001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.upgrade.v6_1_0;
016    
017    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018    import com.liferay.portal.kernel.exception.PortalException;
019    import com.liferay.portal.kernel.exception.SystemException;
020    import com.liferay.portal.kernel.log.Log;
021    import com.liferay.portal.kernel.log.LogFactoryUtil;
022    import com.liferay.portal.kernel.upgrade.UpgradeProcess;
023    import com.liferay.portal.kernel.util.GetterUtil;
024    import com.liferay.portal.model.GroupedModel;
025    import com.liferay.portal.model.PermissionedModel;
026    import com.liferay.portal.model.ResourceBlock;
027    import com.liferay.portal.model.ResourceBlockPermissionsContainer;
028    import com.liferay.portal.model.ResourceConstants;
029    import com.liferay.portal.model.ResourcePermission;
030    import com.liferay.portal.model.RoleConstants;
031    import com.liferay.portal.security.permission.ActionKeys;
032    import com.liferay.portal.security.permission.ResourceActionsUtil;
033    import com.liferay.portal.service.PermissionLocalServiceUtil;
034    import com.liferay.portal.service.ResourceActionLocalServiceUtil;
035    import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
036    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
037    import com.liferay.portal.service.RoleLocalServiceUtil;
038    import com.liferay.portal.util.PropsValues;
039    import com.liferay.portlet.bookmarks.model.BookmarksEntry;
040    import com.liferay.portlet.bookmarks.model.BookmarksFolder;
041    
042    import java.sql.Connection;
043    import java.sql.PreparedStatement;
044    import java.sql.ResultSet;
045    
046    import java.util.List;
047    
048    /**
049     * @author Alexander Chow
050     * @author Connor McKay
051     */
052    public class UpgradePermission extends UpgradeProcess {
053    
054            protected ResourceBlock convertResourcePermissions(
055                            long companyId, String name, long primKey)
056                    throws PortalException, SystemException {
057    
058                    PermissionedModel permissionedModel =
059                            ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);
060    
061                    long groupId = 0;
062    
063                    if (permissionedModel instanceof GroupedModel) {
064                            GroupedModel groupedModel = (GroupedModel)permissionedModel;
065    
066                            groupId = groupedModel.getGroupId();
067                    }
068    
069                    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
070                            getResourceBlockPermissionsContainer(
071                                            companyId, groupId, name, primKey);
072    
073                    String permissionsHash =
074                            ResourceBlockLocalServiceUtil.getPermissionsHash(
075                                    resourceBlockPermissionsContainer);
076    
077                    ResourceBlock resourceBlock =
078                            ResourceBlockLocalServiceUtil.updateResourceBlockId(
079                                    companyId, groupId, name, permissionedModel, permissionsHash,
080                                    resourceBlockPermissionsContainer);
081    
082                    return resourceBlock;
083            }
084    
085            protected void convertResourcePermissions(
086                            String name, String tableName, String pkColumnName)
087                    throws Exception {
088    
089                    Connection con = null;
090                    PreparedStatement ps = null;
091                    ResultSet rs = null;
092    
093                    try {
094                            con = DataAccess.getConnection();
095    
096                            ps = con.prepareStatement(
097                                    "select " + pkColumnName + ", companyId from " + tableName);
098    
099                            rs = ps.executeQuery();
100    
101                            while (rs.next()) {
102                                    long primKey = rs.getLong(pkColumnName);
103                                    long companyId = rs.getLong("companyId");
104    
105                                    ResourceBlock resourceBlock = convertResourcePermissions(
106                                            companyId, name, primKey);
107    
108                                    if (_log.isInfoEnabled() &&
109                                            (resourceBlock.getResourceBlockId() % 100 == 0)) {
110    
111                                            _log.info("Processed 100 resource blocks for " + name);
112                                    }
113                            }
114                    }
115                    finally {
116                            DataAccess.cleanUp(con, ps, rs);
117                    }
118    
119                    List<ResourcePermission> resourcePermissions =
120                            ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(
121                                    _SCOPES);
122    
123                    for (ResourcePermission resourcePermission : resourcePermissions) {
124                            int scope = resourcePermission.getScope();
125    
126                            if (!name.equals(resourcePermission.getName())) {
127                                    continue;
128                            }
129    
130                            if ((scope == ResourceConstants.SCOPE_COMPANY) ||
131                                    (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
132    
133                                    ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
134                                            resourcePermission.getCompanyId(), name,
135                                            resourcePermission.getRoleId(),
136                                            resourcePermission.getActionIds());
137                            }
138                            else if (scope == ResourceConstants.SCOPE_GROUP) {
