001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.kernel.upgrade;
016    
017    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018    import com.liferay.portal.model.GroupConstants;
019    import com.liferay.portal.model.ResourcePermission;
020    import com.liferay.portal.security.permission.ActionKeys;
021    
022    import java.sql.Connection;
023    import java.sql.PreparedStatement;
024    import java.sql.ResultSet;
025    
026    /**
027     * @author Juan Fern??ndez
028     * @author Sergio Gonz??lez
029     */
030    public class BaseUpgradeAdminPortlets extends UpgradeProcess {
031    
032            protected void addResourcePermission(
033                            long resourcePermissionId, long companyId, String name, int scope,
034                            String primKey, long roleId, long actionIds)
035                    throws Exception {
036    
037                    Connection con = null;
038                    PreparedStatement ps = null;
039    
040                    try {
041                            con = DataAccess.getUpgradeOptimizedConnection();
042    
043                            ps = con.prepareStatement(
044                                    "insert into ResourcePermission (resourcePermissionId, " +
045                                            "companyId, name, scope, primKey, roleId, actionIds) " +
046                                                    "values (?, ?, ?, ?, ?, ?, ?)");
047    
048                            ps.setLong(1, resourcePermissionId);
049                            ps.setLong(2, companyId);
050                            ps.setString(3, name);
051                            ps.setInt(4, scope);
052                            ps.setString(5, primKey);
053                            ps.setLong(6, roleId);
054                            ps.setLong(7, actionIds);
055    
056                            ps.executeUpdate();
057                    }
058                    finally {
059                            DataAccess.cleanUp(con, ps);
060                    }
061            }
062    
063            protected long getBitwiseValue(String name, String actionId)
064                    throws Exception {
065    
066                    Connection con = null;
067                    PreparedStatement ps = null;
068                    ResultSet rs = null;
069    
070                    try {
071                            con = DataAccess.getUpgradeOptimizedConnection();
072    
073                            ps = con.prepareStatement(
074                                    "select bitwiseValue from ResourceAction where name = ? and " +
075                                            "actionId = ?");
076    
077                            ps.setString(1, name);
078                            ps.setString(2, actionId);
079    
080                            rs = ps.executeQuery();
081    
082                            if (rs.next()) {
083                                    return rs.getLong("bitwiseValue");
084                            }
085    
086                            return 0;
087                    }
088                    finally {
089                            DataAccess.cleanUp(con, ps, rs);
090                    }
091            }
092    
093            protected long getControlPanelGroupId() throws Exception {
094                    Connection con = null;
095                    PreparedStatement ps = null;
096                    ResultSet rs = null;
097    
098                    try {
099                            con = DataAccess.getUpgradeOptimizedConnection();
100    
101                            ps = con.prepareStatement(
102                                    "select groupId from Group_ where name = '" +
103                                            GroupConstants.CONTROL_PANEL + "'");
104    
105                            rs = ps.executeQuery();
106    
107                            if (rs.next()) {
108                                    return rs.getLong("groupId");
109                            }
110    
111                            return 0;
112                    }
113                    finally {
114                            DataAccess.cleanUp(con, ps, rs);
115                    }
116            }
117    
118            protected void updateAccessInControlPanelPermission(
119                            String portletFrom, String portletTo)
120                    throws Exception {
121    
122                    long bitwiseValue = getBitwiseValue(
123                            portletFrom, ActionKeys.ACCESS_IN_CONTROL_PANEL);
124    
125                    Connection con = null;
126                    PreparedStatement ps = null;
127                    ResultSet rs = null;
128    
129                    try {
130                            con = DataAccess.getUpgradeOptimizedConnection();
131    
132                            ps = con.prepareStatement(
133                                    "select * from ResourcePermission where name = ?");
134    
135                            ps.setString(1, portletFrom);
136    
137                            rs = ps.executeQuery();
138    
139                            while (rs.next()) {
140                                    long resourcePermissionId = rs.getLong("resourcePermissionId");
141                                    long actionIds = rs.getLong("actionIds");
142    
143                                    if ((actionIds & bitwiseValue) != 0) {
144                                            actionIds = actionIds & (~bitwiseValue);
145    
146                                            runSQL(
147                                                    "update ResourcePermission set actionIds = " +
148                                                            actionIds + " where resourcePermissionId = " +
149                                                                    resourcePermissionId);
150    
151                                            resourcePermissionId = increment(
152                                                    ResourcePermission.class.getName());
153    
154                                            long companyId = rs.getLong("companyId");
155                                            int scope = rs.getInt("scope");
156                                            String primKey = rs.getString("primKey");
157                                            long roleId = rs.getLong("roleId");
158    
159                                            actionIds = rs.getLong("actionIds");
160    
161                                            actionIds |= bitwiseValue;
162    
163                                            addResourcePermission(
164                                                    resourcePermissionId, companyId, portletTo, scope,
165                                                    primKey, roleId, actionIds);
166                                    }
167                            }
168                    }
169                    finally {
170                            DataAccess.cleanUp(con, ps, rs);
171                    }
172            }
173    
174    }