001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.upgrade.v6_1_0;
016    
017    import com.liferay.portal.kernel.bean.PortalBeanLocatorUtil;
018    import com.liferay.portal.kernel.exception.PortalException;
019    import com.liferay.portal.kernel.exception.SystemException;
020    import com.liferay.portal.kernel.log.Log;
021    import com.liferay.portal.kernel.log.LogFactoryUtil;
022    import com.liferay.portal.kernel.model.PermissionedModel;
023    import com.liferay.portal.kernel.model.ResourceBlock;
024    import com.liferay.portal.kernel.model.ResourceBlockPermissionsContainer;
025    import com.liferay.portal.kernel.model.ResourceConstants;
026    import com.liferay.portal.kernel.model.ResourcePermission;
027    import com.liferay.portal.kernel.model.Role;
028    import com.liferay.portal.kernel.model.RoleConstants;
029    import com.liferay.portal.kernel.model.RoleWrapper;
030    import com.liferay.portal.kernel.security.permission.ResourceActionsUtil;
031    import com.liferay.portal.kernel.service.ResourceActionLocalServiceUtil;
032    import com.liferay.portal.kernel.service.ResourceBlockLocalServiceUtil;
033    import com.liferay.portal.kernel.service.ResourceLocalService;
034    import com.liferay.portal.kernel.service.ResourceLocalServiceWrapper;
035    import com.liferay.portal.kernel.service.ResourcePermissionLocalService;
036    import com.liferay.portal.kernel.service.ResourcePermissionLocalServiceUtil;
037    import com.liferay.portal.kernel.service.ResourcePermissionLocalServiceWrapper;
038    import com.liferay.portal.kernel.service.RoleLocalService;
039    import com.liferay.portal.kernel.service.RoleLocalServiceUtil;
040    import com.liferay.portal.kernel.service.RoleLocalServiceWrapper;
041    import com.liferay.portal.kernel.upgrade.UpgradeProcess;
042    import com.liferay.portal.kernel.util.GetterUtil;
043    import com.liferay.portal.kernel.util.LoggingTimer;
044    import com.liferay.portal.kernel.util.StringBundler;
045    import com.liferay.portal.spring.aop.ServiceWrapperProxyUtil;
046    
047    import java.io.Closeable;
048    
049    import java.sql.PreparedStatement;
050    import java.sql.ResultSet;
051    
052    import java.util.List;
053    
054    /**
055     * @author Alexander Chow
056     * @author Connor McKay
057     * @author Igor Beslic
058     */
059    public class UpgradePermission extends UpgradeProcess {
060    
061            protected ResourceBlock convertResourcePermissions(
062                    String tableName, String pkColumnName, long companyId, long groupId,
063                    String name, long primKey) {
064    
065                    PermissionedModel permissionedModel = new UpgradePermissionedModel(
066                            tableName, pkColumnName, primKey);
067    
068                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
069                            getResourceBlockPermissionsContainer(
070                                    companyId, groupId, name, primKey);
071    
072                    String permissionsHash =
073                            resourceBlockPermissionsContainer.getPermissionsHash();
074    
075                    ResourceBlock resourceBlock =
076                            ResourceBlockLocalServiceUtil.updateResourceBlockId(
077                                    companyId, groupId, name, permissionedModel, permissionsHash,
078                                    resourceBlockPermissionsContainer);
079    
080                    return resourceBlock;
081            }
082    
083            protected void convertResourcePermissions(
084                            String name, String tableName, String pkColumnName)
085                    throws Exception {
086    
087                    try (LoggingTimer loggingTimer = new LoggingTimer(name)) {
088                            try (PreparedStatement ps = connection.prepareStatement(
089                                            "select " + pkColumnName + ", groupId, companyId from " +
090                                                    tableName);
091                                    ResultSet rs = ps.executeQuery()) {
092    
093                                    while (rs.next()) {
094                                            long primKey = rs.getLong(pkColumnName);
095                                            long groupId = rs.getLong("groupId");
096                                            long companyId = rs.getLong("companyId");
097    
098                                            ResourceBlock resourceBlock = convertResourcePermissions(
099                                                    tableName, pkColumnName, companyId, groupId, name,
100                                                    primKey);
101    
102                                            if (_log.isInfoEnabled() &&
103                                                    ((resourceBlock.getResourceBlockId() % 100) == 0)) {
104    
105                                                    _log.info("Processed 100 resource blocks for " + name);
106                                            }
107                                    }
108                            }
109    
110                            List<ResourcePermission> resourcePermissions =
111                                    ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(
112                                            _SCOPES);
113    
114                            for (ResourcePermission resourcePermission : resourcePermissions) {
115                                    int scope = resourcePermission.getScope();
116    
117                                    if (!name.equals(resourcePermission.getName())) {
118                                            continue;
119                                    }
120    
121                                    if ((scope == ResourceConstants.SCOPE_COMPANY) ||
122                                            (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
123    
124                                            ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
125                                                    resourcePermission.getCompanyId(), name,
126                                                    resourcePermission.getRoleId(),
127                                                    resourcePermission.getActionIds());
128                                    }
129                                    else if (scope == ResourceConstants.SCOPE_GROUP) {
