001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.NoSuchResourcePermissionException;
018 import com.liferay.portal.kernel.concurrent.LockRegistry;
019 import com.liferay.portal.kernel.dao.db.DB;
020 import com.liferay.portal.kernel.dao.db.DBFactoryUtil;
021 import com.liferay.portal.kernel.dao.orm.QueryPos;
022 import com.liferay.portal.kernel.dao.orm.SQLQuery;
023 import com.liferay.portal.kernel.dao.orm.Session;
024 import com.liferay.portal.kernel.dao.orm.Type;
025 import com.liferay.portal.kernel.exception.PortalException;
026 import com.liferay.portal.kernel.exception.SystemException;
027 import com.liferay.portal.kernel.search.SearchEngineUtil;
028 import com.liferay.portal.kernel.util.ArrayUtil;
029 import com.liferay.portal.kernel.util.ListUtil;
030 import com.liferay.portal.kernel.util.StringBundler;
031 import com.liferay.portal.kernel.util.StringPool;
032 import com.liferay.portal.kernel.util.StringUtil;
033 import com.liferay.portal.model.Resource;
034 import com.liferay.portal.model.ResourceAction;
035 import com.liferay.portal.model.ResourceConstants;
036 import com.liferay.portal.model.ResourcePermission;
037 import com.liferay.portal.model.ResourcePermissionConstants;
038 import com.liferay.portal.model.Role;
039 import com.liferay.portal.model.RoleConstants;
040 import com.liferay.portal.security.auth.PrincipalException;
041 import com.liferay.portal.security.permission.PermissionCacheUtil;
042 import com.liferay.portal.security.permission.PermissionThreadLocal;
043 import com.liferay.portal.security.permission.ResourceActionsUtil;
044 import com.liferay.portal.service.base.ResourcePermissionLocalServiceBaseImpl;
045 import com.liferay.portal.util.PortalUtil;
046 import com.liferay.portal.util.PropsValues;
047 import com.liferay.portal.util.ResourcePermissionsThreadLocal;
048 import com.liferay.util.dao.orm.CustomSQLUtil;
049
050 import java.util.ArrayList;
051 import java.util.Collection;
052 import java.util.Collections;
053 import java.util.HashMap;
054 import java.util.HashSet;
055 import java.util.List;
056 import java.util.Map;
057 import java.util.Set;
058 import java.util.concurrent.locks.Lock;
059
060
074 public class ResourcePermissionLocalServiceImpl
075 extends ResourcePermissionLocalServiceBaseImpl {
076
077
080 public static final String[] EMPTY_ACTION_IDS = {null};
081
082
120 @Override
121 public void addResourcePermission(
122 long companyId, String name, int scope, String primKey, long roleId,
123 String actionId)
124 throws PortalException {
125
126 if (scope == ResourceConstants.SCOPE_COMPANY) {
127
128
129
130 removeResourcePermissions(
131 companyId, name, ResourceConstants.SCOPE_GROUP, roleId,
132 actionId);
133 }
134 else if (scope == ResourceConstants.SCOPE_GROUP) {
135
136
137
138 removeResourcePermissions(
139 companyId, name, ResourceConstants.SCOPE_COMPANY, roleId,
140 actionId);
141 }
142 else if (scope == ResourceConstants.SCOPE_INDIVIDUAL) {
143 throw new NoSuchResourcePermissionException();
144 }
145
146 updateResourcePermission(
147 companyId, name, scope, primKey, roleId, 0, new String[] {actionId},
148 ResourcePermissionConstants.OPERATOR_ADD);
149
150 PermissionCacheUtil.clearCache();
151 }
152
153
170 @Override
171 public void addResourcePermissions(
172 String resourceName, String roleName, int scope,
