001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.rolesadmin.lar;
016    
017    import com.liferay.portal.kernel.dao.orm.DynamicQuery;
018    import com.liferay.portal.kernel.dao.orm.Junction;
019    import com.liferay.portal.kernel.dao.orm.Property;
020    import com.liferay.portal.kernel.dao.orm.PropertyFactoryUtil;
021    import com.liferay.portal.kernel.dao.orm.QueryUtil;
022    import com.liferay.portal.kernel.dao.orm.RestrictionsFactoryUtil;
023    import com.liferay.portal.kernel.exception.PortalException;
024    import com.liferay.portal.kernel.log.Log;
025    import com.liferay.portal.kernel.log.LogFactoryUtil;
026    import com.liferay.portal.kernel.util.GetterUtil;
027    import com.liferay.portal.kernel.xml.Element;
028    import com.liferay.portal.model.Group;
029    import com.liferay.portal.model.GroupConstants;
030    import com.liferay.portal.model.Permission;
031    import com.liferay.portal.model.ResourceConstants;
032    import com.liferay.portal.model.ResourcePermission;
033    import com.liferay.portal.model.ResourceTypePermission;
034    import com.liferay.portal.model.Role;
035    import com.liferay.portal.security.permission.PermissionConversionFilter;
036    import com.liferay.portal.security.permission.PermissionConverterUtil;
037    import com.liferay.portal.service.GroupLocalServiceUtil;
038    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
039    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
040    import com.liferay.portal.service.ResourcePermissionServiceUtil;
041    import com.liferay.portal.service.ResourceTypePermissionLocalServiceUtil;
042    import com.liferay.portal.service.RoleLocalServiceUtil;
043    import com.liferay.portal.service.ServiceContext;
044    import com.liferay.portlet.exportimport.lar.BaseStagedModelDataHandler;
045    import com.liferay.portlet.exportimport.lar.ExportImportPathUtil;
046    import com.liferay.portlet.exportimport.lar.PortletDataContext;
047    
048    import java.util.ArrayList;
049    import java.util.List;
050    
051    /**
052     * @author David Mendez Gonzalez
053     * @author Michael C. Han
054     */
055    public class RoleStagedModelDataHandler
056            extends BaseStagedModelDataHandler<Role> {
057    
058            public static final String[] CLASS_NAMES = {Role.class.getName()};
059    
060            @Override
061            public void deleteStagedModel(Role role) throws PortalException {
062                    RoleLocalServiceUtil.deleteRole(role);
063            }
064    
065            @Override
066            public void deleteStagedModel(
067                            String uuid, long groupId, String className, String extraData)
068                    throws PortalException {
069    
070                    Group group = GroupLocalServiceUtil.getGroup(groupId);
071    
072                    Role role = RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(
073                            uuid, group.getCompanyId());
074    
075                    if (role != null) {
076                            deleteStagedModel(role);
077                    }
078            }
079    
080            @Override
081            public List<Role> fetchStagedModelsByUuidAndCompanyId(
082                    String uuid, long companyId) {
083    
084                    List<Role> roles = new ArrayList<>();
085    
086                    roles.add(
087                            RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(uuid, companyId));
088    
089                    return roles;
090            }
091    
092            @Override
093            public String[] getClassNames() {
094                    return CLASS_NAMES;
095            }
096    
097            @Override
098            public String getDisplayName(Role role) {
099                    return role.getName();
100            }
101    
102            protected void deleteRolePermissions(
103                    PortletDataContext portletDataContext, Role importedRole) {
104    
105                    List<ResourcePermission> resourcePermissions =
106                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
107                                    importedRole.getRoleId(),
108                                    new int[] {
109                                            ResourceConstants.SCOPE_COMPANY,
110                                            ResourceConstants.SCOPE_GROUP_TEMPLATE
111                                    },
112                                    QueryUtil.ALL_POS, QueryUtil.ALL_POS);
113    
114                    for (ResourcePermission resourcePermission : resourcePermissions) {
115                            ResourcePermissionLocalServiceUtil.deleteResourcePermission(
116                                    resourcePermission);
117                    }
118    
119                    List<ResourcePermission> groupResourcePermissions =
120                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
121                                    importedRole.getRoleId(),
122                                    new int[] {ResourceConstants.SCOPE_GROUP},
123                                    QueryUtil.ALL_POS, QueryUtil.ALL_POS);
124    
125                    for (ResourcePermission groupResourcePermission :
126                                    groupResourcePermissions) {
127    
128                            long groupId = GetterUtil.getLong(
129                                    groupResourcePermission.getPrimKey());
130    
131                            if ((groupId == portletDataContext.getCompanyGroupId()) ||
132                                    (groupId == portletDataContext.getUserPersonalSiteGroupId())) {
133    
134                                    ResourcePermissionLocalServiceUtil.deleteResourcePermission(
135                                            groupResourcePermission);
