001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.verify;
016    
017    import com.liferay.portal.kernel.bean.PortalBeanLocatorUtil;
018    import com.liferay.portal.kernel.concurrent.ThrowableAwareRunnable;
019    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
020    import com.liferay.portal.kernel.log.Log;
021    import com.liferay.portal.kernel.log.LogFactoryUtil;
022    import com.liferay.portal.kernel.model.Contact;
023    import com.liferay.portal.kernel.model.Layout;
024    import com.liferay.portal.kernel.model.ResourceConstants;
025    import com.liferay.portal.kernel.model.ResourcePermission;
026    import com.liferay.portal.kernel.model.Role;
027    import com.liferay.portal.kernel.model.RoleConstants;
028    import com.liferay.portal.kernel.model.User;
029    import com.liferay.portal.kernel.service.ContactLocalServiceUtil;
030    import com.liferay.portal.kernel.service.LayoutLocalServiceUtil;
031    import com.liferay.portal.kernel.service.ResourceLocalServiceUtil;
032    import com.liferay.portal.kernel.service.ResourcePermissionLocalServiceUtil;
033    import com.liferay.portal.kernel.service.RoleLocalServiceUtil;
034    import com.liferay.portal.kernel.service.UserLocalServiceUtil;
035    import com.liferay.portal.kernel.util.LoggingTimer;
036    import com.liferay.portal.kernel.util.StringBundler;
037    import com.liferay.portal.kernel.verify.model.VerifiableResourcedModel;
038    import com.liferay.portal.util.PortalInstances;
039    
040    import java.sql.Connection;
041    import java.sql.PreparedStatement;
042    import java.sql.ResultSet;
043    
044    import java.util.ArrayList;
045    import java.util.Collection;
046    import java.util.List;
047    import java.util.Map;
048    
049    /**
050     * @author Raymond Aug??
051     * @author James Lefeu
052     */
053    public class VerifyResourcePermissions extends VerifyProcess {
054    
055            public void verify(VerifiableResourcedModel... verifiableResourcedModels)
056                    throws Exception {
057    
058                    long[] companyIds = PortalInstances.getCompanyIdsBySQL();
059    
060                    for (long companyId : companyIds) {
061                            Role role = RoleLocalServiceUtil.getRole(
062                                    companyId, RoleConstants.OWNER);
063    
064                            List<VerifyResourcedModelRunnable> verifyResourcedModelRunnables =
065                                    new ArrayList<>(verifiableResourcedModels.length);
066    
067                            for (VerifiableResourcedModel verifiableResourcedModel :
068                                            verifiableResourcedModels) {
069    
070                                    VerifyResourcedModelRunnable verifyResourcedModelRunnable =
071                                            new VerifyResourcedModelRunnable(
072                                                    role, verifiableResourcedModel);
073    
074                                    verifyResourcedModelRunnables.add(verifyResourcedModelRunnable);
075                            }
076    
077                            doVerify(verifyResourcedModelRunnables);
078    
079                            verifyLayout(role);
080                    }
081            }
082    
083            @Override
084            protected void doVerify() throws Exception {
085                    Map<String, VerifiableResourcedModel> verifiableResourcedModelsMap =
086                            PortalBeanLocatorUtil.locate(VerifiableResourcedModel.class);
087    
088                    Collection<VerifiableResourcedModel> verifiableResourcedModels =
089                            verifiableResourcedModelsMap.values();
090    
091                    verify(
092                            verifiableResourcedModels.toArray(
093                                    new VerifiableResourcedModel[
094                                            verifiableResourcedModels.size()]));
095            }
096    
097            protected void verifyLayout(Role role) throws Exception {
098                    try (LoggingTimer loggingTimer = new LoggingTimer()) {
099                            List<Layout> layouts =
100                                    LayoutLocalServiceUtil.getNoPermissionLayouts(role.getRoleId());
101    
102                            int total = layouts.size();
103    
104                            for (int i = 0; i < total; i++) {
105                                    Layout layout = layouts.get(i);
106    
107                                    verifyResourcedModel(
108                                            role.getCompanyId(), Layout.class.getName(),
109                                            layout.getPlid(), role, 0, i, total);
110                            }
111                    }
112            }
113    
114            protected void verifyResourcedModel(
115                            long companyId, String modelName, long primKey, Role role,
116                            long ownerId, int cur, int total)
117                    throws Exception {
118    
119                    if (_log.isInfoEnabled() && ((cur % 100) == 0)) {
120                            _log.info(
121                                    "Processed " + cur + " of " + total + " resource permissions " +
122                                            "for company = " + companyId + " and model " + modelName);
123                    }
124    
125                    ResourcePermission resourcePermission =
126                            ResourcePermissionLocalServiceUtil.fetchResourcePermission(
127                                    companyId, modelName, ResourceConstants.SCOPE_INDIVIDUAL,
128                                    String.valueOf(primKey), role.getRoleId());
129    
130                    if (resourcePermission == null) {
131                            if (_log.isDebugEnabled()) {
