001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.admin.util;
016    
017    import com.liferay.portal.model.Group;
018    import com.liferay.portal.model.GroupConstants;
019    import com.liferay.portal.model.ResourceConstants;
020    import com.liferay.portal.model.ResourcePermission;
021    import com.liferay.portal.model.Role;
022    import com.liferay.portal.model.RoleConstants;
023    import com.liferay.portal.security.permission.ActionKeys;
024    import com.liferay.portal.service.GroupLocalServiceUtil;
025    import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
026    import com.liferay.portal.service.RoleLocalServiceUtil;
027    import com.liferay.portal.util.PortalUtil;
028    
029    import java.util.List;
030    
031    import javax.portlet.ActionRequest;
032    
033    /**
034     * @author Raymond Aug??
035     */
036    public class CleanUpPermissionsUtil {
037    
038            public static void cleanUpAddToPagePermissions(ActionRequest actionRequest)
039                    throws Exception {
040    
041                    long companyId = PortalUtil.getCompanyId(actionRequest);
042    
043                    Role role = RoleLocalServiceUtil.getRole(
044                            companyId, RoleConstants.GUEST);
045    
046                    _cleanUpAddToPagePermissions(companyId, role.getRoleId(), false);
047    
048                    role = RoleLocalServiceUtil.getRole(
049                            companyId, RoleConstants.POWER_USER);
050    
051                    _cleanUpAddToPagePermissions(companyId, role.getRoleId(), true);
052    
053                    role = RoleLocalServiceUtil.getRole(companyId, RoleConstants.USER);
054    
055                    _cleanUpAddToPagePermissions(companyId, role.getRoleId(), false);
056            }
057    
058            private static void _cleanUpAddToPagePermissions(
059                            long companyId, long roleId, boolean limitScope)
060                    throws Exception {
061    
062                    List<ResourcePermission> roleResourcePermissions =
063                            ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
064                                    roleId);
065    
066                    Group userPersonalSite = GroupLocalServiceUtil.getGroup(
067                            companyId, GroupConstants.USER_PERSONAL_SITE);
068    
069                    String groupIdString = String.valueOf(userPersonalSite.getGroupId());
070    
071                    for (ResourcePermission resourcePermission : roleResourcePermissions) {
072                            if (!resourcePermission.hasActionId(ActionKeys.ADD_TO_PAGE)) {
073                                    continue;
074                            }
075    
076                            ResourcePermissionLocalServiceUtil.removeResourcePermission(
077                                    companyId, resourcePermission.getName(),
078                                    resourcePermission.getScope(), resourcePermission.getPrimKey(),
079                                    roleId, ActionKeys.ADD_TO_PAGE);
080    
081                            if (!limitScope) {
082                                    continue;
083                            }
084    
085                            ResourcePermissionLocalServiceUtil.addResourcePermission(
086                                    companyId, resourcePermission.getName(),
087                                    ResourceConstants.SCOPE_GROUP, groupIdString, roleId,
088                                    ActionKeys.ADD_TO_PAGE);
089                    }
090            }
091    
092    }