001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.upgrade.v6_1_0;
016    
017    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018    import com.liferay.portal.kernel.exception.PortalException;
019    import com.liferay.portal.kernel.exception.SystemException;
020    import com.liferay.portal.kernel.log.Log;
021    import com.liferay.portal.kernel.log.LogFactoryUtil;
022    import com.liferay.portal.kernel.upgrade.UpgradeProcess;
023    import com.liferay.portal.kernel.util.GetterUtil;
024    import com.liferay.portal.model.GroupedModel;
025    import com.liferay.portal.model.PermissionedModel;
026    import com.liferay.portal.model.ResourceBlock;
027    import com.liferay.portal.model.ResourceBlockPermissionsContainer;
028    import com.liferay.portal.model.ResourceConstants;
029    import com.liferay.portal.model.ResourcePermission;
030    import com.liferay.portal.model.RoleConstants;
031    import com.liferay.portal.security.permission.ResourceActionsUtil;
032    import com.liferay.portal.service.ResourceActionLocalServiceUtil;
033    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
034    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
035    import com.liferay.portal.service.RoleLocalServiceUtil;
036    import com.liferay.portlet.bookmarks.model.BookmarksEntry;
037    import com.liferay.portlet.bookmarks.model.BookmarksFolder;
038    
039    import java.sql.Connection;
040    import java.sql.PreparedStatement;
041    import java.sql.ResultSet;
042    
043    import java.util.List;
044    
045    /**
046     * @author Alexander Chow
047     * @author Connor McKay
048     * @author Igor Beslic
049     */
050    public class UpgradePermission extends UpgradeProcess {
051    
052            protected ResourceBlock convertResourcePermissions(
053                            long companyId, String name, long primKey)
054                    throws PortalException, SystemException {
055    
056                    PermissionedModel permissionedModel =
057                            ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);
058    
059                    long groupId = 0;
060    
061                    if (permissionedModel instanceof GroupedModel) {
062                            GroupedModel groupedModel = (GroupedModel)permissionedModel;
063    
064                            groupId = groupedModel.getGroupId();
065                    }
066    
067                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
068                            getResourceBlockPermissionsContainer(
069                                    companyId, groupId, name, primKey);
070    
071                    String permissionsHash =
072                            resourceBlockPermissionsContainer.getPermissionsHash();
073    
074                    ResourceBlock resourceBlock =
075                            ResourceBlockLocalServiceUtil.updateResourceBlockId(
076                                    companyId, groupId, name, permissionedModel, permissionsHash,
077                                    resourceBlockPermissionsContainer);
078    
079                    return resourceBlock;
080            }
081    
082            protected void convertResourcePermissions(
083                            String name, String tableName, String pkColumnName)
084                    throws Exception {
085    
086                    Connection con = null;
087                    PreparedStatement ps = null;
088                    ResultSet rs = null;
089    
090                    try {
091                            con = DataAccess.getUpgradeOptimizedConnection();
092    
093                            ps = con.prepareStatement(
094                                    "select " + pkColumnName + ", companyId from " + tableName);
095    
096                            rs = ps.executeQuery();
097    
098                            while (rs.next()) {
099                                    long primKey = rs.getLong(pkColumnName);
100                                    long companyId = rs.getLong("companyId");
101    
102                                    ResourceBlock resourceBlock = convertResourcePermissions(
103                                            companyId, name, primKey);
104    
105                                    if (_log.isInfoEnabled() &&
106                                            ((resourceBlock.getResourceBlockId() % 100) == 0)) {
107    
108                                            _log.info("Processed 100 resource blocks for " + name);
109                                    }
110                            }
111                    }
112                    finally {
113                            DataAccess.cleanUp(con, ps, rs);
114                    }
115    
116                    List<ResourcePermission> resourcePermissions =
117                            ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(
118                                    _SCOPES);
119    
120                    for (ResourcePermission resourcePermission : resourcePermissions) {
121                            int scope = resourcePermission.getScope();
122    
