001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchResourcePermissionException;
018 import com.liferay.portal.kernel.concurrent.LockRegistry;
019 import com.liferay.portal.kernel.dao.db.DB;
020 import com.liferay.portal.kernel.dao.db.DBFactoryUtil;
021 import com.liferay.portal.kernel.dao.orm.QueryPos;
022 import com.liferay.portal.kernel.dao.orm.SQLQuery;
023 import com.liferay.portal.kernel.dao.orm.Session;
024 import com.liferay.portal.kernel.dao.orm.Type;
025 import com.liferay.portal.kernel.exception.PortalException;
026 import com.liferay.portal.kernel.exception.SystemException;
027 import com.liferay.portal.kernel.search.SearchEngineUtil;
028 import com.liferay.portal.kernel.util.ArrayUtil;
029 import com.liferay.portal.kernel.util.ListUtil;
030 import com.liferay.portal.kernel.util.StringBundler;
031 import com.liferay.portal.kernel.util.StringPool;
032 import com.liferay.portal.kernel.util.StringUtil;
033 import com.liferay.portal.model.Resource;
034 import com.liferay.portal.model.ResourceAction;
035 import com.liferay.portal.model.ResourceConstants;
036 import com.liferay.portal.model.ResourcePermission;
037 import com.liferay.portal.model.ResourcePermissionConstants;
038 import com.liferay.portal.model.Role;
039 import com.liferay.portal.model.RoleConstants;
040 import com.liferay.portal.security.auth.PrincipalException;
041 import com.liferay.portal.security.permission.PermissionCacheUtil;
042 import com.liferay.portal.security.permission.PermissionThreadLocal;
043 import com.liferay.portal.security.permission.ResourceActionsUtil;
044 import com.liferay.portal.service.base.ResourcePermissionLocalServiceBaseImpl;
045 import com.liferay.portal.util.PortalUtil;
046 import com.liferay.portal.util.PropsValues;
047 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
048 import com.liferay.util.dao.orm.CustomSQLUtil;
049
050 import java.util.ArrayList;
051 import java.util.Collection;
052 import java.util.Collections;
053 import java.util.HashMap;
054 import java.util.HashSet;
055 import java.util.List;
056 import java.util.Map;
057 import java.util.Set;
058 import java.util.concurrent.locks.Lock;
059
060
074 public class ResourcePermissionLocalServiceImpl
075 extends ResourcePermissionLocalServiceBaseImpl {
076
077
080 public static final String[] EMPTY_ACTION_IDS = {null};
081
082
121 @Override
122 public void addResourcePermission(
123 long companyId, String name, int scope, String primKey, long roleId,
124 String actionId)
125 throws PortalException, SystemException {
126
127 if (scope == ResourceConstants.SCOPE_COMPANY) {
128
129
130
131 removeResourcePermissions(
132 companyId, name, ResourceConstants.SCOPE_GROUP, roleId,
133 actionId);
134 }
135 else if (scope == ResourceConstants.SCOPE_GROUP) {
136
137
138
139 removeResourcePermissions(
140 companyId, name, ResourceConstants.SCOPE_COMPANY, roleId,
141 actionId);
142 }
143 else if (scope == ResourceConstants.SCOPE_INDIVIDUAL) {
144 throw new NoSuchResourcePermissionException();
145 }
146
147 updateResourcePermission(
148 companyId, name, scope, primKey, roleId, 0, new String[] {actionId},
149 ResourcePermissionConstants.OPERATOR_ADD);
150
151 PermissionCacheUtil.clearCache();
152 }
153
154
172 @Override
173 public void addResourcePermissions(
174 String resourceName, String roleName, int scope,
175 long resourceActionBitwiseValue)
176 throws SystemException {
177
178 List<Role> roles = rolePersistence.findByName(roleName);
179
180 if (roles.isEmpty()) {
181 return;
182 }
183
184 Session session = resourcePermissionPersistence.openSession();
185
186 try {
187
188
189
190 String sql = CustomSQLUtil.get(_UPDATE_ACTION_IDS);
191
192 sql = StringUtil.replace(
193 sql, "[$ROLE_ID$]",
194 ListUtil.toString(roles, Role.ROLE_ID_ACCESSOR));
195
196 SQLQuery sqlQuery = session.createSQLQuery(sql);
197
198 QueryPos qPos = QueryPos.getInstance(sqlQuery);
199
200 qPos.add(resourceActionBitwiseValue);
201 qPos.add(resourceActionBitwiseValue);
202 qPos.add(resourceName);
203 qPos.add(scope);
204
205 sqlQuery.executeUpdate();
206
207
208
209 sql = CustomSQLUtil.get(_FIND_MISSING_RESOURCE_PERMISSIONS);
210
211 sqlQuery = session.createSQLQuery(sql);
