1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.convert;
16  
17  import com.liferay.counter.service.CounterLocalServiceUtil;
18  import com.liferay.portal.NoSuchResourceActionException;
19  import com.liferay.portal.convert.util.PermissionView;
20  import com.liferay.portal.convert.util.ResourcePermissionView;
21  import com.liferay.portal.kernel.cache.CacheRegistry;
22  import com.liferay.portal.kernel.dao.db.DB;
23  import com.liferay.portal.kernel.dao.db.DBFactoryUtil;
24  import com.liferay.portal.kernel.dao.jdbc.DataAccess;
25  import com.liferay.portal.kernel.dao.orm.QueryUtil;
26  import com.liferay.portal.kernel.io.unsync.UnsyncBufferedReader;
27  import com.liferay.portal.kernel.io.unsync.UnsyncBufferedWriter;
28  import com.liferay.portal.kernel.log.Log;
29  import com.liferay.portal.kernel.log.LogFactoryUtil;
30  import com.liferay.portal.kernel.util.FileUtil;
31  import com.liferay.portal.kernel.util.GetterUtil;
32  import com.liferay.portal.kernel.util.PropsKeys;
33  import com.liferay.portal.kernel.util.StringPool;
34  import com.liferay.portal.kernel.util.StringUtil;
35  import com.liferay.portal.kernel.util.Tuple;
36  import com.liferay.portal.kernel.util.Validator;
37  import com.liferay.portal.model.Company;
38  import com.liferay.portal.model.Group;
39  import com.liferay.portal.model.ResourceAction;
40  import com.liferay.portal.model.ResourceCode;
41  import com.liferay.portal.model.ResourceConstants;
42  import com.liferay.portal.model.ResourcePermission;
43  import com.liferay.portal.model.Role;
44  import com.liferay.portal.model.RoleConstants;
45  import com.liferay.portal.model.impl.PermissionModelImpl;
46  import com.liferay.portal.model.impl.ResourceCodeModelImpl;
47  import com.liferay.portal.model.impl.ResourceModelImpl;
48  import com.liferay.portal.model.impl.ResourcePermissionModelImpl;
49  import com.liferay.portal.model.impl.RoleModelImpl;
50  import com.liferay.portal.security.permission.PermissionCacheUtil;
51  import com.liferay.portal.security.permission.ResourceActionsUtil;
52  import com.liferay.portal.service.ClassNameLocalServiceUtil;
53  import com.liferay.portal.service.CompanyLocalServiceUtil;
54  import com.liferay.portal.service.GroupLocalServiceUtil;
55  import com.liferay.portal.service.ResourceActionLocalServiceUtil;
56  import com.liferay.portal.service.ResourceCodeLocalServiceUtil;
57  import com.liferay.portal.service.RoleLocalServiceUtil;
58  import com.liferay.portal.service.UserLocalServiceUtil;
59  import com.liferay.portal.service.persistence.BatchSessionUtil;
60  import com.liferay.portal.upgrade.util.Table;
61  import com.liferay.portal.util.MaintenanceUtil;
62  import com.liferay.portal.util.PropsValues;
63  
64  import java.io.FileReader;
65  import java.io.FileWriter;
66  import java.io.Writer;
67  
68  import java.sql.Connection;
69  import java.sql.PreparedStatement;
70  import java.sql.ResultSet;
71  import java.sql.Types;
72  
73  import java.util.ArrayList;
74  import java.util.Collections;
75  import java.util.HashMap;
76  import java.util.HashSet;
77  import java.util.List;
78  import java.util.Map;
79  import java.util.Set;
80  
81  import org.apache.commons.collections.map.MultiValueMap;
82  
83  /**
84   * <a href="ConvertPermissionAlgorithm.java.html"><b><i>View Source</i></b></a>
85   *
86   * <p>
87   * This class converts all existing permissions from the legacy permissions
88   * algorithm to the latest algorithm.