130                                            ResourceBlockLocalServiceUtil.setGroupScopePermissions(
131                                                    resourcePermission.getCompanyId(),
132                                                    GetterUtil.getLong(resourcePermission.getPrimKey()),
133                                                    name, resourcePermission.getRoleId(),
134                                                    resourcePermission.getActionIds());
135                                    }
136                            }
137                    }
138            }
139    
140            @Override
141            protected void doUpgrade() throws Exception {
142                    try (Closeable closeable1 = ServiceWrapperProxyUtil.createProxy(
143                                    PortalBeanLocatorUtil.locate(
144                                            ResourceLocalService.class.getName()),
145                                    Pre7ResourceLocalServiceImpl.class);
146                            Closeable closeable2 = ServiceWrapperProxyUtil.createProxy(
147                                    PortalBeanLocatorUtil.locate(
148                                            ResourcePermissionLocalService.class.getName()),
149                                    Pre7ResourcePermissionLocalServiceImpl.class);
150                            Closeable closeable3 = ServiceWrapperProxyUtil.createProxy(
151                                    PortalBeanLocatorUtil.locate(RoleLocalService.class.getName()),
152                                    Pre7RoleLocalServiceImpl.class)) {
153    
154                            Class<? extends UpgradePermission> upgradePermissionClass =
155                                    this.getClass();
156    
157                            ResourceActionsUtil.read(
158                                    null, upgradePermissionClass.getClassLoader(),
159                                    "com/liferay/portal/upgrade/v6_1_0/dependencies" +
160                                            "/resource-actions.xml");
161    
162                            // LPS-46141
163    
164                            List<String> modelActions =
165                                    ResourceActionsUtil.getModelResourceActions(
166                                            "com.liferay.portal.model.Role");
167    
168                            ResourceActionLocalServiceUtil.checkResourceActions(
169                                    "com.liferay.portal.model.Role", modelActions);
170    
171                            // LPS-14202 and LPS-17841
172    
173                            RoleLocalServiceUtil.checkSystemRoles();
174    
175                            updatePermissions("com.liferay.portlet.bookmarks", true, true);
176                            updatePermissions(
177                                    "com.liferay.portlet.documentlibrary", false, true);
178                            updatePermissions("com.liferay.portlet.imagegallery", true, true);
179                            updatePermissions("com.liferay.portlet.messageboards", true, true);
180                            updatePermissions("com.liferay.portlet.shopping", true, true);
181    
182                            convertResourcePermissions(
183                                    "com.liferay.portlet.bookmarks.model.BookmarksEntry",
184                                    "BookmarksEntry", "entryId");
185                            convertResourcePermissions(
186                                    "com.liferay.portlet.bookmarks.model.BookmarksFolder",
187                                    "BookmarksFolder", "folderId");
188                    }
189            }
190    
191            protected ResourceBlockPermissionsContainer
192                    getResourceBlockPermissionsContainer(
193                            long companyId, long groupId, String name, long primKey) {
194    
195                    ResourceBlockPermissionsContainer resourceBlockPermissionContainer =
196                            new ResourceBlockPermissionsContainer();
197    
198                    List<ResourcePermission> resourcePermissions =
199                            ResourcePermissionLocalServiceUtil.getResourceResourcePermissions(
200                                    companyId, groupId, name, String.valueOf(primKey));
201    
202                    for (ResourcePermission resourcePermission : resourcePermissions) {
203                            resourceBlockPermissionContainer.addPermission(
204                                    resourcePermission.getRoleId(),
205                                    resourcePermission.getActionIds());
206                    }
207    
208                    return resourceBlockPermissionContainer;
209            }
210    
211            protected void updatePermissions(
212                            String name, boolean community, boolean guest)
213                    throws Exception {
214    
215                    try (LoggingTimer loggingTimer = new LoggingTimer(name)) {
216                            List<String> modelActions =
217                                    ResourceActionsUtil.getModelResourceActions(name);
218    
219                            ResourceActionLocalServiceUtil.checkResourceActions(
220                                    name, modelActions);
221    
222                            int scope = ResourceConstants.SCOPE_INDIVIDUAL;
223                            long actionIdsLong = 1;
224    
225                            if (community) {
226                                    ResourcePermissionLocalServiceUtil.addResourcePermissions(
227                                            name, RoleConstants.ORGANIZATION_USER, scope,
228                                            actionIdsLong);
229                                    ResourcePermissionLocalServiceUtil.addResourcePermissions(
230                                            name, RoleConstants.SITE_MEMBER, scope, actionIdsLong);
231                            }
232    
233                            if (guest) {
234                                    ResourcePermissionLocalServiceUtil.addResourcePermissions(
235                                            name, RoleConstants.GUEST, scope, actionIdsLong);
236                            }
237    
238                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
