001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.admin.kernel.util.PortalMyAccountApplicationType;
018    import com.liferay.exportimport.kernel.lar.ExportImportThreadLocal;
019    import com.liferay.portal.kernel.cache.thread.local.Lifecycle;
020    import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCachable;
021    import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCache;
022    import com.liferay.portal.kernel.cache.thread.local.ThreadLocalCacheManager;
023    import com.liferay.portal.kernel.exception.DuplicateRoleException;
024    import com.liferay.portal.kernel.exception.NoSuchRoleException;
025    import com.liferay.portal.kernel.exception.PortalException;
026    import com.liferay.portal.kernel.exception.RequiredRoleException;
027    import com.liferay.portal.kernel.exception.RoleNameException;
028    import com.liferay.portal.kernel.model.Company;
029    import com.liferay.portal.kernel.model.Group;
030    import com.liferay.portal.kernel.model.Layout;
031    import com.liferay.portal.kernel.model.ResourceAction;
032    import com.liferay.portal.kernel.model.ResourceBlockPermission;
033    import com.liferay.portal.kernel.model.ResourceConstants;
034    import com.liferay.portal.kernel.model.ResourcePermission;
035    import com.liferay.portal.kernel.model.ResourceTypePermission;
036    import com.liferay.portal.kernel.model.Role;
037    import com.liferay.portal.kernel.model.RoleConstants;
038    import com.liferay.portal.kernel.model.SystemEventConstants;
039    import com.liferay.portal.kernel.model.Team;
040    import com.liferay.portal.kernel.model.User;
041    import com.liferay.portal.kernel.portlet.PortletProvider;
042    import com.liferay.portal.kernel.portlet.PortletProviderUtil;
043    import com.liferay.portal.kernel.search.Indexer;
044    import com.liferay.portal.kernel.search.IndexerRegistryUtil;
045    import com.liferay.portal.kernel.search.SearchException;
046    import com.liferay.portal.kernel.security.auth.CompanyThreadLocal;
047    import com.liferay.portal.kernel.security.permission.ActionKeys;
048    import com.liferay.portal.kernel.service.ServiceContext;
049    import com.liferay.portal.kernel.spring.aop.Skip;
050    import com.liferay.portal.kernel.systemevent.SystemEvent;
051    import com.liferay.portal.kernel.transaction.Propagation;
052    import com.liferay.portal.kernel.transaction.Transactional;
053    import com.liferay.portal.kernel.util.ArrayUtil;
054    import com.liferay.portal.kernel.util.CharPool;
055    import com.liferay.portal.kernel.util.GetterUtil;
056    import com.liferay.portal.kernel.util.ListUtil;
057    import com.liferay.portal.kernel.util.LocaleUtil;
058    import com.liferay.portal.kernel.util.OrderByComparator;
059    import com.liferay.portal.kernel.util.PortalUtil;
060    import com.liferay.portal.kernel.util.PortletKeys;
061    import com.liferay.portal.kernel.util.SetUtil;
062    import com.liferay.portal.kernel.util.StringUtil;
063    import com.liferay.portal.kernel.util.Validator;
064    import com.liferay.portal.security.permission.PermissionCacheUtil;
065    import com.liferay.portal.service.base.RoleLocalServiceBaseImpl;
066    import com.liferay.portal.util.PropsUtil;
067    import com.liferay.portal.util.PropsValues;
068    import com.liferay.users.admin.kernel.util.UsersAdminUtil;
069    
070    import java.util.ArrayList;
071    import java.util.Arrays;
072    import java.util.Collection;
073    import java.util.Collections;
074    import java.util.HashMap;
075    import java.util.LinkedHashMap;
076    import java.util.List;
077    import java.util.Locale;
078    import java.util.Map;
079    import java.util.Set;
080    
081    /**
082     * Provides the local service for accessing, adding, checking, deleting, and
083     * updating roles.
084     *
085     * @author Brian Wing Shun Chan
086     * @author Marcellus Tavares
087     */
088    public class RoleLocalServiceImpl extends RoleLocalServiceBaseImpl {
089    
090            /**
091             * Adds a role with additional parameters. The user is reindexed after role
092             * is added.
093             *
094             * @param  userId the primary key of the user
095             * @param  className the name of the class for which the role is created
096             *         (optionally <code>null</code>)
097             * @param  classPK the primary key of the class for which the role is
098             *         created (optionally <code>0</code>)
099             * @param  name the role's name
100             * @param  titleMap the role's localized titles (optionally
101             *         <code>null</code>)
102             * @param  descriptionMap the role's localized descriptions (optionally
103             *         <code>null</code>)
104             * @param  type the role's type (optionally <code>0</code>)
105             * @param  subtype the role's subtype (optionally <code>null</code>)
106             * @param  serviceContext the service context to be applied (optionally
107             *         <code>null</code>). Can set expando bridge attributes for the
108             *         role.
109             * @return the role
110             */
111            @Override
112            public Role addRole(
113                            long userId, String className, long classPK, String name,
114                            Map<Locale, String> titleMap, Map<Locale, String> descriptionMap,
115                            int type, String subtype, ServiceContext serviceContext)
116                    throws PortalException {
117    
118                    // Role
119    
120                    User user = userPersistence.findByPrimaryKey(userId);
121                    className = GetterUtil.getString(className);
122                    long classNameId = classNameLocalService.getClassNameId(className);
123    
124                    long roleId = counterLocalService.increment();
125    
126                    if ((classNameId <= 0) || className.equals(Role.class.getName())) {
127                            classNameId = classNameLocalService.getClassNameId(Role.class);
128                            classPK = roleId;
129                    }
130    
131                    validate(0, user.getCompanyId(), classNameId, name);
132    
133                    Role role = rolePersistence.create(roleId);
134    
135                    if (serviceContext != null) {
136                            role.setUuid(serviceContext.getUuid());
137                    }
138    
139                    role.setCompanyId(user.getCompanyId());
140                    role.setUserId(user.getUserId());
141                    role.setUserName(user.getFullName());
142                    role.setClassNameId(classNameId);
143                    role.setClassPK(classPK);
144                    role.setName(name);
145                    role.setTitleMap(titleMap);
146                    role.setDescriptionMap(descriptionMap);
147                    role.setType(type);
148                    role.setSubtype(subtype);
149                    role.setExpandoBridgeAttributes(serviceContext);
150    
151                    rolePersistence.update(role);
152    
153                    // Resources
154    
155                    if (!user.isDefaultUser()) {
156                            resourceLocalService.addResources(
157                                    user.getCompanyId(), 0, userId, Role.class.getName(),
158                                    role.getRoleId(), false, false, false);
159    
160                            if (!ExportImportThreadLocal.isImportInProcess()) {
161                                    reindex(userId);
162                            }
163                    }
164    
165                    return role;
166            }
167    
168            /**
169             * Adds the roles to the user. The user is reindexed after the roles are
170             * added.