173 long resourceActionBitwiseValue) {
174
175 List<Role> roles = rolePersistence.findByName(roleName);
176
177 if (roles.isEmpty()) {
178 return;
179 }
180
181 Session session = resourcePermissionPersistence.openSession();
182
183 try {
184
185
186
187 String sql = CustomSQLUtil.get(_UPDATE_ACTION_IDS);
188
189 sql = StringUtil.replace(
190 sql, "[$ROLE_ID$]",
191 ListUtil.toString(roles, Role.ROLE_ID_ACCESSOR));
192
193 SQLQuery sqlQuery = session.createSynchronizedSQLQuery(sql);
194
195 QueryPos qPos = QueryPos.getInstance(sqlQuery);
196
197 qPos.add(resourceActionBitwiseValue);
198 qPos.add(resourceActionBitwiseValue);
199 qPos.add(resourceName);
200 qPos.add(scope);
201
202 sqlQuery.executeUpdate();
203
204
205
206 sql = CustomSQLUtil.get(_FIND_MISSING_RESOURCE_PERMISSIONS);
207
208 sqlQuery = session.createSynchronizedSQLQuery(sql);
209
210 sqlQuery.addScalar("companyId", Type.LONG);
211 sqlQuery.addScalar("name", Type.STRING);
212 sqlQuery.addScalar("scope", Type.INTEGER);
213 sqlQuery.addScalar("primKey", Type.STRING);
214 sqlQuery.addScalar("roleId", Type.LONG);
215
216 qPos = QueryPos.getInstance(sqlQuery);
217
218 qPos.add(resourceName);
219 qPos.add(scope);
220 qPos.add(roleName);
221
222 List<Object[]> resourcePermissionArrays = sqlQuery.list(true);
223
224 if (resourcePermissionArrays.isEmpty()) {
225 return;
226 }
227
228 for (Object[] resourcePermissionArray : resourcePermissionArrays) {
229 long resourcePermissionId = counterLocalService.increment(
230 ResourcePermission.class.getName());
231
232 ResourcePermission resourcePermission =
233 resourcePermissionPersistence.create(resourcePermissionId);
234
235 resourcePermission.setCompanyId(
236 (Long)resourcePermissionArray[0]);
237 resourcePermission.setName((String)resourcePermissionArray[1]);
238 resourcePermission.setScope(
239 (Integer)resourcePermissionArray[2]);
240 resourcePermission.setPrimKey(
241 (String)resourcePermissionArray[3]);
242 resourcePermission.setRoleId((Long)resourcePermissionArray[4]);
243 resourcePermission.setActionIds(resourceActionBitwiseValue);
244
245 session.save(resourcePermission);
246 }
247 }
248 catch (Exception e) {
249 throw new SystemException(e);
250 }
251 finally {
252 resourcePermissionPersistence.closeSession(session);
253
254 resourcePermissionPersistence.clearCache();
255 }
256 }
257
258
280 @Override
281 public void deleteResourcePermissions(
282 long companyId, String name, int scope, long primKey)
283 throws PortalException {
284
285 deleteResourcePermissions(
286 companyId, name, scope, String.valueOf(primKey));
287 }
288
289
311 @Override
312 public void deleteResourcePermissions(
313 long companyId, String name, int scope, String primKey)
314 throws PortalException {
315
316 List<ResourcePermission> resourcePermissions =
317 resourcePermissionPersistence.findByC_N_S_P(
318 companyId, name, scope, primKey);
319
320 for (ResourcePermission resourcePermission : resourcePermissions) {
321 deleteResourcePermission(
322 resourcePermission.getResourcePermissionId());
323 }
324 }
325
326 @Override
327 public ResourcePermission fetchResourcePermission(
328 long companyId, String name, int scope, String primKey, long roleId) {
329
330 return resourcePermissionPersistence.fetchByC_N_S_P_R(
331 companyId, name, scope, primKey, roleId);
