedModelLocalService persistedModelLocalService =
271                            PersistedModelLocalServiceRegistryUtil.
272                                    getPersistedModelLocalService(name);
273    
274                    if (persistedModelLocalService == null) {
275                            throw new ResourceBlocksNotSupportedException();
276                    }
277    
278                    PersistedModel persistedModel =
279                            persistedModelLocalService.getPersistedModel(primKey);
280    
281                    try {
282                            return (PermissionedModel)persistedModel;
283                    }
284                    catch (ClassCastException cce) {
285                            throw new ResourceBlocksNotSupportedException();
286                    }
287            }
288    
289            public List<String> getPermissions(ResourceBlock resourceBlock, long roleId)
290                    throws SystemException {
291    
292                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
293                            resourceBlockPermissionLocalService.
294                                    getResourceBlockPermissionsContainer(
295                                            resourceBlock.getPrimaryKey());
296    
297                    long actionIdsLong = resourceBlockPermissionsContainer.getActionIds(
298                            roleId);
299    
300                    return getActionIds(resourceBlock.getName(), actionIdsLong);
301            }
302    
303            /**
304             * Returns the permissions hash of the resource permissions. The permissions
305             * hash is a representation of all the roles with access to the resource
306             * along with the actions they can perform.
307             *
308             * @param  resourceBlockPermissionsContainer the resource block permissions
309             * @return the permissions hash of the resource permissions
310             */
311            public String getPermissionsHash(
312                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer) {
313    
314                    SortedMap<Long, Long> permissions =
315                            resourceBlockPermissionsContainer.getPermissions();
316    
317                    // long is 8 bytes, there are 2 longs per permission, so preallocate
318                    // byte buffer to 16 * the number of permissions.
319    
320                    ByteBuffer byteBuffer = ByteBuffer.allocate(permissions.size() * 16);
321    
322                    for (Map.Entry<Long, Long> entry : permissions.entrySet()) {
323                            byteBuffer.putLong(entry.getKey());
324                            byteBuffer.putLong(entry.getValue());
325                    }
326    
327                    byteBuffer.flip();
328    
329                    return DigesterUtil.digestHex(Digester.SHA_1, byteBuffer);
330            }
331    
332            public ResourceBlock getResourceBlock(String name, long primKey)
333                    throws PortalException, SystemException {
334    
335                    PermissionedModel permissionedModel = getPermissionedModel(
336                            name, primKey);
337    
338                    return getResourceBlock(permissionedModel.getResourceBlockId());
339            }
340    
341            public List<Long> getResourceBlockIds(
342                            ResourceBlockIdsBag resourceBlockIdsBag, String name,
343                            String actionId)
344                    throws PortalException {
345    
346                    long actionIdsLong = getActionId(name, actionId);
347    
348                    return resourceBlockIdsBag.getResourceBlockIds(actionIdsLong);
349            }
350    
351            public ResourceBlockIdsBag getResourceBlockIdsBag(
352                            long companyId, long groupId, String name, long[] roleIds)
353                    throws SystemException {
354    
355                    return resourceBlockFinder.findByC_G_N_R(
356                            companyId, groupId, name, roleIds);
357            }
358    
359            public boolean hasPermission(
360                            String name, long primKey, String actionId,
361                            ResourceBlockIdsBag resourceBlockIdsBag)
362                    throws PortalException, SystemException {
363    
364                    PermissionedModel permissionedModel = getPermissionedModel(
365                            name, primKey);
366    
367                    return hasPermission(
368                            name, permissionedModel, actionId, resourceBlockIdsBag);
369            }
370    
371            public boolean hasPermission(
372                            String name, PermissionedModel permissionedModel, String actionId,
373                            ResourceBlockIdsBag resourceBlockIdsBag)
374                    throws PortalException {
375    
376                    long actionIdsLong = getActionId(name, actionId);
377    
378                    return resourceBlockIdsBag.hasResourceBlockId(
379                            permissionedModel.getResourceBlockId(), actionIdsLong);
380            }
381    
382            public boolean isSupported(String name) {
383                    return PersistedModelLocalServiceRegistryUtil.
