001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.DuplicateRoleException;
018 import com.liferay.portal.NoSuchRoleException;
019 import com.liferay.portal.NoSuchShardException;
020 import com.liferay.portal.RequiredRoleException;
021 import com.liferay.portal.RoleNameException;
022 import com.liferay.portal.kernel.cache.Lifecycle;
023 import com.liferay.portal.kernel.cache.ThreadLocalCachable;
024 import com.liferay.portal.kernel.cache.ThreadLocalCache;
025 import com.liferay.portal.kernel.cache.ThreadLocalCacheManager;
026 import com.liferay.portal.kernel.dao.shard.ShardUtil;
027 import com.liferay.portal.kernel.exception.PortalException;
028 import com.liferay.portal.kernel.search.Indexer;
029 import com.liferay.portal.kernel.search.IndexerRegistryUtil;
030 import com.liferay.portal.kernel.spring.aop.Skip;
031 import com.liferay.portal.kernel.systemevent.SystemEvent;
032 import com.liferay.portal.kernel.transaction.Propagation;
033 import com.liferay.portal.kernel.transaction.Transactional;
034 import com.liferay.portal.kernel.util.ArrayUtil;
035 import com.liferay.portal.kernel.util.CharPool;
036 import com.liferay.portal.kernel.util.GetterUtil;
037 import com.liferay.portal.kernel.util.ListUtil;
038 import com.liferay.portal.kernel.util.LocaleUtil;
039 import com.liferay.portal.kernel.util.OrderByComparator;
040 import com.liferay.portal.kernel.util.SetUtil;
041 import com.liferay.portal.kernel.util.StringUtil;
042 import com.liferay.portal.kernel.util.Validator;
043 import com.liferay.portal.model.Company;
044 import com.liferay.portal.model.Group;
045 import com.liferay.portal.model.Layout;
046 import com.liferay.portal.model.ResourceAction;
047 import com.liferay.portal.model.ResourceBlockPermission;
048 import com.liferay.portal.model.ResourceConstants;
049 import com.liferay.portal.model.ResourcePermission;
050 import com.liferay.portal.model.ResourceTypePermission;
051 import com.liferay.portal.model.Role;
052 import com.liferay.portal.model.RoleConstants;
053 import com.liferay.portal.model.Shard;
054 import com.liferay.portal.model.SystemEventConstants;
055 import com.liferay.portal.model.Team;
056 import com.liferay.portal.model.User;
057 import com.liferay.portal.security.auth.CompanyThreadLocal;
058 import com.liferay.portal.security.permission.ActionKeys;
059 import com.liferay.portal.security.permission.PermissionCacheUtil;
060 import com.liferay.portal.service.ServiceContext;
061 import com.liferay.portal.service.base.RoleLocalServiceBaseImpl;
062 import com.liferay.portal.util.PortalUtil;
063 import com.liferay.portal.util.PortletKeys;
064 import com.liferay.portal.util.PropsUtil;
065 import com.liferay.portal.util.PropsValues;
066 import com.liferay.portlet.exportimport.lar.ExportImportThreadLocal;
067 import com.liferay.portlet.usersadmin.util.UsersAdminUtil;
068
069 import java.util.ArrayList;
070 import java.util.Arrays;
071 import java.util.Collection;
072 import java.util.Collections;
073 import java.util.HashMap;
074 import java.util.LinkedHashMap;
075 import java.util.List;
076 import java.util.Locale;
077 import java.util.Map;
078 import java.util.Set;
079
080
087 public class RoleLocalServiceImpl extends RoleLocalServiceBaseImpl {
088
089
107 @Deprecated
108 @Override
109 public Role addRole(
110 long userId, long companyId, String name,
111 Map<Locale, String> titleMap, Map<Locale, String> descriptionMap,
112 int type)
113 throws PortalException {
114
115 return addRole(
116 userId, null, 0, name, titleMap, descriptionMap, type, null, null);
117 }
118
119
142 @Deprecated
143 @Override