139                                    ResourceBlockLocalServiceUtil.setGroupScopePermissions(
140                                            resourcePermission.getCompanyId(),
141                                            GetterUtil.getLong(resourcePermission.getPrimaryKey()),
142                                            name, resourcePermission.getRoleId(),
143                                            resourcePermission.getActionIds());
144                            }
145                    }
146            }
147    
148            @Override
149            protected void doUpgrade() throws Exception {
150    
151                    // LPS-14202 and LPS-17841
152    
153                    RoleLocalServiceUtil.checkSystemRoles();
154    
155                    updatePermissions("com.liferay.portlet.bookmarks", true, true);
156                    updatePermissions("com.liferay.portlet.documentlibrary", false, true);
157                    updatePermissions("com.liferay.portlet.imagegallery", true, true);
158                    updatePermissions("com.liferay.portlet.messageboards", true, true);
159                    updatePermissions("com.liferay.portlet.shopping", true, true);
160    
161                    if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
162                            convertResourcePermissions(
163                                    BookmarksEntry.class.getName(), "BookmarksEntry", "entryId");
164                            convertResourcePermissions(
165                                    BookmarksFolder.class.getName(), "BookmarksFolder", "folderId");
166                    }
167            }
168    
169            protected ResourceBlockPermissionsContainer
170                            getResourceBlockPermissionsContainer(
171                                    long companyId, long groupId, String name, long primKey)
172                    throws SystemException {
173    
174                    ResourceBlockPermissionsContainer resourceBlockPermissionContainer =
175                            new ResourceBlockPermissionsContainer();
176    
177                    List<ResourcePermission> resourcePermissions =
178                            ResourcePermissionLocalServiceUtil.getResourceResourcePermissions(
179                                    companyId, groupId, name, String.valueOf(primKey));
180    
181                    for (ResourcePermission resourcePermission : resourcePermissions) {
182                            resourceBlockPermissionContainer.addPermission(
183                                    resourcePermission.getRoleId(),
184                                    resourcePermission.getActionIds());
185                    }
186    
187                    return resourceBlockPermissionContainer;
188            }
189    
190            protected void updatePermissions(
191                            String name, boolean community, boolean guest)
192                    throws Exception {
193    
194                    if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
195                            updatePermissions_6(name, community, guest);
196                    }
197                    else {
198                            updatePermissions_1to5(name, community, guest);
199                    }
200            }
201    
202            protected void updatePermissions_1to5(
203                            String name, boolean community, boolean guest)
204                    throws Exception {
205    
206                    if (community) {
207                            PermissionLocalServiceUtil.setContainerResourcePermissions(
208                                    name, RoleConstants.ORGANIZATION_USER, ActionKeys.VIEW);
209                            PermissionLocalServiceUtil.setContainerResourcePermissions(
210                                    name, RoleConstants.SITE_MEMBER, ActionKeys.VIEW);
211                    }
212    
213                    if (guest) {
214                            PermissionLocalServiceUtil.setContainerResourcePermissions(
215                                    name, RoleConstants.GUEST, ActionKeys.VIEW);
216                    }
217    
218                    PermissionLocalServiceUtil.setContainerResourcePermissions(
219                            name, RoleConstants.OWNER, ActionKeys.VIEW);
220            }
221    
222            protected void updatePermissions_6(
223                            String name, boolean community, boolean guest)
224                    throws Exception {
225    
226                    List<String> modelActions = ResourceActionsUtil.getModelResourceActions(
227                            name);
228    
229                    ResourceActionLocalServiceUtil.checkResourceActions(name, modelActions);
230    
231                    int scope = ResourceConstants.SCOPE_INDIVIDUAL;
232                    long actionIdsLong = 1;
233    
234                    if (community) {
235                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
236                                    name, RoleConstants.ORGANIZATION_USER, scope, actionIdsLong);
237                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
238                                    name, RoleConstants.SITE_MEMBER, scope, actionIdsLong);
239                    }
240    
241                    if (guest) {
242                            ResourcePermissionLocalServiceUtil.addResourcePermissions(
243                                    name, RoleConstants.GUEST, scope, actionIdsLong);
244                    }
245    
246                    ResourcePermissionLocalServiceUtil.addResourcePermissions(
247                            name, RoleConstants.OWNER, scope, actionIdsLong);
248            }
249    
250            private static final int[] _SCOPES = {
251                    ResourceConstants.SCOPE_COMPANY, ResourceConstants.SCOPE_GROUP,
252                    ResourceConstants.SCOPE_GROUP_TEMPLATE
253            };
254    
255            private static Log _log = LogFactoryUtil.getLog(UpgradePermission.class);
256    
257    }