171             *
172             * @param userId the primary key of the user
173             * @param roleIds the primary keys of the roles
174             * @see   com.liferay.portal.kernel.service.persistence.UserPersistence#addRoles(
175             *        long, long[])
176             */
177            @Override
178            public void addUserRoles(long userId, long[] roleIds)
179                    throws PortalException {
180    
181                    userPersistence.addRoles(userId, roleIds);
182    
183                    reindex(userId);
184    
185                    PermissionCacheUtil.clearCache(userId);
186            }
187    
188            /**
189             * Checks to ensure that the system roles map has appropriate default roles
190             * in each company.
191             */
192            @Override
193            public void checkSystemRoles() throws PortalException {
194                    List<Company> companies = companyLocalService.getCompanies();
195    
196                    for (Company company : companies) {
197                            checkSystemRoles(company.getCompanyId());
198                    }
199            }
200    
201            /**
202             * Checks to ensure that the system roles map has appropriate default roles
203             * in the company.
204             *
205             * @param companyId the primary key of the company
206             */
207            @Override
208            @Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
209            public void checkSystemRoles(long companyId) throws PortalException {
210                    String companyIdHexString = StringUtil.toHexString(companyId);
211    
212                    List<Role> roles = null;
213    
214                    try {
215                            roles = roleFinder.findBySystem(companyId);
216                    }
217                    catch (Exception e) {
218    
219                            // LPS-34324
220    
221                            runSQL("alter table Role_ add uuid_ VARCHAR(75) null");
222                            runSQL("alter table Role_ add userId LONG");
223                            runSQL("alter table Role_ add userName VARCHAR(75) null");
224                            runSQL("alter table Role_ add createDate DATE null");
225                            runSQL("alter table Role_ add modifiedDate DATE null");
226    
227                            roles = roleFinder.findBySystem(companyId);
228                    }
229    
230                    for (Role role : roles) {
231                            _systemRolesMap.put(
232                                    companyIdHexString.concat(role.getName()), role);
233                    }
234    
235                    // Regular roles
236    
237                    String[] systemRoles = PortalUtil.getSystemRoles();
238    
239                    for (String name : systemRoles) {
240                            String key =
241                                    "system.role." +
242                                            StringUtil.replace(name, CharPool.SPACE, CharPool.PERIOD) +
243                                                    ".description";
244    
245                            Map<Locale, String> descriptionMap = new HashMap<>();
246    
247                            descriptionMap.put(LocaleUtil.getDefault(), PropsUtil.get(key));
248    
249                            int type = RoleConstants.TYPE_REGULAR;
250    
251                            checkSystemRole(companyId, name, descriptionMap, type);
252                    }
253    
254                    // Organization roles
255    
256                    String[] systemOrganizationRoles =
257                            PortalUtil.getSystemOrganizationRoles();
258    
259                    for (String name : systemOrganizationRoles) {
260                            String key =
261                                    "system.organization.role." +
262                                            StringUtil.replace(name, CharPool.SPACE, CharPool.PERIOD) +
263                                                    ".description";
264    
265                            Map<Locale, String> descriptionMap = new HashMap<>();
266    
267                            descriptionMap.put(LocaleUtil.getDefault(), PropsUtil.get(key));
268    
269                            int type = RoleConstants.TYPE_ORGANIZATION;
270    
271                            checkSystemRole(companyId, name, descriptionMap, type);
272                    }
273    
274                    // Site roles
275    
276                    String[] systemSiteRoles = PortalUtil.getSystemSiteRoles();
277    
278                    for (String name : systemSiteRoles) {
279                            String key =
280                                    "system.site.role." +
281                                            StringUtil.replace(name, CharPool.SPACE, CharPool.PERIOD) +
282                                                    ".description";
283    
284                            Map<Locale, String> descriptionMap = new HashMap<>();
285    
286                            descriptionMap.put(LocaleUtil.getDefault(), PropsUtil.get(key));
287    
288                            int type = RoleConstants.TYPE_SITE;
289    
290                            checkSystemRole(companyId, name, descriptionMap, type);
291                    }
292    
293                    // All users should be able to view all system roles
294    
295                    Role userRole = getRole(companyId, RoleConstants.USER);
296    
297                    String[] userViewableRoles = ArrayUtil.append(
298                            systemRoles, systemOrganizationRoles, systemSiteRoles);
299    
300                    for (String roleName : userViewableRoles) {
301                            Role role = getRole(companyId, roleName);
302    
303                            resourcePermissionLocalService.setResourcePermissions(
304                                    companyId, Role.class.getName(),
305                                    ResourceConstants.SCOPE_INDIVIDUAL,
306                                    String.valueOf(role.getRoleId()), userRole.getRoleId(),
307                                    new String[] {ActionKeys.VIEW});
308                    }
309            }
310    
311            /**
312             * Deletes the role with the primary key and its associated permissions.
313             *
314             * @param  roleId the primary key of the role
315             * @return the deleted role
316             */
317            @Override
318            public Role deleteRole(long roleId) throws PortalException {
319                    Role role = rolePersistence.findByPrimaryKey(roleId);
320    
321                    return roleLocalService.deleteRole(role);
322            }
323    
324            /**
325             * Deletes the role and its associated permissions.