144 public Role addRole(
145 long userId, long companyId, String name,
146 Map<Locale, String> titleMap, Map<Locale, String> descriptionMap,
147 int type, String className, long classPK)
148 throws PortalException {
149
150 return addRole(
151 userId, className, classPK, name, titleMap, descriptionMap, type,
152 null, null);
153 }
154
155
179 @Override
180 public Role addRole(
181 long userId, String className, long classPK, String name,
182 Map<Locale, String> titleMap, Map<Locale, String> descriptionMap,
183 int type, String subtype, ServiceContext serviceContext)
184 throws PortalException {
185
186
187
188 User user = userPersistence.findByPrimaryKey(userId);
189 className = GetterUtil.getString(className);
190 long classNameId = classNameLocalService.getClassNameId(className);
191
192 long roleId = counterLocalService.increment();
193
194 if ((classNameId <= 0) || className.equals(Role.class.getName())) {
195 classNameId = classNameLocalService.getClassNameId(Role.class);
196 classPK = roleId;
197 }
198
199 validate(0, user.getCompanyId(), classNameId, name);
200
201 Role role = rolePersistence.create(roleId);
202
203 if (serviceContext != null) {
204 role.setUuid(serviceContext.getUuid());
205 }
206
207 role.setCompanyId(user.getCompanyId());
208 role.setUserId(user.getUserId());
209 role.setUserName(user.getFullName());
210 role.setClassNameId(classNameId);
211 role.setClassPK(classPK);
212 role.setName(name);
213 role.setTitleMap(titleMap);
214 role.setDescriptionMap(descriptionMap);
215 role.setType(type);
216 role.setSubtype(subtype);
217 role.setExpandoBridgeAttributes(serviceContext);
218
219 rolePersistence.update(role);
220
221
222
223 if (!user.isDefaultUser()) {
224 resourceLocalService.addResources(
225 user.getCompanyId(), 0, userId, Role.class.getName(),
226 role.getRoleId(), false, false, false);
227
228 if (!ExportImportThreadLocal.isImportInProcess()) {
229 Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(
230 User.class);
231
232 indexer.reindex(userId);
233 }
234 }
235
236 return role;
237 }
238
239
249 @Override
250 public void addUserRoles(long userId, long[] roleIds)
251 throws PortalException {
252
253 userPersistence.addRoles(userId, roleIds);
254
255 Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(User.class);
256
257 indexer.reindex(userId);
258
259 PermissionCacheUtil.clearCache(userId);
260 }
261
262
269 @Override
270 public void checkSystemRoles() throws PortalException {
271 List<Company> companies = companyLocalService.getCompanies();
272
273 String currentShardName = ShardUtil.getCurrentShardName();
274
275 for (Company company : companies) {
276 String shardName = null;
277
278 try {
279 shardName = company.getShardName();
280 }
281 catch (NoSuchShardException nsse) {
282 Shard shard = shardLocalService.addShard(
283 Company.class.getName(), company.getCompanyId(),
284 PropsValues.SHARD_DEFAULT_NAME);
285
286 shardName = shard.getName();
287 }
288
289 if (!ShardUtil.isEnabled() || shardName.equals(currentShardName)) {
290 checkSystemRoles(company.getCompanyId());
291 }
292 }
293 }
294
295
303 @Override
304 @Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
305 public void checkSystemRoles(long companyId) throws PortalException {
306 String companyIdHexString = StringUtil.toHexString(companyId);
307
308 List<Role> roles = null;
309
310 try {
311 roles = roleFinder.findBySystem(companyId);
312 }
313 catch (Exception e) {
314
315
316
317 runSQL("alter table Role_ add uuid_ VARCHAR(75) null");
318 runSQL("alter table Role_ add userId LONG");
319 runSQL("alter table Role_ add userName VARCHAR(75) null");