332 }
333
334 @Override
335 public Map<Long, Set<String>> getAvailableResourcePermissionActionIds(
336 long companyId, String name, int scope, String primKey,
337 Collection<String> actionIds) {
338
339 if (actionIds.isEmpty()) {
340 return Collections.emptyMap();
341 }
342
343 List<ResourcePermission> resourcePermissions = getResourcePermissions(
344 companyId, name, scope, primKey);
345
346 Map<Long, Set<String>> roleIdsToActionIds =
347 new HashMap<Long, Set<String>>(resourcePermissions.size());
348
349 for (ResourcePermission resourcePermission : resourcePermissions) {
350 if (resourcePermission.getActionIds() == 0) {
351 continue;
352 }
353
354 Set<String> availableActionIds = new HashSet<String>(
355 actionIds.size());
356
357 for (String actionId : actionIds) {
358 if (resourcePermission.hasActionId(actionId)) {
359 availableActionIds.add(actionId);
360 }
361 }
362
363 if (availableActionIds.size() > 0) {
364 roleIdsToActionIds.put(
365 resourcePermission.getRoleId(), availableActionIds);
366 }
367 }
368
369 return roleIdsToActionIds;
370 }
371
372
388 @Override
389 public List<String> getAvailableResourcePermissionActionIds(
390 long companyId, String name, int scope, String primKey, long roleId,
391 Collection<String> actionIds)
392 throws PortalException {
393
394 ResourcePermission resourcePermission =
395 resourcePermissionPersistence.fetchByC_N_S_P_R(
396 companyId, name, scope, primKey, roleId);
397
398 if (resourcePermission == null) {
399 return Collections.emptyList();
400 }
401
402 List<String> availableActionIds = new ArrayList<String>(
403 actionIds.size());
404
405 for (String actionId : actionIds) {
406 ResourceAction resourceAction =
407 resourceActionLocalService.getResourceAction(name, actionId);
408
409 if (hasActionId(resourcePermission, resourceAction)) {
410 availableActionIds.add(actionId);
411 }
412 }
413
414 return availableActionIds;
415 }
416
417
422 @Deprecated
423 @Override
424 public Map<Long, Set<String>> getAvailableResourcePermissionActionIds(
425 long companyId, String name, int scope, String primKey, long[] roleIds,
426 Collection<String> actionIds) {
427
428 return getAvailableResourcePermissionActionIds(
429 companyId, name, scope, primKey, new ArrayList<String>(actionIds));
430 }
431
432
446 @Override
447 public ResourcePermission getResourcePermission(
448 long companyId, String name, int scope, String primKey, long roleId)
449 throws PortalException {
450
451 return resourcePermissionPersistence.findByC_N_S_P_R(
452 companyId, name, scope, primKey, roleId);
453 }
454
455
465 @Override
466 public List<ResourcePermission> getResourcePermissions(
467 long companyId, String name, int scope, String primKey) {
468
469 return resourcePermissionPersistence.findByC_N_S_P(
470 companyId, name, scope, primKey);
471 }
472
473
483 @Override
484 public int getResourcePermissionsCount(
485 long companyId, String name, int scope, String primKey) {
486
487 return resourcePermissionPersistence.countByC_N_S_P(
488 companyId, name, scope, primKey);
489 }
490
491
501 @Override
502 public List<ResourcePermission> getResourceResourcePermissions(
503 long companyId, long groupId, String name, String primKey) {
504
505 return resourcePermissionFinder.findByResource(
506 companyId, groupId, name, primKey);