89   * </p>
90   *
91   * @author Alexander Chow
92   */
93  public class ConvertPermissionAlgorithm extends ConvertProcess {
94  
95      public String getDescription() {
96          return "convert-legacy-permission-algorithm";
97      }
98  
99      public String[] getParameterNames() {
100         return new String[] {
101             "generate-custom-roles=checkbox"
102         };
103     }
104 
105     public boolean isEnabled() {
106         boolean enabled = false;
107 
108         if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 6) {
109             enabled = true;
110         }
111 
112         return enabled;
113     }
114 
115     protected void convertToBitwise() throws Exception {
116 
117         // ResourceAction and ResourcePermission
118 
119         MaintenanceUtil.appendStatus(
120             "Generating ResourceAction and ResourcePermission data");
121 
122         Table table = new Table(
123             ResourceCodeModelImpl.TABLE_NAME,
124             new Object[][] {
125                 {"name", new Integer(Types.VARCHAR)}
126             });
127 
128         table.setSelectSQL(
129             "SELECT name FROM " + ResourceCodeModelImpl.TABLE_NAME +
130                 " GROUP BY name");
131 
132         String tempFile = table.generateTempFile();
133 
134         UnsyncBufferedReader resourceNameReader = new UnsyncBufferedReader(
135             new FileReader(tempFile));
136 
137         Writer resourcePermissionWriter = new UnsyncBufferedWriter(
138             new FileWriter(tempFile + _EXT_RESOURCE_PERMISSION));
139 
140         PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 6;
141 
142         try {
143             String line = null;
144 
145             while (Validator.isNotNull(line = resourceNameReader.readLine())) {
146                 String[] values = StringUtil.split(line);
147 
148                 String name = values[0];
149 
150                 List<String> defaultActionIds =
151                     ResourceActionsUtil.getResourceActions(name);
152 
153                 ResourceActionLocalServiceUtil.checkResourceActions(
154                     name, defaultActionIds);
155 
156                 convertResourcePermission(resourcePermissionWriter, name);
157             }
158 
159             resourcePermissionWriter.close();
160 
161             MaintenanceUtil.appendStatus("Updating ResourcePermission table");
162 
163             Table resourcePermissionTable = new Table(
164                 ResourcePermissionModelImpl.TABLE_NAME,
165                 ResourcePermissionModelImpl.TABLE_COLUMNS);
166 
167             resourcePermissionTable.populateTable(
168                 tempFile + _EXT_RESOURCE_PERMISSION);
169         }
170         catch (Exception e) {
171             PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 5;
172 
173             throw e;
174         }
175         finally {
176             resourceNameReader.close();
177 
178             resourcePermissionWriter.close();
179 
180             FileUtil.delete(tempFile);
181             FileUtil.delete(tempFile + _EXT_RESOURCE_PERMISSION);
182         }
183 
184         // Clean up
185 
186         MaintenanceUtil.appendStatus("Cleaning up legacy tables");
187 
188         DB db = DBFactoryUtil.getDB();
189 
190         db.runSQL("DELETE FROM " + ResourceCodeModelImpl.TABLE_NAME);
191         db.runSQL("DELETE FROM " + PermissionModelImpl.TABLE_NAME);
192         db.runSQL("DELETE FROM " + ResourceModelImpl.TABLE_NAME);
193         db.runSQL("DELETE FROM Roles_Permissions");
194 
195         MaintenanceUtil.appendStatus("Converted to bitwise permission");
196     }
197 
198     protected void convertToRBAC() throws Exception {
199         initializeRBAC();
200 
201         // Groups_Permissions
202 
203         convertPermissions(
204             RoleConstants.TYPE_COMMUNITY, "Groups_Permissions",
205             new String[] {"groupId"}, "Groups_Roles",
206             new Object[][] {
207                 {"groupId", Types.BIGINT}, {"roleId", Types.BIGINT}
208             });
209 
210         // OrgGroupPermission
211 
212         convertPermissions(
213             RoleConstants.TYPE_ORGANIZATION, "OrgGroupPermission",
214             new String[] {"organizationId", "groupId"}, "OrgGroupRole",
215             new Object[][] {