136                            }
137                    }
138    
139                    List<ResourceTypePermission> resourceTypePermissions =
140                            getResourceTypePermissions(portletDataContext, importedRole);
141    
142                    for (ResourceTypePermission resourceTypePermission :
143                                    resourceTypePermissions) {
144    
145                            ResourceTypePermissionLocalServiceUtil.deleteResourceTypePermission(
146                                    resourceTypePermission);
147                    }
148            }
149    
150            @Override
151            protected void doExportStagedModel(
152                            PortletDataContext portletDataContext, Role role)
153                    throws Exception {
154    
155                    String permissionsPath = ExportImportPathUtil.getModelPath(
156                            role, "permissions.xml");
157    
158                    List<Permission> permissions =
159                            PermissionConverterUtil.convertPermissions(
160                                    role, _permissionConversionFilter);
161    
162                    String xml = portletDataContext.toXML(permissions);
163    
164                    portletDataContext.addZipEntry(permissionsPath, xml);
165    
166                    Element roleElement = portletDataContext.getExportDataElement(role);
167    
168                    portletDataContext.addClassedModel(
169                            roleElement, ExportImportPathUtil.getModelPath(role), role);
170            }
171    
172            @Override
173            protected void doImportStagedModel(
174                            PortletDataContext portletDataContext, Role role)
175                    throws Exception {
176    
177                    long userId = portletDataContext.getUserId(role.getUserUuid());
178    
179                    ServiceContext serviceContext = portletDataContext.createServiceContext(
180                            role);
181    
182                    Role existingRole = RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(
183                            role.getUuid(), portletDataContext.getCompanyId());
184    
185                    if (existingRole == null) {
186                            existingRole = RoleLocalServiceUtil.fetchRole(
187                                    portletDataContext.getCompanyId(), role.getName());
188                    }
189    
190                    Role importedRole = null;
191    
192                    if (existingRole == null) {
193                            serviceContext.setUuid(role.getUuid());
194    
195                            importedRole = RoleLocalServiceUtil.addRole(
196                                    userId, null, 0, role.getName(), role.getTitleMap(),
197                                    role.getDescriptionMap(), role.getType(), role.getSubtype(),
198                                    serviceContext);
199                    }
200                    else {
201                            importedRole = RoleLocalServiceUtil.updateRole(
202                                    existingRole.getRoleId(), role.getName(), role.getTitleMap(),
203                                    role.getDescriptionMap(), role.getSubtype(), serviceContext);
204    
205                            deleteRolePermissions(portletDataContext, importedRole);
206                    }
207    
208                    String permissionsPath = ExportImportPathUtil.getModelPath(
209                            role, "permissions.xml");
210    
211                    List<Permission> permissions =
212                            (List<Permission>)portletDataContext.getZipEntryAsObject(
213                                    permissionsPath);
214    
215                    for (Permission permission : permissions) {
216                            if (ResourceBlockLocalServiceUtil.isSupported(
217                                            permission.getName())) {
218    
219                                    importResourceBlock(
220                                            portletDataContext, importedRole, permission);
221                            }
222                            else {
223                                    importResourcePermissions(
224                                            portletDataContext, importedRole, permission);
225                            }
226                    }
227    
228                    portletDataContext.importClassedModel(role, importedRole);
229            }
230    
231            protected List<ResourceTypePermission> getResourceTypePermissions(
232                    PortletDataContext portletDataContext, Role importedRole) {
233    
234                    DynamicQuery dynamicQuery =
235                            ResourceTypePermissionLocalServiceUtil.dynamicQuery();
236    
237                    Property companyIdProperty = PropertyFactoryUtil.forName("companyId");
238    
239                    dynamicQuery.add(
240                            companyIdProperty.eq(portletDataContext.getCompanyId()));
241    
242                    Junction junction = RestrictionsFactoryUtil.disjunction();
243    
244                    long[] permissibleGroupIds = {
245                            GroupConstants.DEFAULT_PARENT_GROUP_ID,
246                            portletDataContext.getCompanyId(),
247                            portletDataContext.getCompanyGroupId(),
248                            portletDataContext.getUserPersonalSiteGroupId()
249                    };
250    
251                    for (long permissibleGroupId : permissibleGroupIds) {
252                            Property property = PropertyFactoryUtil.forName("groupId");
253    
254                            junction.add(property.eq(permissibleGroupId));