212
213 sqlQuery.addScalar("companyId", Type.LONG);
214 sqlQuery.addScalar("name", Type.STRING);
215 sqlQuery.addScalar("scope", Type.INTEGER);
216 sqlQuery.addScalar("primKey", Type.STRING);
217 sqlQuery.addScalar("roleId", Type.LONG);
218
219 qPos = QueryPos.getInstance(sqlQuery);
220
221 qPos.add(resourceName);
222 qPos.add(scope);
223 qPos.add(roleName);
224
225 List<Object[]> resourcePermissionArrays = sqlQuery.list(true);
226
227 if (resourcePermissionArrays.isEmpty()) {
228 return;
229 }
230
231 for (Object[] resourcePermissionArray : resourcePermissionArrays) {
232 long resourcePermissionId = counterLocalService.increment(
233 ResourcePermission.class.getName());
234
235 ResourcePermission resourcePermission =
236 resourcePermissionPersistence.create(resourcePermissionId);
237
238 resourcePermission.setCompanyId(
239 (Long)resourcePermissionArray[0]);
240 resourcePermission.setName((String)resourcePermissionArray[1]);
241 resourcePermission.setScope(
242 (Integer)resourcePermissionArray[2]);
243 resourcePermission.setPrimKey(
244 (String)resourcePermissionArray[3]);
245 resourcePermission.setRoleId((Long)resourcePermissionArray[4]);
246 resourcePermission.setActionIds(resourceActionBitwiseValue);
247
248 session.save(resourcePermission);
249 }
250 }
251 catch (Exception e) {
252 throw new SystemException(e);
253 }
254 finally {
255 resourcePermissionPersistence.closeSession(session);
256
257 resourcePermissionPersistence.clearCache();
258 }
259 }
260
261
284 @Override
285 public void deleteResourcePermissions(
286 long companyId, String name, int scope, long primKey)
287 throws PortalException, SystemException {
288
289 deleteResourcePermissions(
290 companyId, name, scope, String.valueOf(primKey));
291 }
292
293
316 @Override
317 public void deleteResourcePermissions(
318 long companyId, String name, int scope, String primKey)
319 throws PortalException, SystemException {
320
321 List<ResourcePermission> resourcePermissions =
322 resourcePermissionPersistence.findByC_N_S_P(
323 companyId, name, scope, primKey);
324
325 for (ResourcePermission resourcePermission : resourcePermissions) {
326 deleteResourcePermission(
327 resourcePermission.getResourcePermissionId());
328 }
329 }
330
331 @Override
332 public ResourcePermission fetchResourcePermission(
333 long companyId, String name, int scope, String primKey, long roleId)
334 throws SystemException {
335
336 return resourcePermissionPersistence.fetchByC_N_S_P_R(
337 companyId, name, scope, primKey, roleId);
338 }
339
340
357 @Override
358 public List<String> getAvailableResourcePermissionActionIds(
359 long companyId, String name, int scope, String primKey, long roleId,
360 Collection<String> actionIds)
361 throws PortalException, SystemException {
362
363 ResourcePermission resourcePermission =
364 resourcePermissionPersistence.fetchByC_N_S_P_R(
365 companyId, name, scope, primKey, roleId);
366
367 if (resourcePermission == null) {
368 return Collections.emptyList();
369 }
370
371 List<String> availableActionIds = new ArrayList<String>(
372 actionIds.size());
373
374 for (String actionId : actionIds) {
375 ResourceAction resourceAction =
376 resourceActionLocalService.getResourceAction(name, actionId);
377
378 if (hasActionId(resourcePermission, resourceAction)) {
379 availableActionIds.add(actionId);
380 }
381 }
382
383 return availableActionIds;
384 }
385
386 @Override
387 public Map<Long, Set<String>> getAvailableResourcePermissionActionIds(
388 long companyId, String name, int scope, String primKey,
389 long[] roleIds, Collection<String> actionIds)
390 throws PortalException, SystemException {
391
392 List<ResourcePermission> resourcePermissions =
393 resourcePermissionPersistence.findByC_N_S_P_R(
394 companyId, name, scope, primKey, roleIds);
395
396 if (resourcePermissions.isEmpty()) {
397 return Collections.emptyMap();
398 }
399
400 Map<Long, Set<String>> roleIdsToActionIds =
401 new HashMap<Long, Set<String>>();
402
403 for (ResourcePermission resourcePermission : resourcePermissions) {
404 long roleId = resourcePermission.getRoleId();
405
406 Set<String> availableActionIds = roleIdsToActionIds.get(roleId);
407
408 if (availableActionIds != null) {