216                 {"organizationId", Types.BIGINT}, {"groupId", Types.BIGINT},
217                 {"roleId", Types.BIGINT}
218             });
219 
220         // Users_Permissions
221 
222         convertPermissions(
223             RoleConstants.TYPE_REGULAR, "Users_Permissions",
224             new String[] {"userId"}, "Users_Roles",
225             new Object[][] {
226                 {"userId", Types.BIGINT}, {"roleId", Types.BIGINT}
227             });
228 
229         // Clean up
230 
231         PermissionCacheUtil.clearCache();
232 
233         PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 5;
234 
235         MaintenanceUtil.appendStatus("Converted to RBAC permission");
236     }
237 
238     protected String convertGuestUsers(String legacyFile) throws Exception {
239         UnsyncBufferedReader legacyFileReader = new UnsyncBufferedReader(
240             new FileReader(legacyFile));
241 
242         Writer legacyFileUpdatedWriter = new UnsyncBufferedWriter(
243             new FileWriter(legacyFile + _UPDATED));
244         Writer legacyFileExtRolesPermissionsWriter = new UnsyncBufferedWriter(
245             new FileWriter(legacyFile + _EXT_ROLES_PERMIMISSIONS));
246 
247         try {
248             String line = null;
249 
250             while (Validator.isNotNull(line = legacyFileReader.readLine())) {
251                 String[] values = StringUtil.split(line);
252 
253                 long companyId = PermissionView.getCompanyId(values);
254                 long permissionId = PermissionView.getPermissionId(values);
255                 int scope = PermissionView.getScopeId(values);
256                 long userId = PermissionView.getPrimaryKey(values);
257 
258                 if ((scope == ResourceConstants.SCOPE_INDIVIDUAL) &&
259                     (_guestUsersSet.contains(userId))) {
260 
261                     long roleId = _guestRolesMap.get(companyId).getRoleId();
262 
263                     String key = roleId + "_" + permissionId;
264 
265                     if (_rolesPermissions.contains(key)) {
266                         continue;
267                     }
268                     else {
269                         _rolesPermissions.add(key);
270                     }
271 
272                     legacyFileExtRolesPermissionsWriter.write(
273                         roleId + "," + permissionId + "\n");
274                 }
275                 else {
276                     legacyFileUpdatedWriter.write(line + "\n");
277                 }
278             }
279         }
280         finally {
281             legacyFileReader.close();
282 
283             legacyFileUpdatedWriter.close();
284             legacyFileExtRolesPermissionsWriter.close();
285         }
286 
287         Table table = new Table(
288             "Roles_Permissions",
289             new Object[][] {
290                 {"roleId", Types.BIGINT}, {"permissionId", Types.BIGINT}
291             });
292 
293         table.populateTable(legacyFile + _EXT_ROLES_PERMIMISSIONS);
294 
295         FileUtil.delete(legacyFile);
296         FileUtil.delete(legacyFile + _EXT_ROLES_PERMIMISSIONS);
297 
298         return legacyFile + _UPDATED;
299     }
300 
301     protected void convertPermissions(
302             int type, String legacyName, String[] primKeys, String newName,
303             Object[][] newColumns)
304         throws Exception {
305 
306         MaintenanceUtil.appendStatus("Processing " + legacyName);
307 
308         Table legacyTable = new PermissionView(legacyName, primKeys);
309 
310         String legacyFile = legacyTable.generateTempFile();
311 
312         if (legacyFile == null) {
313             return;
314         }
315 
316         if (type == RoleConstants.TYPE_REGULAR) {
317             legacyFile = convertGuestUsers(legacyFile);
318 
319             MaintenanceUtil.appendStatus(
320                 "Converted guest users to guest roles");
321         }
322 
323         convertRoles(legacyFile, type, newName, newColumns);
324 
325         MaintenanceUtil.appendStatus("Converted roles for " + legacyName);
326 
327         DB db = DBFactoryUtil.getDB();
328 
329         db.runSQL(legacyTable.getDeleteSQL());
330 
331         FileUtil.delete(legacyFile);
332     }
333 
334     protected void convertResourcePermission(Writer writer, String name)
335         throws Exception {
336 