255                    }
256    
257                    dynamicQuery.add(junction);
258    
259                    Property roleIdProperty = PropertyFactoryUtil.forName("roleId");
260    
261                    dynamicQuery.add(roleIdProperty.eq(importedRole.getRoleId()));
262    
263                    return ResourceTypePermissionLocalServiceUtil.dynamicQuery(
264                            dynamicQuery);
265            }
266    
267            protected void importResourceBlock(
268                            PortletDataContext portletDataContext, Role importedRole,
269                            Permission permission)
270                    throws PortalException {
271    
272                    int scope = permission.getScope();
273    
274                    if (scope == ResourceConstants.SCOPE_COMPANY) {
275                            ResourceBlockLocalServiceUtil.addCompanyScopePermission(
276                                    portletDataContext.getCompanyId(), permission.getName(),
277                                    importedRole.getRoleId(), permission.getActionId());
278                    }
279                    else if (scope == ResourceConstants.SCOPE_GROUP) {
280                            long groupId = portletDataContext.getCompanyGroupId();
281    
282                            long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());
283    
284                            if (sourceGroupId ==
285                                            portletDataContext.getSourceUserPersonalSiteGroupId()) {
286    
287                                    groupId = portletDataContext.getUserPersonalSiteGroupId();
288                            }
289    
290                            ResourceBlockLocalServiceUtil.addGroupScopePermission(
291                                    portletDataContext.getCompanyId(), groupId,
292                                    permission.getName(), importedRole.getRoleId(),
293                                    permission.getActionId());
294                    }
295                    else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
296                            ResourceBlockLocalServiceUtil.addGroupScopePermission(
297                                    portletDataContext.getCompanyId(),
298                                    GroupConstants.DEFAULT_PARENT_GROUP_ID, permission.getName(),
299                                    importedRole.getRoleId(), permission.getActionId());
300                    }
301                    else {
302                            if (_log.isDebugEnabled()) {
303                                    _log.debug("Individually scoped permissions are not exported");
304                            }
305                    }
306            }
307    
308            protected void importResourcePermissions(
309                            PortletDataContext portletDataContext, Role importedRole,
310                            Permission permission)
311                    throws PortalException {
312    
313                    int scope = permission.getScope();
314    
315                    if (scope == ResourceConstants.SCOPE_COMPANY) {
316                            ResourcePermissionServiceUtil.addResourcePermission(
317                                    portletDataContext.getCompanyGroupId(),
318                                    portletDataContext.getCompanyId(), permission.getName(), scope,
319                                    String.valueOf(portletDataContext.getCompanyId()),
320                                    importedRole.getRoleId(), permission.getActionId());
321                    }
322                    else if (scope == ResourceConstants.SCOPE_GROUP) {
323                            long groupId = portletDataContext.getCompanyGroupId();
324    
325                            long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());
326    
327                            if (sourceGroupId ==
328                                            portletDataContext.getSourceUserPersonalSiteGroupId()) {
329    
330                                    groupId = portletDataContext.getUserPersonalSiteGroupId();
331                            }
332    
333                            ResourcePermissionServiceUtil.addResourcePermission(
334                                    groupId, portletDataContext.getCompanyId(),
335                                    permission.getName(), ResourceConstants.SCOPE_GROUP,
336                                    String.valueOf(groupId), importedRole.getRoleId(),
337                                    permission.getActionId());
338                    }
339                    else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
340                            ResourcePermissionServiceUtil.addResourcePermission(
341                                    GroupConstants.DEFAULT_PARENT_GROUP_ID,
342                                    portletDataContext.getCompanyId(), permission.getName(),
343                                    ResourceConstants.SCOPE_GROUP_TEMPLATE,
344                                    String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),
345                                    importedRole.getRoleId(), permission.getActionId());
346                    }
347                    else {
348                            if (_log.isDebugEnabled()) {
349                                    _log.debug("Individually scoped permissions are not imported");
350                            }
351                    }
352            }
353    
354            private static final Log _log = LogFactoryUtil.getLog(
355                    RoleStagedModelDataHandler.class);
356    
357            private final PermissionConversionFilter _permissionConversionFilter =
358                    new ImportExportPermissionConversionFilter();
359    
360    }