001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchResourcePermissionException;
018 import com.liferay.portal.kernel.concurrent.LockRegistry;
019 import com.liferay.portal.kernel.dao.db.DB;
020 import com.liferay.portal.kernel.dao.db.DBFactoryUtil;
021 import com.liferay.portal.kernel.dao.orm.QueryPos;
022 import com.liferay.portal.kernel.dao.orm.SQLQuery;
023 import com.liferay.portal.kernel.dao.orm.Session;
024 import com.liferay.portal.kernel.dao.orm.Type;
025 import com.liferay.portal.kernel.exception.PortalException;
026 import com.liferay.portal.kernel.exception.SystemException;
027 import com.liferay.portal.kernel.search.SearchEngineUtil;
028 import com.liferay.portal.kernel.util.ArrayUtil;
029 import com.liferay.portal.kernel.util.ListUtil;
030 import com.liferay.portal.kernel.util.StringBundler;
031 import com.liferay.portal.kernel.util.StringPool;
032 import com.liferay.portal.kernel.util.StringUtil;
033 import com.liferay.portal.model.Resource;
034 import com.liferay.portal.model.ResourceAction;
035 import com.liferay.portal.model.ResourceConstants;
036 import com.liferay.portal.model.ResourcePermission;
037 import com.liferay.portal.model.ResourcePermissionConstants;
038 import com.liferay.portal.model.Role;
039 import com.liferay.portal.model.RoleConstants;
040 import com.liferay.portal.security.auth.PrincipalException;
041 import com.liferay.portal.security.permission.PermissionCacheUtil;
042 import com.liferay.portal.security.permission.PermissionThreadLocal;
043 import com.liferay.portal.security.permission.ResourceActionsUtil;
044 import com.liferay.portal.service.base.ResourcePermissionLocalServiceBaseImpl;
045 import com.liferay.portal.util.PortalUtil;
046 import com.liferay.portal.util.PropsValues;
047 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
048 import com.liferay.util.dao.orm.CustomSQLUtil;
049
050 import java.util.ArrayList;
051 import java.util.Collection;
052 import java.util.Collections;
053 import java.util.HashMap;
054 import java.util.HashSet;
055 import java.util.List;
056 import java.util.Map;
057 import java.util.Set;
058 import java.util.concurrent.locks.Lock;
059
060
074 public class ResourcePermissionLocalServiceImpl
075 extends ResourcePermissionLocalServiceBaseImpl {
076
077
080 public static final String[] EMPTY_ACTION_IDS = {null};
081
082
121 @Override
122 public void addResourcePermission(
123 long companyId, String name, int scope, String primKey, long roleId,
124 String actionId)
125 throws PortalException, SystemException {
126
127 if (scope == ResourceConstants.SCOPE_COMPANY) {
128
129
130
131 removeResourcePermissions(
132 companyId, name, ResourceConstants.SCOPE_GROUP, roleId,
133 actionId);
134 }
135 else if (scope == ResourceConstants.SCOPE_GROUP) {
136
137
138
139 removeResourcePermissions(
140 companyId, name, ResourceConstants.SCOPE_COMPANY, roleId,
141 actionId);
142 }
143 else if (scope == ResourceConstants.SCOPE_INDIVIDUAL) {
144 throw new NoSuchResourcePermissionException();
145 }
146
147 updateResourcePermission(
148 companyId, name, scope, primKey, roleId, 0, new String[] {actionId},
149 ResourcePermissionConstants.OPERATOR_ADD);
150
151 PermissionCacheUtil.clearCache();
152 }
153
154
172 @Override
173 public void addResourcePermissions(
174 String resourceName, String roleName, int scope,
175 long resourceActionBitwiseValue)
176 throws SystemException {
177
178 List<Role> roles = rolePersistence.findByName(roleName);
179
180 if (roles.isEmpty()) {
181 return;
182 }
183
184 Session session = resourcePermissionPersistence.openSession();
185
186 try {
187
188
189
190 String sql = CustomSQLUtil.get(_UPDATE_ACTION_IDS);
191
192 sql = StringUtil.replace(
193 sql, "[$ROLE_ID$]",
194 ListUtil.toString(roles, Role.ROLE_ID_ACCESSOR));
195
196 SQLQuery sqlQuery = session.createSQLQuery(sql);
197
198 QueryPos qPos = QueryPos.getInstance(sqlQuery);
199
200 qPos.add(resourceActionBitwiseValue);
201 qPos.add(resourceActionBitwiseValue);
202 qPos.add(resourceName);
203 qPos.add(scope);
204
205 sqlQuery.executeUpdate();
206
207
208
209 sql = CustomSQLUtil.get(_FIND_MISSING_RESOURCE_PERMISSIONS);
210
