1
14
15 package com.liferay.portal.upgrade.v5_2_0;
16
17 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
18 import com.liferay.portal.kernel.dao.jdbc.SmartResultSet;
19 import com.liferay.portal.kernel.log.Log;
20 import com.liferay.portal.kernel.log.LogFactoryUtil;
21 import com.liferay.portal.kernel.upgrade.UpgradeProcess;
22 import com.liferay.portal.kernel.util.GetterUtil;
23 import com.liferay.portal.kernel.util.StringBundler;
24 import com.liferay.portal.model.PortletConstants;
25 import com.liferay.portal.model.Resource;
26 import com.liferay.portal.model.ResourceConstants;
27 import com.liferay.portal.service.ResourceLocalServiceUtil;
28
29 import java.sql.Connection;
30 import java.sql.PreparedStatement;
31 import java.sql.ResultSet;
32
33
38 public class UpgradePortletPermissions extends UpgradeProcess {
39
40 protected void doUpgrade() throws Exception {
41 updatePortletPermissions(
42 "33", "com.liferay.portlet.blogs", new String[] {"ADD_ENTRY"});
43
44 updatePortletPermissions(
45 "28", "com.liferay.portlet.bookmarks", new String[] {"ADD_FOLDER"});
46
47 updatePortletPermissions(
48 "8", "com.liferay.portlet.calendar",
49 new String[] {"ADD_EVENT", "EXPORT_ALL_EVENTS"});
50
51 updatePortletPermissions(
52 "20", "com.liferay.portlet.documentlibrary",
53 new String[] {"ADD_FOLDER"});
54
55 updatePortletPermissions(
56 "31", "com.liferay.portlet.imagegallery",
57 new String[] {"ADD_FOLDER"});
58
59 updatePortletPermissions(
60 "15", "com.liferay.portlet.journal",
61 new String[] {
62 "ADD_ARTICLE", "ADD_FEED", "ADD_STRUCTURE", "ADD_TEMPLATE",
63 "APPROVE_ARTICLE"
64 });
65
66 updatePortletPermissions(
67 "19", "com.liferay.portlet.messageboards",
68 new String[] {"ADD_CATEGORY", "BAN_USER"});
69
70 updatePortletPermissions(
71 "25", "com.liferay.portlet.polls", new String[] {"ADD_QUESTION"});
72
73 updatePortletPermissions(
74 "34", "com.liferay.portlet.shopping",
75 new String[] {"ADD_CATEGORY", "MANAGE_COUPONS", "MANAGE_ORDERS"});
76
77 updatePortletPermissions(
78 "98", "com.liferay.portlet.softwarecatalog",
79 new String[] {"ADD_FRAMEWORK_VERSION", "ADD_PRODUCT_ENTRY"});
80
81 updatePortletPermissions(
82 "99", "com.liferay.portlet.tags",
83 new String[] {"ADD_ENTRY", "ADD_VOCABULARY"});
84
85 updatePortletPermissions(
86 "36", "com.liferay.portlet.wiki", new String[] {"ADD_NODE"});
87 }
88
89 protected Object[] getLayout(long plid) throws Exception {
90 Object[] layout = null;
91
92 Connection con = null;
93 PreparedStatement ps = null;
94 ResultSet rs = null;
95
96 try {
97 con = DataAccess.getConnection();
98
99 ps = con.prepareStatement(_GET_LAYOUT);
100
101 ps.setLong(1, plid);
102
103 rs = ps.executeQuery();
104
105 while (rs.next()) {
106 long groupId = rs.getLong("groupId");
107 long companyId = rs.getLong("companyId");
108
109 layout = new Object[] {groupId, companyId};
110 }
111 }
112 finally {
113 DataAccess.cleanUp(con, ps, rs);
114 }
115
116 return layout;
117 }
118
119 protected long getPortletPermissionsCount(
120 String actionId, long resourceId, String modelName)
121 throws Exception {
122
123 Connection con = null;
124 PreparedStatement ps = null;
125 ResultSet rs = null;
126
127 try {
128 con = DataAccess.getConnection();
129
130 StringBundler sb = new StringBundler(7);
131
132 sb.append("select count(*) from Permission_ ");
133 sb.append("inner join Resource_ on Resource_.resourceId = ");
134 sb.append("Permission_.resourceId inner join ResourceCode on ");
135 sb.append("ResourceCode.codeId = Resource_.codeId where ");
136 sb.append("Permission_.actionId = ? and ");