409 continue;
410 }
411
412 availableActionIds = new HashSet<String>();
413
414 roleIdsToActionIds.put(roleId, availableActionIds);
415
416 for (String actionId : actionIds) {
417 ResourceAction resourceAction =
418 resourceActionLocalService.getResourceAction(
419 name, actionId);
420
421 if (hasActionId(resourcePermission, resourceAction)) {
422 availableActionIds.add(actionId);
423 }
424 }
425 }
426
427 return roleIdsToActionIds;
428 }
429
430
445 @Override
446 public ResourcePermission getResourcePermission(
447 long companyId, String name, int scope, String primKey, long roleId)
448 throws PortalException, SystemException {
449
450 return resourcePermissionPersistence.findByC_N_S_P_R(
451 companyId, name, scope, primKey, roleId);
452 }
453
454
465 @Override
466 public List<ResourcePermission> getResourcePermissions(
467 long companyId, String name, int scope, String primKey)
468 throws SystemException {
469
470 return resourcePermissionPersistence.findByC_N_S_P(
471 companyId, name, scope, primKey);
472 }
473
474
485 @Override
486 public int getResourcePermissionsCount(
487 long companyId, String name, int scope, String primKey)
488 throws SystemException {
489
490 return resourcePermissionPersistence.countByC_N_S_P(
491 companyId, name, scope, primKey);
492 }
493
494
505 @Override
506 public List<ResourcePermission> getResourceResourcePermissions(
507 long companyId, long groupId, String name, String primKey)
508 throws SystemException {
509
510 return resourcePermissionFinder.findByResource(
511 companyId, groupId, name, primKey);
512 }
513
514
521 @Override
522 public List<ResourcePermission> getRoleResourcePermissions(long roleId)
523 throws SystemException {
524
525 return resourcePermissionPersistence.findByRoleId(roleId);
526 }
527
528
549 @Override
550 public List<ResourcePermission> getRoleResourcePermissions(
551 long roleId, int[] scopes, int start, int end)
552 throws SystemException {
553
554 return resourcePermissionFinder.findByR_S(roleId, scopes, start, end);
555 }
556
557
574 @Override
575 public List<ResourcePermission> getScopeResourcePermissions(int[] scopes)
576 throws SystemException {
577
578 return resourcePermissionPersistence.findByScope(scopes);
579 }
580
581
592 @Override
593 public boolean hasActionId(
594 ResourcePermission resourcePermission, ResourceAction resourceAction) {
595
596 long actionIds = resourcePermission.getActionIds();
597 long bitwiseValue = resourceAction.getBitwiseValue();
598
599 if ((actionIds & bitwiseValue) == bitwiseValue) {
600 return true;
601 }
602 else {
603 return false;
604 }
605 }
606
607
628 @Override
629 public boolean hasResourcePermission(
630 List<Resource> resources, long[] roleIds, String actionId)
631 throws PortalException, SystemException {
632
633 if (roleIds.length == 0) {
634 return false;
635 }
636
637
638
639
640
641
642
643 for (int i = resources.size() - 1; i >= 0; i--) {
644 Resource resource = resources.get(i);
645
646 if (hasResourcePermission(
647 resource.getCompanyId(), resource.getName(),
648 resource.getScope(), resource.getPrimKey(), roleIds,
649 actionId)) {
650
651 return true;
652 }
653 }
654
655 return false;
656 }
657
658
681 @Override
682 public boolean hasResourcePermission(
683 long companyId, String name, int scope, String primKey, long roleId,
684 String actionId)
685 throws PortalException, SystemException {
686
687 ResourcePermission resourcePermission =
688 resourcePermissionPersistence.fetchByC_N_S_P_R(
689 companyId, name, scope, primKey, roleId);
690
691 if (resourcePermission == null) {
692 return false;
693 }
694
695 ResourceAction resourceAction =
696 resourceActionLocalService.getResourceAction(name, actionId);
697
698 if (hasActionId(resourcePermission, resourceAction)) {
699 return true;
700 }
701
702 return false;
703 }
704
705
729 @Override
730 public boolean hasResourcePermission(
731 long companyId, String name, int scope, String primKey,
732 long[] roleIds, String actionId)
733 throws PortalException, SystemException {
734
735 if (roleIds.length == 0) {
736 return false;
737 }
738
739 ResourceAction resourceAction =
740 resourceActionLocalService.getResourceAction(name, actionId);