123                            if (!name.equals(resourcePermission.getName())) {
124                                    continue;
125                            }
126    
127                            if ((scope == ResourceConstants.SCOPE_COMPANY) ||
128                                    (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
129    
130                                    ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
131                                            resourcePermission.getCompanyId(), name,
132                                            resourcePermission.getRoleId(),
133                                            resourcePermission.getActionIds());
134                            }
135                            else if (scope == ResourceConstants.SCOPE_GROUP) {
136                                    ResourceBlockLocalServiceUtil.setGroupScopePermissions(
137                                            resourcePermission.getCompanyId(),
138                                            GetterUtil.getLong(resourcePermission.getPrimaryKey()),
139                                            name, resourcePermission.getRoleId(),
140                                            resourcePermission.getActionIds());
141                            }
142                    }
143            }
144    
145            @Override
146            protected void doUpgrade() throws Exception {
147    
148                    // LPS-14202 and LPS-17841
149    
150                    RoleLocalServiceUtil.checkSystemRoles();
151    
152                    updatePermissions("com.liferay.portlet.bookmarks", true, true);
153                    updatePermissions("com.liferay.portlet.documentlibrary", false, true);
154                    updatePermissions("com.liferay.portlet.imagegallery", true, true);
155                    updatePermissions("com.liferay.portlet.messageboards", true, true);
156                    updatePermissions("com.liferay.portlet.shopping", true, true);
157    
158                    convertResourcePermissions(
159                            BookmarksEntry.class.getName(), "BookmarksEntry", "entryId");
160                    convertResourcePermissions(
161                            BookmarksFolder.class.getName(), "BookmarksFolder", "folderId");
162            }
163    
164            protected ResourceBlockPermissionsContainer
165                            getResourceBlockPermissionsContainer(
166                                    long companyId, long groupId, String name, long primKey)
167                    throws SystemException {
168    
169                    ResourceBlockPermissionsContainer resourceBlockPermissionContainer =
170                            new ResourceBlockPermissionsContainer();
171    
172                    List<ResourcePermission> resourcePermissions =
173                            ResourcePermissionLocalServiceUtil.getResourceResourcePermissions(
174                                    companyId, groupId, name, String.valueOf(primKey));
175    
176                    for (ResourcePermission resourcePermission : resourcePermissions) {
177                            resourceBlockPermissionContainer.addPermission(
178                                    resourcePermission.getRoleId(),
179                                    resourcePermission.getActionIds());
180                    }
181    
182                    return resourceBlockPermissionContainer;
183            }
184    
185            protected void updatePermissions(
186                            String name, boolean community, boolean guest)
187                    throws Exception {
188    
189                    List<String> modelActions = ResourceActionsUtil.getModelResourceActions(
190                            name);
191    
192                    ResourceActionLocalServiceUtil.checkResourceActions(name, modelActions);
193    
194                    int scope = ResourceConstants.SCOPE_INDIVIDUAL;
195                    long actionIdsLong = 1;
196    
197                    if (community) {
198                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
199                                    name, RoleConstants.ORGANIZATION_USER, scope, actionIdsLong);
200                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
201                                    name, RoleConstants.SITE_MEMBER, scope, actionIdsLong);
202                    }
203    
204                    if (guest) {
205                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
206                                    name, RoleConstants.GUEST, scope, actionIdsLong);
207                    }
208    
209                    ResourcePermissionLocalServiceUtil.addResourcePermissions(
210                            name, RoleConstants.OWNER, scope, actionIdsLong);
211            }
212    
213            private static final int[] _SCOPES = {
214                    ResourceConstants.SCOPE_COMPANY, ResourceConstants.SCOPE_GROUP,
215                    ResourceConstants.SCOPE_GROUP_TEMPLATE
216            };
217    
218            private static Log _log = LogFactoryUtil.getLog(UpgradePermission.class);
219    
220    }