326             *
327             * @param  role the role
328             * @return the deleted role
329             */
330            @Override
331            @SystemEvent(
332                    action = SystemEventConstants.ACTION_SKIP,
333                    type = SystemEventConstants.TYPE_DELETE
334            )
335            public Role deleteRole(Role role) throws PortalException {
336                    if (role.isSystem() && !CompanyThreadLocal.isDeleteInProcess()) {
337                            throw new RequiredRoleException();
338                    }
339    
340                    // Resources
341    
342                    List<ResourceBlockPermission> resourceBlockPermissions =
343                            resourceBlockPermissionPersistence.findByRoleId(role.getRoleId());
344    
345                    for (ResourceBlockPermission resourceBlockPermission :
346                                    resourceBlockPermissions) {
347    
348                            resourceBlockPermissionLocalService.deleteResourceBlockPermission(
349                                    resourceBlockPermission);
350                    }
351    
352                    List<ResourcePermission> resourcePermissions =
353                            resourcePermissionPersistence.findByRoleId(role.getRoleId());
354    
355                    for (ResourcePermission resourcePermission : resourcePermissions) {
356                            resourcePermissionLocalService.deleteResourcePermission(
357                                    resourcePermission);
358                    }
359    
360                    List<ResourceTypePermission> resourceTypePermissions =
361                            resourceTypePermissionPersistence.findByRoleId(role.getRoleId());
362    
363                    for (ResourceTypePermission resourceTypePermission :
364                                    resourceTypePermissions) {
365    
366                            resourceTypePermissionLocalService.deleteResourceTypePermission(
367                                    resourceTypePermission);
368                    }
369    
370                    String className = role.getClassName();
371                    long classNameId = role.getClassNameId();
372    
373                    if ((classNameId <= 0) || className.equals(Role.class.getName())) {
374                            resourceLocalService.deleteResource(
375                                    role.getCompanyId(), Role.class.getName(),
376                                    ResourceConstants.SCOPE_INDIVIDUAL, role.getRoleId());
377                    }
378    
379                    if ((role.getType() == RoleConstants.TYPE_ORGANIZATION) ||
380                            (role.getType() == RoleConstants.TYPE_SITE)) {
381    
382                            userGroupRoleLocalService.deleteUserGroupRolesByRoleId(
383                                    role.getRoleId());
384    
385                            userGroupGroupRoleLocalService.deleteUserGroupGroupRolesByRoleId(
386                                    role.getRoleId());
387                    }
388    
389                    // Role
390    
391                    rolePersistence.remove(role);
392    
393                    // Expando
394    
395                    expandoRowLocalService.deleteRows(role.getRoleId());
396    
397                    // Permission cache
398    
399                    PermissionCacheUtil.clearCache();
400    
401                    return role;
402            }
403    
404            /**
405             * Returns the role with the name in the company.
406             *
407             * <p>
408             * The method searches the system roles map first for default roles. If a
409             * role with the name is not found, then the method will query the database.
410             * </p>
411             *
412             * @param  companyId the primary key of the company
413             * @param  name the role's name
414             * @return Returns the role with the name or <code>null</code> if a role
415             *         with the name could not be found in the company
416             */
417            @Override
418            @Skip
419            public Role fetchRole(long companyId, String name) {
420                    String companyIdHexString = StringUtil.toHexString(companyId);
421    
422                    Role role = _systemRolesMap.get(companyIdHexString.concat(name));
423    
424                    if (role != null) {
425                            return role;
426                    }
427    
428                    return roleLocalService.loadFetchRole(companyId, name);
429            }
430    
431            /**
432             * Returns the default role for the group with the primary key.
433             *
434             * <p>
435             * If the group is a site, then the default role is {@link
436             * RoleConstants#SITE_MEMBER}. If the group is an organization, then the
437             * default role is {@link RoleConstants#ORGANIZATION_USER}. If the group is
438             * a user or user group, then the default role is {@link
439             * RoleConstants#POWER_USER}. For all other group types, the default role is
440             * {@link RoleConstants#USER}.
441             * </p>
442             *
443             * @param  groupId the primary key of the group
444             * @return the default role for the group with the primary key
445             */
446            @Override
447            public Role getDefaultGroupRole(long groupId) throws PortalException {
448                    Group group = groupPersistence.findByPrimaryKey(groupId);
449    
450                    if (group.isLayout()) {
451                            Layout layout = layoutLocalService.getLayout(group.getClassPK());
452    
453                            group = layout.getGroup();
454                    }
455    
456                    if (group.isStagingGroup()) {
457                            group = group.getLiveGroup();
458                    }
459    
460                    Role role = null;
461    
462                    if (group.isCompany()) {
463                            role = getRole(group.getCompanyId(), RoleConstants.USER);
464                    }
465                    else if (group.isLayoutPrototype() || group.isLayoutSetPrototype() ||
466                                     group.isRegularSite() || group.isSite()) {
467    
468                            role = getRole(group.getCompanyId(), RoleConstants.SITE_MEMBER);
469                    }
470                    else if (group.isOrganization()) {
471                            role = getRole(
472                                    group.getCompanyId(), RoleConstants.ORGANIZATION_USER);
473                    }
474                    else {
475                            role = getRole(group.getCompanyId(), RoleConstants.USER);
476                    }
477    
478                    return role;
479            }
480    
481            @Override
482            public List<Role> getGroupRelatedRoles(long groupId)
483                    throws PortalException {
484    
485                    List<Role> roles = new ArrayList<>();
486    
487                    Group group = groupLocalService.getGroup(groupId);
488    
489                    if (group.isStagingGroup()) {
490                            group = group.getLiveGroup();
491                    }
492    
493                    int[] types = RoleConstants.TYPES_REGULAR;
494    
495                    if (group.isOrganization()) {
496                            if (group.isSite()) {
497                                    types = RoleConstants.TYPES_ORGANIZATION_AND_REGULAR_AND_SITE;
498                            }
499                            else {
500                                    types = RoleConstants.TYPES_ORGANIZATION_AND_REGULAR;
501                            }
502                    }
503                    else if (group.isLayout() || group.isLayoutSetPrototype() ||
504                                     group.isSite() || group.isUser()) {
505    
506                            types = RoleConstants.TYPES_REGULAR_AND_SITE;
507                    }
508    
509                    roles.addAll(getRoles(group.getCompanyId(), types));
510    
511                    roles.addAll(getTeamRoles(groupId));
512    
513                    return roles;
514            }
515    
516            @Override
517            public List<Role> getResourceBlockRoles(
518                    long resourceBlockId, String className, String actionId) {
519    
520                    return roleFinder.findByR_N_A(resourceBlockId, className, actionId);
521            }
522    
523            /**
524             * Returns a map of role names to associated action IDs for the named
525             * resource in the company within the permission scope.
526             *
527             * @param  companyId the primary key of the company
528             * @param  name the resource name
529             * @param  scope the permission scope
530             * @param  primKey the primary key of the resource's class
531             * @return the role names and action IDs
532             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder#findByC_N_S_P(
533             *         long, String, int, String)
534             */
535            @Override
536            public Map<String, List<String>> getResourceRoles(
537                    long companyId, String name, int scope, String primKey) {
538    
539                    return roleFinder.findByC_N_S_P(companyId, name, scope, primKey);
540            }
541    
542            /**
543             * Returns all the roles associated with the action ID in the company within
544             * the permission scope.