320 runSQL("alter table Role_ add createDate DATE null");
321 runSQL("alter table Role_ add modifiedDate DATE null");
322
323 roles = roleFinder.findBySystem(companyId);
324 }
325
326 for (Role role : roles) {
327 _systemRolesMap.put(
328 companyIdHexString.concat(role.getName()), role);
329 }
330
331
332
333 String[] systemRoles = PortalUtil.getSystemRoles();
334
335 for (String name : systemRoles) {
336 String key =
337 "system.role." +
338 StringUtil.replace(name, CharPool.SPACE, CharPool.PERIOD) +
339 ".description";
340
341 Map<Locale, String> descriptionMap = new HashMap<>();
342
343 descriptionMap.put(LocaleUtil.getDefault(), PropsUtil.get(key));
344
345 int type = RoleConstants.TYPE_REGULAR;
346
347 checkSystemRole(companyId, name, descriptionMap, type);
348 }
349
350
351
352 String[] systemOrganizationRoles =
353 PortalUtil.getSystemOrganizationRoles();
354
355 for (String name : systemOrganizationRoles) {
356 String key =
357 "system.organization.role." +
358 StringUtil.replace(name, CharPool.SPACE, CharPool.PERIOD) +
359 ".description";
360
361 Map<Locale, String> descriptionMap = new HashMap<>();
362
363 descriptionMap.put(LocaleUtil.getDefault(), PropsUtil.get(key));
364
365 int type = RoleConstants.TYPE_ORGANIZATION;
366
367 checkSystemRole(companyId, name, descriptionMap, type);
368 }
369
370
371
372 String[] systemSiteRoles = PortalUtil.getSystemSiteRoles();
373
374 for (String name : systemSiteRoles) {
375 String key =
376 "system.site.role." +
377 StringUtil.replace(name, CharPool.SPACE, CharPool.PERIOD) +
378 ".description";
379
380 Map<Locale, String> descriptionMap = new HashMap<>();
381
382 descriptionMap.put(LocaleUtil.getDefault(), PropsUtil.get(key));
383
384 int type = RoleConstants.TYPE_SITE;
385
386 checkSystemRole(companyId, name, descriptionMap, type);
387 }
388
389
390
391 Role userRole = getRole(companyId, RoleConstants.USER);
392
393 String[] userViewableRoles = ArrayUtil.append(
394 systemRoles, systemOrganizationRoles, systemSiteRoles);
395
396 for (String roleName : userViewableRoles) {
397 Role role = getRole(companyId, roleName);
398
399 resourcePermissionLocalService.setResourcePermissions(
400 companyId, Role.class.getName(),
401 ResourceConstants.SCOPE_INDIVIDUAL,
402 String.valueOf(role.getRoleId()), userRole.getRoleId(),
403 new String[] {ActionKeys.VIEW});
404 }
405 }
406
407
416 @Override
417 public Role deleteRole(long roleId) throws PortalException {
418 Role role = rolePersistence.findByPrimaryKey(roleId);
419
420 return roleLocalService.deleteRole(role);
421 }
422
423
431 @Override
432 @SystemEvent(
433 action = SystemEventConstants.ACTION_SKIP,
434 type = SystemEventConstants.TYPE_DELETE
435 )
436 public Role deleteRole(Role role) throws PortalException {
437 if (role.isSystem() && !CompanyThreadLocal.isDeleteInProcess()) {
438 throw new RequiredRoleException();
439 }
440
441
442
443 List<ResourceBlockPermission> resourceBlockPermissions =
444 resourceBlockPermissionPersistence.findByRoleId(role.getRoleId());
445
446 for (ResourceBlockPermission resourceBlockPermission :
447 resourceBlockPermissions) {
448
449 resourceBlockPermissionLocalService.deleteResourceBlockPermission(
450 resourceBlockPermission);
451 }
452
453 List<ResourcePermission> resourcePermissions =
454 resourcePermissionPersistence.findByRoleId(role.getRoleId());
455
456 for (ResourcePermission resourcePermission : resourcePermissions) {
457 resourcePermissionLocalService.deleteResourcePermission(
458 resourcePermission);
459 }
460
461 List<ResourceTypePermission> resourceTypePermissions =
