001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.upgrade.v5_2_0;
016    
017    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018    import com.liferay.portal.kernel.dao.jdbc.SmartResultSet;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.upgrade.UpgradeProcess;
022    import com.liferay.portal.kernel.util.GetterUtil;
023    import com.liferay.portal.kernel.util.StringBundler;
024    import com.liferay.portal.model.PortletConstants;
025    import com.liferay.portal.model.Resource;
026    import com.liferay.portal.model.ResourceConstants;
027    import com.liferay.portal.service.ResourceLocalServiceUtil;
028    
029    import java.sql.Connection;
030    import java.sql.PreparedStatement;
031    import java.sql.ResultSet;
032    
033    /**
034     * @author Jorge Ferrer
035     */
036    public class UpgradePortletPermissions extends UpgradeProcess {
037    
038            @Override
039            protected void doUpgrade() throws Exception {
040                    updatePortletPermissions(
041                            "33", "com.liferay.portlet.blogs", new String[] {"ADD_ENTRY"});
042    
043                    updatePortletPermissions(
044                            "28", "com.liferay.portlet.bookmarks", new String[] {"ADD_FOLDER"});
045    
046                    updatePortletPermissions(
047                            "8", "com.liferay.portlet.calendar",
048                            new String[] {"ADD_EVENT", "EXPORT_ALL_EVENTS"});
049    
050                    updatePortletPermissions(
051                            "20", "com.liferay.portlet.documentlibrary",
052                            new String[] {"ADD_FOLDER"});
053    
054                    updatePortletPermissions(
055                            "31", "com.liferay.portlet.imagegallery",
056                            new String[] {"ADD_FOLDER"});
057    
058                    updatePortletPermissions(
059                            "15", "com.liferay.portlet.journal",
060                            new String[] {
061                                    "ADD_ARTICLE", "ADD_FEED", "ADD_STRUCTURE", "ADD_TEMPLATE",
062                                    "APPROVE_ARTICLE"
063                            });
064    
065                    updatePortletPermissions(
066                            "19", "com.liferay.portlet.messageboards",
067                            new String[] {"ADD_CATEGORY", "BAN_USER"});
068    
069                    updatePortletPermissions(
070                            "25", "com.liferay.portlet.polls", new String[] {"ADD_QUESTION"});
071    
072                    updatePortletPermissions(
073                            "34", "com.liferay.portlet.shopping",
074                            new String[] {"ADD_CATEGORY", "MANAGE_COUPONS", "MANAGE_ORDERS"});
075    
076                    updatePortletPermissions(
077                            "98", "com.liferay.portlet.softwarecatalog",
078                            new String[] {"ADD_FRAMEWORK_VERSION", "ADD_PRODUCT_ENTRY"});
079    
080                    updatePortletPermissions(
081                            "99", "com.liferay.portlet.tags",
082                            new String[] {"ADD_ENTRY", "ADD_VOCABULARY"});
083    
084                    updatePortletPermissions(
085                            "36", "com.liferay.portlet.wiki", new String[] {"ADD_NODE"});
086            }
087    
088            protected Object[] getLayout(long plid) throws Exception {
089                    Connection con = null;
090                    PreparedStatement ps = null;
091                    ResultSet rs = null;
092    
093                    try {
094                            con = DataAccess.getConnection();
095    
096                            ps = con.prepareStatement(_GET_LAYOUT);
097    
098                            ps.setLong(1, plid);
099    
100                            rs = ps.executeQuery();
101    
102                            if (rs.next()) {
103                                    long groupId = rs.getLong("groupId");
104                                    long companyId = rs.getLong("companyId");
105    
106                                    return new Object[] {groupId, companyId};
107                            }
108    
109                            return null;
110                    }
111                    finally {
112                            DataAccess.cleanUp(con, ps, rs);
113                    }
114            }
115    
116            protected long getPortletPermissionsCount(
117                            String actionId, long resourceId, String modelName)
118                    throws Exception {
119    
120                    Connection con = null;
121                    PreparedStatement ps = null;
122                    ResultSet rs = null;
123    
124                    try {
125                            con = DataAccess.getConnection();
126    
127                            StringBundler sb = new StringBundler(7);
128    
129                            sb.append("select count(*) from Permission_ ");
130                            sb.append("inner join Resource_ on Resource_.resourceId = ");
131                            sb.append("Permission_.resourceId inner join ResourceCode on ");
132                            sb.append("ResourceCode.codeId = Resource_.codeId where ");
133                            sb.append("Permission_.actionId = ? and ");
134                            sb.append("Permission_.resourceId = ? and ResourceCode.name = ? ");
135                            sb.append("and ResourceCode.scope = ? ");
136    
137                            String sql = sb.toString();
138    
139                            ps = con.prepareStatement(sql);
140    
141                            ps.setString(1, actionId);
142                            ps.setLong(2, resourceId);
