1
22
23 package com.liferay.portal.upgrade.v4_3_5;
24
25 import com.liferay.portal.model.Layout;
26 import com.liferay.portal.model.impl.GroupImpl;
27 import com.liferay.portal.model.impl.PortletImpl;
28 import com.liferay.portal.spring.hibernate.HibernateUtil;
29 import com.liferay.portal.upgrade.UpgradeException;
30 import com.liferay.portal.upgrade.UpgradeProcess;
31 import com.liferay.portlet.blogs.model.BlogsEntry;
32 import com.liferay.portlet.bookmarks.model.BookmarksEntry;
33 import com.liferay.portlet.bookmarks.model.BookmarksFolder;
34 import com.liferay.portlet.calendar.model.CalEvent;
35 import com.liferay.portlet.documentlibrary.model.DLFileEntry;
36 import com.liferay.portlet.documentlibrary.model.DLFileShortcut;
37 import com.liferay.portlet.documentlibrary.model.DLFolder;
38 import com.liferay.portlet.imagegallery.model.IGFolder;
39 import com.liferay.portlet.imagegallery.model.IGImage;
40 import com.liferay.portlet.journal.model.JournalArticle;
41 import com.liferay.portlet.journal.model.JournalStructure;
42 import com.liferay.portlet.journal.model.JournalTemplate;
43 import com.liferay.portlet.messageboards.model.MBCategory;
44 import com.liferay.portlet.messageboards.model.MBMessage;
45 import com.liferay.portlet.polls.model.PollsQuestion;
46 import com.liferay.portlet.shopping.model.ShoppingCategory;
47 import com.liferay.portlet.shopping.model.ShoppingItem;
48 import com.liferay.portlet.softwarecatalog.model.SCFrameworkVersion;
49 import com.liferay.portlet.softwarecatalog.model.SCProductEntry;
50 import com.liferay.portlet.wiki.model.WikiNode;
51 import com.liferay.portlet.wiki.model.WikiPage;
52 import com.liferay.util.dao.DataAccess;
53
54 import java.sql.Connection;
55 import java.sql.PreparedStatement;
56 import java.sql.ResultSet;
57
58 import java.util.ArrayList;
59 import java.util.Iterator;
60 import java.util.List;
61
62 import org.apache.commons.logging.Log;
63 import org.apache.commons.logging.LogFactory;
64
65
71 public class UpgradePermission extends UpgradeProcess {
72
73 public void upgrade() throws UpgradeException {
74 _log.info("Upgrading");
75
76 try {
77 doUpgrade();
78 }
79 catch (Exception e) {
80 throw new UpgradeException(e);
81 }
82 }
83
84 protected void copyPermissions(long defaultUserId, long guestGroupId)
85 throws Exception {
86
87 if ((defaultUserId == 0) || (guestGroupId == 0)) {
88 return;
89 }
90
91 runSQL("delete from Users_Permissions where userId = " + defaultUserId);
92
93 runSQL(
94 "insert into Users_Permissions (userId, permissionId) select " +
95 defaultUserId + ", Groups_Permissions.permissionId from " +
96 "Groups_Permissions where groupId = " + guestGroupId);
97
98 deletePortletPermissionIds(guestGroupId);
99
100 deletePermissionIds(
101 Layout.class.getName(), "Layout", "plid", guestGroupId);
102
103 deletePermissionIds(
104 BlogsEntry.class.getName(), "BlogsEntry", "entryId", guestGroupId);
105
106 deletePermissionIds(
107 BookmarksFolder.class.getName(), "BookmarksFolder", "folderId",
108 guestGroupId);
109 deletePermissionIds(
110 BookmarksEntry.class.getName(), "BookmarksEntry", "entryId",
111 "BookmarksFolder", "folderId", guestGroupId);
112
113 deletePermissionIds(
114 CalEvent.class.getName(), "CalEvent", "eventId", guestGroupId);
115
116 deletePermissionIds(
117 DLFolder.class.getName(), "DLFolder", "folderId", guestGroupId);
118 deletePermissionIds(
119 DLFileEntry.class.getName(), "DLFileEntry", "fileEntryId",
120 "DLFolder", "folderId", guestGroupId);
121 deletePermissionIds(