211 sqlQuery = session.createSQLQuery(sql);
212
213 sqlQuery.addScalar("companyId", Type.LONG);
214 sqlQuery.addScalar("name", Type.STRING);
215 sqlQuery.addScalar("scope", Type.INTEGER);
216 sqlQuery.addScalar("primKey", Type.STRING);
217 sqlQuery.addScalar("roleId", Type.LONG);
218
219 qPos = QueryPos.getInstance(sqlQuery);
220
221 qPos.add(resourceName);
222 qPos.add(scope);
223 qPos.add(roleName);
224
225 List<Object[]> resourcePermissionArrays = sqlQuery.list(true);
226
227 if (resourcePermissionArrays.isEmpty()) {
228 return;
229 }
230
231 for (Object[] resourcePermissionArray : resourcePermissionArrays) {
232 long resourcePermissionId = counterLocalService.increment(
233 ResourcePermission.class.getName());
234
235 ResourcePermission resourcePermission =
236 resourcePermissionPersistence.create(resourcePermissionId);
237
238 resourcePermission.setCompanyId(
239 (Long)resourcePermissionArray[0]);
240 resourcePermission.setName((String)resourcePermissionArray[1]);
241 resourcePermission.setScope(
242 (Integer)resourcePermissionArray[2]);
243 resourcePermission.setPrimKey(
244 (String)resourcePermissionArray[3]);
245 resourcePermission.setRoleId((Long)resourcePermissionArray[4]);
246 resourcePermission.setActionIds(resourceActionBitwiseValue);
247
248 session.save(resourcePermission);
249 }
250 }
251 catch (Exception e) {
252 throw new SystemException(e);
253 }
254 finally {
255 resourcePermissionPersistence.closeSession(session);
256
257 resourcePermissionPersistence.clearCache();
258 }
259 }
260
261
284 @Override
285 public void deleteResourcePermissions(
286 long companyId, String name, int scope, long primKey)
287 throws PortalException, SystemException {
288
289 deleteResourcePermissions(
290 companyId, name, scope, String.valueOf(primKey));
291 }
292
293
316 @Override
317 public void deleteResourcePermissions(
318 long companyId, String name, int scope, String primKey)
319 throws PortalException, SystemException {
320
321 List<ResourcePermission> resourcePermissions =
322 resourcePermissionPersistence.findByC_N_S_P(
323 companyId, name, scope, primKey);
324
325 for (ResourcePermission resourcePermission : resourcePermissions) {
326 deleteResourcePermission(
327 resourcePermission.getResourcePermissionId());
328 }
329 }
330
331 @Override
332 public ResourcePermission fetchResourcePermission(
333 long companyId, String name, int scope, String primKey, long roleId)
334 throws SystemException {
335
336 return resourcePermissionPersistence.fetchByC_N_S_P_R(
337 companyId, name, scope, primKey, roleId);
338 }
339
340
357 @Override
358 public List<String> getAvailableResourcePermissionActionIds(
359 long companyId, String name, int scope, String primKey, long roleId,
360 Collection<String> actionIds)
361 throws PortalException, SystemException {
362
363 ResourcePermission resourcePermission =
364 resourcePermissionPersistence.fetchByC_N_S_P_R(
365 companyId, name, scope, primKey, roleId);
366
367 if (resourcePermission == null) {
368 return Collections.emptyList();
369 }
370
371 List<String> availableActionIds = new ArrayList<String>(
372 actionIds.size());
373
374 for (String actionId : actionIds) {
375 ResourceAction resourceAction =
376 resourceActionLocalService.getResourceAction(name, actionId);
377
378 if (hasActionId(resourcePermission, resourceAction)) {
379 availableActionIds.add(actionId);
380 }
381 }
382
383 return availableActionIds;
384 }
385
386 @Override
387 public Map<Long, Set<String>> getAvailableResourcePermissionActionIds(
388 long companyId, String name, int scope, String primKey,
389 long[] roleIds, Collection<String> actionIds)
390 throws PortalException, SystemException {
391
392 List<ResourcePermission> resourcePermissions =
393 resourcePermissionPersistence.findByC_N_S_P_R(
394 companyId, name, scope, primKey, roleIds);
395
396 if (resourcePermissions.isEmpty()) {
397 return Collections.emptyMap();
398 }
399
400 Map<Long, Set<String>> roleIdsToActionIds =
401 new HashMap<Long, Set<String>>();
402
403 for (ResourcePermission resourcePermission : resourcePermissions) {
404 long roleId = resourcePermission.getRoleId();
405