462 resourceTypePermissionPersistence.findByRoleId(role.getRoleId());
463
464 for (ResourceTypePermission resourceTypePermission :
465 resourceTypePermissions) {
466
467 resourceTypePermissionLocalService.deleteResourceTypePermission(
468 resourceTypePermission);
469 }
470
471 String className = role.getClassName();
472 long classNameId = role.getClassNameId();
473
474 if ((classNameId <= 0) || className.equals(Role.class.getName())) {
475 resourceLocalService.deleteResource(
476 role.getCompanyId(), Role.class.getName(),
477 ResourceConstants.SCOPE_INDIVIDUAL, role.getRoleId());
478 }
479
480 if ((role.getType() == RoleConstants.TYPE_ORGANIZATION) ||
481 (role.getType() == RoleConstants.TYPE_SITE)) {
482
483 userGroupRoleLocalService.deleteUserGroupRolesByRoleId(
484 role.getRoleId());
485
486 userGroupGroupRoleLocalService.deleteUserGroupGroupRolesByRoleId(
487 role.getRoleId());
488 }
489
490
491
492 rolePersistence.remove(role);
493
494
495
496 expandoRowLocalService.deleteRows(role.getRoleId());
497
498
499
500 PermissionCacheUtil.clearCache();
501
502 return role;
503 }
504
505
518 @Override
519 @Skip
520 public Role fetchRole(long companyId, String name) {
521 String companyIdHexString = StringUtil.toHexString(companyId);
522
523 Role role = _systemRolesMap.get(companyIdHexString.concat(name));
524
525 if (role != null) {
526 return role;
527 }
528
529 return roleLocalService.loadFetchRole(companyId, name);
530 }
531
532
551 @Override
552 public Role getDefaultGroupRole(long groupId) throws PortalException {
553 Group group = groupPersistence.findByPrimaryKey(groupId);
554
555 if (group.isLayout()) {
556 Layout layout = layoutLocalService.getLayout(group.getClassPK());
557
558 group = layout.getGroup();
559 }
560
561 if (group.isStagingGroup()) {
562 group = group.getLiveGroup();
563 }
564
565 Role role = null;
566
567 if (group.isCompany()) {
568 role = getRole(group.getCompanyId(), RoleConstants.USER);
569 }
570 else if (group.isLayoutPrototype() || group.isLayoutSetPrototype() ||
571 group.isRegularSite() || group.isSite()) {
572
573 role = getRole(group.getCompanyId(), RoleConstants.SITE_MEMBER);
574 }
575 else if (group.isOrganization()) {
576 role = getRole(
577 group.getCompanyId(), RoleConstants.ORGANIZATION_USER);
578 }
579 else {
580 role = getRole(group.getCompanyId(), RoleConstants.USER);
581 }
582
583 return role;
584 }
585
586 @Override
587 public List<Role> getGroupRelatedRoles(long groupId)
588 throws PortalException {
589
590 List<Role> roles = new ArrayList<>();
591
592 Group group = groupLocalService.getGroup(groupId);
593
594 if (group.isStagingGroup()) {
595 group = group.getLiveGroup();
596 }
597
598 int[] types = RoleConstants.TYPES_REGULAR;
599
600 if (group.isOrganization()) {
601 types = RoleConstants.TYPES_ORGANIZATION_AND_REGULAR;
602 }
603 else if (group.isLayout() || group.isLayoutSetPrototype() ||
604 group.isSite() || group.isUser()) {
605
606 types = RoleConstants.TYPES_REGULAR_AND_SITE;
607 }
608
609 roles.addAll(getRoles(group.getCompanyId(), types));
610
611 roles.addAll(getTeamRoles(groupId));
612
613 return roles;
614 }
615
616 @Override
617 public List<Role> getResourceBlockRoles(
618 long resourceBlockId, String className, String actionId) {
619
620 return roleFinder.findByR_N_A(resourceBlockId, className, actionId);
621 }
622
623
635 @Override
636 public Map<String, List<String>> getResourceRoles(
637 long companyId, String name, int scope, String primKey) {
638
639 return roleFinder.findByC_N_S_P(companyId, name, scope, primKey);
640 }
641
642
655 @Override