507 }
508
509
515 @Override
516 public List<ResourcePermission> getRoleResourcePermissions(long roleId) {
517 return resourcePermissionPersistence.findByRoleId(roleId);
518 }
519
520
540 @Override
541 public List<ResourcePermission> getRoleResourcePermissions(
542 long roleId, int[] scopes, int start, int end) {
543
544 return resourcePermissionFinder.findByR_S(roleId, scopes, start, end);
545 }
546
547
563 @Override
564 public List<ResourcePermission> getScopeResourcePermissions(int[] scopes) {
565 return resourcePermissionPersistence.findByScope(scopes);
566 }
567
568
579 @Override
580 public boolean hasActionId(
581 ResourcePermission resourcePermission, ResourceAction resourceAction) {
582
583 long actionIds = resourcePermission.getActionIds();
584 long bitwiseValue = resourceAction.getBitwiseValue();
585
586 if ((actionIds & bitwiseValue) == bitwiseValue) {
587 return true;
588 }
589 else {
590 return false;
591 }
592 }
593
594
614 @Override
615 public boolean hasResourcePermission(
616 List<Resource> resources, long[] roleIds, String actionId)
617 throws PortalException {
618
619 if (roleIds.length == 0) {
620 return false;
621 }
622
623 int size = resources.size();
624
625 if (size < 2) {
626 throw new IllegalArgumentException(
627 "The list of resources must contain at least two values");
628 }
629
630 Resource firstResource = resources.get(0);
631
632 if (firstResource.getScope() != ResourceConstants.SCOPE_INDIVIDUAL) {
633 throw new IllegalArgumentException(
634 "The first resource must be an individual scope");
635 }
636
637 Resource lastResource = resources.get(size - 1);
638
639 if (lastResource.getScope() != ResourceConstants.SCOPE_COMPANY) {
640 throw new IllegalArgumentException(
641 "The last resource must be a company scope");
642 }
643
644
645
646 if (resourcePermissionPersistence.countByC_N_S_P(
647 firstResource.getCompanyId(), firstResource.getName(),
648 firstResource.getScope(), firstResource.getPrimKey()) < 1) {
649
650 return false;
651 }
652
653
654
655
656
657
658
659 for (int i = size - 1; i >= 0; i--) {
660 Resource resource = resources.get(i);
661
662 if (hasResourcePermission(
663 resource.getCompanyId(), resource.getName(),
664 resource.getScope(), resource.getPrimKey(), roleIds,
665 actionId)) {
666
667 return true;
668 }
669 }
670
671 return false;
672 }
673
674
696 @Override
697 public boolean hasResourcePermission(
698 long companyId, String name, int scope, String primKey, long roleId,
699 String actionId)
700 throws PortalException {
701
702 ResourcePermission resourcePermission =
703 resourcePermissionPersistence.fetchByC_N_S_P_R(
704 companyId, name, scope, primKey, roleId);
705
706 if (resourcePermission == null) {
707 return false;
708 }
709
710 ResourceAction resourceAction =
711 resourceActionLocalService.getResourceAction(name, actionId);
712
713 if (hasActionId(resourcePermission, resourceAction)) {
714 return true;
715 }
716
717 return false;
718 }
719
720
743 @Override
744 public boolean hasResourcePermission(
745 long companyId, String name, int scope, String primKey,
746 long[] roleIds, String actionId)
747 throws PortalException {
748
749 if (roleIds.length == 0) {
750 return false;
751 }
752
753 ResourceAction resourceAction =
754 resourceActionLocalService.getResourceAction(name, actionId);