137 sb.append("Permission_.resourceId = ? and ResourceCode.name = ? ");
138 sb.append("and ResourceCode.scope = ? ");
139
140 String sql = sb.toString();
141
142 ps = con.prepareStatement(sql);
143
144 ps.setString(1, actionId);
145 ps.setLong(2, resourceId);
146 ps.setString(3, modelName);
147 ps.setInt(4, ResourceConstants.SCOPE_INDIVIDUAL);
148
149 rs = ps.executeQuery();
150
151 rs.next();
152
153 return rs.getLong(1);
154 }
155 finally {
156 DataAccess.cleanUp(con, ps, rs);
157 }
158 }
159
160 protected void updatePortletPermission(
161 long permissionId, String actionId, String primKey,
162 String modelName, int scope)
163 throws Exception {
164
165 long plid = GetterUtil.getLong(
166 primKey.substring(
167 0, primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR)));
168
169 Object[] layout = getLayout(plid);
170
171 if (layout == null) {
172 return;
173 }
174
175 long groupId = (Long)layout[0];
176 long companyId = (Long)layout[1];
177
178 Resource resource = ResourceLocalServiceUtil.addResource(
179 companyId, modelName, scope, String.valueOf(groupId));
180
181 long portletPermissionCount = getPortletPermissionsCount(
182 actionId, resource.getResourceId(), modelName);
183
184 if (portletPermissionCount == 0) {
185 runSQL(
186 "update Permission_ set resourceId = " +
187 resource.getResourceId() + " where permissionId = " +
188 permissionId);
189 }
190 else {
191 runSQL(
192 "delete from Permission_ where permissionId = " + permissionId);
193 }
194 }
195
196 protected void updatePortletPermissions(
197 String portletName, String modelName, String[] actionIds)
198 throws Exception {
199
200 Connection con = null;
201 PreparedStatement ps = null;
202 ResultSet rs = null;
203
204 try {
205 con = DataAccess.getConnection();
206
207 StringBundler sb = new StringBundler(4 * actionIds.length + 7);
208
209 sb.append("select Permission_.permissionId, ");
210 sb.append("Permission_.actionId, Resource_.primKey, ");
211 sb.append("ResourceCode.scope from Permission_ ");
212 sb.append("inner join Resource_ on Resource_.resourceId = ");
213 sb.append("Permission_.resourceId inner join ResourceCode on ");
214 sb.append("ResourceCode.codeId = Resource_.codeId where (");
215
216 for (int i = 0; i < actionIds.length; i++) {
217 String actionId = actionIds[i];
218
219 sb.append("Permission_.actionId = '");
220 sb.append(actionId);
221 sb.append("'");
222
223 if (i < (actionIds.length - 1)) {
224 sb.append(" or ");
225 }
226 }
227
228 sb.append(") and ResourceCode.name = ? and ResourceCode.scope = ?");
229
230 String sql = sb.toString();
231
232 ps = con.prepareStatement(sql);
233
234 ps.setString(1, portletName);
235 ps.setInt(2, ResourceConstants.SCOPE_INDIVIDUAL);
236
237 rs = ps.executeQuery();
238
239 SmartResultSet srs = new SmartResultSet(rs);
240
241 while (srs.next()) {
242 long permissionId = srs.getLong("Permission_.permissionId");
243 String actionId = srs.getString("Permission_.actionId");
244 String primKey = srs.getString("Resource_.primKey");
245 int scope = srs.getInt("ResourceCode.scope");
246
247 try {
248 updatePortletPermission(
249 permissionId, actionId, primKey, modelName, scope);
250 }
251 catch (Exception e) {
252 _log.error(
253 "Unable to upgrade permission " + permissionId, e);
254 }
255 }
256 }
257 finally {
258 DataAccess.cleanUp(con, ps, rs);
259 }
260 }
261
262 private static final String _GET_LAYOUT =
263 "select * from Layout where plid = ?";
264
265 private static Log _log = LogFactoryUtil.getLog(
266 UpgradePortletPermissions.class);
267
268 }