001
014
015 package com.liferay.portal.upgrade.v6_1_0;
016
017 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018 import com.liferay.portal.kernel.exception.PortalException;
019 import com.liferay.portal.kernel.exception.SystemException;
020 import com.liferay.portal.kernel.log.Log;
021 import com.liferay.portal.kernel.log.LogFactoryUtil;
022 import com.liferay.portal.kernel.upgrade.UpgradeProcess;
023 import com.liferay.portal.kernel.util.GetterUtil;
024 import com.liferay.portal.model.GroupedModel;
025 import com.liferay.portal.model.PermissionedModel;
026 import com.liferay.portal.model.ResourceBlock;
027 import com.liferay.portal.model.ResourceBlockPermissionsContainer;
028 import com.liferay.portal.model.ResourceConstants;
029 import com.liferay.portal.model.ResourcePermission;
030 import com.liferay.portal.model.RoleConstants;
031 import com.liferay.portal.security.permission.ActionKeys;
032 import com.liferay.portal.security.permission.ResourceActionsUtil;
033 import com.liferay.portal.service.PermissionLocalServiceUtil;
034 import com.liferay.portal.service.ResourceActionLocalServiceUtil;
035 import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
036 import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
037 import com.liferay.portal.service.RoleLocalServiceUtil;
038 import com.liferay.portal.util.PropsValues;
039 import com.liferay.portlet.bookmarks.model.BookmarksEntry;
040 import com.liferay.portlet.bookmarks.model.BookmarksFolder;
041
042 import java.sql.Connection;
043 import java.sql.PreparedStatement;
044 import java.sql.ResultSet;
045
046 import java.util.List;
047
048
052 public class UpgradePermission extends UpgradeProcess {
053
054 protected ResourceBlock convertResourcePermissions(
055 long companyId, String name, long primKey)
056 throws PortalException, SystemException {
057
058 PermissionedModel permissionedModel =
059 ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);
060
061 long groupId = 0;
062
063 if (permissionedModel instanceof GroupedModel) {
064 GroupedModel groupedModel = (GroupedModel)permissionedModel;
065
066 groupId = groupedModel.getGroupId();
067 }
068
069 ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
070 getResourceBlockPermissionsContainer(
071 companyId, groupId, name, primKey);
072
073 String permissionsHash =
074 ResourceBlockLocalServiceUtil.getPermissionsHash(
075 resourceBlockPermissionsContainer);
076
077 ResourceBlock resourceBlock =
078 ResourceBlockLocalServiceUtil.updateResourceBlockId(
079 companyId, groupId, name, permissionedModel, permissionsHash,
080 resourceBlockPermissionsContainer);
081
082 return resourceBlock;
083 }
084
085 protected void convertResourcePermissions(
086 String name, String tableName, String pkColumnName)
087 throws Exception {
088
089 Connection con = null;
090 PreparedStatement ps = null;
091 ResultSet rs = null;
092
093 try {
094 con = DataAccess.getConnection();
095
096 ps = con.prepareStatement(
097 "select " + pkColumnName + ", companyId from " + tableName);
098
099 rs = ps.executeQuery();
100
101 while (rs.next()) {
102 long primKey = rs.getLong(pkColumnName);
103 long companyId = rs.getLong("companyId");
104
105 ResourceBlock resourceBlock = convertResourcePermissions(
106 companyId, name, primKey);
107
108 if (_log.isInfoEnabled() &&
109 (resourceBlock.getResourceBlockId() % 100 == 0)) {
110
111 _log.info("Processed 100 resource blocks for " + name);
112 }
113 }
114 }
115 finally {
116 DataAccess.cleanUp(con, ps, rs);
117 }
118
119 List<ResourcePermission> resourcePermissions =
120 ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(
121 _SCOPES);
122
123 for (ResourcePermission resourcePermission : resourcePermissions) {
124 int scope = resourcePermission.getScope();
125
126 if (!name.equals(resourcePermission.getName())) {
127 continue;
128 }
129
130 if ((scope == ResourceConstants.SCOPE_COMPANY) ||
131 (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
132
133 ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
134 resourcePermission.getCompanyId(), name,
