001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.upgrade.v5_2_0;
016    
017    import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018    import com.liferay.portal.kernel.dao.jdbc.SmartResultSet;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.upgrade.UpgradeProcess;
022    import com.liferay.portal.kernel.util.GetterUtil;
023    import com.liferay.portal.kernel.util.StringBundler;
024    import com.liferay.portal.model.PortletConstants;
025    import com.liferay.portal.model.Resource;
026    import com.liferay.portal.model.ResourceConstants;
027    import com.liferay.portal.service.ResourceLocalServiceUtil;
028    
029    import java.sql.Connection;
030    import java.sql.PreparedStatement;
031    import java.sql.ResultSet;
032    
033    /**
034     * @author Jorge Ferrer
035     */
036    public class UpgradePortletPermissions extends UpgradeProcess {
037    
038            protected void doUpgrade() throws Exception {
039                    updatePortletPermissions(
040                            "33", "com.liferay.portlet.blogs", new String[] {"ADD_ENTRY"});
041    
042                    updatePortletPermissions(
043                            "28", "com.liferay.portlet.bookmarks", new String[] {"ADD_FOLDER"});
044    
045                    updatePortletPermissions(
046                            "8", "com.liferay.portlet.calendar",
047                            new String[] {"ADD_EVENT", "EXPORT_ALL_EVENTS"});
048    
049                    updatePortletPermissions(
050                            "20", "com.liferay.portlet.documentlibrary",
051                            new String[] {"ADD_FOLDER"});
052    
053                    updatePortletPermissions(
054                            "31", "com.liferay.portlet.imagegallery",
055                            new String[] {"ADD_FOLDER"});
056    
057                    updatePortletPermissions(
058                            "15", "com.liferay.portlet.journal",
059                            new String[] {
060                                    "ADD_ARTICLE", "ADD_FEED", "ADD_STRUCTURE", "ADD_TEMPLATE",
061                                    "APPROVE_ARTICLE"
062                            });
063    
064                    updatePortletPermissions(
065                            "19", "com.liferay.portlet.messageboards",
066                            new String[] {"ADD_CATEGORY", "BAN_USER"});
067    
068                    updatePortletPermissions(
069                            "25", "com.liferay.portlet.polls", new String[] {"ADD_QUESTION"});
070    
071                    updatePortletPermissions(
072                            "34", "com.liferay.portlet.shopping",
073                            new String[] {"ADD_CATEGORY", "MANAGE_COUPONS", "MANAGE_ORDERS"});
074    
075                    updatePortletPermissions(
076                            "98", "com.liferay.portlet.softwarecatalog",
077                            new String[] {"ADD_FRAMEWORK_VERSION", "ADD_PRODUCT_ENTRY"});
078    
079                    updatePortletPermissions(
080                            "99", "com.liferay.portlet.tags",
081                            new String[] {"ADD_ENTRY", "ADD_VOCABULARY"});
082    
083                    updatePortletPermissions(
084                            "36", "com.liferay.portlet.wiki", new String[] {"ADD_NODE"});
085            }
086    
087            protected Object[] getLayout(long plid) throws Exception {
088                    Object[] layout = null;
089    
090                    Connection con = null;
091                    PreparedStatement ps = null;
092                    ResultSet rs = null;
093    
094                    try {
095                            con = DataAccess.getConnection();
096    
097                            ps = con.prepareStatement(_GET_LAYOUT);
098    
099                            ps.setLong(1, plid);
100    
101                            rs = ps.executeQuery();
102    
103                            while (rs.next()) {
104                                    long groupId = rs.getLong("groupId");
105                                    long companyId = rs.getLong("companyId");
106    
107                                    layout = new Object[] {groupId, companyId};
108                            }
109                    }
110                    finally {
111                            DataAccess.cleanUp(con, ps, rs);
112                    }
113    
114                    return layout;
115            }
116    
117            protected long getPortletPermissionsCount(
118                            String actionId, long resourceId, String modelName)
119                    throws Exception {
120    
121                    Connection con = null;
122                    PreparedStatement ps = null;
123                    ResultSet rs = null;
124    
125                    try {
126                            con = DataAccess.getConnection();
127    
128                            StringBundler sb = new StringBundler(7);
129    
130                            sb.append("select count(*) from Permission_ ");
131                            sb.append("inner join Resource_ on Resource_.resourceId = ");
132                            sb.append("Permission_.resourceId inner join ResourceCode on ");
133                            sb.append("ResourceCode.codeId = Resource_.codeId where ");
134                            sb.append("Permission_.actionId = ? and ");
135                            sb.append("Permission_.resourceId = ? and ResourceCode.name = ? ");
136                            sb.append("and ResourceCode.scope = ? ");
137    
138                            String sql = sb.toString();
139    
140                            ps = con.prepareStatement(sql);
141    
142                            ps.setString(1, actionId);