656 public List<Role> getResourceRoles(
657 long companyId, String name, int scope, String primKey,
658 String actionId) {
659
660 return roleFinder.findByC_N_S_P_A(
661 companyId, name, scope, primKey, actionId);
662 }
663
664
678 @Override
679 @Skip
680 public Role getRole(long companyId, String name) throws PortalException {
681 String companyIdHexString = StringUtil.toHexString(companyId);
682
683 Role role = _systemRolesMap.get(companyIdHexString.concat(name));
684
685 if (role != null) {
686 return role;
687 }
688
689 return roleLocalService.loadGetRole(companyId, name);
690 }
691
692
699 @Override
700 public List<Role> getRoles(int type, String subtype) {
701 return rolePersistence.findByT_S(type, subtype);
702 }
703
704
710 @Override
711 public List<Role> getRoles(long companyId) {
712 return rolePersistence.findByCompanyId(companyId);
713 }
714
715
722 @Override
723 public List<Role> getRoles(long companyId, int[] types) {
724 return rolePersistence.findByC_T(companyId, types);
725 }
726
727
735 @Override
736 public List<Role> getRoles(long[] roleIds) throws PortalException {
737 List<Role> roles = new ArrayList<>(roleIds.length);
738
739 for (long roleId : roleIds) {
740 Role role = getRole(roleId);
741
742 roles.add(role);
743 }
744
745 return roles;
746 }
747
748
754 @Override
755 public List<Role> getSubtypeRoles(String subtype) {
756 return rolePersistence.findBySubtype(subtype);
757 }
758
759
765 @Override
766 public int getSubtypeRolesCount(String subtype) {
767 return rolePersistence.countBySubtype(subtype);
768 }
769
770
779 @Override
780 public Role getTeamRole(long companyId, long teamId)
781 throws PortalException {
782
783 long classNameId = classNameLocalService.getClassNameId(Team.class);
784
785 return rolePersistence.findByC_C_C(companyId, classNameId, teamId);
786 }
787
788
797 @Override
798 public Map<Team, Role> getTeamRoleMap(long groupId) throws PortalException {
799 return getTeamRoleMap(groupId, null);
800 }
801
802
811 @Override
812 public List<Role> getTeamRoles(long groupId) throws PortalException {
813 return getTeamRoles(groupId, null);
814 }
815
816
827 @Override
828 public List<Role> getTeamRoles(long groupId, long[] excludedRoleIds)
829 throws PortalException {
830
831 Map<Team, Role> teamRoleMap = getTeamRoleMap(groupId, excludedRoleIds);
832
833 Collection<Role> roles = teamRoleMap.values();
834
835 return ListUtil.fromCollection(roles);
836 }
837
838
844 @Override
845 public List<Role> getTypeRoles(int type) {
846 return rolePersistence.findByType(type);
847 }
848
849
858 @Override
859 public List<Role> getTypeRoles(int type, int start, int end) {
860 return rolePersistence.findByType(type, start, end);
861 }
862
863
869 @Override
870 public int getTypeRolesCount(int type) {
871 return rolePersistence.countByType(type);
872 }
873
874
883 @Override
884 public List<Role> getUserGroupGroupRoles(long userId, long groupId) {
885 return roleFinder.findByUserGroupGroupRole(userId, groupId);
886 }
887
888 @Override
889 public List<Role> getUserGroupGroupRoles(
890 long userId, long groupId, int start, int end) {
891
892 return roleFinder.findByUserGroupGroupRole(userId, groupId, start, end);
893 }
894
895 @Override
896 public int getUserGroupGroupRolesCount(long userId, long groupId) {
897 return roleFinder.countByUserGroupGroupRole(userId, groupId);
898 }
899
900
909 @Override
910 public List<Role> getUserGroupRoles(long userId, long groupId) {
911 return roleFinder.findByUserGroupRole(userId, groupId);
912 }
913
914
923 @Override
924 public List<Role> getUserRelatedRoles(long userId, List<Group> groups) {