337         ResourcePermissionView resourcePermissionView =
338             new ResourcePermissionView(name);
339 
340         UnsyncBufferedReader resourcePermissionReader = null;
341 
342         String resourcePermissionFile =
343             resourcePermissionView.generateTempFile();
344 
345         if (resourcePermissionFile == null) {
346             return;
347         }
348 
349         MultiValueMap mvp = new MultiValueMap();
350 
351         try {
352             resourcePermissionReader = new UnsyncBufferedReader(
353                 new FileReader(resourcePermissionFile));
354 
355             String line = null;
356 
357             while (Validator.isNotNull(
358                     line = resourcePermissionReader.readLine())) {
359 
360                 String[] values = StringUtil.split(line);
361 
362                 String actionId = ResourcePermissionView.getActionId(values);
363                 long companyId = ResourcePermissionView.getCompanyId(values);
364                 int scope = ResourcePermissionView.getScope(values);
365                 String primKey = ResourcePermissionView.getPrimaryKey(values);
366                 long roleId = ResourcePermissionView.getRoleId(values);
367 
368                 mvp.put(new Tuple(companyId, scope, primKey, roleId), actionId);
369             }
370         }
371         finally {
372             if (resourcePermissionReader != null) {
373                 resourcePermissionReader.close();
374             }
375 
376             FileUtil.delete(resourcePermissionFile);
377         }
378 
379         for (Tuple key : (Set<Tuple>)mvp.keySet()) {
380             long resourcePermissionId = CounterLocalServiceUtil.increment(
381                 ResourcePermission.class.getName());
382 
383             long companyId = (Long)key.getObject(0);
384             int scope = (Integer)key.getObject(1);
385             String primKey = (String)key.getObject(2);
386             long roleId = (Long)key.getObject(3);
387 
388             String[] actionIdArray =
389                 (String[])mvp.getCollection(key).toArray(new String[0]);
390 
391             long actionIds = 0;
392 
393             for (String actionId : actionIdArray) {
394                 try {
395                     ResourceAction resourceAction =
396                         ResourceActionLocalServiceUtil.getResourceAction(
397                             name, actionId);
398 
399                     actionIds |= resourceAction.getBitwiseValue();
400                 }
401                 catch (NoSuchResourceActionException nsrae) {
402                     if (_log.isWarnEnabled()) {
403                         String msg = nsrae.getMessage();
404 
405                         _log.warn("Could not find resource action " + msg);
406                     }
407                 }
408             }
409 
410             writer.append(resourcePermissionId + StringPool.COMMA);
411             writer.append(companyId + StringPool.COMMA);
412             writer.append(name + StringPool.COMMA);
413             writer.append(scope + StringPool.COMMA);
414             writer.append(primKey + StringPool.COMMA);
415             writer.append(roleId + StringPool.COMMA);
416             writer.append(actionIds + StringPool.COMMA + StringPool.NEW_LINE);
417         }
418     }
419 
420     protected void convertRoles(
421             String legacyFile, int type, String newName, Object[][] newColumns)
422         throws Exception {
423 
424         UnsyncBufferedReader legacyFileReader = new UnsyncBufferedReader(
425             new FileReader(legacyFile));
426 
427         Writer legacyFileExtRoleWriter = new UnsyncBufferedWriter(
428             new FileWriter(legacyFile + _EXT_ROLE));
429         Writer legacyFileExtRolesPermissionsWriter = new UnsyncBufferedWriter(
430             new FileWriter(legacyFile + _EXT_ROLES_PERMIMISSIONS));
431         Writer legacyFileExtOtherRolesWriter = new UnsyncBufferedWriter(
432             new FileWriter(legacyFile + _EXT_OTHER_ROLES));
433 
434         try {
435 
436             // Group by resource id
437 
438             MultiValueMap mvp = new MultiValueMap();
439 
440             String line = null;
441 
442             while (Validator.isNotNull(line = legacyFileReader.readLine())) {
443                 String[] values = StringUtil.split(line);