143                            ps.setLong(2, resourceId);
144                            ps.setString(3, modelName);
145                            ps.setInt(4, ResourceConstants.SCOPE_INDIVIDUAL);
146    
147                            rs = ps.executeQuery();
148    
149                            rs.next();
150    
151                            return rs.getLong(1);
152                    }
153                    finally {
154                            DataAccess.cleanUp(con, ps, rs);
155                    }
156            }
157    
158            protected void updatePortletPermission(
159                            long permissionId, String actionId, String primKey,
160                            String modelName, int scope)
161                    throws Exception {
162    
163                    long plid = GetterUtil.getLong(
164                            primKey.substring(
165                                    0, primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR)));
166    
167                    Object[] layout = getLayout(plid);
168    
169                    if (layout == null) {
170                            return;
171                    }
172    
173                    long groupId = (Long)layout[0];
174                    long companyId = (Long)layout[1];
175    
176                    Resource resource = ResourceLocalServiceUtil.addResource(
177                            companyId, modelName, scope, String.valueOf(groupId));
178    
179                    long portletPermissionCount = getPortletPermissionsCount(
180                            actionId, resource.getResourceId(), modelName);
181    
182                    if (portletPermissionCount == 0) {
183                            runSQL(
184                                    "update Permission_ set resourceId = " +
185                                            resource.getResourceId() + " where permissionId = " +
186                                                    permissionId);
187                    }
188                    else {
189                            runSQL(
190                                    "delete from Permission_ where permissionId = " + permissionId);
191                    }
192            }
193    
194            protected void updatePortletPermissions(
195                            String portletName, String modelName, String[] actionIds)
196                    throws Exception {
197    
198                    Connection con = null;
199                    PreparedStatement ps = null;
200                    ResultSet rs = null;
201    
202                    try {
203                            con = DataAccess.getConnection();
204    
205                            StringBundler sb = new StringBundler(4 * actionIds.length + 7);
206    
207                            sb.append("select Permission_.permissionId, ");
208                            sb.append("Permission_.actionId, Resource_.primKey, ");
209                            sb.append("ResourceCode.scope from Permission_ ");
210                            sb.append("inner join Resource_ on Resource_.resourceId = ");
211                            sb.append("Permission_.resourceId inner join ResourceCode on ");
212                            sb.append("ResourceCode.codeId = Resource_.codeId where (");
213    
214                            for (int i = 0; i < actionIds.length; i++) {
215                                    String actionId = actionIds[i];
216    
217                                    sb.append("Permission_.actionId = '");
218                                    sb.append(actionId);
219                                    sb.append("'");
220    
221                                    if (i < (actionIds.length - 1)) {
222                                            sb.append(" or ");
223                                    }
224                            }
225    
226                            sb.append(") and ResourceCode.name = ? and ResourceCode.scope = ?");
227    
228                            String sql = sb.toString();
229    
230                            ps = con.prepareStatement(sql);
231    
232                            ps.setString(1, portletName);
233                            ps.setInt(2, ResourceConstants.SCOPE_INDIVIDUAL);
234    
235                            rs = ps.executeQuery();
236    
237                            SmartResultSet srs = new SmartResultSet(rs);
238    
239                            while (srs.next()) {
240                                    long permissionId = srs.getLong("Permission_.permissionId");
241                                    String actionId = srs.getString("Permission_.actionId");
242                                    String primKey = srs.getString("Resource_.primKey");
243                                    int scope = srs.getInt("ResourceCode.scope");
244    
245                                    try {
246                                            updatePortletPermission(
247                                                    permissionId, actionId, primKey, modelName, scope);
248                                    }
249                                    catch (Exception e) {
250                                            _log.error(
251                                                    "Unable to upgrade permission " + permissionId, e);
252                                    }
253                            }
254                    }
255                    finally {
256                            DataAccess.cleanUp(con, ps, rs);
257                    }
258            }
259    
260            private static final String _GET_LAYOUT =
261                    "select * from Layout where plid = ?";
262    
263            private static Log _log = LogFactoryUtil.getLog(
264                    UpgradePortletPermissions.class);
265    
266    }