755
756 DB db = DBFactoryUtil.getDB();
757
758 String dbType = db.getType();
759
760 if ((roleIds.length >
761 PropsValues.
762 PERMISSIONS_ROLE_RESOURCE_PERMISSION_QUERY_THRESHOLD) &&
763 !dbType.equals(DB.TYPE_DERBY) &&
764 !dbType.equals(DB.TYPE_JDATASTORE) &&
765 !dbType.equals(DB.TYPE_SAP)) {
766
767 int count = resourcePermissionFinder.countByC_N_S_P_R_A(
768 companyId, name, scope, primKey, roleIds,
769 resourceAction.getBitwiseValue());
770
771 if (count > 0) {
772 return true;
773 }
774 }
775 else {
776 List<ResourcePermission> resourcePermissions =
777 resourcePermissionPersistence.findByC_N_S_P_R(
778 companyId, name, scope, primKey, roleIds);
779
780 if (resourcePermissions.isEmpty()) {
781 return false;
782 }
783
784 for (ResourcePermission resourcePermission : resourcePermissions) {
785 if (hasActionId(resourcePermission, resourceAction)) {
786 return true;
787 }
788 }
789 }
790
791 return false;
792 }
793
794 @Override
795 public boolean[] hasResourcePermissions(
796 long companyId, String name, int scope, String primKey,
797 long[] roleIds, String actionId)
798 throws PortalException {
799
800 boolean[] hasResourcePermissions = new boolean[roleIds.length];
801
802 if (roleIds.length == 0) {
803 return hasResourcePermissions;
804 }
805
806 ResourceAction resourceAction =
807 resourceActionLocalService.getResourceAction(name, actionId);
808
809 List<ResourcePermission> resourcePermissions =
810 resourcePermissionPersistence.findByC_N_S_P_R(
811 companyId, name, scope, primKey, roleIds);
812
813 if (resourcePermissions.isEmpty()) {
814 return hasResourcePermissions;
815 }
816
817 for (ResourcePermission resourcePermission : resourcePermissions) {
818 if (hasActionId(resourcePermission, resourceAction)) {
819 long roleId = resourcePermission.getRoleId();
820
821 for (int i = 0; i < roleIds.length; i++) {
822 if (roleIds[i] == roleId) {
823 hasResourcePermissions[i] = true;
824
825 break;
826 }
827 }
828 }
829 }
830
831 return hasResourcePermissions;
832 }
833
834
855 @Override
856 public boolean hasScopeResourcePermission(
857 long companyId, String name, int scope, long roleId,
858 String actionId)
859 throws PortalException {
860
861 List<ResourcePermission> resourcePermissions =
862 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
863
864 for (ResourcePermission resourcePermission : resourcePermissions) {
865 if (hasResourcePermission(
866 companyId, name, scope, resourcePermission.getPrimKey(),
867 roleId, actionId)) {
868
869 return true;
870 }
871 }
872
873 return false;
874 }
875
876
884 @Override
885 public void mergePermissions(long fromRoleId, long toRoleId)
886 throws PortalException {
887
888 Role fromRole = rolePersistence.findByPrimaryKey(fromRoleId);
889 Role toRole = rolePersistence.findByPrimaryKey(toRoleId);
890
891 if (fromRole.getType() != toRole.getType()) {
892 throw new PortalException("Role types are mismatched");
893 }
894 else if (PortalUtil.isSystemRole(toRole.getName())) {
895 throw new PortalException("Cannot move permissions to system role");
896 }
897 else if (PortalUtil.isSystemRole(fromRole.getName())) {
898 throw new PortalException(
899 "Cannot move permissions from system role");
900 }
901
902 List<ResourcePermission> resourcePermissions =
903 getRoleResourcePermissions(fromRoleId);
904
905 for (ResourcePermission resourcePermission : resourcePermissions) {
906 resourcePermission.setRoleId(toRoleId);
907
908 resourcePermissionPersistence.update(resourcePermission);
909 }
910
911 roleLocalService.deleteRole(fromRoleId);
912
913 PermissionCacheUtil.clearCache();
914 }
915
916
927 @Override