741
742 DB db = DBFactoryUtil.getDB();
743
744 String dbType = db.getType();
745
746 if ((roleIds.length >
747 PropsValues.
748 PERMISSIONS_ROLE_RESOURCE_PERMISSION_QUERY_THRESHOLD) &&
749 !dbType.equals(DB.TYPE_DERBY) &&
750 !dbType.equals(DB.TYPE_JDATASTORE) &&
751 !dbType.equals(DB.TYPE_SAP)) {
752
753 int count = resourcePermissionFinder.countByC_N_S_P_R_A(
754 companyId, name, scope, primKey, roleIds,
755 resourceAction.getBitwiseValue());
756
757 if (count > 0) {
758 return true;
759 }
760 }
761 else {
762 List<ResourcePermission> resourcePermissions =
763 resourcePermissionPersistence.findByC_N_S_P_R(
764 companyId, name, scope, primKey, roleIds);
765
766 if (resourcePermissions.isEmpty()) {
767 return false;
768 }
769
770 for (ResourcePermission resourcePermission : resourcePermissions) {
771 if (hasActionId(resourcePermission, resourceAction)) {
772 return true;
773 }
774 }
775 }
776
777 return false;
778 }
779
780 @Override
781 public boolean[] hasResourcePermissions(
782 long companyId, String name, int scope, String primKey,
783 long[] roleIds, String actionId)
784 throws PortalException, SystemException {
785
786 boolean[] hasResourcePermissions = new boolean[roleIds.length];
787
788 if (roleIds.length == 0) {
789 return hasResourcePermissions;
790 }
791
792 ResourceAction resourceAction =
793 resourceActionLocalService.getResourceAction(name, actionId);
794
795 List<ResourcePermission> resourcePermissions =
796 resourcePermissionPersistence.findByC_N_S_P_R(
797 companyId, name, scope, primKey, roleIds);
798
799 if (resourcePermissions.isEmpty()) {
800 return hasResourcePermissions;
801 }
802
803 for (ResourcePermission resourcePermission : resourcePermissions) {
804 if (hasActionId(resourcePermission, resourceAction)) {
805 long roleId = resourcePermission.getRoleId();
806
807 for (int i = 0; i < roleIds.length; i++) {
808 if (roleIds[i] == roleId) {
809 hasResourcePermissions[i] = true;
810 }
811 }
812 }
813 }
814
815 return hasResourcePermissions;
816 }
817
818
840 @Override
841 public boolean hasScopeResourcePermission(
842 long companyId, String name, int scope, long roleId,
843 String actionId)
844 throws PortalException, SystemException {
845
846 List<ResourcePermission> resourcePermissions =
847 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
848
849 for (ResourcePermission resourcePermission : resourcePermissions) {
850 if (hasResourcePermission(
851 companyId, name, scope, resourcePermission.getPrimKey(),
852 roleId, actionId)) {
853
854 return true;
855 }
856 }
857
858 return false;
859 }
860
861
870 @Override
871 public void mergePermissions(long fromRoleId, long toRoleId)
872 throws PortalException, SystemException {
873
874 Role fromRole = rolePersistence.findByPrimaryKey(fromRoleId);
875 Role toRole = rolePersistence.findByPrimaryKey(toRoleId);
876
877 if (fromRole.getType() != toRole.getType()) {
878 throw new PortalException("Role types are mismatched");
879 }
880 else if (PortalUtil.isSystemRole(toRole.getName())) {
881 throw new PortalException("Cannot move permissions to system role");
882 }
883 else if (PortalUtil.isSystemRole(fromRole.getName())) {
884 throw new PortalException(
885 "Cannot move permissions from system role");
886 }
887
888 List<ResourcePermission> resourcePermissions =
889 getRoleResourcePermissions(fromRoleId);
890
891 for (ResourcePermission resourcePermission : resourcePermissions) {
892 resourcePermission.setRoleId(toRoleId);
893
894 resourcePermissionPersistence.update(resourcePermission);
895 }
896
897 roleLocalService.deleteRole(fromRoleId);
898
899 PermissionCacheUtil.clearCache();
900 }
901
902
914 @Override
