001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.rolesadmin.lar;
016    
017    import com.liferay.portal.kernel.dao.orm.DynamicQuery;
018    import com.liferay.portal.kernel.dao.orm.Junction;
019    import com.liferay.portal.kernel.dao.orm.Property;
020    import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021    import com.liferay.portal.kernel.dao.orm.QueryUtil;
022    import com.liferay.portal.kernel.dao.orm.RestrictionsFactoryUtil;
023    import com.liferay.portal.kernel.exception.PortalException;
024    import com.liferay.portal.kernel.lar.BaseStagedModelDataHandler;
025    import com.liferay.portal.kernel.lar.ExportImportPathUtil;
026    import com.liferay.portal.kernel.lar.PortletDataContext;
027    import com.liferay.portal.kernel.log.Log;
028    import com.liferay.portal.kernel.log.LogFactoryUtil;
029    import com.liferay.portal.kernel.util.GetterUtil;
030    import com.liferay.portal.kernel.xml.Element;
031    import com.liferay.portal.model.Group;
032    import com.liferay.portal.model.GroupConstants;
033    import com.liferay.portal.model.Permission;
034    import com.liferay.portal.model.ResourceConstants;
035    import com.liferay.portal.model.ResourcePermission;
036    import com.liferay.portal.model.ResourceTypePermission;
037    import com.liferay.portal.model.Role;
038    import com.liferay.portal.security.permission.PermissionConversionFilter;
039    import com.liferay.portal.security.permission.PermissionConverterUtil;
040    import com.liferay.portal.service.GroupLocalServiceUtil;
041    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
042    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
043    import com.liferay.portal.service.ResourcePermissionServiceUtil;
044    import com.liferay.portal.service.ResourceTypePermissionLocalServiceUtil;
045    import com.liferay.portal.service.RoleLocalServiceUtil;
046    import com.liferay.portal.service.ServiceContext;
047    
048    import java.util.List;
049    
050    /**
051     * @author David Mendez Gonzalez
052     * @author Michael C. Han
053     */
054    public class RoleStagedModelDataHandler
055            extends BaseStagedModelDataHandler<Role> {
056    
057            public static final String[] CLASS_NAMES = {Role.class.getName()};
058    
059            @Override
060            public void deleteStagedModel(
061                            String uuid, long groupId, String className, String extraData)
062                    throws PortalException {
063    
064                    Group group = GroupLocalServiceUtil.getGroup(groupId);
065    
066                    Role role = fetchStagedModelByUuidAndCompanyId(
067                            uuid, group.getCompanyId());
068    
069                    if (role != null) {
070                            RoleLocalServiceUtil.deleteRole(role);
071                    }
072            }
073    
074            @Override
075            public Role fetchStagedModelByUuidAndCompanyId(
076                    String uuid, long companyId) {
077    
078                    return RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(
079                            uuid, companyId);
080            }
081    
082            @Override
083            public String[] getClassNames() {
084                    return CLASS_NAMES;
085            }
086    
087            @Override
088            public String getDisplayName(Role role) {
089                    return role.getName();
090            }
091    
092            protected void deleteRolePermissions(
093                    PortletDataContext portletDataContext, Role importedRole) {
094    
095                    List<ResourcePermission> resourcePermissions =
096                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
097                                    importedRole.getRoleId(),
098                                    new int[] {
099                                            ResourceConstants.SCOPE_COMPANY,
100                                            ResourceConstants.SCOPE_GROUP_TEMPLATE
101                                    },
102                                    QueryUtil.ALL_POS, QueryUtil.ALL_POS);
103    
104                    for (ResourcePermission resourcePermission : resourcePermissions) {
105                            ResourcePermissionLocalServiceUtil.deleteResourcePermission(
106                                    resourcePermission);
107                    }
108    
109                    List<ResourcePermission> groupResourcePermissions =
110                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
111                                    importedRole.getRoleId(),
112                                    new int[] {ResourceConstants.SCOPE_GROUP},
113                                    QueryUtil.ALL_POS, QueryUtil.ALL_POS);
114    
115                    for (ResourcePermission groupResourcePermission :
116                                    groupResourcePermissions) {
117    
118                            long groupId = GetterUtil.getLong(
119                                    groupResourcePermission.getPrimKey());
120    
121                            if ((groupId == portletDataContext.getCompanyGroupId()) ||
122                                    (groupId == portletDataContext.getUserPersonalSiteGroupId())) {
123    
124                                    ResourcePermissionLocalServiceUtil.deleteResourcePermission(
125                                            groupResourcePermission);
126                            }
127                    }
128    
129                    List<ResourceTypePermission> resourceTypePermissions =
130                            getResourceTypePermissions(portletDataContext, importedRole);
