1
22
23 package com.liferay.portal.upgrade.v5_2_0;
24
25 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
26 import com.liferay.portal.kernel.dao.jdbc.SmartResultSet;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.kernel.upgrade.UpgradeProcess;
30 import com.liferay.portal.kernel.util.GetterUtil;
31 import com.liferay.portal.model.PortletConstants;
32 import com.liferay.portal.model.Resource;
33 import com.liferay.portal.model.ResourceConstants;
34 import com.liferay.portal.service.ResourceLocalServiceUtil;
35
36 import java.sql.Connection;
37 import java.sql.PreparedStatement;
38 import java.sql.ResultSet;
39
40
45 public class UpgradePortletPermissions extends UpgradeProcess {
46
47 protected void doUpgrade() throws Exception {
48 updatePortletPermissions(
49 "33", "com.liferay.portlet.blogs", new String[] {"ADD_ENTRY"});
50
51 updatePortletPermissions(
52 "28", "com.liferay.portlet.bookmarks", new String[] {"ADD_FOLDER"});
53
54 updatePortletPermissions(
55 "8", "com.liferay.portlet.calendar",
56 new String[] {"ADD_EVENT", "EXPORT_ALL_EVENTS"});
57
58 updatePortletPermissions(
59 "20", "com.liferay.portlet.documentlibrary",
60 new String[] {"ADD_FOLDER"});
61
62 updatePortletPermissions(
63 "31", "com.liferay.portlet.imagegallery",
64 new String[] {"ADD_FOLDER"});
65
66 updatePortletPermissions(
67 "15", "com.liferay.portlet.journal",
68 new String[] {
69 "ADD_ARTICLE", "ADD_FEED", "ADD_STRUCTURE", "ADD_TEMPLATE",
70 "APPROVE_ARTICLE"
71 });
72
73 updatePortletPermissions(
74 "19", "com.liferay.portlet.messageboards",
75 new String[] {"ADD_CATEGORY", "BAN_USER"});
76
77 updatePortletPermissions(
78 "25", "com.liferay.portlet.polls", new String[] {"ADD_QUESTION"});
79
80 updatePortletPermissions(
81 "34", "com.liferay.portlet.shopping",
82 new String[] {"ADD_CATEGORY", "MANAGE_COUPONS", "MANAGE_ORDERS"});
83
84 updatePortletPermissions(
85 "98", "com.liferay.portlet.softwarecatalog",
86 new String[] {"ADD_FRAMEWORK_VERSION", "ADD_PRODUCT_ENTRY"});
87
88 updatePortletPermissions(
89 "99", "com.liferay.portlet.tags",
90 new String[] {"ADD_ENTRY", "ADD_VOCABULARY"});
91
92 updatePortletPermissions(
93 "36", "com.liferay.portlet.wiki", new String[] {"ADD_NODE"});
94 }
95
96 protected Object[] getLayout(long plid) throws Exception {
97 Object[] layout = null;
98
99 Connection con = null;
100 PreparedStatement ps = null;
101 ResultSet rs = null;
102
103 try {
104 con = DataAccess.getConnection();
105
106 ps = con.prepareStatement(_GET_LAYOUT);
107
108 ps.setLong(1, plid);
109
110 rs = ps.executeQuery();
111
112 while (rs.next()) {
113 long groupId = rs.getLong("groupId");
114 long companyId = rs.getLong("companyId");
115
116 layout = new Object[] {groupId, companyId};
117 }
118 }
119 finally {
120 DataAccess.cleanUp(con, ps, rs);
121 }
122
123 return layout;
124 }
125
126 protected long getPortletPermissionsCount(
127 String actionId, long resourceId, String modelName)
128 throws Exception {
129
130 Connection con = null;
131 PreparedStatement ps = null;
132 ResultSet rs = null;
133
134 try {
135 con = DataAccess.getConnection();
136
137 StringBuilder sb = new StringBuilder();
138
139 sb.append("select count(*) from Permission_ ");
140 sb.append("inner join Resource_ on Resource_.resourceId = ");
141 sb.append("Permission_.resourceId inner join ResourceCode on ");
142 sb.append("ResourceCode.codeId = Resource_.codeId where ");
143 sb.append("Permission_.actionId = ? and ");