406 Set<String> availableActionIds = roleIdsToActionIds.get(roleId);
407
408 if (availableActionIds != null) {
409 continue;
410 }
411
412 availableActionIds = new HashSet<String>();
413
414 roleIdsToActionIds.put(roleId, availableActionIds);
415
416 for (String actionId : actionIds) {
417 ResourceAction resourceAction =
418 resourceActionLocalService.getResourceAction(
419 name, actionId);
420
421 if (hasActionId(resourcePermission, resourceAction)) {
422 availableActionIds.add(actionId);
423 }
424 }
425 }
426
427 return roleIdsToActionIds;
428 }
429
430
445 @Override
446 public ResourcePermission getResourcePermission(
447 long companyId, String name, int scope, String primKey, long roleId)
448 throws PortalException, SystemException {
449
450 return resourcePermissionPersistence.findByC_N_S_P_R(
451 companyId, name, scope, primKey, roleId);
452 }
453
454
465 @Override
466 public List<ResourcePermission> getResourcePermissions(
467 long companyId, String name, int scope, String primKey)
468 throws SystemException {
469
470 return resourcePermissionPersistence.findByC_N_S_P(
471 companyId, name, scope, primKey);
472 }
473
474
485 @Override
486 public int getResourcePermissionsCount(
487 long companyId, String name, int scope, String primKey)
488 throws SystemException {
489
490 return resourcePermissionPersistence.countByC_N_S_P(
491 companyId, name, scope, primKey);
492 }
493
494
505 @Override
506 public List<ResourcePermission> getResourceResourcePermissions(
507 long companyId, long groupId, String name, String primKey)
508 throws SystemException {
509
510 return resourcePermissionFinder.findByResource(
511 companyId, groupId, name, primKey);
512 }
513
514
521 @Override
522 public List<ResourcePermission> getRoleResourcePermissions(long roleId)
523 throws SystemException {
524
525 return resourcePermissionPersistence.findByRoleId(roleId);
526 }
527
528
549 @Override
550 public List<ResourcePermission> getRoleResourcePermissions(
551 long roleId, int[] scopes, int start, int end)
552 throws SystemException {
553
554 return resourcePermissionFinder.findByR_S(roleId, scopes, start, end);
555 }
556
557
574 @Override
575 public List<ResourcePermission> getScopeResourcePermissions(int[] scopes)
576 throws SystemException {
577
578 return resourcePermissionPersistence.findByScope(scopes);
579 }
580
581
592 @Override
593 public boolean hasActionId(
594 ResourcePermission resourcePermission, ResourceAction resourceAction) {
595
596 long actionIds = resourcePermission.getActionIds();
597 long bitwiseValue = resourceAction.getBitwiseValue();
598
599 if ((actionIds & bitwiseValue) == bitwiseValue) {
600 return true;
601 }
602 else {
603 return false;
604 }
605 }
606
607
628 @Override
629 public boolean hasResourcePermission(
630 List<Resource> resources, long[] roleIds, String actionId)
631 throws PortalException, SystemException {
632
633
634
635
636
637
638
639 for (int i = resources.size() - 1; i >= 0; i--) {
640 Resource resource = resources.get(i);
641
642 if (hasResourcePermission(
643 resource.getCompanyId(), resource.getName(),
644 resource.getScope(), resource.getPrimKey(), roleIds,
645 actionId)) {
646
647 return true;
648 }
649 }
650
651 return false;
652 }
653
654
677 @Override
678 public boolean hasResourcePermission(
679 long companyId, String name, int scope, String primKey, long roleId,
680 String actionId)
681 throws PortalException, SystemException {
682
683 ResourcePermission resourcePermission =
684 resourcePermissionPersistence.fetchByC_N_S_P_R(
685 companyId, name, scope, primKey, roleId);
686
687 if (resourcePermission == null) {
688 return false;
689 }
690
691 ResourceAction resourceAction =
692 resourceActionLocalService.getResourceAction(name, actionId);
693
694 if (hasActionId(resourcePermission, resourceAction)) {
695 return true;
696 }
697
698 return false;
699 }
700
701
725 @Override
726 public boolean hasResourcePermission(
727 long companyId, String name, int scope, String primKey,
728 long[] roleIds, String actionId)
729 throws PortalException, SystemException {
730
731 ResourceAction resourceAction =
732 resourceActionLocalService.getResourceAction(name, actionId);