131    
132                    for (ResourceTypePermission resourceTypePermission :
133                                    resourceTypePermissions) {
134    
135                            ResourceTypePermissionLocalServiceUtil.deleteResourceTypePermission(
136                                    resourceTypePermission);
137                    }
138            }
139    
140            @Override
141            protected void doExportStagedModel(
142                            PortletDataContext portletDataContext, Role role)
143                    throws Exception {
144    
145                    String permissionsPath = ExportImportPathUtil.getModelPath(
146                            role, "permissions.xml");
147    
148                    List<Permission> permissions =
149                            PermissionConverterUtil.convertPermissions(
150                                    role, _permissionConversionFilter);
151    
152                    String xml = portletDataContext.toXML(permissions);
153    
154                    portletDataContext.addZipEntry(permissionsPath, xml);
155    
156                    Element roleElement = portletDataContext.getExportDataElement(role);
157    
158                    portletDataContext.addClassedModel(
159                            roleElement, ExportImportPathUtil.getModelPath(role), role);
160            }
161    
162            @Override
163            protected void doImportStagedModel(
164                            PortletDataContext portletDataContext, Role role)
165                    throws Exception {
166    
167                    long userId = portletDataContext.getUserId(role.getUserUuid());
168    
169                    ServiceContext serviceContext = portletDataContext.createServiceContext(
170                            role);
171    
172                    Role existingRole = fetchStagedModelByUuidAndCompanyId(
173                            role.getUuid(), portletDataContext.getCompanyId());
174    
175                    if (existingRole == null) {
176                            existingRole = RoleLocalServiceUtil.fetchRole(
177                                    portletDataContext.getCompanyId(), role.getName());
178                    }
179    
180                    Role importedRole = null;
181    
182                    if (existingRole == null) {
183                            serviceContext.setUuid(role.getUuid());
184    
185                            importedRole = RoleLocalServiceUtil.addRole(
186                                    userId, null, 0, role.getName(), role.getTitleMap(),
187                                    role.getDescriptionMap(), role.getType(), role.getSubtype(),
188                                    serviceContext);
189                    }
190                    else {
191                            importedRole = RoleLocalServiceUtil.updateRole(
192                                    existingRole.getRoleId(), role.getName(), role.getTitleMap(),
193                                    role.getDescriptionMap(), role.getSubtype(), serviceContext);
194    
195                            deleteRolePermissions(portletDataContext, importedRole);
196                    }
197    
198                    String permissionsPath = ExportImportPathUtil.getModelPath(
199                            role, "permissions.xml");
200    
201                    List<Permission> permissions =
202                            (List<Permission>)portletDataContext.getZipEntryAsObject(
203                                    permissionsPath);
204    
205                    for (Permission permission : permissions) {
206                            if (ResourceBlockLocalServiceUtil.isSupported(
207                                            permission.getName())) {
208    
209                                    importResourceBlock(
210                                            portletDataContext, importedRole, permission);
211                            }
212                            else {
213                                    importResourcePermissions(
214                                            portletDataContext, importedRole, permission);
215                            }
216                    }
217    
218                    portletDataContext.importClassedModel(role, importedRole);
219            }
220    
221            protected List<ResourceTypePermission> getResourceTypePermissions(
222                    PortletDataContext portletDataContext, Role importedRole) {
223    
224                    DynamicQuery dynamicQuery =
225                            ResourceTypePermissionLocalServiceUtil.dynamicQuery();
226    
227                    Property companyIdProperty = PropertyFactoryUtil.forName("companyId");
228    
229                    dynamicQuery.add(
230                            companyIdProperty.eq(portletDataContext.getCompanyId()));
231    
232                    Junction junction = RestrictionsFactoryUtil.disjunction();
233    
234                    long[] permissibleGroupIds = {
235                            GroupConstants.DEFAULT_PARENT_GROUP_ID,
236                            portletDataContext.getCompanyId(),
237                            portletDataContext.getCompanyGroupId(),
238                            portletDataContext.getUserPersonalSiteGroupId()
239                    };
240    
241                    for (long permissibleGroupId : permissibleGroupIds) {
242                            Property property = PropertyFactoryUtil.forName("groupId");
243    
244                            junction.add(property.eq(permissibleGroupId));
245                    }
246    
247                    dynamicQuery.add(junction);
248    