545             *
546             * @param  companyId the primary key of the company
547             * @param  name the resource name
548             * @param  scope the permission scope
549             * @param  primKey the primary key of the resource's class
550             * @param  actionId the name of the resource action
551             * @return the roles
552             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder#findByC_N_S_P_A(
553             *         long, String, int, String, String)
554             */
555            @Override
556            public List<Role> getResourceRoles(
557                    long companyId, String name, int scope, String primKey,
558                    String actionId) {
559    
560                    return roleFinder.findByC_N_S_P_A(
561                            companyId, name, scope, primKey, actionId);
562            }
563    
564            /**
565             * Returns the role with the name in the company.
566             *
567             * <p>
568             * The method searches the system roles map first for default roles. If a
569             * role with the name is not found, then the method will query the database.
570             * </p>
571             *
572             * @param  companyId the primary key of the company
573             * @param  name the role's name
574             * @return the role with the name
575             */
576            @Override
577            @Skip
578            public Role getRole(long companyId, String name) throws PortalException {
579                    String companyIdHexString = StringUtil.toHexString(companyId);
580    
581                    Role role = _systemRolesMap.get(companyIdHexString.concat(name));
582    
583                    if (role != null) {
584                            return role;
585                    }
586    
587                    return roleLocalService.loadGetRole(companyId, name);
588            }
589    
590            /**
591             * Returns all the roles of the type and subtype.
592             *
593             * @param  type the role's type (optionally <code>0</code>)
594             * @param  subtype the role's subtype (optionally <code>null</code>)
595             * @return the roles of the type and subtype
596             */
597            @Override
598            public List<Role> getRoles(int type, String subtype) {
599                    return rolePersistence.findByT_S(type, subtype);
600            }
601    
602            /**
603             * Returns all the roles in the company.
604             *
605             * @param  companyId the primary key of the company
606             * @return the roles in the company
607             */
608            @Override
609            public List<Role> getRoles(long companyId) {
610                    return rolePersistence.findByCompanyId(companyId);
611            }
612    
613            /**
614             * Returns all the roles with the types.
615             *
616             * @param  companyId the primary key of the company
617             * @param  types the role types (optionally <code>null</code>)
618             * @return the roles with the types
619             */
620            @Override
621            public List<Role> getRoles(long companyId, int[] types) {
622                    return rolePersistence.findByC_T(companyId, types);
623            }
624    
625            /**
626             * Returns all the roles with the primary keys.
627             *
628             * @param  roleIds the primary keys of the roles
629             * @return the roles with the primary keys
630             */
631            @Override
632            public List<Role> getRoles(long[] roleIds) throws PortalException {
633                    List<Role> roles = new ArrayList<>(roleIds.length);
634    
635                    for (long roleId : roleIds) {
636                            Role role = getRole(roleId);
637    
638                            roles.add(role);
639                    }
640    
641                    return roles;
642            }
643    
644            /**
645             * Returns all the roles of the subtype.
646             *
647             * @param  subtype the role's subtype (optionally <code>null</code>)
648             * @return the roles of the subtype
649             */
650            @Override
651            public List<Role> getSubtypeRoles(String subtype) {
652                    return rolePersistence.findBySubtype(subtype);
653            }
654    
655            /**
656             * Returns the number of roles of the subtype.
657             *
658             * @param  subtype the role's subtype (optionally <code>null</code>)
659             * @return the number of roles of the subtype
660             */
661            @Override
662            public int getSubtypeRolesCount(String subtype) {
663                    return rolePersistence.countBySubtype(subtype);
664            }
665    
666            /**
667             * Returns the team role in the company.
668             *
669             * @param  companyId the primary key of the company
670             * @param  teamId the primary key of the team
671             * @return the team role in the company
672             */
673            @Override
674            public Role getTeamRole(long companyId, long teamId)
675                    throws PortalException {
676    
677                    long classNameId = classNameLocalService.getClassNameId(Team.class);
678    
679                    return rolePersistence.findByC_C_C(companyId, classNameId, teamId);
680            }
681    
682            /**
683             * Returns the team role map for the group.
684             *
685             * @param  groupId the primary key of the group
686             * @return the team role map for the group
687             */
688            @Override
689            public Map<Team, Role> getTeamRoleMap(long groupId) throws PortalException {
690                    return getTeamRoleMap(groupId, null);
691            }
692    
693            /**
694             * Returns the team roles in the group.
695             *
696             * @param  groupId the primary key of the group
697             * @return the team roles in the group
698             */
699            @Override
700            public List<Role> getTeamRoles(long groupId) throws PortalException {
701                    return getTeamRoles(groupId, null);
702            }
703    
704            /**
705             * Returns the team roles in the group, excluding the specified role IDs.
706             *
707             * @param  groupId the primary key of the group
708             * @param  excludedRoleIds the primary keys of the roles to exclude
709             *         (optionally <code>null</code>)
710             * @return the team roles in the group, excluding the specified role IDs
711             */
712            @Override
713            public List<Role> getTeamRoles(long groupId, long[] excludedRoleIds)
714                    throws PortalException {
715    
716                    Map<Team, Role> teamRoleMap = getTeamRoleMap(groupId, excludedRoleIds);
717    
718                    Collection<Role> roles = teamRoleMap.values();
719    
720                    return ListUtil.fromCollection(roles);
721            }
722    
723            /**
724             * Returns all the roles of the type.
725             *
726             * @param  type the role's type (optionally <code>0</code>)
727             * @return the range of the roles of the type
728             */
729            @Override
730            public List<Role> getTypeRoles(int type) {
731                    return rolePersistence.findByType(type);
732            }
733    
734            /**
735             * Returns a range of all the roles of the type.
736             *
737             * @param  type the role's type (optionally <code>0</code>)
738             * @param  start the lower bound of the range of roles to return
739             * @param  end the upper bound of the range of roles to return (not
740             *         inclusive)
741             * @return the range of the roles of the type
742             */
743            @Override
744            public List<Role> getTypeRoles(int type, int start, int end) {
745                    return rolePersistence.findByType(type, start, end);
746            }
747    
748            /**
749             * Returns the number of roles of the type.