733
734 DB db = DBFactoryUtil.getDB();
735
736 String dbType = db.getType();
737
738 if ((roleIds.length >
739 PropsValues.
740 PERMISSIONS_ROLE_RESOURCE_PERMISSION_QUERY_THRESHOLD) &&
741 !dbType.equals(DB.TYPE_DERBY) &&
742 !dbType.equals(DB.TYPE_JDATASTORE) &&
743 !dbType.equals(DB.TYPE_SAP)) {
744
745 int count = resourcePermissionFinder.countByC_N_S_P_R_A(
746 companyId, name, scope, primKey, roleIds,
747 resourceAction.getBitwiseValue());
748
749 if (count > 0) {
750 return true;
751 }
752 }
753 else {
754 List<ResourcePermission> resourcePermissions =
755 resourcePermissionPersistence.findByC_N_S_P_R(
756 companyId, name, scope, primKey, roleIds);
757
758 if (resourcePermissions.isEmpty()) {
759 return false;
760 }
761
762 for (ResourcePermission resourcePermission : resourcePermissions) {
763 if (hasActionId(resourcePermission, resourceAction)) {
764 return true;
765 }
766 }
767 }
768
769 return false;
770 }
771
772 @Override
773 public boolean[] hasResourcePermissions(
774 long companyId, String name, int scope, String primKey,
775 long[] roleIds, String actionId)
776 throws PortalException, SystemException {
777
778 ResourceAction resourceAction =
779 resourceActionLocalService.getResourceAction(name, actionId);
780
781 List<ResourcePermission> resourcePermissions =
782 resourcePermissionPersistence.findByC_N_S_P_R(
783 companyId, name, scope, primKey, roleIds);
784
785 boolean[] hasResourcePermissions = new boolean[roleIds.length];
786
787 if (resourcePermissions.isEmpty()) {
788 return hasResourcePermissions;
789 }
790
791 for (ResourcePermission resourcePermission : resourcePermissions) {
792 if (hasActionId(resourcePermission, resourceAction)) {
793 long roleId = resourcePermission.getRoleId();
794
795 for (int i = 0; i < roleIds.length; i++) {
796 if (roleIds[i] == roleId) {
797 hasResourcePermissions[i] = true;
798 }
799 }
800 }
801 }
802
803 return hasResourcePermissions;
804 }
805
806
828 @Override
829 public boolean hasScopeResourcePermission(
830 long companyId, String name, int scope, long roleId,
831 String actionId)
832 throws PortalException, SystemException {
833
834 List<ResourcePermission> resourcePermissions =
835 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
836
837 for (ResourcePermission resourcePermission : resourcePermissions) {
838 if (hasResourcePermission(
839 companyId, name, scope, resourcePermission.getPrimKey(),
840 roleId, actionId)) {
841
842 return true;
843 }
844 }
845
846 return false;
847 }
848
849
858 @Override
859 public void mergePermissions(long fromRoleId, long toRoleId)
860 throws PortalException, SystemException {
861
862 Role fromRole = rolePersistence.findByPrimaryKey(fromRoleId);
863 Role toRole = rolePersistence.findByPrimaryKey(toRoleId);
864
865 if (fromRole.getType() != toRole.getType()) {
866 throw new PortalException("Role types are mismatched");
867 }
868 else if (PortalUtil.isSystemRole(toRole.getName())) {
869 throw new PortalException("Cannot move permissions to system role");
870 }
871 else if (PortalUtil.isSystemRole(fromRole.getName())) {
872 throw new PortalException(
873 "Cannot move permissions from system role");
874 }
875
876 List<ResourcePermission> resourcePermissions =
877 getRoleResourcePermissions(fromRoleId);
878
879 for (ResourcePermission resourcePermission : resourcePermissions) {
880 resourcePermission.setRoleId(toRoleId);
881
882 resourcePermissionPersistence.update(resourcePermission);
883 }
884
885 roleLocalService.deleteRole(fromRoleId);
886
887 PermissionCacheUtil.clearCache();
888 }
889
890
902 @Override
903 public void reassignPermissions(long resourcePermissionId, long toRoleId)