915 public void reassignPermissions(long resourcePermissionId, long toRoleId)
916 throws PortalException, SystemException {
917
918 ResourcePermission resourcePermission = getResourcePermission(
919 resourcePermissionId);
920
921 long companyId = resourcePermission.getCompanyId();
922 String name = resourcePermission.getName();
923 int scope = resourcePermission.getScope();
924 String primKey = resourcePermission.getPrimKey();
925 long fromRoleId = resourcePermission.getRoleId();
926
927 Role toRole = roleLocalService.getRole(toRoleId);
928
929 List<String> actionIds = null;
930
931 if (toRole.getType() == RoleConstants.TYPE_REGULAR) {
932 actionIds = ResourceActionsUtil.getModelResourceActions(name);
933 }
934 else {
935 actionIds = ResourceActionsUtil.getModelResourceGroupDefaultActions(
936 name);
937 }
938
939 setResourcePermissions(
940 companyId, name, scope, primKey, toRoleId,
941 actionIds.toArray(new String[actionIds.size()]));
942
943 resourcePermissionPersistence.remove(resourcePermissionId);
944
945 List<ResourcePermission> resourcePermissions =
946 getRoleResourcePermissions(fromRoleId);
947
948 if (resourcePermissions.isEmpty()) {
949 roleLocalService.deleteRole(fromRoleId);
950 }
951 }
952
953
975 @Override
976 public void removeResourcePermission(
977 long companyId, String name, int scope, String primKey, long roleId,
978 String actionId)
979 throws PortalException, SystemException {
980
981 updateResourcePermission(
982 companyId, name, scope, primKey, roleId, 0, new String[] {actionId},
983 ResourcePermissionConstants.OPERATOR_REMOVE);
984
985 PermissionCacheUtil.clearCache();
986 }
987
988
1004 @Override
1005 public void removeResourcePermissions(
1006 long companyId, String name, int scope, long roleId,
1007 String actionId)
1008 throws PortalException, SystemException {
1009
1010 List<ResourcePermission> resourcePermissions =
1011 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
1012
1013 for (ResourcePermission resourcePermission : resourcePermissions) {
1014 updateResourcePermission(
1015 companyId, name, scope, resourcePermission.getPrimKey(), roleId,
1016 0, new String[] {actionId},
1017 ResourcePermissionConstants.OPERATOR_REMOVE);
1018 }
1019
1020 PermissionCacheUtil.clearCache();
1021 }
1022
1023
1053 @Override
1054 public void setOwnerResourcePermissions(
1055 long companyId, String name, int scope, String primKey, long roleId,
1056 long ownerId, String[] actionIds)
1057 throws PortalException, SystemException {
1058
1059 updateResourcePermission(
1060 companyId, name, scope, primKey, roleId, ownerId, actionIds,
1061 ResourcePermissionConstants.OPERATOR_SET);
1062 }
1063
1064
1091 @Override
1092 public void setResourcePermissions(
1093 long companyId, String name, int scope, String primKey, long roleId,
1094 String[] actionIds)
1095 throws PortalException, SystemException {
1096
1097 updateResourcePermission(
1098 companyId, name, scope, primKey, roleId, 0, actionIds,
1099 ResourcePermissionConstants.OPERATOR_SET);
1100 }
1101
1102
1128 @Override
1129 public void setResourcePermissions(
1130 long companyId, String name, int scope, String primKey,
1131 Map<Long, String[]> roleIdsToActionIds)
1132 throws PortalException, SystemException {
1133
1134 updateResourcePermission(
1135 companyId, name, scope, primKey, 0, roleIdsToActionIds);
1136 }
1137
1138 protected void doUpdateResourcePermission(
1139 long companyId, String name, int scope, String primKey,
1140 long ownerId, long roleId, String[] actionIds, int operator,
1141 boolean fetch)
1142 throws PortalException, SystemException {
1143
1144 ResourcePermission resourcePermission = null;
1145