750             *
751             * @param  type the role's type (optionally <code>0</code>)
752             * @return the number of roles of the type
753             */
754            @Override
755            public int getTypeRolesCount(int type) {
756                    return rolePersistence.countByType(type);
757            }
758    
759            /**
760             * Returns all the user's roles within the user group.
761             *
762             * @param  userId the primary key of the user
763             * @param  groupId the primary key of the group
764             * @return the user's roles within the user group
765             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder#findByUserGroupGroupRole(
766             *         long, long)
767             */
768            @Override
769            public List<Role> getUserGroupGroupRoles(long userId, long groupId) {
770                    return roleFinder.findByUserGroupGroupRole(userId, groupId);
771            }
772    
773            @Override
774            public List<Role> getUserGroupGroupRoles(
775                    long userId, long groupId, int start, int end) {
776    
777                    return roleFinder.findByUserGroupGroupRole(userId, groupId, start, end);
778            }
779    
780            @Override
781            public int getUserGroupGroupRolesCount(long userId, long groupId) {
782                    return roleFinder.countByUserGroupGroupRole(userId, groupId);
783            }
784    
785            /**
786             * Returns all the user's roles within the user group.
787             *
788             * @param  userId the primary key of the user
789             * @param  groupId the primary key of the group
790             * @return the user's roles within the user group
791             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder#findByUserGroupRole(
792             *         long, long)
793             */
794            @Override
795            public List<Role> getUserGroupRoles(long userId, long groupId) {
796                    return roleFinder.findByUserGroupRole(userId, groupId);
797            }
798    
799            /**
800             * Returns the union of all the user's roles within the groups.
801             *
802             * @param  userId the primary key of the user
803             * @param  groups the groups (optionally <code>null</code>)
804             * @return the union of all the user's roles within the groups
805             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder#findByU_G(long,
806             *         List)
807             */
808            @Override
809            public List<Role> getUserRelatedRoles(long userId, List<Group> groups) {
810                    if ((groups == null) || groups.isEmpty()) {
811                            return Collections.emptyList();
812                    }
813    
814                    return roleFinder.findByU_G(userId, groups);
815            }
816    
817            /**
818             * Returns all the user's roles within the group.
819             *
820             * @param  userId the primary key of the user
821             * @param  groupId the primary key of the group
822             * @return the user's roles within the group
823             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder#findByU_G(long,
824             *         long)
825             */
826            @Override
827            public List<Role> getUserRelatedRoles(long userId, long groupId) {
828                    return roleFinder.findByU_G(userId, groupId);
829            }
830    
831            /**
832             * Returns the union of all the user's roles within the groups.
833             *
834             * @param  userId the primary key of the user
835             * @param  groupIds the primary keys of the groups
836             * @return the union of all the user's roles within the groups
837             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder#findByU_G(long,
838             *         long[])
839             */
840            @Override
841            public List<Role> getUserRelatedRoles(long userId, long[] groupIds) {
842                    return roleFinder.findByU_G(userId, groupIds);
843            }
844    
845            /**
846             * Returns <code>true</code> if the user is associated with the named
847             * regular role.
848             *
849             * @param  userId the primary key of the user
850             * @param  companyId the primary key of the company
851             * @param  name the name of the role
852             * @param  inherited whether to include the user's inherited roles in the
853             *         search
854             * @return <code>true</code> if the user is associated with the regular
855             *         role; <code>false</code> otherwise
856             */
857            @Override
858            @ThreadLocalCachable
859            public boolean hasUserRole(
860                            long userId, long companyId, String name, boolean inherited)
861                    throws PortalException {
862    
863                    Role role = rolePersistence.fetchByC_N(companyId, name);
864    
865                    if (role == null) {
866                            return false;
867                    }
868    
869                    if (role.getType() != RoleConstants.TYPE_REGULAR) {
870                            throw new IllegalArgumentException(name + " is not a regular role");
871                    }
872    
873                    long defaultUserId = userLocalService.getDefaultUserId(companyId);
874    
875                    if (userId == defaultUserId) {
876                            if (name.equals(RoleConstants.GUEST)) {
877                                    return true;
878                            }
879                            else {
880                                    return false;
881                            }
882                    }
883    
884                    if (inherited) {
885                            if (userPersistence.containsRole(userId, role.getRoleId())) {
886                                    return true;
887                            }
888    
889                            ThreadLocalCache<Boolean> threadLocalCache =
890                                    ThreadLocalCacheManager.getThreadLocalCache(
891                                            Lifecycle.REQUEST, RoleLocalServiceImpl.class.getName());
892    
893                            String key = String.valueOf(role.getRoleId()).concat(
894                                    String.valueOf(userId));
895    
896                            Boolean value = threadLocalCache.get(key);
897    
898                            if (value != null) {
899                                    return value;
900                            }
901    
902                            value = PermissionCacheUtil.getUserRole(userId, role);
903    
904                            if (value == null) {
905                                    int count = roleFinder.countByR_U(role.getRoleId(), userId);
906    
907                                    if (count > 0) {
908                                            value = true;
909                                    }
910                                    else {
911                                            value = false;
912                                    }
913    
914                                    PermissionCacheUtil.putUserRole(userId, role, value);
915                            }
916    
917                            threadLocalCache.put(key, value);
918    
919                            return value;
920                    }
921                    else {
922                            return userPersistence.containsRole(userId, role.getRoleId());
923                    }
924            }
925    
926            /**
927             * Returns <code>true</code> if the user has any one of the named regular
928             * roles.
929             *
930             * @param  userId the primary key of the user
931             * @param  companyId the primary key of the company
932             * @param  names the names of the roles
933             * @param  inherited whether to include the user's inherited roles in the
934             *         search
935             * @return <code>true</code> if the user has any one of the regular roles;
936             *         <code>false</code> otherwise
937             */
938            @Override
939            public boolean hasUserRoles(
940                            long userId, long companyId, String[] names, boolean inherited)
941                    throws PortalException {
942    
943                    for (String name : names) {
944                            if (hasUserRole(userId, companyId, name, inherited)) {
945                                    return true;
946                            }
947                    }
948    
949                    return false;
950            }
951    
952            /**
953             * Returns a role with the name in the company.
954             *
955             * @param  companyId the primary key of the company
956             * @param  name the role's name (optionally <code>null</code>)
957             * @return the role with the name, or <code>null</code> if a role with the
958             *         name could not be found in the company
959             */
960            @Override
961            public Role loadFetchRole(long companyId, String name) {
962                    return rolePersistence.fetchByC_N(companyId, name);
963            }
964    
965            /**
966             * Returns a role with the name in the company.