444 
445                 long resourceId = PermissionView.getResourceId(values);
446 
447                 mvp.put(resourceId, values);
448             }
449 
450             // Assign role for each grouping
451 
452             for (Long key : (Set<Long>)mvp.keySet()) {
453                 List<String[]> valuesList = new ArrayList<String[]>(
454                     mvp.getCollection(key));
455 
456                 String[] values = valuesList.get(0);
457 
458                 long companyId = PermissionView.getCompanyId(values);
459                 long groupId = PermissionView.getPrimaryKey(values);
460                 String name = PermissionView.getNameId(values);
461                 int scope = PermissionView.getScopeId(values);
462 
463                 // Group action ids and permission ids
464 
465                 List<String> actionsIds = new ArrayList<String>();
466                 List<Long> permissionIds = new ArrayList<Long>();
467 
468                 for (String[] curValues : valuesList) {
469                     String actionId = PermissionView.getActionId(curValues);
470                     long permissionId = PermissionView.getPermissionId(
471                         curValues);
472 
473                     actionsIds.add(actionId);
474                     permissionIds.add(permissionId);
475                 }
476 
477                 // Look for owner and system roles
478 
479                 if ((type != RoleConstants.TYPE_ORGANIZATION) &&
480                     (scope == ResourceConstants.SCOPE_INDIVIDUAL)) {
481 
482                     // Find default actions
483 
484                     List<String> defaultActions = null;
485 
486                     if (type == RoleConstants.TYPE_REGULAR) {
487                         defaultActions =
488                             ResourceActionsUtil.getResourceActions(name);
489                     }
490                     else {
491                         defaultActions =
492                             ResourceActionsUtil.
493                                 getResourceCommunityDefaultActions(name);
494                     }
495 
496                     // Resolve owner and system roles
497 
498                     Role defaultRole = null;
499 
500                     if (type == RoleConstants.TYPE_REGULAR) {
501                         Collections.sort(actionsIds);
502                         Collections.sort(defaultActions);
503 
504                         if (defaultActions.equals(actionsIds)) {
505                             defaultRole = _ownerRolesMap.get(companyId);
506                         }
507                     }
508                     else {
509                         if (defaultActions.containsAll(actionsIds)) {
510                             Role[] defaultRoles = _defaultRolesMap.get(
511                                 companyId);
512 
513                             Group group = _groupsMap.get(groupId);
514 
515                             if (group == null) {
516                                 continue;
517                             }
518 
519                             if (group.isCommunity()) {
520                                 defaultRole = defaultRoles[0];
521                             }
522                             else if (group.isOrganization()) {
523                                 defaultRole = defaultRoles[1];
524                             }
525                             else if (group.isUser() || group.isUserGroup()) {
526                                 defaultRole = defaultRoles[2];
527                             }
528                         }
529                     }
530 
531                     if (defaultRole != null) {
532                         long roleId = defaultRole.getRoleId();
533 
534                         for (Long permissionId : permissionIds) {
535                             String curKey = roleId + "_" + permissionId;
536 
537                             if (_rolesPermissions.contains(curKey)) {
538                                 continue;
539                             }
540                             else {
541                                 _rolesPermissions.add(curKey);
542                             }
543 
544                             legacyFileExtRolesPermissionsWriter.write(
545                                 roleId + "," + permissionId + ",\n");