384                            isPermissionedModelLocalService(name);
385            }
386    
387            public void releasePermissionedModelResourceBlock(
388                            PermissionedModel permissionedModel)
389                    throws PortalException, SystemException {
390    
391                    try {
392                            releaseResourceBlock(permissionedModel.getResourceBlockId());
393                    }
394                    catch (NoSuchResourceBlockException nsrbe) {
395                            if (_log.isWarnEnabled()) {
396                                    _log.warn(
397                                            "Resource block " + permissionedModel.getResourceBlockId() +
398                                                    " missing");
399                            }
400                    }
401            }
402    
403            public void releasePermissionedModelResourceBlock(String name, long primKey)
404                    throws PortalException, SystemException {
405    
406                    PermissionedModel permissionedModel = getPermissionedModel(
407                            name, primKey);
408    
409                    releasePermissionedModelResourceBlock(permissionedModel);
410            }
411    
412            /**
413             * Decrements the reference count of the resource block and updates it in
414             * the database or deletes the resource block if the reference count reaches
415             * zero.
416             *
417             * @param  resourceBlockId the primary key of the resource block
418             * @throws SystemException if a system exception occurred
419             */
420            public void releaseResourceBlock(long resourceBlockId)
421                    throws PortalException, SystemException {
422    
423                    ResourceBlock resourceBlock = getResourceBlock(resourceBlockId);
424    
425                    releaseResourceBlock(resourceBlock);
426            }
427    
428            /**
429             * Decrements the reference count of the resource block and updates it in
430             * the database or deletes the resource block if the reference count reaches
431             * zero.
432             *
433             * @param  resourceBlock the resource block
434             * @throws SystemException if a system exception occurred
435             */
436            public void releaseResourceBlock(ResourceBlock resourceBlock)
437                    throws SystemException {
438    
439                    long referenceCount = resourceBlock.getReferenceCount() - 1;
440    
441                    if (referenceCount <= 0) {
442                            deleteResourceBlock(resourceBlock);
443                            return;
444                    }
445    
446                    resourceBlock.setReferenceCount(referenceCount);
447    
448                    updateResourceBlock(resourceBlock);
449            }
450    
451            public void removeAllGroupScopePermissions(
452                            long companyId, String name, long roleId, long actionIdsLong)
453                    throws SystemException {
454    
455                    List<ResourceTypePermission> resourceTypePermissions =
456                            resourceTypePermissionLocalService.
457                                    getGroupScopeResourceTypePermissions(companyId, name, roleId);
458    
459                    for (ResourceTypePermission resourceTypePermission :
460                                    resourceTypePermissions) {
461    
462                            removeGroupScopePermissions(
463                                    companyId, resourceTypePermission.getGroupId(), name, roleId,
464                                    actionIdsLong);
465                    }
466            }
467    
468            public void removeAllGroupScopePermissions(
469                            long companyId, String name, long roleId, String actionId)
470                    throws PortalException, SystemException {
471    
472                    removeAllGroupScopePermissions(
473                            companyId, name, roleId, getActionId(name, actionId));
474            }
475    
476            public void removeCompanyScopePermission(
477                            long companyId, String name, long roleId, String actionId)
478                    throws PortalException, SystemException {
479    
480                    updateCompanyScopePermissions(
481                            companyId, name, roleId, getActionId(name, actionId),
482                            ResourceBlockConstants.OPERATOR_REMOVE);
483            }
484    
485            public void removeCompanyScopePermissions(
486                            long companyId, String name, long roleId, long actionIdsLong)
487                    throws SystemException {
488    
489                    updateCompanyScopePermissions(
490                            companyId, name, roleId, actionIdsLong,
491                            ResourceBlockConstants.OPERATOR_REMOVE);
492            }
493    
494            public void removeGroupScopePermission(
495                            long companyId, long groupId, String name, long roleId,
496                            String actionId)
497                    throws PortalException, SystemException {
498    
499                    updateGroupScopePermissions(
500                            companyId, groupId, name, roleId, getActionId(name, actionId),
501                            ResourceBlockConstants.OPERATOR_REMOVE);
502            }
503    
504            public void removeGroupScopePermissions(
505                            long companyId, long groupId, String name, long roleId,
506                            long actionIdsLong)
507                    throws SystemException {
508    
509                    updateGroupScopePermissions(
510                            companyId, groupId, name, roleId, actionIdsLong,
511                            ResourceBlockConstants.OPERATOR_REMOVE);
512            }
513    
514            public void removeIndividualScopePermission(
515                            long companyId, long groupId, String name, long primKey,