904 throws PortalException, SystemException {
905
906 ResourcePermission resourcePermission = getResourcePermission(
907 resourcePermissionId);
908
909 long companyId = resourcePermission.getCompanyId();
910 String name = resourcePermission.getName();
911 int scope = resourcePermission.getScope();
912 String primKey = resourcePermission.getPrimKey();
913 long fromRoleId = resourcePermission.getRoleId();
914
915 Role toRole = roleLocalService.getRole(toRoleId);
916
917 List<String> actionIds = null;
918
919 if (toRole.getType() == RoleConstants.TYPE_REGULAR) {
920 actionIds = ResourceActionsUtil.getModelResourceActions(name);
921 }
922 else {
923 actionIds = ResourceActionsUtil.getModelResourceGroupDefaultActions(
924 name);
925 }
926
927 setResourcePermissions(
928 companyId, name, scope, primKey, toRoleId,
929 actionIds.toArray(new String[actionIds.size()]));
930
931 resourcePermissionPersistence.remove(resourcePermissionId);
932
933 List<ResourcePermission> resourcePermissions =
934 getRoleResourcePermissions(fromRoleId);
935
936 if (resourcePermissions.isEmpty()) {
937 roleLocalService.deleteRole(fromRoleId);
938 }
939 }
940
941
963 @Override
964 public void removeResourcePermission(
965 long companyId, String name, int scope, String primKey, long roleId,
966 String actionId)
967 throws PortalException, SystemException {
968
969 updateResourcePermission(
970 companyId, name, scope, primKey, roleId, 0, new String[] {actionId},
971 ResourcePermissionConstants.OPERATOR_REMOVE);
972
973 PermissionCacheUtil.clearCache();
974 }
975
976
992 @Override
993 public void removeResourcePermissions(
994 long companyId, String name, int scope, long roleId,
995 String actionId)
996 throws PortalException, SystemException {
997
998 List<ResourcePermission> resourcePermissions =
999 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
1000
1001 for (ResourcePermission resourcePermission : resourcePermissions) {
1002 updateResourcePermission(
1003 companyId, name, scope, resourcePermission.getPrimKey(), roleId,
1004 0, new String[] {actionId},
1005 ResourcePermissionConstants.OPERATOR_REMOVE);
1006 }
1007
1008 PermissionCacheUtil.clearCache();
1009 }
1010
1011
1041 @Override
1042 public void setOwnerResourcePermissions(
1043 long companyId, String name, int scope, String primKey, long roleId,
1044 long ownerId, String[] actionIds)
1045 throws PortalException, SystemException {
1046
1047 updateResourcePermission(
1048 companyId, name, scope, primKey, roleId, ownerId, actionIds,
1049 ResourcePermissionConstants.OPERATOR_SET);
1050 }
1051
1052
1079 @Override
1080 public void setResourcePermissions(
1081 long companyId, String name, int scope, String primKey, long roleId,
1082 String[] actionIds)
1083 throws PortalException, SystemException {
1084
1085 updateResourcePermission(
1086 companyId, name, scope, primKey, roleId, 0, actionIds,
1087 ResourcePermissionConstants.OPERATOR_SET);
1088 }
1089
1090
1116 @Override
1117 public void setResourcePermissions(
1118 long companyId, String name, int scope, String primKey,
1119 Map<Long, String[]> roleIdsToActionIds)
1120 throws PortalException, SystemException {
1121
1122 updateResourcePermission(
1123 companyId, name, scope, primKey, 0, roleIdsToActionIds);
1124 }
1125
1126 protected void doUpdateResourcePermission(
1127 long companyId, String name, int scope, String primKey,
1128 long ownerId, long roleId, String[] actionIds, int operator,
1129 boolean fetch)
1130 throws PortalException, SystemException {
1131
1132 ResourcePermission resourcePermission = null;
1133
1134 Map<Long, ResourcePermission> resourcePermissionsMap =