967             *
968             * @param  companyId the primary key of the company
969             * @param  name the role's name
970             * @return the role with the name in the company
971             */
972            @Override
973            public Role loadGetRole(long companyId, String name)
974                    throws PortalException {
975    
976                    return rolePersistence.findByC_N(companyId, name);
977            }
978    
979            /**
980             * Returns an ordered range of all the roles that match the keywords and
981             * types.
982             *
983             * <p>
984             * Useful when paginating results. Returns a maximum of <code>end -
985             * start</code> instances. <code>start</code> and <code>end</code> are not
986             * primary keys, they are indexes in the result set. Thus, <code>0</code>
987             * refers to the first result in the set. Setting both <code>start</code>
988             * and <code>end</code> to {@link
989             * com.liferay.portal.kernel.dao.orm.QueryUtil#ALL_POS} will return the full
990             * result set.
991             * </p>
992             *
993             * @param  companyId the primary key of the company
994             * @param  keywords the keywords (space separated), which may occur in the
995             *         role's name or description (optionally <code>null</code>)
996             * @param  types the role types (optionally <code>null</code>)
997             * @param  start the lower bound of the range of roles to return
998             * @param  end the upper bound of the range of roles to return (not
999             *         inclusive)
1000             * @param  obc the comparator to order the roles (optionally
1001             *         <code>null</code>)
1002             * @return the ordered range of the matching roles, ordered by
1003             *         <code>obc</code>
1004             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder
1005             */
1006            @Override
1007            public List<Role> search(
1008                    long companyId, String keywords, Integer[] types, int start, int end,
1009                    OrderByComparator<Role> obc) {
1010    
1011                    return search(
1012                            companyId, keywords, types, new LinkedHashMap<String, Object>(),
1013                            start, end, obc);
1014            }
1015    
1016            /**
1017             * Returns an ordered range of all the roles that match the keywords, types,
1018             * and params.
1019             *
1020             * <p>
1021             * Useful when paginating results. Returns a maximum of <code>end -
1022             * start</code> instances. <code>start</code> and <code>end</code> are not
1023             * primary keys, they are indexes in the result set. Thus, <code>0</code>
1024             * refers to the first result in the set. Setting both <code>start</code>
1025             * and <code>end</code> to {@link
1026             * com.liferay.portal.kernel.dao.orm.QueryUtil#ALL_POS} will return the full
1027             * result set.
1028             * </p>
1029             *
1030             * @param  companyId the primary key of the company
1031             * @param  keywords the keywords (space separated), which may occur in the
1032             *         role's name or description (optionally <code>null</code>)
1033             * @param  types the role types (optionally <code>null</code>)
1034             * @param  params the finder parameters. Can specify values for the
1035             *         "usersRoles" key. For more information, see {@link
1036             *         com.liferay.portal.kernel.service.persistence.RoleFinder}
1037             * @param  start the lower bound of the range of roles to return
1038             * @param  end the upper bound of the range of roles to return (not
1039             *         inclusive)
1040             * @param  obc the comparator to order the roles (optionally
1041             *         <code>null</code>)
1042             * @return the ordered range of the matching roles, ordered by
1043             *         <code>obc</code>
1044             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder
1045             */
1046            @Override
1047            public List<Role> search(
1048                    long companyId, String keywords, Integer[] types,
1049                    LinkedHashMap<String, Object> params, int start, int end,
1050                    OrderByComparator<Role> obc) {
1051    
1052                    return roleFinder.findByKeywords(
1053                            companyId, keywords, types, params, start, end, obc);
1054            }
1055    
1056            /**
1057             * Returns an ordered range of all the roles that match the name,
1058             * description, and types.
1059             *
1060             * <p>
1061             * Useful when paginating results. Returns a maximum of <code>end -
1062             * start</code> instances. <code>start</code> and <code>end</code> are not
1063             * primary keys, they are indexes in the result set. Thus, <code>0</code>
1064             * refers to the first result in the set. Setting both <code>start</code>
1065             * and <code>end</code> to {@link
1066             * com.liferay.portal.kernel.dao.orm.QueryUtil#ALL_POS} will return the full
1067             * result set.
1068             * </p>
1069             *
1070             * @param  companyId the primary key of the company
1071             * @param  name the role's name (optionally <code>null</code>)
1072             * @param  description the role's description (optionally <code>null</code>)
1073             * @param  types the role types (optionally <code>null</code>)
1074             * @param  start the lower bound of the range of the roles to return
1075             * @param  end the upper bound of the range of the roles to return (not
1076             *         inclusive)
1077             * @param  obc the comparator to order the roles (optionally
1078             *         <code>null</code>)
1079             * @return the ordered range of the matching roles, ordered by
1080             *         <code>obc</code>
1081             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder
1082             */
1083            @Override
1084            public List<Role> search(
1085                    long companyId, String name, String description, Integer[] types,
1086                    int start, int end, OrderByComparator<Role> obc) {
1087    
1088                    return search(
1089                            companyId, name, description, types,
1090                            new LinkedHashMap<String, Object>(), start, end, obc);
1091            }
1092    
1093            /**
1094             * Returns an ordered range of all the roles that match the name,
1095             * description, types, and params.
1096             *
1097             * <p>
1098             * Useful when paginating results. Returns a maximum of <code>end -
1099             * start</code> instances. <code>start</code> and <code>end</code> are not
1100             * primary keys, they are indexes in the result set. Thus, <code>0</code>
1101             * refers to the first result in the set. Setting both <code>start</code>
1102             * and <code>end</code> to {@link
1103             * com.liferay.portal.kernel.dao.orm.QueryUtil#ALL_POS} will return the full
1104             * result set.
