001
014
015 package com.liferay.portal.upgrade.v5_2_0;
016
017 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018 import com.liferay.portal.kernel.dao.jdbc.SmartResultSet;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.upgrade.UpgradeProcess;
022 import com.liferay.portal.kernel.util.GetterUtil;
023 import com.liferay.portal.kernel.util.StringBundler;
024 import com.liferay.portal.model.PortletConstants;
025 import com.liferay.portal.model.Resource;
026 import com.liferay.portal.model.ResourceConstants;
027 import com.liferay.portal.service.ResourceLocalServiceUtil;
028
029 import java.sql.Connection;
030 import java.sql.PreparedStatement;
031 import java.sql.ResultSet;
032
033
036 public class UpgradePortletPermissions extends UpgradeProcess {
037
038 @Override
039 protected void doUpgrade() throws Exception {
040 updatePortletPermissions(
041 "33", "com.liferay.portlet.blogs", new String[] {"ADD_ENTRY"});
042
043 updatePortletPermissions(
044 "28", "com.liferay.portlet.bookmarks", new String[] {"ADD_FOLDER"});
045
046 updatePortletPermissions(
047 "8", "com.liferay.portlet.calendar",
048 new String[] {"ADD_EVENT", "EXPORT_ALL_EVENTS"});
049
050 updatePortletPermissions(
051 "20", "com.liferay.portlet.documentlibrary",
052 new String[] {"ADD_FOLDER"});
053
054 updatePortletPermissions(
055 "31", "com.liferay.portlet.imagegallery",
056 new String[] {"ADD_FOLDER"});
057
058 updatePortletPermissions(
059 "15", "com.liferay.portlet.journal",
060 new String[] {
061 "ADD_ARTICLE", "ADD_FEED", "ADD_STRUCTURE", "ADD_TEMPLATE",
062 "APPROVE_ARTICLE"
063 });
064
065 updatePortletPermissions(
066 "19", "com.liferay.portlet.messageboards",
067 new String[] {"ADD_CATEGORY", "BAN_USER"});
068
069 updatePortletPermissions(
070 "25", "com.liferay.portlet.polls", new String[] {"ADD_QUESTION"});
071
072 updatePortletPermissions(
073 "34", "com.liferay.portlet.shopping",
074 new String[] {"ADD_CATEGORY", "MANAGE_COUPONS", "MANAGE_ORDERS"});
075
076 updatePortletPermissions(
077 "98", "com.liferay.portlet.softwarecatalog",
078 new String[] {"ADD_FRAMEWORK_VERSION", "ADD_PRODUCT_ENTRY"});
079
080 updatePortletPermissions(
081 "99", "com.liferay.portlet.tags",
082 new String[] {"ADD_ENTRY", "ADD_VOCABULARY"});
083
084 updatePortletPermissions(
085 "36", "com.liferay.portlet.wiki", new String[] {"ADD_NODE"});
086 }
087
088 protected Object[] getLayout(long plid) throws Exception {
089 Connection con = null;
090 PreparedStatement ps = null;
091 ResultSet rs = null;
092
093 try {
094 con = DataAccess.getConnection();
095
096 ps = con.prepareStatement(_GET_LAYOUT);
097
098 ps.setLong(1, plid);
099
100 rs = ps.executeQuery();
101
102 if (rs.next()) {
103 long groupId = rs.getLong("groupId");
104 long companyId = rs.getLong("companyId");
105
106 return new Object[] {groupId, companyId};
107 }
108
109 return null;
110 }
111 finally {
112 DataAccess.cleanUp(con, ps, rs);
113 }
114 }
115
116 protected long getPortletPermissionsCount(
117 String actionId, long resourceId, String modelName)
118 throws Exception {
119
120 Connection con = null;
121 PreparedStatement ps = null;
122 ResultSet rs = null;
123
124 try {
125 con = DataAccess.getConnection();
126
127 StringBundler sb = new StringBundler(7);
128
129 sb.append("select count(*) from Permission_ ");
130 sb.append("inner join Resource_ on Resource_.resourceId = ");
131 sb.append("Permission_.resourceId inner join ResourceCode on ");
132 sb.append("ResourceCode.codeId = Resource_.codeId where ");
133 sb.append("Permission_.actionId = ? and ");
