001
014
015 package com.liferay.portal.upgrade.v5_2_0;
016
017 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
018 import com.liferay.portal.kernel.dao.jdbc.SmartResultSet;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.upgrade.UpgradeProcess;
022 import com.liferay.portal.kernel.util.GetterUtil;
023 import com.liferay.portal.kernel.util.StringBundler;
024 import com.liferay.portal.model.PortletConstants;
025 import com.liferay.portal.model.Resource;
026 import com.liferay.portal.model.ResourceConstants;
027 import com.liferay.portal.service.ResourceLocalServiceUtil;
028
029 import java.sql.Connection;
030 import java.sql.PreparedStatement;
031 import java.sql.ResultSet;
032
033
036 public class UpgradePortletPermissions extends UpgradeProcess {
037
038 protected void doUpgrade() throws Exception {
039 updatePortletPermissions(
040 "33", "com.liferay.portlet.blogs", new String[] {"ADD_ENTRY"});
041
042 updatePortletPermissions(
043 "28", "com.liferay.portlet.bookmarks", new String[] {"ADD_FOLDER"});
044
045 updatePortletPermissions(
046 "8", "com.liferay.portlet.calendar",
047 new String[] {"ADD_EVENT", "EXPORT_ALL_EVENTS"});
048
049 updatePortletPermissions(
050 "20", "com.liferay.portlet.documentlibrary",
051 new String[] {"ADD_FOLDER"});
052
053 updatePortletPermissions(
054 "31", "com.liferay.portlet.imagegallery",
055 new String[] {"ADD_FOLDER"});
056
057 updatePortletPermissions(
058 "15", "com.liferay.portlet.journal",
059 new String[] {
060 "ADD_ARTICLE", "ADD_FEED", "ADD_STRUCTURE", "ADD_TEMPLATE",
061 "APPROVE_ARTICLE"
062 });
063
064 updatePortletPermissions(
065 "19", "com.liferay.portlet.messageboards",
066 new String[] {"ADD_CATEGORY", "BAN_USER"});
067
068 updatePortletPermissions(
069 "25", "com.liferay.portlet.polls", new String[] {"ADD_QUESTION"});
070
071 updatePortletPermissions(
072 "34", "com.liferay.portlet.shopping",
073 new String[] {"ADD_CATEGORY", "MANAGE_COUPONS", "MANAGE_ORDERS"});
074
075 updatePortletPermissions(
076 "98", "com.liferay.portlet.softwarecatalog",
077 new String[] {"ADD_FRAMEWORK_VERSION", "ADD_PRODUCT_ENTRY"});
078
079 updatePortletPermissions(
080 "99", "com.liferay.portlet.tags",
081 new String[] {"ADD_ENTRY", "ADD_VOCABULARY"});
082
083 updatePortletPermissions(
084 "36", "com.liferay.portlet.wiki", new String[] {"ADD_NODE"});
085 }
086
087 protected Object[] getLayout(long plid) throws Exception {
088 Object[] layout = null;
089
090 Connection con = null;
091 PreparedStatement ps = null;
092 ResultSet rs = null;
093
094 try {
095 con = DataAccess.getConnection();
096
097 ps = con.prepareStatement(_GET_LAYOUT);
098
099 ps.setLong(1, plid);
100
101 rs = ps.executeQuery();
102
103 while (rs.next()) {
104 long groupId = rs.getLong("groupId");
105 long companyId = rs.getLong("companyId");
106
107 layout = new Object[] {groupId, companyId};
108 }
109 }
110 finally {
111 DataAccess.cleanUp(con, ps, rs);
112 }
113
114 return layout;
115 }
116
117 protected long getPortletPermissionsCount(
118 String actionId, long resourceId, String modelName)
119 throws Exception {
120
121 Connection con = null;
122 PreparedStatement ps = null;
123 ResultSet rs = null;
124
125 try {
126 con = DataAccess.getConnection();
127
128 StringBundler sb = new StringBundler(7);
129
130 sb.append("select count(*) from Permission_ ");
131 sb.append("inner join Resource_ on Resource_.resourceId = ");
132 sb.append("Permission_.resourceId inner join ResourceCode on ");
133 sb.append("ResourceCode.codeId = Resource_.codeId where ");
134 sb.append("Permission_.actionId = ? and ");