239                                    name, RoleConstants.OWNER, scope, actionIdsLong);
240                    }
241            }
242    
243            private static final int[] _SCOPES = {
244                    ResourceConstants.SCOPE_COMPANY, ResourceConstants.SCOPE_GROUP,
245                    ResourceConstants.SCOPE_GROUP_TEMPLATE
246            };
247    
248            private static final Log _log = LogFactoryUtil.getLog(
249                    UpgradePermission.class);
250    
251            private static class Pre7ResourceLocalServiceImpl
252                    extends ResourceLocalServiceWrapper {
253    
254                    @Override
255                    public void addResources(
256                                    long companyId, long groupId, long userId, String name,
257                                    long primKey, boolean portletActions,
258                                    boolean addGroupPermissions, boolean addGuestPermissions)
259                            throws PortalException {
260    
261                            if (name.equals(Role.class.getName())) {
262                                    name = "com.liferay.portal.model.Role";
263                            }
264    
265                            super.addResources(
266                                    companyId, groupId, userId, name, primKey, portletActions,
267                                    addGroupPermissions, addGuestPermissions);
268                    }
269    
270                    private Pre7ResourceLocalServiceImpl(
271                            ResourceLocalService resourceLocalService) {
272    
273                            super(resourceLocalService);
274                    }
275    
276            }
277    
278            private static class Pre7ResourcePermissionLocalServiceImpl
279                    extends ResourcePermissionLocalServiceWrapper {
280    
281                    @Override
282                    public void setResourcePermissions(
283                                    long companyId, String name, int scope, String primKey,
284                                    long roleId, String[] actionIds)
285                            throws PortalException {
286    
287                            if (name.equals(Role.class.getName())) {
288                                    name = "com.liferay.portal.model.Role";
289                            }
290    
291                            super.setResourcePermissions(
292                                    companyId, name, scope, primKey, roleId, actionIds);
293                    }
294    
295                    private Pre7ResourcePermissionLocalServiceImpl(
296                            ResourcePermissionLocalService resourcePermissionLocalService) {
297    
298                            super(resourcePermissionLocalService);
299                    }
300    
301            }
302    
303            private static class Pre7RoleLocalServiceImpl
304                    extends RoleLocalServiceWrapper {
305    
306                    @Override
307                    public Role deleteRole(Role role) throws PortalException {
308                            String className = role.getClassName();
309    
310                            if (className.equals(Role.class.getName())) {
311                                    return new RoleWrapper(role) {
312    
313                                            @Override
314                                            public String getClassName() {
315                                                    String className = super.getClassName();
316    
317                                                    if (className.equals(Role.class.getName())) {
318                                                            className = "com.liferay.portal.model.Role";
319                                                    }
320    
321                                                    return className;
322                                            }
323    
324                                    };
325                            }
326    
327                            return super.deleteRole(role);
328                    }
329    
330                    private Pre7RoleLocalServiceImpl(RoleLocalService roleLocalService) {
331                            super(roleLocalService);
332                    }
333    
334            }
335    
336            private class UpgradePermissionedModel implements PermissionedModel {
337    
338                    public UpgradePermissionedModel(
339                            String tableName, String pkColumnName, long primKey) {
340    
341                            _tableName = tableName;
342                            _pkColumnName = pkColumnName;
343                            _primKey = primKey;
344                    }
345    
346                    @Override
347                    public long getResourceBlockId() {
348                            return _resourceBlockId;
349                    }
350    
351                    @Override
352                    public void persist() {
353                            try {
354                                    StringBundler sb = new StringBundler(8);
355    
356                                    sb.append("update ");
357                                    sb.append(_tableName);
358                                    sb.append(" set resourceBlockId = ");
359                                    sb.append(_resourceBlockId);
360                                    sb.append(" where ");
361                                    sb.append(_pkColumnName);
362                                    sb.append(" = ");
363                                    sb.append(_primKey);
364    
365                                    runSQL(sb.toString());
366                            }
367                            catch (Exception e) {
368                                    throw new SystemException(e);
369                            }
370                    }
371    
372                    @Override
373                    public void setResourceBlockId(long resourceBlockId) {
374                            _resourceBlockId = resourceBlockId;
375                    }
376    
377                    private final String _pkColumnName;
378                    private final long _primKey;
379                    private long _resourceBlockId;
380                    private final String _tableName;
381    
382            }
383    
384    }