134 sb.append("Permission_.resourceId = ? and ResourceCode.name = ? ");
135 sb.append("and ResourceCode.scope = ? ");
136
137 String sql = sb.toString();
138
139 ps = con.prepareStatement(sql);
140
141 ps.setString(1, actionId);
142 ps.setLong(2, resourceId);
143 ps.setString(3, modelName);
144 ps.setInt(4, ResourceConstants.SCOPE_INDIVIDUAL);
145
146 rs = ps.executeQuery();
147
148 rs.next();
149
150 return rs.getLong(1);
151 }
152 finally {
153 DataAccess.cleanUp(con, ps, rs);
154 }
155 }
156
157 protected void updatePortletPermission(
158 long permissionId, String actionId, String primKey,
159 String modelName, int scope)
160 throws Exception {
161
162 long plid = GetterUtil.getLong(
163 primKey.substring(
164 0, primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR)));
165
166 Object[] layout = getLayout(plid);
167
168 if (layout == null) {
169 return;
170 }
171
172 long groupId = (Long)layout[0];
173 long companyId = (Long)layout[1];
174
175 Resource resource = ResourceLocalServiceUtil.addResource(
176 companyId, modelName, scope, String.valueOf(groupId));
177
178 long portletPermissionCount = getPortletPermissionsCount(
179 actionId, resource.getResourceId(), modelName);
180
181 if (portletPermissionCount == 0) {
182 runSQL(
183 "update Permission_ set resourceId = " +
184 resource.getResourceId() + " where permissionId = " +
185 permissionId);
186 }
187 else {
188 runSQL(
189 "delete from Permission_ where permissionId = " + permissionId);
190 }
191 }
192
193 protected void updatePortletPermissions(
194 String portletName, String modelName, String[] actionIds)
195 throws Exception {
196
197 Connection con = null;
198 PreparedStatement ps = null;
199 ResultSet rs = null;
200
201 try {
202 con = DataAccess.getConnection();
203
204 StringBundler sb = new StringBundler(4 * actionIds.length + 7);
205
206 sb.append("select Permission_.permissionId, ");
207 sb.append("Permission_.actionId, Resource_.primKey, ");
208 sb.append("ResourceCode.scope from Permission_ ");
209 sb.append("inner join Resource_ on Resource_.resourceId = ");
210 sb.append("Permission_.resourceId inner join ResourceCode on ");
211 sb.append("ResourceCode.codeId = Resource_.codeId where (");
212
213 for (int i = 0; i < actionIds.length; i++) {
214 String actionId = actionIds[i];
215
216 sb.append("Permission_.actionId = '");
217 sb.append(actionId);
218 sb.append("'");
219
220 if (i < (actionIds.length - 1)) {
221 sb.append(" or ");
222 }
223 }
224
225 sb.append(") and ResourceCode.name = ? and ResourceCode.scope = ?");
226
227 String sql = sb.toString();
228
229 ps = con.prepareStatement(sql);
230
231 ps.setString(1, portletName);
232 ps.setInt(2, ResourceConstants.SCOPE_INDIVIDUAL);
233
234 rs = ps.executeQuery();
235
236 SmartResultSet srs = new SmartResultSet(rs);
237
238 while (srs.next()) {
239 long permissionId = srs.getLong("Permission_.permissionId");
240 String actionId = srs.getString("Permission_.actionId");
241 String primKey = srs.getString("Resource_.primKey");
242 int scope = srs.getInt("ResourceCode.scope");
243
244 try {
245 updatePortletPermission(
246 permissionId, actionId, primKey, modelName, scope);
247 }
248 catch (Exception e) {
249 _log.error(
250 "Unable to upgrade permission " + permissionId, e);
251 }
252 }
253 }
254 finally {
255 DataAccess.cleanUp(con, ps, rs);
256 }
257 }
258
259 private static final String _GET_LAYOUT =
260 "select * from Layout where plid = ?";
261
262 private static Log _log = LogFactoryUtil.getLog(
263 UpgradePortletPermissions.class);
264
265 }