925 if ((groups == null) || groups.isEmpty()) {
926 return Collections.emptyList();
927 }
928
929 return roleFinder.findByU_G(userId, groups);
930 }
931
932
941 @Override
942 public List<Role> getUserRelatedRoles(long userId, long groupId) {
943 return roleFinder.findByU_G(userId, groupId);
944 }
945
946
955 @Override
956 public List<Role> getUserRelatedRoles(long userId, long[] groupIds) {
957 return roleFinder.findByU_G(userId, groupIds);
958 }
959
960
974 @Override
975 @ThreadLocalCachable
976 public boolean hasUserRole(
977 long userId, long companyId, String name, boolean inherited)
978 throws PortalException {
979
980 Role role = rolePersistence.fetchByC_N(companyId, name);
981
982 if (role == null) {
983 return false;
984 }
985
986 if (role.getType() != RoleConstants.TYPE_REGULAR) {
987 throw new IllegalArgumentException(name + " is not a regular role");
988 }
989
990 long defaultUserId = userLocalService.getDefaultUserId(companyId);
991
992 if (userId == defaultUserId) {
993 if (name.equals(RoleConstants.GUEST)) {
994 return true;
995 }
996 else {
997 return false;
998 }
999 }
1000
1001 if (inherited) {
1002 if (userPersistence.containsRole(userId, role.getRoleId())) {
1003 return true;
1004 }
1005
1006 ThreadLocalCache<Boolean> threadLocalCache =
1007 ThreadLocalCacheManager.getThreadLocalCache(
1008 Lifecycle.REQUEST, RoleLocalServiceImpl.class.getName());
1009
1010 String key = String.valueOf(role.getRoleId()).concat(
1011 String.valueOf(userId));
1012
1013 Boolean value = threadLocalCache.get(key);
1014
1015 if (value != null) {
1016 return value;
1017 }
1018
1019 value = PermissionCacheUtil.getUserRole(userId, role);
1020
1021 if (value == null) {
1022 int count = roleFinder.countByR_U(role.getRoleId(), userId);
1023
1024 if (count > 0) {
1025 value = true;
1026 }
1027 else {
1028 value = false;
1029 }
1030
1031 PermissionCacheUtil.putUserRole(userId, role, value);
1032 }
1033
1034 threadLocalCache.put(key, value);
1035
1036 return value;
1037 }
1038 else {
1039 return userPersistence.containsRole(userId, role.getRoleId());
1040 }
1041 }
1042
1043
1058 @Override
1059 public boolean hasUserRoles(
1060 long userId, long companyId, String[] names, boolean inherited)
1061 throws PortalException {
1062
1063 for (String name : names) {
1064 if (hasUserRole(userId, companyId, name, inherited)) {
1065 return true;
1066 }
1067 }
1068
1069 return false;
1070 }
1071
1072
1080 @Override
1081 public Role loadFetchRole(long companyId, String name) {
1082 return rolePersistence.fetchByC_N(companyId, name);
1083 }
1084
1085
1094 @Override
1095 public Role loadGetRole(long companyId, String name)
1096 throws PortalException {
1097
1098 return rolePersistence.findByC_N(companyId, name);
1099 }
1100
1101
1128 @Override
1129 public List<Role> search(
1130 long companyId, String keywords, Integer[] types, int start, int end,
1131 OrderByComparator<Role> obc) {
1132
1133 return search(
1134 companyId, keywords, types, new LinkedHashMap<String, Object>(),
1135 start, end, obc);
1136 }
1137
1138
1168 @Override
1169 public List<Role> search(
1170 long companyId, String keywords, Integer[] types,
1171 LinkedHashMap<String, Object> params, int start, int end,
1172 OrderByComparator<Role> obc) {
1173
1174 return roleFinder.findByKeywords(
1175 companyId, keywords, types, params, start, end, obc);
1176 }
1177
1178
1205 @Override
1206 public List<Role> search(
1207 long companyId, String name, String description, Integer[] types,
1208 int start, int end, OrderByComparator<Role> obc) {
1209
1210 return search(
1211 companyId, name, description, types,