546                         }
547 
548                         continue;
549                     }
550                 }
551 
552                 if (isGenerateCustomRoles()) {
553 
554                     // Role_
555 
556                     long roleId = CounterLocalServiceUtil.increment();
557 
558                     String roleName = StringUtil.upperCaseFirstLetter(
559                         RoleConstants.getTypeLabel(type));
560 
561                     roleName += " " + Long.toHexString(roleId);
562 
563                     String[] roleColumns = new String[] {
564                         String.valueOf(roleId), String.valueOf(companyId),
565                         String.valueOf(
566                             ClassNameLocalServiceUtil.getClassNameId(
567                                 Role.class)),
568                         String.valueOf(roleId), roleName, StringPool.BLANK,
569                         "Autogenerated role from portal upgrade",
570                         String.valueOf(type), "lfr-permission-algorithm-5"
571                     };
572 
573                     for (int i = 0; i < roleColumns.length; i++) {
574                         legacyFileExtRoleWriter.write(
575                             roleColumns[i] + StringPool.COMMA);
576 
577                         if (i == (roleColumns.length - 1)) {
578                             legacyFileExtRoleWriter.write(StringPool.NEW_LINE);
579                         }
580                     }
581 
582                     // Roles_Permissions
583 
584                     for (Long permissionId : permissionIds) {
585                         String curKey = roleId + "_" + permissionId;
586 
587                         if (_rolesPermissions.contains(curKey)) {
588                             continue;
589                         }
590                         else {
591                             _rolesPermissions.add(curKey);
592                         }
593 
594                         legacyFileExtRolesPermissionsWriter.write(
595                             roleId + "," + permissionId + ",\n");
596                     }
597 
598                     // Others_Roles
599 
600                     for (int i = 0; i < newColumns.length - 1; i++) {
601                         legacyFileExtOtherRolesWriter.write(
602                             values[i] + StringPool.COMMA);
603                     }
604 
605                     legacyFileExtOtherRolesWriter.write(roleId + ",\n");
606                 }
607             }
608         }
609         finally {
610             legacyFileReader.close();
611 
612             legacyFileExtRoleWriter.close();
613             legacyFileExtRolesPermissionsWriter.close();
614             legacyFileExtOtherRolesWriter.close();
615         }
616 
617         // Role_
618 
619         Table roleTable = new Table(
620             RoleModelImpl.TABLE_NAME, RoleModelImpl.TABLE_COLUMNS);
621 
622         roleTable.populateTable(legacyFile + _EXT_ROLE);
623 
624         // Roles_Permissions
625 
626         Table rolesPermissionsTable = new Table(
627             "Roles_Permissions",
628             new Object[][] {
629                 {"roleId", Types.BIGINT}, {"permissionId", Types.BIGINT}
630             });
631 
632         rolesPermissionsTable.populateTable(
633             legacyFile + _EXT_ROLES_PERMIMISSIONS);
634 
635         // Others_Roles
636 
637         Table othersRolesTable = new Table(newName, newColumns);
638 
639         othersRolesTable.populateTable(legacyFile + _EXT_OTHER_ROLES);
640 
641         // Clean up
642 
643         FileUtil.delete(legacyFile + _EXT_ROLE);
644         FileUtil.delete(legacyFile + _EXT_ROLES_PERMIMISSIONS);
645         FileUtil.delete(legacyFile + _EXT_OTHER_ROLES);
646     }
647 
648     protected void doConvert() throws Exception {
649         try {
650             BatchSessionUtil.setEnabled(true);
651 
652             initialize();
653 
654             if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
655                 convertToRBAC();
656             }
657 
658             convertToBitwise();
659 
660             MaintenanceUtil.appendStatus(
661                 "Please set " + PropsKeys.PERMISSIONS_USER_CHECK_ALGORITHM +
662                     " in your portal-ext.properties to use algorithm 6");
