001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.verify;
016    
017    import com.liferay.portal.NoSuchResourcePermissionException;
018    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.util.GetterUtil;
022    import com.liferay.portal.model.Contact;
023    import com.liferay.portal.model.Layout;
024    import com.liferay.portal.model.LayoutSetBranch;
025    import com.liferay.portal.model.PasswordPolicy;
026    import com.liferay.portal.model.ResourceConstants;
027    import com.liferay.portal.model.ResourcePermission;
028    import com.liferay.portal.model.Role;
029    import com.liferay.portal.model.RoleConstants;
030    import com.liferay.portal.model.Team;
031    import com.liferay.portal.model.User;
032    import com.liferay.portal.service.ContactLocalServiceUtil;
033    import com.liferay.portal.service.LayoutLocalServiceUtil;
034    import com.liferay.portal.service.ResourceLocalServiceUtil;
035    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
036    import com.liferay.portal.service.RoleLocalServiceUtil;
037    import com.liferay.portal.service.UserLocalServiceUtil;
038    import com.liferay.portal.util.PortalInstances;
039    import com.liferay.portlet.announcements.model.AnnouncementsEntry;
040    import com.liferay.portlet.asset.model.AssetCategory;
041    import com.liferay.portlet.asset.model.AssetTag;
042    import com.liferay.portlet.asset.model.AssetVocabulary;
043    import com.liferay.portlet.blogs.model.BlogsEntry;
044    import com.liferay.portlet.documentlibrary.model.DLFileEntry;
045    import com.liferay.portlet.documentlibrary.model.DLFileShortcut;
046    import com.liferay.portlet.documentlibrary.model.DLFolder;
047    import com.liferay.portlet.dynamicdatamapping.model.DDMStructure;
048    import com.liferay.portlet.dynamicdatamapping.model.DDMTemplate;
049    import com.liferay.portlet.journal.model.JournalArticle;
050    import com.liferay.portlet.journal.model.JournalFeed;
051    import com.liferay.portlet.messageboards.model.MBCategory;
052    import com.liferay.portlet.messageboards.model.MBMessage;
053    import com.liferay.portlet.polls.model.PollsQuestion;
054    import com.liferay.portlet.shopping.model.ShoppingCategory;
055    import com.liferay.portlet.shopping.model.ShoppingItem;
056    import com.liferay.portlet.softwarecatalog.model.SCFrameworkVersion;
057    import com.liferay.portlet.softwarecatalog.model.SCProductEntry;
058    import com.liferay.portlet.wiki.model.WikiNode;
059    import com.liferay.portlet.wiki.model.WikiPage;
060    
061    import java.sql.Connection;
062    import java.sql.PreparedStatement;
063    import java.sql.ResultSet;
064    
065    import java.util.List;
066    
067    /**
068     * @author Raymond Aug??
069     * @author James Lefeu
070     */
071    public class VerifyResourcePermissions extends VerifyProcess {
072    
073            @Override
074            protected void doVerify() throws Exception {
075                    for (String[] portletAndActionId : _PORTLET_ACTION_IDS) {
076                            verifyActionIds(portletAndActionId[0], portletAndActionId[1]);
077                    }
078    
079                    long[] companyIds = PortalInstances.getCompanyIdsBySQL();
080    
081                    for (long companyId : companyIds) {
082                            Role role = RoleLocalServiceUtil.getRole(
083                                    companyId, RoleConstants.OWNER);
084    
085                            for (String[] model : _MODELS) {
086                                    verifyModel(role, model[0], model[1], model[2]);
087                            }
088    
089                            verifyLayout(role);
090                    }
091            }
092    
093            protected void verifyActionIds(String portlet, String actionId)
094                    throws Exception {
095    
096                    Connection con = null;
097                    PreparedStatement ps = null;
098    
099                    try {
100                            con = DataAccess.getUpgradeOptimizedConnection();
101    
102                            ps = con.prepareStatement(
103                                    "update ResourcePermission set actionIds = ? where name = ? " +
104                                            "and roleId in (select roleId from Role_ where name = ?) " +
105                                                    "and primKey != '0'");
106    
107                            ps.setLong(1, GetterUtil.getLong(actionId));
108                            ps.setString(2, portlet);
109                            ps.setString(3, "Site Member");
110    
111                            ps.executeUpdate();
112                    }
113                    finally {
114                            DataAccess.cleanUp(con, ps);
115                    }
116            }
117    
118            protected void verifyLayout(Role role) throws Exception {
119                    List<Layout> layouts = LayoutLocalServiceUtil.getNoPermissionLayouts(
120                            role.getRoleId());
121    
122                    for (Layout layout : layouts) {
123                            verifyModel(
124                                    role.getCompanyId(), Layout.class.getName(), layout.getPlid(),
125                                    role, 0);
126                    }
127            }
128    
129            protected void verifyModel(
130                            long companyId, String name, long primKey, Role role, long ownerId)
131                    throws Exception {
132    
133                    ResourcePermission resourcePermission = null;
134    
135                    try {
136                            resourcePermission =
137                                    ResourcePermissionLocalServiceUtil.getResourcePermission(
138                                            companyId, name, ResourceConstants.SCOPE_INDIVIDUAL,
139                                            String.valueOf(primKey), role.getRoleId());
140                    }
141                    catch (NoSuchResourcePermissionException nsrpe) {
142                            if (_log.isDebugEnabled()) {
143                                    _log.debug(
144                                            "No resource found for {" + companyId + ", " + name + ", " +
145                                                    ResourceConstants.SCOPE_INDIVIDUAL + ", " + primKey +
146                                                            ", " + role.getRoleId() + "}");
147                            }
148    
149                            ResourceLocalServiceUtil.addResources(
150                                    companyId, 0, ownerId, name, String.valueOf(primKey), false,
151                                    false, false);
152                    }
153    
154                    if (resourcePermission == null) {
155                            try {
156                                    resourcePermission =
157                                            ResourcePermissionLocalServiceUtil.getResourcePermission(
158                                                    companyId, name, ResourceConstants.SCOPE_INDIVIDUAL,
159                                                    String.valueOf(primKey), role.getRoleId());