249                    Property roleIdProperty = PropertyFactoryUtil.forName("roleId");
250    
251                    dynamicQuery.add(roleIdProperty.eq(importedRole.getRoleId()));
252    
253                    return ResourceTypePermissionLocalServiceUtil.dynamicQuery(
254                            dynamicQuery);
255            }
256    
257            protected void importResourceBlock(
258                            PortletDataContext portletDataContext, Role importedRole,
259                            Permission permission)
260                    throws PortalException {
261    
262                    int scope = permission.getScope();
263    
264                    if (scope == ResourceConstants.SCOPE_COMPANY) {
265                            ResourceBlockLocalServiceUtil.addCompanyScopePermission(
266                                    portletDataContext.getCompanyId(), permission.getName(),
267                                    importedRole.getRoleId(), permission.getActionId());
268                    }
269                    else if (scope == ResourceConstants.SCOPE_GROUP) {
270                            long groupId = portletDataContext.getCompanyGroupId();
271    
272                            long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());
273    
274                            if (sourceGroupId ==
275                                            portletDataContext.getSourceUserPersonalSiteGroupId()) {
276    
277                                    groupId = portletDataContext.getUserPersonalSiteGroupId();
278                            }
279    
280                            ResourceBlockLocalServiceUtil.addGroupScopePermission(
281                                    portletDataContext.getCompanyId(), groupId,
282                                    permission.getName(), importedRole.getRoleId(),
283                                    permission.getActionId());
284                    }
285                    else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
286                            ResourceBlockLocalServiceUtil.addGroupScopePermission(
287                                    portletDataContext.getCompanyId(),
288                                    GroupConstants.DEFAULT_PARENT_GROUP_ID, permission.getName(),
289                                    importedRole.getRoleId(), permission.getActionId());
290                    }
291                    else {
292                            if (_log.isDebugEnabled()) {
293                                    _log.debug("Individually scoped permissions are not exported");
294                            }
295                    }
296            }
297    
298            protected void importResourcePermissions(
299                            PortletDataContext portletDataContext, Role importedRole,
300                            Permission permission)
301                    throws PortalException {
302    
303                    int scope = permission.getScope();
304    
305                    if (scope == ResourceConstants.SCOPE_COMPANY) {
306                            ResourcePermissionServiceUtil.addResourcePermission(
307                                    portletDataContext.getCompanyGroupId(),
308                                    portletDataContext.getCompanyId(), permission.getName(), scope,
309                                    String.valueOf(portletDataContext.getCompanyId()),
310                                    importedRole.getRoleId(), permission.getActionId());
311                    }
312                    else if (scope == ResourceConstants.SCOPE_GROUP) {
313                            long groupId = portletDataContext.getCompanyGroupId();
314    
315                            long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());
316    
317                            if (sourceGroupId ==
318                                            portletDataContext.getSourceUserPersonalSiteGroupId()) {
319    
320                                    groupId = portletDataContext.getUserPersonalSiteGroupId();
321                            }
322    
323                            ResourcePermissionServiceUtil.addResourcePermission(
324                                    groupId, portletDataContext.getCompanyId(),
325                                    permission.getName(), ResourceConstants.SCOPE_GROUP,
326                                    String.valueOf(groupId), importedRole.getRoleId(),
327                                    permission.getActionId());
328                    }
329                    else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
330                            ResourcePermissionServiceUtil.addResourcePermission(
331                                    GroupConstants.DEFAULT_PARENT_GROUP_ID,
332                                    portletDataContext.getCompanyId(), permission.getName(),
333                                    ResourceConstants.SCOPE_GROUP_TEMPLATE,
334                                    String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),
335                                    importedRole.getRoleId(), permission.getActionId());
336                    }
337                    else {
338                            if (_log.isDebugEnabled()) {
339                                    _log.debug("Individually scoped permissions are not imported");
340                            }
341                    }
342            }
343    
344            private static final Log _log = LogFactoryUtil.getLog(
345                    RoleStagedModelDataHandler.class);
346    
347            private final PermissionConversionFilter _permissionConversionFilter =
348                    new ImportExportPermissionConversionFilter();
349    
350    }