001
014
015 package com.liferay.portal.upgrade.v6_1_0;
016
017 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018 import com.liferay.portal.kernel.exception.PortalException;
019 import com.liferay.portal.kernel.exception.SystemException;
020 import com.liferay.portal.kernel.log.Log;
021 import com.liferay.portal.kernel.log.LogFactoryUtil;
022 import com.liferay.portal.kernel.upgrade.UpgradeProcess;
023 import com.liferay.portal.kernel.util.GetterUtil;
024 import com.liferay.portal.model.GroupedModel;
025 import com.liferay.portal.model.PermissionedModel;
026 import com.liferay.portal.model.ResourceBlock;
027 import com.liferay.portal.model.ResourceBlockPermissionsContainer;
028 import com.liferay.portal.model.ResourceConstants;
029 import com.liferay.portal.model.ResourcePermission;
030 import com.liferay.portal.model.RoleConstants;
031 import com.liferay.portal.security.permission.ActionKeys;
032 import com.liferay.portal.security.permission.ResourceActionsUtil;
033 import com.liferay.portal.service.PermissionLocalServiceUtil;
034 import com.liferay.portal.service.ResourceActionLocalServiceUtil;
035 import com.liferay.portal.service.ResourceBlockLocalServiceUtil;
036 import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
037 import com.liferay.portal.service.RoleLocalServiceUtil;
038 import com.liferay.portal.util.PropsValues;
039 import com.liferay.portlet.bookmarks.model.BookmarksEntry;
040 import com.liferay.portlet.bookmarks.model.BookmarksFolder;
041
042 import java.sql.Connection;
043 import java.sql.PreparedStatement;
044 import java.sql.ResultSet;
045
046 import java.util.List;
047
048
052 public class UpgradePermission extends UpgradeProcess {
053
054 protected ResourceBlock convertResourcePermissions(
055 long companyId, String name, long primKey)
056 throws PortalException, SystemException {
057
058 PermissionedModel permissionedModel =
059 ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);
060
061 long groupId = 0;
062
063 if (permissionedModel instanceof GroupedModel) {
064 GroupedModel groupedModel = (GroupedModel)permissionedModel;
065
066 groupId = groupedModel.getGroupId();
067 }
068
069 ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
070 getResourceBlockPermissionsContainer(
071 companyId, groupId, name, primKey);
072
073 String permissionsHash =
074 resourceBlockPermissionsContainer.getPermissionsHash();
075
076 ResourceBlock resourceBlock =
077 ResourceBlockLocalServiceUtil.updateResourceBlockId(
078 companyId, groupId, name, permissionedModel, permissionsHash,
079 resourceBlockPermissionsContainer);
080
081 return resourceBlock;
082 }
083
084 protected void convertResourcePermissions(
085 String name, String tableName, String pkColumnName)
086 throws Exception {
087
088 Connection con = null;
089 PreparedStatement ps = null;
090 ResultSet rs = null;
091
092 try {
093 con = DataAccess.getUpgradeOptimizedConnection();
094
095 ps = con.prepareStatement(
096 "select " + pkColumnName + ", companyId from " + tableName);
097
098 rs = ps.executeQuery();
099
100 while (rs.next()) {
101 long primKey = rs.getLong(pkColumnName);
102 long companyId = rs.getLong("companyId");
103
104 ResourceBlock resourceBlock = convertResourcePermissions(
105 companyId, name, primKey);
106
107 if (_log.isInfoEnabled() &&
108 ((resourceBlock.getResourceBlockId() % 100) == 0)) {
109
110 _log.info("Processed 100 resource blocks for " + name);
111 }
112 }
113 }
114 finally {
115 DataAccess.cleanUp(con, ps, rs);
116 }
117
118 List<ResourcePermission> resourcePermissions =
119 ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(
120 _SCOPES);
121
122 for (ResourcePermission resourcePermission : resourcePermissions) {
123 int scope = resourcePermission.getScope();
124
125 if (!name.equals(resourcePermission.getName())) {
126 continue;
127 }
128
129 if ((scope == ResourceConstants.SCOPE_COMPANY) ||
130 (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
131
132 ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
133 resourcePermission.getCompanyId(), name,