1105             * </p>
1106             *
1107             * @param  companyId the primary key of the company
1108             * @param  name the role's name (optionally <code>null</code>)
1109             * @param  description the role's description (optionally <code>null</code>)
1110             * @param  types the role types (optionally <code>null</code>)
1111             * @param  params the finder's parameters. Can specify values for the
1112             *         "usersRoles" key. For more information, see {@link
1113             *         com.liferay.portal.kernel.service.persistence.RoleFinder}
1114             * @param  start the lower bound of the range of the roles to return
1115             * @param  end the upper bound of the range of the roles to return (not
1116             *         inclusive)
1117             * @param  obc the comparator to order the roles (optionally
1118             *         <code>null</code>)
1119             * @return the ordered range of the matching roles, ordered by
1120             *         <code>obc</code>
1121             * @see    com.liferay.portal.kernel.service.persistence.RoleFinder
1122             */
1123            @Override
1124            public List<Role> search(
1125                    long companyId, String name, String description, Integer[] types,
1126                    LinkedHashMap<String, Object> params, int start, int end,
1127                    OrderByComparator<Role> obc) {
1128    
1129                    return roleFinder.findByC_N_D_T(
1130                            companyId, name, description, types, params, true, start, end, obc);
1131            }
1132    
1133            /**
1134             * Returns the number of roles that match the keywords and types.
1135             *
1136             * @param  companyId the primary key of the company
1137             * @param  keywords the keywords (space separated), which may occur in the
1138             *         role's name or description (optionally <code>null</code>)
1139             * @param  types the role types (optionally <code>null</code>)
1140             * @return the number of matching roles
1141             */
1142            @Override
1143            public int searchCount(long companyId, String keywords, Integer[] types) {
1144                    return searchCount(
1145                            companyId, keywords, types, new LinkedHashMap<String, Object>());
1146            }
1147    
1148            /**
1149             * Returns the number of roles that match the keywords, types and params.
1150             *
1151             * @param  companyId the primary key of the company
1152             * @param  keywords the keywords (space separated), which may occur in the
1153             *         role's name or description (optionally <code>null</code>)
1154             * @param  types the role types (optionally <code>null</code>)
1155             * @param  params the finder parameters. For more information, see {@link
1156             *         com.liferay.portal.kernel.service.persistence.RoleFinder}
1157             * @return the number of matching roles
1158             */
1159            @Override
1160            public int searchCount(
1161                    long companyId, String keywords, Integer[] types,
1162                    LinkedHashMap<String, Object> params) {
1163    
1164                    return roleFinder.countByKeywords(companyId, keywords, types, params);
1165            }
1166    
1167            /**
1168             * Returns the number of roles that match the name, description, and types.
1169             *
1170             * @param  companyId the primary key of the company
1171             * @param  name the role's name (optionally <code>null</code>)
1172             * @param  description the role's description (optionally <code>null</code>)
1173             * @param  types the role types (optionally <code>null</code>)
1174             * @return the number of matching roles
1175             */
1176            @Override
1177            public int searchCount(
1178                    long companyId, String name, String description, Integer[] types) {
1179    
1180                    return searchCount(
1181                            companyId, name, description, types,
1182                            new LinkedHashMap<String, Object>());
1183            }
1184    
1185            /**
1186             * Returns the number of roles that match the name, description, types, and
1187             * params.
1188             *
1189             * @param  companyId the primary key of the company
1190             * @param  name the role's name (optionally <code>null</code>)
1191             * @param  description the role's description (optionally <code>null</code>)
1192             * @param  types the role types (optionally <code>null</code>)
1193             * @param  params the finder parameters. Can specify values for the
1194             *         "usersRoles" key. For more information, see {@link
1195             *         com.liferay.portal.kernel.service.persistence.RoleFinder}
1196             * @return the number of matching roles
1197             */
1198            @Override
1199            public int searchCount(
1200                    long companyId, String name, String description, Integer[] types,
1201                    LinkedHashMap<String, Object> params) {
1202    
1203                    return roleFinder.countByC_N_D_T(
1204                            companyId, name, description, types, params, true);
1205            }
1206    
1207            /**
1208             * Sets the roles associated with the user, replacing the user's existing
1209             * roles. The user is reindexed after the roles are set.
1210             *
1211             * @param userId the primary key of the user
1212             * @param roleIds the primary keys of the roles
1213             */
1214            @Override
1215            public void setUserRoles(long userId, long[] roleIds)
1216                    throws PortalException {
1217    
1218                    roleIds = UsersAdminUtil.addRequiredRoles(userId, roleIds);
1219    
1220                    userPersistence.setRoles(userId, roleIds);
1221    
1222                    reindex(userId);
1223    
1224                    PermissionCacheUtil.clearCache(userId);
1225            }
1226    
1227            /**
1228             * Removes the matching roles associated with the user. The user is
1229             * reindexed after the roles are removed.
1230             *
1231             * @param userId the primary key of the user
1232             * @param roleIds the primary keys of the roles
1233             */
1234            @Override
1235            public void unsetUserRoles(long userId, long[] roleIds)
1236                    throws PortalException {
1237    
1238                    roleIds = UsersAdminUtil.removeRequiredRoles(userId, roleIds);
1239    
1240                    userPersistence.removeRoles(userId, roleIds);
1241    
1242                    reindex(userId);
1243    
1244                    PermissionCacheUtil.clearCache(userId);
1245            }
1246    
1247            /**
1248             * Updates the role with the primary key.
1249             *
1250             * @param  roleId the primary key of the role
1251             * @param  name the role's new name
1252             * @param  titleMap the new localized titles (optionally <code>null</code>)
1253             *         to replace those existing for the role
1254             * @param  descriptionMap the new localized descriptions (optionally
1255             *         <code>null</code>) to replace those existing for the role
1256             * @param  subtype the role's new subtype (optionally <code>null</code>)
1257             * @param  serviceContext the service context to be applied (optionally
1258             *         <code>null</code>). Can set expando bridge attributes for the
1259             *         role.