122 DLFileShortcut.class.getName(), "DLFileShortcut", "fileShortcutId",
123 "DLFolder", "folderId", guestGroupId);
124
125 deletePermissionIds(
126 IGFolder.class.getName(), "IGFolder", "folderId", guestGroupId);
127 deletePermissionIds(
128 IGImage.class.getName(), "IGImage", "imageId", "IGFolder",
129 "folderId", guestGroupId);
130
131 deletePermissionIds(
132 JournalArticle.class.getName(), "JournalArticle", "resourcePrimKey",
133 guestGroupId);
134 deletePermissionIds(
135 JournalStructure.class.getName(), "JournalStructure", "id_",
136 guestGroupId);
137 deletePermissionIds(
138 JournalTemplate.class.getName(), "JournalTemplate", "id_",
139 guestGroupId);
140
141 deletePermissionIds(
142 MBCategory.class.getName(), "MBCategory", "categoryId",
143 guestGroupId);
144 deletePermissionIds(
145 MBMessage.class.getName(), "MBMessage", "messageId", "MBCategory",
146 "categoryId", guestGroupId);
147
148 deletePermissionIds(
149 PollsQuestion.class.getName(), "PollsQuestion", "questionId",
150 guestGroupId);
151
152 deletePermissionIds(
153 SCFrameworkVersion.class.getName(), "SCFrameworkVersion",
154 "frameworkVersionId", guestGroupId);
155 deletePermissionIds(
156 SCProductEntry.class.getName(), "SCProductEntry", "productEntryId",
157 guestGroupId);
158
159 deletePermissionIds(
160 ShoppingCategory.class.getName(), "ShoppingCategory", "categoryId",
161 guestGroupId);
162 deletePermissionIds(
163 ShoppingItem.class.getName(), "ShoppingItem", "itemId",
164 "ShoppingCategory", "categoryId", guestGroupId);
165
166 deletePermissionIds(
167 WikiNode.class.getName(), "WikiNode", "nodeId", guestGroupId);
168 deletePermissionIds(
169 WikiPage.class.getName(), "WikiPage", "resourcePrimKey", "WikiNode",
170 "nodeId", guestGroupId);
171 }
172
173 protected void deletePermissionIds(
174 String className, String tableName, String tablePKCol,
175 long guestGroupId)
176 throws Exception {
177
178 List permissionIds = getPermissionIds(
179 className, tableName, tablePKCol, guestGroupId);
180
181 deletePermissionIds(permissionIds, guestGroupId);
182 }
183
184 protected void deletePermissionIds(
185 String className, String tableName1, String tablePKCol1,
186 String tableName2, String tablePKCol2, long guestGroupId)
187 throws Exception {
188
189 List permissionIds = getPermissionIds(
190 className, tableName1, tablePKCol1, tableName2, tablePKCol2,
191 guestGroupId);
192
193 deletePermissionIds(permissionIds, guestGroupId);
194 }
195
196 protected void deletePermissionIds(List permissionIds, long guestGroupId)
197 throws Exception {
198
199 for (int i = 0; i < permissionIds.size(); i++) {
200 long permissionId = ((Long)permissionIds.get(i)).longValue();
201
202 runSQL(
203 "delete from Groups_Permissions where groupId = " +
204 guestGroupId + " and permissionId = " + permissionId);
205 }
206 }
207
208 protected void deletePortletPermissionIds(long guestGroupId)
209 throws Exception {
210
211 Connection con = null;
212 PreparedStatement ps = null;
213 ResultSet rs = null;
214
215 try {
216 con = HibernateUtil.getConnection();
217
218 Iterator itr = getPlids(guestGroupId).iterator();
219
220 while (itr.hasNext()) {
221 Long plid = (Long)itr.next();
222
223 ps = con.prepareStatement(
224 "select primKey from Resource_ where primKey like ?");
225
226 ps.setString(1, plid + PortletImpl.LAYOUT_SEPARATOR + "%");
227
228 rs = ps.executeQuery();
229
230 while (rs.next()) {
231 String primKey = rs.getString("primKey");
232
233 List permissionIds = getPermissionIds(
234 primKey, guestGroupId);
235