516                            long roleId, String actionId)
517                    throws PortalException, SystemException {
518    
519                    PermissionedModel permissionedModel = getPermissionedModel(
520                            name, primKey);
521    
522                    updateIndividualScopePermissions(
523                            companyId, groupId, name, permissionedModel, roleId,
524                            getActionId(name, actionId),
525                            ResourceBlockConstants.OPERATOR_REMOVE);
526            }
527    
528            public void removeIndividualScopePermission(
529                            long companyId, long groupId, String name,
530                            PermissionedModel permissionedModel, long roleId, String actionId)
531                    throws PortalException, SystemException {
532    
533                    updateIndividualScopePermissions(
534                            companyId, groupId, name, permissionedModel, roleId,
535                            getActionId(name, actionId),
536                            ResourceBlockConstants.OPERATOR_REMOVE);
537            }
538    
539            public void removeIndividualScopePermissions(
540                            long companyId, long groupId, String name, long primKey,
541                            long roleId, long actionIdsLong)
542                    throws PortalException, SystemException {
543    
544                    PermissionedModel permissionedModel = getPermissionedModel(
545                            name, primKey);
546    
547                    updateIndividualScopePermissions(
548                            companyId, groupId, name, permissionedModel, roleId, actionIdsLong,
549                            ResourceBlockConstants.OPERATOR_REMOVE);
550            }
551    
552            public void removeIndividualScopePermissions(
553                            long companyId, long groupId, String name,
554                            PermissionedModel permissionedModel, long roleId,
555                            long actionIdsLong)
556                    throws SystemException {
557    
558                    updateIndividualScopePermissions(
559                            companyId, groupId, name, permissionedModel, roleId, actionIdsLong,
560                            ResourceBlockConstants.OPERATOR_REMOVE);
561            }
562    
563            /**
564             * Increments the reference count of the resource block and updates it in
565             * the database.
566             *
567             * @param  resourceBlockId the primary key of the resource block
568             * @throws SystemException if a system exception occurred
569             */
570            public void retainResourceBlock(long resourceBlockId)
571                    throws PortalException, SystemException {
572    
573                    ResourceBlock resourceBlock = getResourceBlock(resourceBlockId);
574    
575                    retainResourceBlock(resourceBlock);
576            }
577    
578            /**
579             * Increments the reference count of the resource block and updates it in
580             * the database.
581             *
582             * @param  resourceBlock the resource block
583             * @throws SystemException if a system exception occurred
584             */
585            public void retainResourceBlock(ResourceBlock resourceBlock)
586                    throws SystemException {
587    
588                    resourceBlock.setReferenceCount(resourceBlock.getReferenceCount() + 1);
589    
590                    updateResourceBlock(resourceBlock);
591            }
592    
593            public void setCompanyScopePermissions(
594                            long companyId, String name, long roleId, List<String> actionIds)
595                    throws PortalException, SystemException {
596    
597                    updateCompanyScopePermissions(
598                            companyId, name, roleId, getActionIds(name, actionIds),
599                            ResourceBlockConstants.OPERATOR_SET);
600            }
601    
602            public void setCompanyScopePermissions(
603                            long companyId, String name, long roleId, long actionIdsLong)
604                    throws SystemException {
605    
606                    updateCompanyScopePermissions(
607                            companyId, name, roleId, actionIdsLong,
608                            ResourceBlockConstants.OPERATOR_SET);
609            }
610    
611            public void setGroupScopePermissions(
612                            long companyId, long groupId, String name, long roleId,
613                            List<String> actionIds)
614                    throws PortalException, SystemException {
615    
616                    updateGroupScopePermissions(
617                            companyId, groupId, name, roleId,
618                            getActionIds(name, actionIds), ResourceBlockConstants.OPERATOR_SET);
619            }
620    
621            public void setGroupScopePermissions(
622                            long companyId, long groupId, String name, long roleId,
623                            long actionIdsLong)
624                    throws SystemException {
625    
626                    updateGroupScopePermissions(
627                            companyId, groupId, name, roleId, actionIdsLong,
628                            ResourceBlockConstants.OPERATOR_SET);
629            }
630    
631            public void setIndividualScopePermissions(
632                            long companyId, long groupId, String name, long primKey,
633                            long roleId, List<String> actionIds)
634                    throws PortalException, SystemException {
635    
636                    PermissionedModel permissionedModel = getPermissionedModel(
637                            name, primKey);
638    
639                    updateIndividualScopePermissions(
640                            companyId, groupId, name, permissionedModel, roleId,
641                            getActionIds(name, actionIds), ResourceBlockConstants.OPERATOR_SET);
642            }
643    
644            public void setIndividualScopePermissions(