1212 new LinkedHashMap<String, Object>(), start, end, obc);
1213 }
1214
1215
1245 @Override
1246 public List<Role> search(
1247 long companyId, String name, String description, Integer[] types,
1248 LinkedHashMap<String, Object> params, int start, int end,
1249 OrderByComparator<Role> obc) {
1250
1251 return roleFinder.findByC_N_D_T(
1252 companyId, name, description, types, params, true, start, end, obc);
1253 }
1254
1255
1264 @Override
1265 public int searchCount(long companyId, String keywords, Integer[] types) {
1266 return searchCount(
1267 companyId, keywords, types, new LinkedHashMap<String, Object>());
1268 }
1269
1270
1281 @Override
1282 public int searchCount(
1283 long companyId, String keywords, Integer[] types,
1284 LinkedHashMap<String, Object> params) {
1285
1286 return roleFinder.countByKeywords(companyId, keywords, types, params);
1287 }
1288
1289
1298 @Override
1299 public int searchCount(
1300 long companyId, String name, String description, Integer[] types) {
1301
1302 return searchCount(
1303 companyId, name, description, types,
1304 new LinkedHashMap<String, Object>());
1305 }
1306
1307
1320 @Override
1321 public int searchCount(
1322 long companyId, String name, String description, Integer[] types,
1323 LinkedHashMap<String, Object> params) {
1324
1325 return roleFinder.countByC_N_D_T(
1326 companyId, name, description, types, params, true);
1327 }
1328
1329
1338 @Override
1339 public void setUserRoles(long userId, long[] roleIds)
1340 throws PortalException {
1341
1342 roleIds = UsersAdminUtil.addRequiredRoles(userId, roleIds);
1343
1344 userPersistence.setRoles(userId, roleIds);
1345
1346 Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(User.class);
1347
1348 indexer.reindex(userId);
1349
1350 PermissionCacheUtil.clearCache(userId);
1351 }
1352
1353
1362 @Override
1363 public void unsetUserRoles(long userId, long[] roleIds)
1364 throws PortalException {
1365
1366 roleIds = UsersAdminUtil.removeRequiredRoles(userId, roleIds);
1367
1368 userPersistence.removeRoles(userId, roleIds);
1369
1370 Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(User.class);
1371
1372 indexer.reindex(userId);
1373
1374 PermissionCacheUtil.clearCache(userId);
1375 }
1376
1377
1394 @Override
1395 public Role updateRole(
1396 long roleId, String name, Map<Locale, String> titleMap,
1397 Map<Locale, String> descriptionMap, String subtype,
1398 ServiceContext serviceContext)
1399 throws PortalException {
1400
1401 Role role = rolePersistence.findByPrimaryKey(roleId);
1402
1403 validate(roleId, role.getCompanyId(), role.getClassNameId(), name);
1404
1405 if (role.isSystem()) {
1406 name = role.getName();
1407 subtype = null;
1408 }
1409
1410 role.setName(name);
1411 role.setTitleMap(titleMap);
1412 role.setDescriptionMap(descriptionMap);
1413 role.setSubtype(subtype);
1414 role.setExpandoBridgeAttributes(serviceContext);
1415
1416 rolePersistence.update(role);
1417
1418 return role;
1419 }
1420
1421 protected void checkSystemRole(
1422 long companyId, String name, Map<Locale, String> descriptionMap,
1423 int type)
1424 throws PortalException {
1425
1426 String companyIdHexString = StringUtil.toHexString(companyId);
1427
1428 String key = companyIdHexString.concat(name);
1429
1430 Role role = _systemRolesMap.get(key);
1431
1432 try {
1433 if (role == null) {
1434 role = rolePersistence.findByC_N(companyId, name);
1435 }
1436
1437 if (!descriptionMap.equals(role.getDescriptionMap())) {
1438 role.setDescriptionMap(descriptionMap);
1439
1440 roleLocalService.updateRole(role);
1441 }
1442 }
1443 catch (NoSuchRoleException nsre) {