135 sb.append("Permission_.resourceId = ? and ResourceCode.name = ? ");
136 sb.append("and ResourceCode.scope = ? ");
137
138 String sql = sb.toString();
139
140 ps = con.prepareStatement(sql);
141
142 ps.setString(1, actionId);
143 ps.setLong(2, resourceId);
144 ps.setString(3, modelName);
145 ps.setInt(4, ResourceConstants.SCOPE_INDIVIDUAL);
146
147 rs = ps.executeQuery();
148
149 rs.next();
150
151 return rs.getLong(1);
152 }
153 finally {
154 DataAccess.cleanUp(con, ps, rs);
155 }
156 }
157
158 protected void updatePortletPermission(
159 long permissionId, String actionId, String primKey,
160 String modelName, int scope)
161 throws Exception {
162
163 long plid = GetterUtil.getLong(
164 primKey.substring(
165 0, primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR)));
166
167 Object[] layout = getLayout(plid);
168
169 if (layout == null) {
170 return;
171 }
172
173 long groupId = (Long)layout[0];
174 long companyId = (Long)layout[1];
175
176 Resource resource = ResourceLocalServiceUtil.addResource(
177 companyId, modelName, scope, String.valueOf(groupId));
178
179 long portletPermissionCount = getPortletPermissionsCount(
180 actionId, resource.getResourceId(), modelName);
181
182 if (portletPermissionCount == 0) {
183 runSQL(
184 "update Permission_ set resourceId = " +
185 resource.getResourceId() + " where permissionId = " +
186 permissionId);
187 }
188 else {
189 runSQL(
190 "delete from Permission_ where permissionId = " + permissionId);
191 }
192 }
193
194 protected void updatePortletPermissions(
195 String portletName, String modelName, String[] actionIds)
196 throws Exception {
197
198 Connection con = null;
199 PreparedStatement ps = null;
200 ResultSet rs = null;
201
202 try {
203 con = DataAccess.getConnection();
204
205 StringBundler sb = new StringBundler(4 * actionIds.length + 7);
206
207 sb.append("select Permission_.permissionId, ");
208 sb.append("Permission_.actionId, Resource_.primKey, ");
209 sb.append("ResourceCode.scope from Permission_ ");
210 sb.append("inner join Resource_ on Resource_.resourceId = ");
211 sb.append("Permission_.resourceId inner join ResourceCode on ");
212 sb.append("ResourceCode.codeId = Resource_.codeId where (");
213
214 for (int i = 0; i < actionIds.length; i++) {
215 String actionId = actionIds[i];
216
217 sb.append("Permission_.actionId = '");
218 sb.append(actionId);
219 sb.append("'");
220
221 if (i < (actionIds.length - 1)) {
222 sb.append(" or ");
223 }
224 }
225
226 sb.append(") and ResourceCode.name = ? and ResourceCode.scope = ?");
227
228 String sql = sb.toString();
229
230 ps = con.prepareStatement(sql);
231
232 ps.setString(1, portletName);
233 ps.setInt(2, ResourceConstants.SCOPE_INDIVIDUAL);
234
235 rs = ps.executeQuery();
236
237 SmartResultSet srs = new SmartResultSet(rs);
238
239 while (srs.next()) {
240 long permissionId = srs.getLong("Permission_.permissionId");
241 String actionId = srs.getString("Permission_.actionId");
242 String primKey = srs.getString("Resource_.primKey");
243 int scope = srs.getInt("ResourceCode.scope");
244
245 try {
246 updatePortletPermission(
247 permissionId, actionId, primKey, modelName, scope);
248 }
249 catch (Exception e) {
250 _log.error(
251 "Unable to upgrade permission " + permissionId, e);
252 }
253 }
254 }
255 finally {
256 DataAccess.cleanUp(con, ps, rs);
257 }
258 }
259
260 private static final String _GET_LAYOUT =
261 "select * from Layout where plid = ?";
262
263 private static Log _log = LogFactoryUtil.getLog(
264 UpgradePortletPermissions.class);
265
266 }