663         }
664         finally {
665             CacheRegistry.clear();
666 
667             PermissionCacheUtil.clearCache();
668 
669             BatchSessionUtil.setEnabled(false);
670         }
671     }
672 
673     protected void initialize() throws Exception {
674 
675         // Resource actions for unknown portlets
676 
677         List<ResourceCode> resourceCodes =
678             ResourceCodeLocalServiceUtil.getResourceCodes(
679                 QueryUtil.ALL_POS, QueryUtil.ALL_POS);
680 
681         for (ResourceCode resourceCode : resourceCodes) {
682             String name = resourceCode.getName();
683 
684             if (!name.contains(StringPool.PERIOD)) {
685                 ResourceActionsUtil.getPortletResourceActions(name);
686             }
687         }
688     }
689 
690     protected void initializeRBAC() throws Exception {
691 
692         // System roles and default users
693 
694         List<Company> companies = CompanyLocalServiceUtil.getCompanies();
695 
696         for (Company company : companies) {
697             long companyId = company.getCompanyId();
698 
699             _defaultRolesMap.put(
700                 companyId,
701                 new Role[] {
702                         RoleLocalServiceUtil.getRole(
703                             companyId, RoleConstants.COMMUNITY_MEMBER),
704                         RoleLocalServiceUtil.getRole(
705                             companyId, RoleConstants.ORGANIZATION_MEMBER),
706                         RoleLocalServiceUtil.getRole(
707                             companyId, RoleConstants.POWER_USER),
708                     }
709                 );
710 
711             Role guestRole = RoleLocalServiceUtil.getRole(
712                 companyId, RoleConstants.GUEST);
713 
714             _guestRolesMap.put(companyId, guestRole);
715 
716             Role ownerRole = RoleLocalServiceUtil.getRole(
717                 companyId, RoleConstants.OWNER);
718 
719             _ownerRolesMap.put(companyId, ownerRole);
720 
721             long defaultUserId = UserLocalServiceUtil.getDefaultUserId(
722                 companyId);
723 
724             _guestUsersSet.add(defaultUserId);
725         }
726 
727         // Roles_Permissions
728 
729         Connection con = null;
730         PreparedStatement ps = null;
731         ResultSet rs = null;
732 
733         try {
734             con = DataAccess.getConnection();
735 
736             ps = con.prepareStatement("SELECT * FROM Roles_Permissions");
737 
738             rs = ps.executeQuery();
739 
740             while (rs.next()) {
741                 long roleId = rs.getLong("roleId");
742                 long permissionId = rs.getLong("permissionId");
743 
744                 _rolesPermissions.add(roleId + "_" + permissionId);
745             }
746         }
747         finally {
748             DataAccess.cleanUp(con, ps, rs);
749         }
750 
751         // Groups
752 
753         List<Group> groups = GroupLocalServiceUtil.getGroups(
754             QueryUtil.ALL_POS, QueryUtil.ALL_POS);
755 
756         for (Group group : groups) {
757             _groupsMap.put(group.getGroupId(), group);
758         }
759     }
760 
761     protected boolean isGenerateCustomRoles() {
762         String[] parameterValues = getParameterValues();
763 
764         return GetterUtil.getBoolean(parameterValues[0]);
765     }
766 
767     private static final String _EXT_OTHER_ROLES = ".others_roles";
768 
769     private static final String _EXT_RESOURCE_PERMISSION =
770         ".resource_permission";
771 
772     private static final String _EXT_ROLE = ".role";
773 
774     private static final String _EXT_ROLES_PERMIMISSIONS = ".roles_permissions";
775 
776     private static final String _UPDATED = ".updated";
777 
778     private static Log _log = LogFactoryUtil.getLog(
779         ConvertPermissionAlgorithm.class);
780 
781     private Map<Long, Role[]> _defaultRolesMap = new HashMap<Long, Role[]>();
782     private Map<Long, Group> _groupsMap = new HashMap<Long, Group>();
783     private Map<Long, Role> _guestRolesMap = new HashMap<Long, Role>();
784     private Set<Long> _guestUsersSet = new HashSet<Long>();
785     private Map<Long, Role> _ownerRolesMap = new HashMap<Long, Role>();
786     private Set<String> _rolesPermissions = new HashSet<String>();
787 
788 }