928 public void reassignPermissions(long resourcePermissionId, long toRoleId)
929 throws PortalException {
930
931 ResourcePermission resourcePermission = getResourcePermission(
932 resourcePermissionId);
933
934 long companyId = resourcePermission.getCompanyId();
935 String name = resourcePermission.getName();
936 int scope = resourcePermission.getScope();
937 String primKey = resourcePermission.getPrimKey();
938 long fromRoleId = resourcePermission.getRoleId();
939
940 Role toRole = roleLocalService.getRole(toRoleId);
941
942 List<String> actionIds = null;
943
944 if (toRole.getType() == RoleConstants.TYPE_REGULAR) {
945 actionIds = ResourceActionsUtil.getModelResourceActions(name);
946 }
947 else {
948 actionIds = ResourceActionsUtil.getModelResourceGroupDefaultActions(
949 name);
950 }
951
952 setResourcePermissions(
953 companyId, name, scope, primKey, toRoleId,
954 actionIds.toArray(new String[actionIds.size()]));
955
956 resourcePermissionPersistence.remove(resourcePermissionId);
957
958 List<ResourcePermission> resourcePermissions =
959 getRoleResourcePermissions(fromRoleId);
960
961 if (resourcePermissions.isEmpty()) {
962 roleLocalService.deleteRole(fromRoleId);
963 }
964 }
965
966
987 @Override
988 public void removeResourcePermission(
989 long companyId, String name, int scope, String primKey, long roleId,
990 String actionId)
991 throws PortalException {
992
993 updateResourcePermission(
994 companyId, name, scope, primKey, roleId, 0, new String[] {actionId},
995 ResourcePermissionConstants.OPERATOR_REMOVE);
996
997 PermissionCacheUtil.clearCache();
998 }
999
1000
1015 @Override
1016 public void removeResourcePermissions(
1017 long companyId, String name, int scope, long roleId,
1018 String actionId)
1019 throws PortalException {
1020
1021 List<ResourcePermission> resourcePermissions =
1022 resourcePermissionPersistence.findByC_N_S(companyId, name, scope);
1023
1024 for (ResourcePermission resourcePermission : resourcePermissions) {
1025 updateResourcePermission(
1026 companyId, name, scope, resourcePermission.getPrimKey(), roleId,
1027 0, new String[] {actionId},
1028 ResourcePermissionConstants.OPERATOR_REMOVE);
1029 }
1030
1031 PermissionCacheUtil.clearCache();
1032 }
1033
1034
1063 @Override
1064 public void setOwnerResourcePermissions(
1065 long companyId, String name, int scope, String primKey, long roleId,
1066 long ownerId, String[] actionIds)
1067 throws PortalException {
1068
1069 updateResourcePermission(
1070 companyId, name, scope, primKey, roleId, ownerId, actionIds,
1071 ResourcePermissionConstants.OPERATOR_SET);
1072 }
1073
1074
1100 @Override
1101 public void setResourcePermissions(
1102 long companyId, String name, int scope, String primKey, long roleId,
1103 String[] actionIds)
1104 throws PortalException {
1105
1106 updateResourcePermission(
1107 companyId, name, scope, primKey, roleId, 0, actionIds,
1108 ResourcePermissionConstants.OPERATOR_SET);
1109 }
1110
1111
1136 @Override
1137 public void setResourcePermissions(
1138 long companyId, String name, int scope, String primKey,
1139 Map<Long, String[]> roleIdsToActionIds)
1140 throws PortalException {
1141
1142 updateResourcePermission(
1143 companyId, name, scope, primKey, 0, roleIdsToActionIds);
1144 }
1145
1146 protected void doUpdateResourcePermission(
1147 long companyId, String name, int scope, String primKey,
1148 long ownerId, long roleId, String[] actionIds, int operator,
1149 boolean fetch)
1150 throws PortalException {
1151
1152 ResourcePermission resourcePermission = null;
1153
1154 Map<Long, ResourcePermission> resourcePermissionsMap =