132                                    _log.debug(
133                                            "No resource found for {" + companyId + ", " + modelName +
134                                                    ", " + ResourceConstants.SCOPE_INDIVIDUAL + ", " +
135                                                            primKey + ", " + role.getRoleId() + "}");
136                            }
137    
138                            ResourceLocalServiceUtil.addResources(
139                                    companyId, 0, ownerId, modelName, String.valueOf(primKey),
140                                    false, false, false);
141                    }
142    
143                    if (resourcePermission == null) {
144                            resourcePermission =
145                                    ResourcePermissionLocalServiceUtil.fetchResourcePermission(
146                                            companyId, modelName, ResourceConstants.SCOPE_INDIVIDUAL,
147                                            String.valueOf(primKey), role.getRoleId());
148    
149                            if (resourcePermission == null) {
150                                    return;
151                            }
152                    }
153    
154                    if (modelName.equals(User.class.getName())) {
155                            User user = UserLocalServiceUtil.fetchUserById(ownerId);
156    
157                            if (user != null) {
158                                    Contact contact = ContactLocalServiceUtil.fetchContact(
159                                            user.getContactId());
160    
161                                    if (contact != null) {
162                                            ownerId = contact.getUserId();
163                                    }
164                            }
165                    }
166    
167                    if (ownerId != resourcePermission.getOwnerId()) {
168                            resourcePermission.setOwnerId(ownerId);
169    
170                            ResourcePermissionLocalServiceUtil.updateResourcePermission(
171                                    resourcePermission);
172                    }
173            }
174    
175            protected void verifyResourcedModel(
176                            Role role, VerifiableResourcedModel verifiableResourcedModel)
177                    throws Exception {
178    
179                    int total = 0;
180    
181                    try (LoggingTimer loggingTimer = new LoggingTimer(
182                                    verifiableResourcedModel.getTableName());
183                            Connection con = DataAccess.getUpgradeOptimizedConnection();
184                            PreparedStatement ps1 = con.prepareStatement(
185                                    "select count(*) from " +
186                                            verifiableResourcedModel.getTableName() +
187                                                    " where companyId = " + role.getCompanyId());
188                            ResultSet rs1 = ps1.executeQuery()) {
189    
190                            if (rs1.next()) {
191                                    total = rs1.getInt(1);
192                            }
193    
194                            StringBundler sb = new StringBundler(8);
195    
196                            sb.append("select ");
197                            sb.append(verifiableResourcedModel.getPrimaryKeyColumnName());
198                            sb.append(", ");
199                            sb.append(verifiableResourcedModel.getUserIdColumnName());
200                            sb.append(" from ");
201                            sb.append(verifiableResourcedModel.getTableName());
202                            sb.append(" where companyId = ");
203                            sb.append(role.getCompanyId());
204    
205                            try (PreparedStatement ps2 = con.prepareStatement(sb.toString());
206                                    ResultSet rs2 = ps2.executeQuery()) {
207    
208                                    for (int i = 0; rs2.next(); i++) {
209                                            long primKey = rs2.getLong(
210                                                    verifiableResourcedModel.getPrimaryKeyColumnName());
211                                            long userId = rs2.getLong(
212                                                    verifiableResourcedModel.getUserIdColumnName());
213    
214                                            verifyResourcedModel(
215                                                    role.getCompanyId(),
216                                                    verifiableResourcedModel.getModelName(), primKey, role,
217                                                    userId, i, total);
218                                    }
219                            }
220                    }
221            }
222    
223            private static final Log _log = LogFactoryUtil.getLog(
224                    VerifyResourcePermissions.class);
225    
226            private class VerifyResourcedModelRunnable extends ThrowableAwareRunnable {
227    
228                    public VerifyResourcedModelRunnable(
229                            Role role, VerifiableResourcedModel verifiableResourcedModel) {
230    
231                            _role = role;
232                            _verifiableResourcedModel = verifiableResourcedModel;
233                    }
234    
235                    @Override
236                    protected void doRun() throws Exception {
237                            verifyResourcedModel(_role, _verifiableResourcedModel);
238                    }
239    
240                    private final Role _role;
241                    private final VerifiableResourcedModel _verifiableResourcedModel;
242    
243            }
244    
245    }