1444 User user = userLocalService.getDefaultUser(companyId);
1445
1446 role = roleLocalService.addRole(
1447 user.getUserId(), null, 0, name, null, descriptionMap, type,
1448 null, null);
1449
1450 if (name.equals(RoleConstants.USER)) {
1451 initPersonalControlPanelPortletsPermissions(role);
1452 }
1453 }
1454
1455 _systemRolesMap.put(key, role);
1456 }
1457
1458 protected String[] getDefaultControlPanelPortlets() {
1459 return new String[] {
1460 PortletKeys.MY_ACCOUNT, PortletKeys.MY_PAGES,
1461 PortletKeys.MY_WORKFLOW_INSTANCE, PortletKeys.MY_WORKFLOW_TASK
1462 };
1463 }
1464
1465 protected Map<Team, Role> getTeamRoleMap(
1466 long groupId, long[] excludedRoleIds)
1467 throws PortalException {
1468
1469 Group group = groupPersistence.findByPrimaryKey(groupId);
1470
1471 if (group.isLayout()) {
1472 group = group.getParentGroup();
1473 }
1474
1475 List<Team> teams = teamPersistence.findByGroupId(group.getGroupId());
1476
1477 if (teams.isEmpty()) {
1478 return Collections.emptyMap();
1479 }
1480
1481 Set<Long> roleIds = SetUtil.fromArray(excludedRoleIds);
1482
1483 Map<Team, Role> teamRoleMap = new LinkedHashMap<>();
1484
1485 for (Team team : teams) {
1486 Role role = getTeamRole(team.getCompanyId(), team.getTeamId());
1487
1488 if (roleIds.contains(role.getRoleId())) {
1489 continue;
1490 }
1491
1492 teamRoleMap.put(team, role);
1493 }
1494
1495 return teamRoleMap;
1496 }
1497
1498 protected void initPersonalControlPanelPortletsPermissions(Role role)
1499 throws PortalException {
1500
1501 for (String portletId : getDefaultControlPanelPortlets()) {
1502 int count = resourcePermissionPersistence.countByC_N_S_P_R(
1503 role.getCompanyId(), portletId, ResourceConstants.SCOPE_COMPANY,
1504 String.valueOf(role.getCompanyId()), role.getRoleId());
1505
1506 if (count > 0) {
1507 continue;
1508 }
1509
1510 ResourceAction resourceAction =
1511 resourceActionLocalService.fetchResourceAction(
1512 portletId, ActionKeys.ACCESS_IN_CONTROL_PANEL);
1513
1514 if (resourceAction == null) {
1515 continue;
1516 }
1517
1518 setRolePermissions(
1519 role, portletId,
1520 new String[] {ActionKeys.ACCESS_IN_CONTROL_PANEL});
1521 }
1522 }
1523
1524 protected void setRolePermissions(
1525 Role role, String name, String[] actionIds)
1526 throws PortalException {
1527
1528 if (resourceBlockLocalService.isSupported(name)) {
1529 resourceBlockLocalService.setCompanyScopePermissions(
1530 role.getCompanyId(), name, role.getRoleId(),
1531 Arrays.asList(actionIds));
1532 }
1533 else {
1534 resourcePermissionLocalService.setResourcePermissions(
1535 role.getCompanyId(), name, ResourceConstants.SCOPE_COMPANY,
1536 String.valueOf(role.getCompanyId()), role.getRoleId(),
1537 actionIds);
1538 }
1539 }
1540
1541 protected void validate(
1542 long roleId, long companyId, long classNameId, String name)
1543 throws PortalException {
1544
1545 if (classNameId == classNameLocalService.getClassNameId(Role.class)) {
1546 if (Validator.isNull(name) ||
1547 (name.indexOf(CharPool.COMMA) != -1) ||
1548 (name.indexOf(CharPool.STAR) != -1)) {
1549
1550 throw new RoleNameException();
1551 }
1552
1553 if (Validator.isNumber(name) &&
1554 !PropsValues.ROLES_NAME_ALLOW_NUMERIC) {
1555
1556 throw new RoleNameException();
1557 }
1558 }
1559
1560 try {
1561 Role role = roleFinder.findByC_N(companyId, name);
1562
1563 if (role.getRoleId() != roleId) {
1564 throw new DuplicateRoleException("{roleId=" + roleId + "}");
1565 }
1566 }
1567 catch (NoSuchRoleException nsre) {
1568 }
1569 }
1570
1571 private final Map<String, Role> _systemRolesMap = new HashMap<>();
1572
1573 }