1146 Map<Long, ResourcePermission> resourcePermissionsMap =
1147 ResourcePermissionsThreadLocal.getResourcePermissions();
1148
1149 if (resourcePermissionsMap != null) {
1150 resourcePermission = resourcePermissionsMap.get(roleId);
1151 }
1152 else if (fetch) {
1153 resourcePermission = resourcePermissionPersistence.fetchByC_N_S_P_R(
1154 companyId, name, scope, primKey, roleId);
1155 }
1156
1157 if (resourcePermission == null) {
1158 if (((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1159 (operator == ResourcePermissionConstants.OPERATOR_SET)) &&
1160 (actionIds.length == 0)) {
1161
1162 return;
1163 }
1164
1165 if (operator == ResourcePermissionConstants.OPERATOR_REMOVE) {
1166 return;
1167 }
1168
1169 long resourcePermissionId = counterLocalService.increment(
1170 ResourcePermission.class.getName());
1171
1172 resourcePermission = resourcePermissionPersistence.create(
1173 resourcePermissionId);
1174
1175 resourcePermission.setCompanyId(companyId);
1176 resourcePermission.setName(name);
1177 resourcePermission.setScope(scope);
1178 resourcePermission.setPrimKey(primKey);
1179 resourcePermission.setRoleId(roleId);
1180 resourcePermission.setOwnerId(ownerId);
1181 }
1182
1183 List<String> unsupportedActionIds = Collections.emptyList();
1184
1185 if (((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1186 (operator == ResourcePermissionConstants.OPERATOR_SET)) &&
1187 isGuestRoleId(companyId, roleId)) {
1188
1189 unsupportedActionIds =
1190 ResourceActionsUtil.getResourceGuestUnsupportedActions(
1191 name, name);
1192 }
1193
1194 long actionIdsLong = resourcePermission.getActionIds();
1195
1196 if (operator == ResourcePermissionConstants.OPERATOR_SET) {
1197 actionIdsLong = 0;
1198 }
1199
1200 for (String actionId : actionIds) {
1201 if (actionId == null) {
1202 break;
1203 }
1204
1205 if (unsupportedActionIds.contains(actionId)) {
1206 throw new PrincipalException(
1207 actionId + "is not supported by role " + roleId);
1208 }
1209
1210 ResourceAction resourceAction =
1211 resourceActionLocalService.getResourceAction(name, actionId);
1212
1213 if ((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1214 (operator == ResourcePermissionConstants.OPERATOR_SET)) {
1215
1216 actionIdsLong |= resourceAction.getBitwiseValue();
1217 }
1218 else {
1219 actionIdsLong =
1220 actionIdsLong & (~resourceAction.getBitwiseValue());
1221 }
1222 }
1223
1224 resourcePermission.setActionIds(actionIdsLong);
1225
1226 resourcePermissionPersistence.update(resourcePermission);
1227
1228 PermissionCacheUtil.clearCache();
1229
1230 SearchEngineUtil.updatePermissionFields(name, primKey);
1231 }
1232
1233 protected void doUpdateResourcePermission(
1234 long companyId, String name, int scope, String primKey,
1235 long ownerId, Map<Long, String[]> roleIdsToActionIds)
1236 throws PortalException, SystemException {
1237
1238 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
1239
1240 PermissionThreadLocal.setIndexEnabled(false);
1241
1242 try {
1243 long[] roleIds = ArrayUtil.toLongArray(roleIdsToActionIds.keySet());
1244
1245 List<ResourcePermission> resourcePermissions =
1246 resourcePermissionPersistence.findByC_N_S_P_R(
1247 companyId, name, scope, primKey, roleIds);
1248
1249 for (ResourcePermission resourcePermission : resourcePermissions) {
1250 long roleId = resourcePermission.getRoleId();
1251 String[] actionIds = roleIdsToActionIds.remove(roleId);
1252
1253 doUpdateResourcePermission(
1254 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1255 ResourcePermissionConstants.OPERATOR_SET, true);
1256 }
1257
1258 if (roleIdsToActionIds.isEmpty()) {
1259 return;
1260 }
1261
1262 for (Map.Entry<Long, String[]> entry :