1135 ResourcePermissionsThreadLocal.getResourcePermissions();
1136
1137 if (resourcePermissionsMap != null) {
1138 resourcePermission = resourcePermissionsMap.get(roleId);
1139 }
1140 else if (fetch) {
1141 resourcePermission = resourcePermissionPersistence.fetchByC_N_S_P_R(
1142 companyId, name, scope, primKey, roleId);
1143 }
1144
1145 if (resourcePermission == null) {
1146 if (((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1147 (operator == ResourcePermissionConstants.OPERATOR_SET)) &&
1148 (actionIds.length == 0)) {
1149
1150 return;
1151 }
1152
1153 if (operator == ResourcePermissionConstants.OPERATOR_REMOVE) {
1154 return;
1155 }
1156
1157 long resourcePermissionId = counterLocalService.increment(
1158 ResourcePermission.class.getName());
1159
1160 resourcePermission = resourcePermissionPersistence.create(
1161 resourcePermissionId);
1162
1163 resourcePermission.setCompanyId(companyId);
1164 resourcePermission.setName(name);
1165 resourcePermission.setScope(scope);
1166 resourcePermission.setPrimKey(primKey);
1167 resourcePermission.setRoleId(roleId);
1168 resourcePermission.setOwnerId(ownerId);
1169 }
1170
1171 List<String> unsupportedActionIds = Collections.emptyList();
1172
1173 if (((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1174 (operator == ResourcePermissionConstants.OPERATOR_SET)) &&
1175 isGuestRoleId(companyId, roleId)) {
1176
1177 unsupportedActionIds =
1178 ResourceActionsUtil.getResourceGuestUnsupportedActions(
1179 name, name);
1180 }
1181
1182 long actionIdsLong = resourcePermission.getActionIds();
1183
1184 if (operator == ResourcePermissionConstants.OPERATOR_SET) {
1185 actionIdsLong = 0;
1186 }
1187
1188 for (String actionId : actionIds) {
1189 if (actionId == null) {
1190 break;
1191 }
1192
1193 if (unsupportedActionIds.contains(actionId)) {
1194 throw new PrincipalException(
1195 actionId + "is not supported by role " + roleId);
1196 }
1197
1198 ResourceAction resourceAction =
1199 resourceActionLocalService.getResourceAction(name, actionId);
1200
1201 if ((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1202 (operator == ResourcePermissionConstants.OPERATOR_SET)) {
1203
1204 actionIdsLong |= resourceAction.getBitwiseValue();
1205 }
1206 else {
1207 actionIdsLong =
1208 actionIdsLong & (~resourceAction.getBitwiseValue());
1209 }
1210 }
1211
1212 resourcePermission.setActionIds(actionIdsLong);
1213
1214 resourcePermissionPersistence.update(resourcePermission);
1215
1216 PermissionCacheUtil.clearCache();
1217
1218 SearchEngineUtil.updatePermissionFields(name, primKey);
1219 }
1220
1221 protected void doUpdateResourcePermission(
1222 long companyId, String name, int scope, String primKey,
1223 long ownerId, Map<Long, String[]> roleIdsToActionIds)
1224 throws PortalException, SystemException {
1225
1226 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
1227
1228 PermissionThreadLocal.setIndexEnabled(false);
1229
1230 try {
1231 long[] roleIds = ArrayUtil.toLongArray(roleIdsToActionIds.keySet());
1232
1233 List<ResourcePermission> resourcePermissions =
1234 resourcePermissionPersistence.findByC_N_S_P_R(
1235 companyId, name, scope, primKey, roleIds);
1236
1237 for (ResourcePermission resourcePermission : resourcePermissions) {
1238 long roleId = resourcePermission.getRoleId();
1239 String[] actionIds = roleIdsToActionIds.remove(roleId);
1240
1241 doUpdateResourcePermission(
1242 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1243 ResourcePermissionConstants.OPERATOR_SET, true);
1244 }
1245
1246 if (roleIdsToActionIds.isEmpty()) {
1247 return;
1248 }
1249
1250 for (Map.Entry<Long, String[]> entry :