1155 ResourcePermissionsThreadLocal.getResourcePermissions();
1156
1157 if (resourcePermissionsMap != null) {
1158 resourcePermission = resourcePermissionsMap.get(roleId);
1159 }
1160 else if (fetch) {
1161 resourcePermission = resourcePermissionPersistence.fetchByC_N_S_P_R(
1162 companyId, name, scope, primKey, roleId);
1163 }
1164
1165 if (resourcePermission == null) {
1166 if (((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1167 (operator == ResourcePermissionConstants.OPERATOR_SET)) &&
1168 (actionIds.length == 0)) {
1169
1170 return;
1171 }
1172
1173 if (operator == ResourcePermissionConstants.OPERATOR_REMOVE) {
1174 return;
1175 }
1176
1177 long resourcePermissionId = counterLocalService.increment(
1178 ResourcePermission.class.getName());
1179
1180 resourcePermission = resourcePermissionPersistence.create(
1181 resourcePermissionId);
1182
1183 resourcePermission.setCompanyId(companyId);
1184 resourcePermission.setName(name);
1185 resourcePermission.setScope(scope);
1186 resourcePermission.setPrimKey(primKey);
1187 resourcePermission.setRoleId(roleId);
1188 resourcePermission.setOwnerId(ownerId);
1189 }
1190
1191 List<String> unsupportedActionIds = Collections.emptyList();
1192
1193 if (((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1194 (operator == ResourcePermissionConstants.OPERATOR_SET)) &&
1195 isGuestRoleId(companyId, roleId)) {
1196
1197 unsupportedActionIds =
1198 ResourceActionsUtil.getResourceGuestUnsupportedActions(
1199 name, name);
1200 }
1201
1202 long actionIdsLong = resourcePermission.getActionIds();
1203
1204 if (operator == ResourcePermissionConstants.OPERATOR_SET) {
1205 actionIdsLong = 0;
1206 }
1207
1208 for (String actionId : actionIds) {
1209 if (actionId == null) {
1210 break;
1211 }
1212
1213 if (unsupportedActionIds.contains(actionId)) {
1214 throw new PrincipalException(
1215 actionId + "is not supported by role " + roleId);
1216 }
1217
1218 ResourceAction resourceAction =
1219 resourceActionLocalService.getResourceAction(name, actionId);
1220
1221 if ((operator == ResourcePermissionConstants.OPERATOR_ADD) ||
1222 (operator == ResourcePermissionConstants.OPERATOR_SET)) {
1223
1224 actionIdsLong |= resourceAction.getBitwiseValue();
1225 }
1226 else {
1227 actionIdsLong =
1228 actionIdsLong & (~resourceAction.getBitwiseValue());
1229 }
1230 }
1231
1232 resourcePermission.setActionIds(actionIdsLong);
1233
1234 resourcePermissionPersistence.update(resourcePermission);
1235
1236 PermissionCacheUtil.clearCache();
1237
1238 SearchEngineUtil.updatePermissionFields(name, primKey);
1239 }
1240
1241 protected void doUpdateResourcePermission(
1242 long companyId, String name, int scope, String primKey,
1243 long ownerId, Map<Long, String[]> roleIdsToActionIds)
1244 throws PortalException {
1245
1246 boolean flushEnabled = PermissionThreadLocal.isFlushEnabled();
1247
1248 PermissionThreadLocal.setIndexEnabled(false);
1249
1250 try {
1251 long[] roleIds = ArrayUtil.toLongArray(roleIdsToActionIds.keySet());
1252
1253 List<ResourcePermission> resourcePermissions =
1254 resourcePermissionPersistence.findByC_N_S_P_R(
1255 companyId, name, scope, primKey, roleIds);
1256
1257 for (ResourcePermission resourcePermission : resourcePermissions) {
1258 long roleId = resourcePermission.getRoleId();
1259 String[] actionIds = roleIdsToActionIds.remove(roleId);
1260
1261 doUpdateResourcePermission(
1262 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1263 ResourcePermissionConstants.OPERATOR_SET, true);
1264 }
1265
1266 if (roleIdsToActionIds.isEmpty()) {
1267 return;
1268 }
1269
1270 for (Map.Entry<Long, String[]> entry :