1263 roleIdsToActionIds.entrySet()) {
1264
1265 long roleId = entry.getKey();
1266 String[] actionIds = entry.getValue();
1267
1268 doUpdateResourcePermission(
1269 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1270 ResourcePermissionConstants.OPERATOR_SET, false);
1271 }
1272 }
1273 finally {
1274 PermissionThreadLocal.setIndexEnabled(flushEnabled);
1275
1276 PermissionCacheUtil.clearCache();
1277
1278 SearchEngineUtil.updatePermissionFields(name, primKey);
1279 }
1280 }
1281
1282 protected boolean isGuestRoleId(long companyId, long roleId)
1283 throws PortalException, SystemException {
1284
1285 Role guestRole = roleLocalService.getRole(
1286 companyId, RoleConstants.GUEST);
1287
1288 if (roleId == guestRole.getRoleId()) {
1289 return true;
1290 }
1291
1292 return false;
1293 }
1294
1295
1323 protected void updateResourcePermission(
1324 long companyId, String name, int scope, String primKey, long roleId,
1325 long ownerId, String[] actionIds, int operator)
1326 throws PortalException, SystemException {
1327
1328 DB db = DBFactoryUtil.getDB();
1329
1330 String dbType = db.getType();
1331
1332 if (!dbType.equals(DB.TYPE_HYPERSONIC)) {
1333 doUpdateResourcePermission(
1334 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1335 operator, true);
1336
1337 return;
1338 }
1339
1340 StringBundler sb = new StringBundler(9);
1341
1342 sb.append(companyId);
1343 sb.append(StringPool.POUND);
1344 sb.append(name);
1345 sb.append(StringPool.POUND);
1346 sb.append(scope);
1347 sb.append(StringPool.POUND);
1348 sb.append(primKey);
1349 sb.append(StringPool.POUND);
1350 sb.append(roleId);
1351
1352 Class<?> clazz = getClass();
1353
1354 String groupName = clazz.getName();
1355
1356 String key = sb.toString();
1357
1358 Lock lock = LockRegistry.allocateLock(groupName, key);
1359
1360 lock.lock();
1361
1362 try {
1363 doUpdateResourcePermission(
1364 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1365 operator, true);
1366 }
1367 finally {
1368 lock.unlock();
1369
1370 LockRegistry.freeLock(groupName, key);
1371 }
1372 }
1373
1374
1397 protected void updateResourcePermission(
1398 long companyId, String name, int scope, String primKey,
1399 long ownerId, Map<Long, String[]> roleIdsToActionIds)
1400 throws PortalException, SystemException {
1401
1402 DB db = DBFactoryUtil.getDB();
1403
1404 String dbType = db.getType();
1405
1406 if (!dbType.equals(DB.TYPE_HYPERSONIC)) {
1407 doUpdateResourcePermission(
1408 companyId, name, scope, primKey, ownerId, roleIdsToActionIds);
1409
1410 return;
1411 }
1412
1413 StringBundler sb = new StringBundler(9);
1414
1415 sb.append(companyId);
1416 sb.append(StringPool.POUND);
1417 sb.append(name);
1418 sb.append(StringPool.POUND);
1419 sb.append(scope);
1420 sb.append(StringPool.POUND);
1421 sb.append(primKey);
1422 sb.append(StringPool.POUND);
1423 sb.append(StringUtil.merge(roleIdsToActionIds.keySet()));
1424
1425 Class<?> clazz = getClass();
1426
1427 String groupName = clazz.getName();
1428
1429 String key = sb.toString();
1430
1431 Lock lock = LockRegistry.allocateLock(groupName, key);
1432
1433 lock.lock();
1434
1435 try {
1436 doUpdateResourcePermission(
1437 companyId, name, scope, primKey, ownerId, roleIdsToActionIds);
1438 }
1439 finally {
1440 lock.unlock();
1441
1442 LockRegistry.freeLock(groupName, key);
1443 }
1444 }
1445
1446 private static final String _FIND_MISSING_RESOURCE_PERMISSIONS =
1447 ResourcePermissionLocalServiceImpl.class.getName() +
1448 ".findMissingResourcePermissions";
1449
1450 private static final String _UPDATE_ACTION_IDS =
1451 ResourcePermissionLocalServiceImpl.class.getName() + ".updateActionIds";
1452
1453 }