1251 roleIdsToActionIds.entrySet()) {
1252
1253 long roleId = entry.getKey();
1254 String[] actionIds = entry.getValue();
1255
1256 doUpdateResourcePermission(
1257 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1258 ResourcePermissionConstants.OPERATOR_SET, false);
1259 }
1260 }
1261 finally {
1262 PermissionThreadLocal.setIndexEnabled(flushEnabled);
1263
1264 PermissionCacheUtil.clearCache();
1265
1266 SearchEngineUtil.updatePermissionFields(name, primKey);
1267 }
1268 }
1269
1270 protected boolean isGuestRoleId(long companyId, long roleId)
1271 throws PortalException, SystemException {
1272
1273 Role guestRole = roleLocalService.getRole(
1274 companyId, RoleConstants.GUEST);
1275
1276 if (roleId == guestRole.getRoleId()) {
1277 return true;
1278 }
1279
1280 return false;
1281 }
1282
1283
1311 protected void updateResourcePermission(
1312 long companyId, String name, int scope, String primKey, long roleId,
1313 long ownerId, String[] actionIds, int operator)
1314 throws PortalException, SystemException {
1315
1316 DB db = DBFactoryUtil.getDB();
1317
1318 String dbType = db.getType();
1319
1320 if (!dbType.equals(DB.TYPE_HYPERSONIC)) {
1321 doUpdateResourcePermission(
1322 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1323 operator, true);
1324
1325 return;
1326 }
1327
1328 StringBundler sb = new StringBundler(9);
1329
1330 sb.append(companyId);
1331 sb.append(StringPool.POUND);
1332 sb.append(name);
1333 sb.append(StringPool.POUND);
1334 sb.append(scope);
1335 sb.append(StringPool.POUND);
1336 sb.append(primKey);
1337 sb.append(StringPool.POUND);
1338 sb.append(roleId);
1339
1340 Class<?> clazz = getClass();
1341
1342 String groupName = clazz.getName();
1343
1344 String key = sb.toString();
1345
1346 Lock lock = LockRegistry.allocateLock(groupName, key);
1347
1348 lock.lock();
1349
1350 try {
1351 doUpdateResourcePermission(
1352 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1353 operator, true);
1354 }
1355 finally {
1356 lock.unlock();
1357
1358 LockRegistry.freeLock(groupName, key);
1359 }
1360 }
1361
1362
1385 protected void updateResourcePermission(
1386 long companyId, String name, int scope, String primKey,
1387 long ownerId, Map<Long, String[]> roleIdsToActionIds)
1388 throws PortalException, SystemException {
1389
1390 DB db = DBFactoryUtil.getDB();
1391
1392 String dbType = db.getType();
1393
1394 if (!dbType.equals(DB.TYPE_HYPERSONIC)) {
1395 doUpdateResourcePermission(
1396 companyId, name, scope, primKey, ownerId, roleIdsToActionIds);
1397
1398 return;
1399 }
1400
1401 StringBundler sb = new StringBundler(9);
1402
1403 sb.append(companyId);
1404 sb.append(StringPool.POUND);
1405 sb.append(name);
1406 sb.append(StringPool.POUND);
1407 sb.append(scope);
1408 sb.append(StringPool.POUND);
1409 sb.append(primKey);
1410 sb.append(StringPool.POUND);
1411 sb.append(StringUtil.merge(roleIdsToActionIds.keySet()));
1412
1413 Class<?> clazz = getClass();
1414
1415 String groupName = clazz.getName();
1416
1417 String key = sb.toString();
1418
1419 Lock lock = LockRegistry.allocateLock(groupName, key);
1420
1421 lock.lock();
1422
1423 try {
1424 doUpdateResourcePermission(
1425 companyId, name, scope, primKey, ownerId, roleIdsToActionIds);
1426 }
1427 finally {
1428 lock.unlock();
1429
1430 LockRegistry.freeLock(groupName, key);
1431 }
1432 }
1433
1434 private static final String _FIND_MISSING_RESOURCE_PERMISSIONS =
1435 ResourcePermissionLocalServiceImpl.class.getName() +
1436 ".findMissingResourcePermissions";
1437
1438 private static final String _UPDATE_ACTION_IDS =
1439 ResourcePermissionLocalServiceImpl.class.getName() + ".updateActionIds";
1440
1441 }