1271 roleIdsToActionIds.entrySet()) {
1272
1273 long roleId = entry.getKey();
1274 String[] actionIds = entry.getValue();
1275
1276 doUpdateResourcePermission(
1277 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1278 ResourcePermissionConstants.OPERATOR_SET, false);
1279 }
1280 }
1281 finally {
1282 PermissionThreadLocal.setIndexEnabled(flushEnabled);
1283
1284 PermissionCacheUtil.clearCache();
1285
1286 SearchEngineUtil.updatePermissionFields(name, primKey);
1287 }
1288 }
1289
1290 protected boolean isGuestRoleId(long companyId, long roleId)
1291 throws PortalException {
1292
1293 Role guestRole = roleLocalService.getRole(
1294 companyId, RoleConstants.GUEST);
1295
1296 if (roleId == guestRole.getRoleId()) {
1297 return true;
1298 }
1299
1300 return false;
1301 }
1302
1303
1330 protected void updateResourcePermission(
1331 long companyId, String name, int scope, String primKey, long roleId,
1332 long ownerId, String[] actionIds, int operator)
1333 throws PortalException {
1334
1335 DB db = DBFactoryUtil.getDB();
1336
1337 String dbType = db.getType();
1338
1339 if (!dbType.equals(DB.TYPE_HYPERSONIC)) {
1340 doUpdateResourcePermission(
1341 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1342 operator, true);
1343
1344 return;
1345 }
1346
1347 StringBundler sb = new StringBundler(9);
1348
1349 sb.append(companyId);
1350 sb.append(StringPool.POUND);
1351 sb.append(name);
1352 sb.append(StringPool.POUND);
1353 sb.append(scope);
1354 sb.append(StringPool.POUND);
1355 sb.append(primKey);
1356 sb.append(StringPool.POUND);
1357 sb.append(roleId);
1358
1359 Class<?> clazz = getClass();
1360
1361 String groupName = clazz.getName();
1362
1363 String key = sb.toString();
1364
1365 Lock lock = LockRegistry.allocateLock(groupName, key);
1366
1367 lock.lock();
1368
1369 try {
1370 doUpdateResourcePermission(
1371 companyId, name, scope, primKey, ownerId, roleId, actionIds,
1372 operator, true);
1373 }
1374 finally {
1375 lock.unlock();
1376
1377 LockRegistry.freeLock(groupName, key);
1378 }
1379 }
1380
1381
1403 protected void updateResourcePermission(
1404 long companyId, String name, int scope, String primKey,
1405 long ownerId, Map<Long, String[]> roleIdsToActionIds)
1406 throws PortalException {
1407
1408 DB db = DBFactoryUtil.getDB();
1409
1410 String dbType = db.getType();
1411
1412 if (!dbType.equals(DB.TYPE_HYPERSONIC)) {
1413 doUpdateResourcePermission(
1414 companyId, name, scope, primKey, ownerId, roleIdsToActionIds);
1415
1416 return;
1417 }
1418
1419 StringBundler sb = new StringBundler(9);
1420
1421 sb.append(companyId);
1422 sb.append(StringPool.POUND);
1423 sb.append(name);
1424 sb.append(StringPool.POUND);
1425 sb.append(scope);
1426 sb.append(StringPool.POUND);
1427 sb.append(primKey);
1428 sb.append(StringPool.POUND);
1429 sb.append(StringUtil.merge(roleIdsToActionIds.keySet()));
1430
1431 Class<?> clazz = getClass();
1432
1433 String groupName = clazz.getName();
1434
1435 String key = sb.toString();
1436
1437 Lock lock = LockRegistry.allocateLock(groupName, key);
1438
1439 lock.lock();
1440
1441 try {
1442 doUpdateResourcePermission(
1443 companyId, name, scope, primKey, ownerId, roleIdsToActionIds);
1444 }
1445 finally {
1446 lock.unlock();
1447
1448 LockRegistry.freeLock(groupName, key);
1449 }
1450 }
1451
1452 private static final String _FIND_MISSING_RESOURCE_PERMISSIONS =
1453 ResourcePermissionLocalServiceImpl.class.getName() +
1454 ".findMissingResourcePermissions";
1455
1456 private static final String _UPDATE_ACTION_IDS =
1457 ResourcePermissionLocalServiceImpl.class.getName() + ".updateActionIds";
1458
1459 }