143                            ps.setString(3, modelName);
144                            ps.setInt(4, ResourceConstants.SCOPE_INDIVIDUAL);
145    
146                            rs = ps.executeQuery();
147    
148                            rs.next();
149    
150                            return rs.getLong(1);
151                    }
152                    finally {
153                            DataAccess.cleanUp(con, ps, rs);
154                    }
155            }
156    
157            protected void updatePortletPermission(
158                            long permissionId, String actionId, String primKey,
159                            String modelName, int scope)
160                    throws Exception {
161    
162                    long plid = GetterUtil.getLong(
163                            primKey.substring(
164                                    0, primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR)));
165    
166                    Object[] layout = getLayout(plid);
167    
168                    if (layout == null) {
169                            return;
170                    }
171    
172                    long groupId = (Long)layout[0];
173                    long companyId = (Long)layout[1];
174    
175                    Resource resource = ResourceLocalServiceUtil.addResource(
176                            companyId, modelName, scope, String.valueOf(groupId));
177    
178                    long portletPermissionCount = getPortletPermissionsCount(
179                            actionId, resource.getResourceId(), modelName);
180    
181                    if (portletPermissionCount == 0) {
182                            runSQL(
183                                    "update Permission_ set resourceId = " +
184                                            resource.getResourceId() + " where permissionId = " +
185                                                    permissionId);
186                    }
187                    else {
188                            runSQL(
189                                    "delete from Permission_ where permissionId = " + permissionId);
190                    }
191            }
192    
193            protected void updatePortletPermissions(
194                            String portletName, String modelName, String[] actionIds)
195                    throws Exception {
196    
197                    Connection con = null;
198                    PreparedStatement ps = null;
199                    ResultSet rs = null;
200    
201                    try {
202                            con = DataAccess.getConnection();
203    
204                            StringBundler sb = new StringBundler(4 * actionIds.length + 7);
205    
206                            sb.append("select Permission_.permissionId, ");
207                            sb.append("Permission_.actionId, Resource_.primKey, ");
208                            sb.append("ResourceCode.scope from Permission_ ");
209                            sb.append("inner join Resource_ on Resource_.resourceId = ");
210                            sb.append("Permission_.resourceId inner join ResourceCode on ");
211                            sb.append("ResourceCode.codeId = Resource_.codeId where (");
212    
213                            for (int i = 0; i < actionIds.length; i++) {
214                                    String actionId = actionIds[i];
215    
216                                    sb.append("Permission_.actionId = '");
217                                    sb.append(actionId);
218                                    sb.append("'");
219    
220                                    if (i < (actionIds.length - 1)) {
221                                            sb.append(" or ");
222                                    }
223                            }
224    
225                            sb.append(") and ResourceCode.name = ? and ResourceCode.scope = ?");
226    
227                            String sql = sb.toString();
228    
229                            ps = con.prepareStatement(sql);
230    
231                            ps.setString(1, portletName);
232                            ps.setInt(2, ResourceConstants.SCOPE_INDIVIDUAL);
233    
234                            rs = ps.executeQuery();
235    
236                            SmartResultSet srs = new SmartResultSet(rs);
237    
238                            while (srs.next()) {
239                                    long permissionId = srs.getLong("Permission_.permissionId");
240                                    String actionId = srs.getString("Permission_.actionId");
241                                    String primKey = srs.getString("Resource_.primKey");
242                                    int scope = srs.getInt("ResourceCode.scope");
243    
244                                    try {
245                                            updatePortletPermission(
246                                                    permissionId, actionId, primKey, modelName, scope);
247                                    }
248                                    catch (Exception e) {
249                                            _log.error(
250                                                    "Unable to upgrade permission " + permissionId, e);
251                                    }
252                            }
253                    }
254                    finally {
255                            DataAccess.cleanUp(con, ps, rs);
256                    }
257            }
258    
259            private static final String _GET_LAYOUT =
260                    "select * from Layout where plid = ?";
261    
262            private static Log _log = LogFactoryUtil.getLog(
263                    UpgradePortletPermissions.class);
264    
265    }