144 sb.append("Permission_.resourceId = ? and ResourceCode.name = ? ");
145 sb.append("and ResourceCode.scope = ? ");
146
147 String sql = sb.toString();
148
149 ps = con.prepareStatement(sql);
150
151 ps.setString(1, actionId);
152 ps.setLong(2, resourceId);
153 ps.setString(3, modelName);
154 ps.setInt(4, ResourceConstants.SCOPE_INDIVIDUAL);
155
156 rs = ps.executeQuery();
157
158 rs.next();
159
160 return rs.getLong(1);
161 }
162 finally {
163 DataAccess.cleanUp(con, ps, rs);
164 }
165 }
166
167 protected void updatePortletPermission(
168 long permissionId, String actionId, String primKey,
169 String modelName, int scope)
170 throws Exception {
171
172 long plid = GetterUtil.getLong(
173 primKey.substring(
174 0, primKey.indexOf(PortletConstants.LAYOUT_SEPARATOR)));
175
176 Object[] layout = getLayout(plid);
177
178 if (layout == null) {
179 return;
180 }
181
182 long groupId = (Long)layout[0];
183 long companyId = (Long)layout[1];
184
185 Resource resource = ResourceLocalServiceUtil.addResource(
186 companyId, modelName, scope, String.valueOf(groupId));
187
188 long portletPermissionCount = getPortletPermissionsCount(
189 actionId, resource.getResourceId(), modelName);
190
191 if (portletPermissionCount == 0) {
192 runSQL(
193 "update Permission_ set resourceId = " +
194 resource.getResourceId() + " where permissionId = " +
195 permissionId);
196 }
197 else {
198 runSQL(
199 "delete from Permission_ where permissionId = " + permissionId);
200 }
201 }
202
203 protected void updatePortletPermissions(
204 String portletName, String modelName, String[] actionIds)
205 throws Exception {
206
207 Connection con = null;
208 PreparedStatement ps = null;
209 ResultSet rs = null;
210
211 try {
212 con = DataAccess.getConnection();
213
214 StringBuilder sb = new StringBuilder();
215
216 sb.append("select Permission_.permissionId, ");
217 sb.append("Permission_.actionId, Resource_.primKey, ");
218 sb.append("ResourceCode.scope from Permission_ ");
219 sb.append("inner join Resource_ on Resource_.resourceId = ");
220 sb.append("Permission_.resourceId inner join ResourceCode on ");
221 sb.append("ResourceCode.codeId = Resource_.codeId where (");
222
223 for (int i = 0; i < actionIds.length; i++) {
224 String actionId = actionIds[i];
225
226 sb.append("Permission_.actionId = '");
227 sb.append(actionId);
228 sb.append("'");
229
230 if (i < (actionIds.length - 1)) {
231 sb.append(" or ");
232 }
233 }
234
235 sb.append(") and ResourceCode.name = ? and ResourceCode.scope = ?");
236
237 String sql = sb.toString();
238
239 ps = con.prepareStatement(sql);
240
241 ps.setString(1, portletName);
242 ps.setInt(2, ResourceConstants.SCOPE_INDIVIDUAL);
243
244 rs = ps.executeQuery();
245
246 SmartResultSet srs = new SmartResultSet(rs);
247
248 while (srs.next()) {
249 long permissionId = srs.getLong("Permission_.permissionId");
250 String actionId = srs.getString("Permission_.actionId");
251 String primKey = srs.getString("Resource_.primKey");
252 int scope = srs.getInt("ResourceCode.scope");
253
254 try {
255 updatePortletPermission(
256 permissionId, actionId, primKey, modelName, scope);
257 }
258 catch (Exception e) {
259 _log.error(
260 "Unable to upgrade permission " + permissionId, e);
261 }
262 }
263 }
264 finally {
265 DataAccess.cleanUp(con, ps, rs);
266 }
267 }
268
269 private static final String _GET_LAYOUT =
270 "select * from Layout where plid = ?";
271
272 private static Log _log = LogFactoryUtil.getLog(
273 UpgradePortletPermissions.class);
274
275 }