236 deletePermissionIds(permissionIds, guestGroupId);
237 }
238
239 ps.close();
240 }
241 }
242 finally {
243 DataAccess.cleanUp(con, ps, rs);
244 }
245 }
246
247 protected void doUpgrade() throws Exception {
248 Connection con = null;
249 PreparedStatement ps = null;
250 ResultSet rs = null;
251
252 try {
253 con = HibernateUtil.getConnection();
254
255 ps = con.prepareStatement(_GET_COMPANY_IDS);
256
257 rs = ps.executeQuery();
258
259 while (rs.next()) {
260 long companyId = rs.getLong("companyId");
261
262 long defaultUserId = getDefaultUserId(companyId);
263 long guestGroupId = getGuestGroupId(companyId);
264
265 copyPermissions(defaultUserId, guestGroupId);
266 }
267 }
268 finally {
269 DataAccess.cleanUp(con, ps, rs);
270 }
271 }
272
273 protected long getDefaultUserId(long companyId) throws Exception {
274 long userId = 0;
275
276 Connection con = null;
277 PreparedStatement ps = null;
278 ResultSet rs = null;
279
280 try {
281 con = HibernateUtil.getConnection();
282
283 ps = con.prepareStatement(_GET_DEFAULT_USER_ID);
284
285 ps.setLong(1, companyId);
286 ps.setBoolean(2, true);
287
288 rs = ps.executeQuery();
289
290 while (rs.next()) {
291 userId = rs.getLong("userId");
292 }
293 }
294 finally {
295 DataAccess.cleanUp(con, ps, rs);
296 }
297
298 return userId;
299 }
300
301 protected long getGuestGroupId(long companyId) throws Exception {
302 long groupId = 0;
303
304 Connection con = null;
305 PreparedStatement ps = null;
306 ResultSet rs = null;
307
308 try {
309 con = HibernateUtil.getConnection();
310
311 ps = con.prepareStatement(_GET_GUEST_GROUP_ID);
312
313 ps.setLong(1, companyId);
314 ps.setString(2, GroupImpl.GUEST);
315
316 rs = ps.executeQuery();
317
318 while (rs.next()) {
319 groupId = rs.getLong("groupId");
320 }
321 }
322 finally {
323 DataAccess.cleanUp(con, ps, rs);
324 }
325
326 return groupId;
327 }
328
329 protected List getPermissionIds(String primKey, long guestGroupId)
330 throws Exception {
331
332 List permissionIds = new ArrayList();
333
334 Connection con = null;
335 PreparedStatement ps = null;
336 ResultSet rs = null;
337
338 try {
339 con = HibernateUtil.getConnection();
340
341 ps = con.prepareStatement(_GET_PERMISSION_IDS_1);
342
343 ps.setLong(1, guestGroupId);
344 ps.setString(2, primKey);
345
346 rs = ps.executeQuery();
347
348 while (rs.next()) {
349 long permissionId = rs.getLong("permissionId");
350
351 permissionIds.add(new Long(permissionId));
352 }
353 }
354 finally {
355 DataAccess.cleanUp(con, ps, rs);
356 }
357
358 return permissionIds;
359 }
360
361 protected List getPermissionIds(
362 String className, String tableName, String tablePKCol,
363 long guestGroupId)
364 throws Exception {
365
366 List permissionIds = new ArrayList();
367
368 Connection con = null;
369 PreparedStatement ps = null;
370 ResultSet rs = null;
371
372 try {
373 con = HibernateUtil.getConnection();
374
375 ps = con.prepareStatement(
376 "select " + tablePKCol + " from " + tableName + " " +
377 "where groupId != " + guestGroupId);
378
379 rs = ps.executeQuery();
380
381 while (rs.next()) {
382 String primKey = String.valueOf(rs.getLong(tablePKCol));
383
384 permissionIds.addAll(
385 getPermissionIds(className, primKey, guestGroupId));
386 }
387 }
388 finally {
389 DataAccess.cleanUp(con, ps, rs);
390 }
391
392 return permissionIds;
393 }
394
395 protected List getPermissionIds(
396 String className, String tableName1, String tablePKCol1,
397 String tableName2, String tablePKCol2, long guestGroupId)
398 throws Exception {
399
400 List permissionIds = new ArrayList();