135 resourcePermission.getRoleId(),
136 resourcePermission.getActionIds());
137 }
138 else if (scope == ResourceConstants.SCOPE_GROUP) {
139 ResourceBlockLocalServiceUtil.setGroupScopePermissions(
140 resourcePermission.getCompanyId(),
141 GetterUtil.getLong(resourcePermission.getPrimaryKey()),
142 name, resourcePermission.getRoleId(),
143 resourcePermission.getActionIds());
144 }
145 }
146 }
147
148 @Override
149 protected void doUpgrade() throws Exception {
150
151
152
153 RoleLocalServiceUtil.checkSystemRoles();
154
155 updatePermissions("com.liferay.portlet.bookmarks", true, true);
156 updatePermissions("com.liferay.portlet.documentlibrary", false, true);
157 updatePermissions("com.liferay.portlet.imagegallery", true, true);
158 updatePermissions("com.liferay.portlet.messageboards", true, true);
159 updatePermissions("com.liferay.portlet.shopping", true, true);
160
161 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
162 convertResourcePermissions(
163 BookmarksEntry.class.getName(), "BookmarksEntry", "entryId");
164 convertResourcePermissions(
165 BookmarksFolder.class.getName(), "BookmarksFolder", "folderId");
166 }
167 }
168
169 protected ResourceBlockPermissionsContainer
170 getResourceBlockPermissionsContainer(
171 long companyId, long groupId, String name, long primKey)
172 throws SystemException {
173
174 ResourceBlockPermissionsContainer resourceBlockPermissionContainer =
175 new ResourceBlockPermissionsContainer();
176
177 List<ResourcePermission> resourcePermissions =
178 ResourcePermissionLocalServiceUtil.getResourceResourcePermissions(
179 companyId, groupId, name, String.valueOf(primKey));
180
181 for (ResourcePermission resourcePermission : resourcePermissions) {
182 resourceBlockPermissionContainer.addPermission(
183 resourcePermission.getRoleId(),
184 resourcePermission.getActionIds());
185 }
186
187 return resourceBlockPermissionContainer;
188 }
189
190 protected void updatePermissions(
191 String name, boolean community, boolean guest)
192 throws Exception {
193
194 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
195 updatePermissions_6(name, community, guest);
196 }
197 else {
198 updatePermissions_1to5(name, community, guest);
199 }
200 }
201
202 protected void updatePermissions_1to5(
203 String name, boolean community, boolean guest)
204 throws Exception {
205
206 if (community) {
207 PermissionLocalServiceUtil.setContainerResourcePermissions(
208 name, RoleConstants.ORGANIZATION_USER, ActionKeys.VIEW);
209 PermissionLocalServiceUtil.setContainerResourcePermissions(
210 name, RoleConstants.SITE_MEMBER, ActionKeys.VIEW);
211 }
212
213 if (guest) {
214 PermissionLocalServiceUtil.setContainerResourcePermissions(
215 name, RoleConstants.GUEST, ActionKeys.VIEW);
216 }
217
218 PermissionLocalServiceUtil.setContainerResourcePermissions(
219 name, RoleConstants.OWNER, ActionKeys.VIEW);
220 }
221
222 protected void updatePermissions_6(
223 String name, boolean community, boolean guest)
224 throws Exception {
225
226 List<String> modelActions = ResourceActionsUtil.getModelResourceActions(
227 name);
228
229 ResourceActionLocalServiceUtil.checkResourceActions(name, modelActions);
230
231 int scope = ResourceConstants.SCOPE_INDIVIDUAL;
232 long actionIdsLong = 1;
233
234 if (community) {
235 ResourcePermissionLocalServiceUtil.addResourcePermissions(
236 name, RoleConstants.ORGANIZATION_USER, scope, actionIdsLong);
237 ResourcePermissionLocalServiceUtil.addResourcePermissions(
238 name, RoleConstants.SITE_MEMBER, scope, actionIdsLong);
239 }
240
241 if (guest) {
242 ResourcePermissionLocalServiceUtil.addResourcePermissions(
243 name, RoleConstants.GUEST, scope, actionIdsLong);
244 }
245
246 ResourcePermissionLocalServiceUtil.addResourcePermissions(
247 name, RoleConstants.OWNER, scope, actionIdsLong);
248 }
249
250 private static final int[] _SCOPES = {
251 ResourceConstants.SCOPE_COMPANY, ResourceConstants.SCOPE_GROUP,
252 ResourceConstants.SCOPE_GROUP_TEMPLATE
253 };
254
255 private static Log _log = LogFactoryUtil.getLog(UpgradePermission.class);
256
257 }