645                            long companyId, long groupId, String name, long primKey,
646                            long roleId, long actionIdsLong)
647                    throws PortalException, SystemException {
648    
649                    PermissionedModel permissionedModel = getPermissionedModel(
650                            name, primKey);
651    
652                    updateIndividualScopePermissions(
653                            companyId, groupId, name, permissionedModel, roleId, actionIdsLong,
654                            ResourceBlockConstants.OPERATOR_SET);
655            }
656    
657            public void setIndividualScopePermissions(
658                            long companyId, long groupId, String name, long primKey,
659                            Map<Long, String[]> roleIdsToActionIds)
660                    throws PortalException, SystemException {
661    
662                    boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
663    
664                    PermissionThreadLocal.setIndexEnabled(false);
665    
666                    try {
667                            PermissionedModel permissionedModel = getPermissionedModel(
668                                    name, primKey);
669    
670                            for (Map.Entry<Long, String[]> entry :
671                                            roleIdsToActionIds.entrySet()) {
672    
673                                    long roleId = entry.getKey();
674                                    String[] actionIds = entry.getValue();
675    
676                                    updateIndividualScopePermissions(
677                                            companyId, groupId, name, permissionedModel, roleId,
678                                            getActionIds(name, ListUtil.fromArray(actionIds)),
679                                            ResourceBlockConstants.OPERATOR_SET);
680                            }
681                    }
682                    finally {
683                            PermissionThreadLocal.setIndexEnabled(flushEnabled);
684    
685                            PermissionCacheUtil.clearCache();
686                    }
687            }
688    
689            public void setIndividualScopePermissions(
690                            long companyId, long groupId, String name,
691                            PermissionedModel permissionedModel, long roleId,
692                            List<String> actionIds)
693                    throws PortalException, SystemException {
694    
695                    updateIndividualScopePermissions(
696                            companyId, groupId, name, permissionedModel, roleId,
697                            getActionIds(name, actionIds), ResourceBlockConstants.OPERATOR_SET);
698            }
699    
700            public void setIndividualScopePermissions(
701                            long companyId, long groupId, String name,
702                            PermissionedModel permissionedModel, long roleId,
703                            long actionIdsLong)
704                    throws SystemException {
705    
706                    updateIndividualScopePermissions(
707                            companyId, groupId, name, permissionedModel, roleId, actionIdsLong,
708                            ResourceBlockConstants.OPERATOR_SET);
709            }
710    
711            public void updateCompanyScopePermissions(
712                            long companyId, String name, long roleId,
713                            long actionIdsLong, int operator)
714                    throws SystemException {
715    
716                    resourceTypePermissionLocalService.
717                            updateCompanyScopeResourceTypePermissions(
718                                    companyId, name, roleId, actionIdsLong, operator);
719    
720                    List<ResourceBlock> resourceBlocks =
721                            resourceBlockPersistence.findByC_N(companyId, name);
722    
723                    updatePermissions(resourceBlocks, roleId, actionIdsLong, operator);
724    
725                    PermissionCacheUtil.clearCache();
726            }
727    
728            public void updateGroupScopePermissions(
729                            long companyId, long groupId, String name, long roleId,
730                            long actionIdsLong, int operator)
731                    throws SystemException {
732    
733                    resourceTypePermissionLocalService.
734                            updateGroupScopeResourceTypePermissions(
735                                    companyId, groupId, name, roleId, actionIdsLong, operator);
736    
737                    List<ResourceBlock> resourceBlocks =
738                            resourceBlockPersistence.findByC_G_N(companyId, groupId, name);
739    
740                    updatePermissions(resourceBlocks, roleId, actionIdsLong, operator);
741    
742                    PermissionCacheUtil.clearCache();
743            }
744    
745            public void updateIndividualScopePermissions(
746                            long companyId, long groupId, String name,
747                            PermissionedModel permissionedModel, long roleId,
748                            long actionIdsLong, int operator)
749                    throws SystemException {
750    
751                    ResourceBlock resourceBlock =
752                            resourceBlockPersistence.fetchByPrimaryKey(
753                                    permissionedModel.getResourceBlockId());
754    
755                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
756                            null;
757    
758                    if (resourceBlock == null) {
759                            resourceBlockPermissionsContainer =
760                                    resourceTypePermissionLocalService.
761                                            getResourceBlockPermissionsContainer(
762                                                    companyId, groupId, name);
763                    }
764                    else {
765                            resourceBlockPermissionsContainer =
766                                    resourceBlockPermissionLocalService.