401
402 Connection con = null;
403 PreparedStatement ps = null;
404 ResultSet rs = null;
405
406 try {
407 con = HibernateUtil.getConnection();
408
409 ps = con.prepareStatement(
410 "select " + tablePKCol1 + " from " + tableName1 + " " +
411 "inner join " + tableName2 + " on " + tableName2 + "." +
412 tablePKCol2 + " = " + tableName1 + "." + tablePKCol2 + " " +
413 "where groupId != " + guestGroupId);
414
415 rs = ps.executeQuery();
416
417 while (rs.next()) {
418 String primKey = String.valueOf(rs.getLong(tablePKCol1));
419
420 permissionIds.addAll(
421 getPermissionIds(className, primKey, guestGroupId));
422 }
423 }
424 finally {
425 DataAccess.cleanUp(con, ps, rs);
426 }
427
428 return permissionIds;
429 }
430
431 protected List getPermissionIds(
432 String className, String primKey, long guestGroupId)
433 throws Exception {
434
435 List permissionIds = new ArrayList();
436
437 Connection con = null;
438 PreparedStatement ps = null;
439 ResultSet rs = null;
440
441 try {
442 con = HibernateUtil.getConnection();
443
444 ps = con.prepareStatement(_GET_PERMISSION_IDS_2);
445
446 ps.setLong(1, guestGroupId);
447 ps.setString(2, primKey);
448 ps.setString(3, className);
449
450 rs = ps.executeQuery();
451
452 while (rs.next()) {
453 long permissionId = rs.getLong("permissionId");
454
455 permissionIds.add(new Long(permissionId));
456 }
457 }
458 finally {
459 DataAccess.cleanUp(con, ps, rs);
460 }
461
462 return permissionIds;
463 }
464
465 protected List getPlids(long guestGroupId) throws Exception {
466 List plids = new ArrayList();
467
468 Connection con = null;
469 PreparedStatement ps = null;
470 ResultSet rs = null;
471
472 try {
473 con = HibernateUtil.getConnection();
474
475 ps = con.prepareStatement(_GET_PLIDS);
476
477 ps.setLong(1, guestGroupId);
478
479 rs = ps.executeQuery();
480
481 while (rs.next()) {
482 long plid = rs.getLong("plid");
483
484 plids.add(new Long(plid));
485 }
486 }
487 finally {
488 DataAccess.cleanUp(con, ps, rs);
489 }
490
491 return plids;
492 }
493
494 private static final String _GET_COMPANY_IDS =
495 "select companyId from Company";
496
497 private static final String _GET_DEFAULT_USER_ID =
498 "select userId from User_ where companyId = ? and defaultUser = ?";
499
500 private static final String _GET_GUEST_GROUP_ID =
501 "select groupId from Group_ where companyId = ? and name = ?";
502
503 private static final String _GET_PERMISSION_IDS_1 =
504 "select Groups_Permissions.permissionId from Groups_Permissions " +
505 "inner join Permission_ on Permission_.permissionId = " +
506 "Groups_Permissions.permissionId " +
507 "inner join Resource_ on Resource_.resourceId = " +
508 "Permission_.resourceId " +
509 "inner join ResourceCode on ResourceCode.codeId = Resource_.codeId " +
510 "where Groups_Permissions.groupId = ? and Resource_.primKey = ?";
511
512 private static final String _GET_PERMISSION_IDS_2 =
513 "select Groups_Permissions.permissionId from Groups_Permissions " +
514 "inner join Permission_ on Permission_.permissionId = " +
515 "Groups_Permissions.permissionId " +
516 "inner join Resource_ on Resource_.resourceId = " +
517 "Permission_.resourceId " +
518 "inner join ResourceCode on ResourceCode.codeId = Resource_.codeId " +
519 "where Groups_Permissions.groupId = ? and Resource_.primKey = ? and " +
520 "ResourceCode.name = ?";
521
522 private static final String _GET_PLIDS =
523 "select plid from Layout where Layout.groupId != ?";
524
525 private static Log _log = LogFactory.getLog(UpgradePermission.class);
526
527 }