001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.kernel.upgrade;
016    
017    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018    import com.liferay.portal.model.GroupConstants;
019    import com.liferay.portal.model.ResourcePermission;
020    import com.liferay.portal.security.permission.ActionKeys;
021    
022    import java.sql.PreparedStatement;
023    import java.sql.ResultSet;
024    
025    /**
026     * @author Juan Fern??ndez
027     * @author Sergio Gonz??lez
028     */
029    public abstract class BaseUpgradeAdminPortlets extends UpgradeProcess {
030    
031            protected void addResourcePermission(
032                            long resourcePermissionId, long companyId, String name, int scope,
033                            String primKey, long roleId, long actionIds)
034                    throws Exception {
035    
036                    PreparedStatement ps = null;
037    
038                    try {
039                            ps = connection.prepareStatement(
040                                    "insert into ResourcePermission (resourcePermissionId, " +
041                                            "companyId, name, scope, primKey, roleId, actionIds) " +
042                                                    "values (?, ?, ?, ?, ?, ?, ?)");
043    
044                            ps.setLong(1, resourcePermissionId);
045                            ps.setLong(2, companyId);
046                            ps.setString(3, name);
047                            ps.setInt(4, scope);
048                            ps.setString(5, primKey);
049                            ps.setLong(6, roleId);
050                            ps.setLong(7, actionIds);
051    
052                            ps.executeUpdate();
053                    }
054                    finally {
055                            DataAccess.cleanUp(ps);
056                    }
057            }
058    
059            protected long getBitwiseValue(String name, String actionId)
060                    throws Exception {
061    
062                    PreparedStatement ps = null;
063                    ResultSet rs = null;
064    
065                    try {
066                            ps = connection.prepareStatement(
067                                    "select bitwiseValue from ResourceAction where name = ? and " +
068                                            "actionId = ?");
069    
070                            ps.setString(1, name);
071                            ps.setString(2, actionId);
072    
073                            rs = ps.executeQuery();
074    
075                            if (rs.next()) {
076                                    return rs.getLong("bitwiseValue");
077                            }
078    
079                            return 0;
080                    }
081                    finally {
082                            DataAccess.cleanUp(ps, rs);
083                    }
084            }
085    
086            protected long getControlPanelGroupId() throws Exception {
087                    PreparedStatement ps = null;
088                    ResultSet rs = null;
089    
090                    try {
091                            ps = connection.prepareStatement(
092                                    "select groupId from Group_ where name = '" +
093                                            GroupConstants.CONTROL_PANEL + "'");
094    
095                            rs = ps.executeQuery();
096    
097                            if (rs.next()) {
098                                    return rs.getLong("groupId");
099                            }
100    
101                            return 0;
102                    }
103                    finally {
104                            DataAccess.cleanUp(ps, rs);
105                    }
106            }
107    
108            protected void updateAccessInControlPanelPermission(
109                            String portletFrom, String portletTo)
110                    throws Exception {
111    
112                    long bitwiseValue = getBitwiseValue(
113                            portletFrom, ActionKeys.ACCESS_IN_CONTROL_PANEL);
114    
115                    PreparedStatement ps = null;
116                    ResultSet rs = null;
117    
118                    try {
119                            ps = connection.prepareStatement(
120                                    "select * from ResourcePermission where name = ?");
121    
122                            ps.setString(1, portletFrom);
123    
124                            rs = ps.executeQuery();
125    
126                            while (rs.next()) {
127                                    long resourcePermissionId = rs.getLong("resourcePermissionId");
128                                    long actionIds = rs.getLong("actionIds");
129    
130                                    if ((actionIds & bitwiseValue) != 0) {
131                                            actionIds = actionIds & (~bitwiseValue);
132    
133                                            runSQL(
134                                                    "update ResourcePermission set actionIds = " +
135                                                            actionIds + " where resourcePermissionId = " +
136                                                                    resourcePermissionId);
137    
138                                            resourcePermissionId = increment(
139                                                    ResourcePermission.class.getName());
140    
141                                            long companyId = rs.getLong("companyId");
142                                            int scope = rs.getInt("scope");
143                                            String primKey = rs.getString("primKey");
144                                            long roleId = rs.getLong("roleId");
145    
146                                            actionIds = rs.getLong("actionIds");
147    
148                                            actionIds |= bitwiseValue;
149    
150                                            addResourcePermission(
151                                                    resourcePermissionId, companyId, portletTo, scope,
152                                                    primKey, roleId, actionIds);
153                                    }
154                            }
155                    }
156                    finally {
157                            DataAccess.cleanUp(ps, rs);
158                    }
159            }
160    
161    }