134 resourcePermission.getRoleId(),
135 resourcePermission.getActionIds());
136 }
137 else if (scope == ResourceConstants.SCOPE_GROUP) {
138 ResourceBlockLocalServiceUtil.setGroupScopePermissions(
139 resourcePermission.getCompanyId(),
140 GetterUtil.getLong(resourcePermission.getPrimaryKey()),
141 name, resourcePermission.getRoleId(),
142 resourcePermission.getActionIds());
143 }
144 }
145 }
146
147 @Override
148 protected void doUpgrade() throws Exception {
149
150
151
152 RoleLocalServiceUtil.checkSystemRoles();
153
154 updatePermissions("com.liferay.portlet.bookmarks", true, true);
155 updatePermissions("com.liferay.portlet.documentlibrary", false, true);
156 updatePermissions("com.liferay.portlet.imagegallery", true, true);
157 updatePermissions("com.liferay.portlet.messageboards", true, true);
158 updatePermissions("com.liferay.portlet.shopping", true, true);
159
160 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
161 convertResourcePermissions(
162 BookmarksEntry.class.getName(), "BookmarksEntry", "entryId");
163 convertResourcePermissions(
164 BookmarksFolder.class.getName(), "BookmarksFolder", "folderId");
165 }
166 }
167
168 protected ResourceBlockPermissionsContainer
169 getResourceBlockPermissionsContainer(
170 long companyId, long groupId, String name, long primKey)
171 throws SystemException {
172
173 ResourceBlockPermissionsContainer resourceBlockPermissionContainer =
174 new ResourceBlockPermissionsContainer();
175
176 List<ResourcePermission> resourcePermissions =
177 ResourcePermissionLocalServiceUtil.getResourceResourcePermissions(
178 companyId, groupId, name, String.valueOf(primKey));
179
180 for (ResourcePermission resourcePermission : resourcePermissions) {
181 resourceBlockPermissionContainer.addPermission(
182 resourcePermission.getRoleId(),
183 resourcePermission.getActionIds());
184 }
185
186 return resourceBlockPermissionContainer;
187 }
188
189 protected void updatePermissions(
190 String name, boolean community, boolean guest)
191 throws Exception {
192
193 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
194 updatePermissions_6(name, community, guest);
195 }
196 else {
197 updatePermissions_1to5(name, community, guest);
198 }
199 }
200
201 protected void updatePermissions_1to5(
202 String name, boolean community, boolean guest)
203 throws Exception {
204
205 if (community) {
206 PermissionLocalServiceUtil.setContainerResourcePermissions(
207 name, RoleConstants.ORGANIZATION_USER, ActionKeys.VIEW);
208 PermissionLocalServiceUtil.setContainerResourcePermissions(
209 name, RoleConstants.SITE_MEMBER, ActionKeys.VIEW);
210 }
211
212 if (guest) {
213 PermissionLocalServiceUtil.setContainerResourcePermissions(
214 name, RoleConstants.GUEST, ActionKeys.VIEW);
215 }
216
217 PermissionLocalServiceUtil.setContainerResourcePermissions(
218 name, RoleConstants.OWNER, ActionKeys.VIEW);
219 }
220
221 protected void updatePermissions_6(
222 String name, boolean community, boolean guest)
223 throws Exception {
224
225 List<String> modelActions = ResourceActionsUtil.getModelResourceActions(
226 name);
227
228 ResourceActionLocalServiceUtil.checkResourceActions(name, modelActions);
229
230 int scope = ResourceConstants.SCOPE_INDIVIDUAL;
231 long actionIdsLong = 1;
232
233 if (community) {
234 ResourcePermissionLocalServiceUtil.addResourcePermissions(
235 name, RoleConstants.ORGANIZATION_USER, scope, actionIdsLong);
236 ResourcePermissionLocalServiceUtil.addResourcePermissions(
237 name, RoleConstants.SITE_MEMBER, scope, actionIdsLong);
238 }
239
240 if (guest) {
241 ResourcePermissionLocalServiceUtil.addResourcePermissions(
242 name, RoleConstants.GUEST, scope, actionIdsLong);
243 }
244
245 ResourcePermissionLocalServiceUtil.addResourcePermissions(
246 name, RoleConstants.OWNER, scope, actionIdsLong);
247 }
248
249 private static final int[] _SCOPES = {
250 ResourceConstants.SCOPE_COMPANY, ResourceConstants.SCOPE_GROUP,
251 ResourceConstants.SCOPE_GROUP_TEMPLATE
252 };
253
254 private static Log _log = LogFactoryUtil.getLog(UpgradePermission.class);
255
256 }