160                            }
161                            catch (NoSuchResourcePermissionException nsrpe) {
162                                    return;
163                            }
164                    }
165    
166                    if (name.equals(User.class.getName())) {
167                            User user = UserLocalServiceUtil.getUserById(ownerId);
168    
169                            Contact contact = ContactLocalServiceUtil.getContact(
170                                    user.getContactId());
171    
172                            ownerId = contact.getUserId();
173                    }
174    
175                    if (ownerId != resourcePermission.getOwnerId()) {
176                            resourcePermission.setOwnerId(ownerId);
177    
178                            ResourcePermissionLocalServiceUtil.updateResourcePermission(
179                                    resourcePermission);
180                    }
181    
182                    if (_log.isInfoEnabled() &&
183                            ((resourcePermission.getResourcePermissionId() % 100) == 0)) {
184    
185                            _log.info("Processed 100 resource permissions for " + name);
186                    }
187            }
188    
189            protected void verifyModel(
190                            Role role, String name, String modelName, String pkColumnName)
191                    throws Exception {
192    
193                    Connection con = null;
194                    PreparedStatement ps = null;
195                    ResultSet rs = null;
196    
197                    try {
198                            con = DataAccess.getUpgradeOptimizedConnection();
199    
200                            ps = con.prepareStatement(
201                                    "select " + pkColumnName + ", userId AS ownerId " +
202                                            "from " + modelName + " where companyId = " +
203                                                    role.getCompanyId());
204    
205                            rs = ps.executeQuery();
206    
207                            while (rs.next()) {
208                                    long primKey = rs.getLong(pkColumnName);
209                                    long ownerId = rs.getLong("ownerId");
210    
211                                    verifyModel(role.getCompanyId(), name, primKey, role, ownerId);
212                            }
213                    }
214                    finally {
215                            DataAccess.cleanUp(con, ps, rs);
216                    }
217            }
218    
219            private static final String[][] _MODELS = new String[][] {
220                    new String[] {
221                            AnnouncementsEntry.class.getName(), "AnnouncementsEntry", "entryId"
222                    },
223                    new String[] {
224                            AssetCategory.class.getName(), "AssetCategory", "categoryId"
225                    },
226                    new String[] {
227                            AssetTag.class.getName(), "AssetTag", "tagId"
228                    },
229                    new String[] {
230                            AssetVocabulary.class.getName(), "AssetVocabulary", "vocabularyId"
231                    },
232                    new String[] {
233                            BlogsEntry.class.getName(), "BlogsEntry", "entryId"
234                    },
235                    new String[] {
236                            DDMStructure.class.getName(), "DDMStructure", "structureId"
237                    },
238                    new String[] {
239                            DDMTemplate.class.getName(), "DDMTemplate", "templateId"
240                    },
241                    new String[] {
242                            DLFileEntry.class.getName(), "DLFileEntry", "fileEntryId"
243                    },
244                    new String[] {
245                            DLFileShortcut.class.getName(), "DLFileShortcut", "fileShortcutId"
246                    },
247                    new String[] {
248                            DLFolder.class.getName(), "DLFolder", "folderId"
249                    },
250                    new String[] {
251                            JournalArticle.class.getName(), "JournalArticle", "resourcePrimKey"
252                    },
253                    new String[] {
254                            JournalFeed.class.getName(), "JournalFeed", "id_"
255                    },
256                    new String[] {
257                            Layout.class.getName(), "Layout", "plid"
258                    },
259                    new String[] {
260                            LayoutSetBranch.class.getName(), "LayoutSetBranch",
261                            "layoutSetBranchId"
262                    },
263                    new String[] {
264                            MBCategory.class.getName(), "MBCategory", "categoryId"
265                    },
266                    new String[] {
267                            MBMessage.class.getName(), "MBMessage", "messageId"
268                    },
269                    new String[] {
270                            PasswordPolicy.class.getName(), "PasswordPolicy", "passwordPolicyId"
271                    },
272                    new String[] {
273                            PollsQuestion.class.getName(), "PollsQuestion", "questionId"
274                    },
275                    new String[] {
276                            SCFrameworkVersion.class.getName(), "SCFrameworkVersion",
277                            "frameworkVersionId"
278                    },
279                    new String[] {
280                            SCProductEntry.class.getName(), "SCProductEntry", "productEntryId"
281                    },
282                    new String[] {
283                            ShoppingCategory.class.getName(), "ShoppingCategory", "categoryId"
284                    },
285                    new String[] {
286                            ShoppingItem.class.getName(), "ShoppingItem", "itemId"
287                    },
288                    new String[] {
289                            Team.class.getName(), "Team", "teamId"
290                    },
291                    new String[] {
292                            User.class.getName(), "User_", "userId"
293                    },
294                    new String[] {
295                            WikiNode.class.getName(), "WikiNode", "nodeId"
296                    },
297                    new String[] {
298                            WikiPage.class.getName(), "WikiPage", "resourcePrimKey"
299                    }
300            };
301    
302            private static final String[][] _PORTLET_ACTION_IDS = new String[][] {
303                    new String[] {
304                            "com.liferay.portlet.bookmarks", "17"
305                    },
306                    new String[] {
307                            "com.liferay.portlet.documentlibrary", "513"
308                    },
309            };
310    
311            private static Log _log = LogFactoryUtil.getLog(
312                    VerifyResourcePermissions.class);
313    
314    }