1260             * @return the role with the primary key
1261             */
1262            @Override
1263            public Role updateRole(
1264                            long roleId, String name, Map<Locale, String> titleMap,
1265                            Map<Locale, String> descriptionMap, String subtype,
1266                            ServiceContext serviceContext)
1267                    throws PortalException {
1268    
1269                    Role role = rolePersistence.findByPrimaryKey(roleId);
1270    
1271                    validate(roleId, role.getCompanyId(), role.getClassNameId(), name);
1272    
1273                    if (role.isSystem()) {
1274                            name = role.getName();
1275                            subtype = null;
1276                    }
1277    
1278                    role.setName(name);
1279                    role.setTitleMap(titleMap);
1280                    role.setDescriptionMap(descriptionMap);
1281                    role.setSubtype(subtype);
1282                    role.setExpandoBridgeAttributes(serviceContext);
1283    
1284                    rolePersistence.update(role);
1285    
1286                    return role;
1287            }
1288    
1289            protected void checkSystemRole(
1290                            long companyId, String name, Map<Locale, String> descriptionMap,
1291                            int type)
1292                    throws PortalException {
1293    
1294                    String companyIdHexString = StringUtil.toHexString(companyId);
1295    
1296                    String key = companyIdHexString.concat(name);
1297    
1298                    Role role = _systemRolesMap.get(key);
1299    
1300                    try {
1301                            if (role == null) {
1302                                    role = rolePersistence.findByC_N(companyId, name);
1303                            }
1304    
1305                            if (!descriptionMap.equals(role.getDescriptionMap())) {
1306                                    role.setDescriptionMap(descriptionMap);
1307    
1308                                    roleLocalService.updateRole(role);
1309                            }
1310                    }
1311                    catch (NoSuchRoleException nsre) {
1312                            User user = userLocalService.getDefaultUser(companyId);
1313    
1314                            role = roleLocalService.addRole(
1315                                    user.getUserId(), null, 0, name, null, descriptionMap, type,
1316                                    null, null);
1317    
1318                            if (name.equals(RoleConstants.USER)) {
1319                                    initPersonalControlPanelPortletsPermissions(role);
1320                            }
1321                    }
1322    
1323                    _systemRolesMap.put(key, role);
1324            }
1325    
1326            protected String[] getDefaultControlPanelPortlets() {
1327                    String myAccountPortletId = PortletProviderUtil.getPortletId(
1328                            PortalMyAccountApplicationType.MyAccount.CLASS_NAME,
1329                            PortletProvider.Action.VIEW);
1330    
1331                    return new String[] {
1332                            myAccountPortletId, PortletKeys.MY_PAGES,
1333                            PortletKeys.MY_WORKFLOW_INSTANCE, PortletKeys.MY_WORKFLOW_TASK
1334                    };
1335            }
1336    
1337            protected Map<Team, Role> getTeamRoleMap(
1338                            long groupId, long[] excludedRoleIds)
1339                    throws PortalException {
1340    
1341                    Group group = groupPersistence.findByPrimaryKey(groupId);
1342    
1343                    if (group.isLayout()) {
1344                            group = group.getParentGroup();
1345                    }
1346    
1347                    List<Team> teams = teamPersistence.findByGroupId(group.getGroupId());
1348    
1349                    if (teams.isEmpty()) {
1350                            return Collections.emptyMap();
1351                    }
1352    
1353                    Set<Long> roleIds = SetUtil.fromArray(excludedRoleIds);
1354    
1355                    Map<Team, Role> teamRoleMap = new LinkedHashMap<>();
1356    
1357                    for (Team team : teams) {
1358                            Role role = getTeamRole(team.getCompanyId(), team.getTeamId());
1359    
1360                            if (roleIds.contains(role.getRoleId())) {
1361                                    continue;
1362                            }
1363    
1364                            teamRoleMap.put(team, role);
1365                    }
1366    
1367                    return teamRoleMap;
1368            }
1369    
1370            protected void initPersonalControlPanelPortletsPermissions(Role role)
1371                    throws PortalException {
1372    
1373                    for (String portletId : getDefaultControlPanelPortlets()) {
1374                            int count = resourcePermissionPersistence.countByC_N_S_P_R(
1375                                    role.getCompanyId(), portletId, ResourceConstants.SCOPE_COMPANY,
1376                                    String.valueOf(role.getCompanyId()), role.getRoleId());
1377    
1378                            if (count > 0) {
1379                                    continue;
1380                            }
1381    
1382                            ResourceAction resourceAction =
1383                                    resourceActionLocalService.fetchResourceAction(
1384                                            portletId, ActionKeys.ACCESS_IN_CONTROL_PANEL);
1385    
1386                            if (resourceAction == null) {
1387                                    continue;
1388                            }
1389    
1390                            setRolePermissions(
1391                                    role, portletId,
1392                                    new String[] {ActionKeys.ACCESS_IN_CONTROL_PANEL});
1393                    }
1394            }
1395    
1396            protected void reindex(long userId) throws SearchException {
1397                    Indexer<User> indexer = IndexerRegistryUtil.nullSafeGetIndexer(
1398                            User.class);
1399    
1400                    User user = userLocalService.fetchUser(userId);
1401    
1402                    indexer.reindex(user);
1403            }
1404    
1405            protected void setRolePermissions(
1406                            Role role, String name, String[] actionIds)
1407                    throws PortalException {
1408    
1409                    if (resourceBlockLocalService.isSupported(name)) {
1410                            resourceBlockLocalService.setCompanyScopePermissions(
1411                                    role.getCompanyId(), name, role.getRoleId(),
1412                                    Arrays.asList(actionIds));
1413                    }
1414                    else {
1415                            resourcePermissionLocalService.setResourcePermissions(
1416                                    role.getCompanyId(), name, ResourceConstants.SCOPE_COMPANY,
1417                                    String.valueOf(role.getCompanyId()), role.getRoleId(),
1418                                    actionIds);
1419                    }
1420            }
1421    
1422            protected void validate(
1423                            long roleId, long companyId, long classNameId, String name)
1424                    throws PortalException {
1425    
1426                    if (classNameId == classNameLocalService.getClassNameId(Role.class)) {
1427                            if (Validator.isNull(name) ||
1428                                    (name.indexOf(CharPool.COMMA) != -1) ||
1429                                    (name.indexOf(CharPool.STAR) != -1)) {
1430    
1431                                    throw new RoleNameException();
1432                            }
1433    
1434                            if (Validator.isNumber(name) &&
1435                                    !PropsValues.ROLES_NAME_ALLOW_NUMERIC) {
1436    
1437                                    throw new RoleNameException();
1438                            }
1439                    }
1440    
1441                    try {
1442                            Role role = roleFinder.findByC_N(companyId, name);
1443    
1444                            if (role.getRoleId() != roleId) {
1445                                    throw new DuplicateRoleException("{roleId=" + roleId + "}");
1446                            }
1447                    }
1448                    catch (NoSuchRoleException nsre) {
1449                    }
1450    
1451                    if (name.equals(RoleConstants.PLACEHOLDER_DEFAULT_GROUP_ROLE)) {
1452                            throw new RoleNameException(
1453                                    RoleConstants.PLACEHOLDER_DEFAULT_GROUP_ROLE +
1454                                            " is a temporary placeholder that must not be persisted");
1455                    }
1456            }
1457    
1458            private final Map<String, Role> _systemRolesMap = new HashMap<>();
1459    
1460    }