767                                            getResourceBlockPermissionsContainer(
768                                                    resourceBlock.getPrimaryKey());
769                    }
770    
771                    long oldActionIdsLong = resourceBlockPermissionsContainer.getActionIds(
772                            roleId);
773    
774                    if (operator == ResourceBlockConstants.OPERATOR_ADD) {
775                            actionIdsLong |= oldActionIdsLong;
776                    }
777                    else if (operator == ResourceBlockConstants.OPERATOR_REMOVE) {
778                            actionIdsLong = oldActionIdsLong & (~actionIdsLong);
779                    }
780    
781                    if (resourceBlock != null) {
782                            if (oldActionIdsLong == actionIdsLong) {
783                                    return;
784                            }
785    
786                            releaseResourceBlock(resourceBlock);
787                    }
788    
789                    resourceBlockPermissionsContainer.setPermissions(roleId, actionIdsLong);
790    
791                    String permissionsHash = getPermissionsHash(
792                            resourceBlockPermissionsContainer);
793    
794                    updateResourceBlockId(
795                            companyId, groupId, name, permissionedModel, permissionsHash,
796                            resourceBlockPermissionsContainer);
797    
798                    PermissionCacheUtil.clearCache();
799            }
800    
801            public ResourceBlock updateResourceBlockId(
802                            long companyId, long groupId, String name,
803                            PermissionedModel permissionedModel, String permissionsHash,
804                            ResourceBlockPermissionsContainer resourceBlockPermissionsContainer)
805                    throws SystemException {
806    
807                    ResourceBlock resourceBlock = resourceBlockPersistence.fetchByC_G_N_P(
808                            companyId, groupId, name, permissionsHash);
809    
810                    if (resourceBlock == null) {
811                            resourceBlock = addResourceBlock(
812                                    companyId, groupId, name, permissionsHash,
813                                    resourceBlockPermissionsContainer);
814                    }
815                    else {
816                            retainResourceBlock(resourceBlock);
817                    }
818    
819                    permissionedModel.setResourceBlockId(
820                            resourceBlock.getResourceBlockId());
821    
822                    permissionedModel.persist();
823    
824                    return resourceBlock;
825            }
826    
827            public void verifyResourceBlockId(long companyId, String name, long primKey)
828                    throws PortalException, SystemException {
829    
830                    PermissionedModel permissionedModel = getPermissionedModel(
831                            name, primKey);
832    
833                    ResourceBlock resourceBlock =
834                                    resourceBlockPersistence.fetchByPrimaryKey(
835                            permissionedModel.getResourceBlockId());
836    
837                    if (resourceBlock == null) {
838                            if (_log.isWarnEnabled()) {
839                                    _log.warn(
840                                            "Resource block " + permissionedModel.getResourceBlockId() +
841                                                    " missing for " + name + "#" + primKey);
842                            }
843    
844                            long groupId = 0;
845                            long ownerId = 0;
846    
847                            if (permissionedModel instanceof GroupedModel) {
848                                    GroupedModel groupedModel = (GroupedModel)permissionedModel;
849    
850                                    groupId = groupedModel.getGroupId();
851                                    ownerId = groupedModel.getUserId();
852                            }
853                            else if (permissionedModel instanceof AuditedModel) {
854                                    AuditedModel auditedModel = (AuditedModel)permissionedModel;
855    
856                                    ownerId = auditedModel.getUserId();
857                            }
858    
859                            resourceLocalService.addResources(
860                                    companyId, groupId, ownerId, name, primKey, false, true, true);
861                    }
862            }
863    
864            protected void updatePermissions(
865                            List<ResourceBlock> resourceBlocks, long roleId, long actionIdsLong,
866                            int operator)
867                    throws SystemException {
868    
869                    for (ResourceBlock resourceBlock : resourceBlocks) {
870                            resourceBlockPermissionLocalService.updateResourceBlockPermission(
871                                    resourceBlock.getPrimaryKey(), roleId, actionIdsLong, operator);
872    
873                            updatePermissionsHash(resourceBlock);
874                    }
875            }
876    
877            protected void updatePermissionsHash(ResourceBlock resourceBlock)
878                    throws SystemException {
879    
880                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
881                            resourceBlockPermissionLocalService.
882                            getResourceBlockPermissionsContainer(resourceBlock.getPrimaryKey());
883    
884                    String permissionsHash = getPermissionsHash(
885                            resourceBlockPermissionsContainer);
886    
887                    resourceBlock.setPermissionsHash(permissionsHash);
888    
889                    updateResourceBlock(resourceBlock);
890            }
891    
892    }