2 * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
\r
4 * This library is free software; you can redistribute it and/or modify it under
\r
5 * the terms of the GNU Lesser General Public License as published by the Free
\r
6 * Software Foundation; either version 2.1 of the License, or (at your option)
\r
9 * This library is distributed in the hope that it will be useful, but WITHOUT
\r
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
\r
11 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
\r
15 package com.liferay.portal.convert;
\r
17 import com.liferay.counter.service.CounterLocalServiceUtil;
\r
18 import com.liferay.portal.NoSuchResourceActionException;
\r
19 import com.liferay.portal.convert.util.PermissionView;
\r
20 import com.liferay.portal.convert.util.ResourcePermissionView;
\r
21 import com.liferay.portal.kernel.dao.db.DB;
\r
22 import com.liferay.portal.kernel.dao.db.DBFactoryUtil;
\r
23 import com.liferay.portal.kernel.dao.jdbc.DataAccess;
\r
24 import com.liferay.portal.kernel.dao.orm.QueryUtil;
\r
25 import com.liferay.portal.kernel.exception.PortalException;
\r
26 import com.liferay.portal.kernel.io.unsync.UnsyncBufferedReader;
\r
27 import com.liferay.portal.kernel.io.unsync.UnsyncBufferedWriter;
\r
28 import com.liferay.portal.kernel.log.Log;
\r
29 import com.liferay.portal.kernel.log.LogFactoryUtil;
\r
30 import com.liferay.portal.kernel.util.FileUtil;
\r
31 import com.liferay.portal.kernel.util.GetterUtil;
\r
32 import com.liferay.portal.kernel.util.MultiValueMap;
\r
33 import com.liferay.portal.kernel.util.MultiValueMapFactoryUtil;
\r
34 import com.liferay.portal.kernel.util.PropsKeys;
\r
35 import com.liferay.portal.kernel.util.ReleaseInfo;
\r
36 import com.liferay.portal.kernel.util.StringPool;
\r
37 import com.liferay.portal.kernel.util.StringUtil;
\r
38 import com.liferay.portal.kernel.util.Tuple;
\r
39 import com.liferay.portal.kernel.util.UnmodifiableList;
\r
40 import com.liferay.portal.kernel.util.Validator;
\r
41 import com.liferay.portal.model.Company;
\r
42 import com.liferay.portal.model.Group;
\r
43 import com.liferay.portal.model.Release;
\r
44 import com.liferay.portal.model.ReleaseConstants;
\r
45 import com.liferay.portal.model.ResourceAction;
\r
46 import com.liferay.portal.model.ResourceCode;
\r
47 import com.liferay.portal.model.ResourceConstants;
\r
48 import com.liferay.portal.model.ResourcePermission;
\r
49 import com.liferay.portal.model.Role;
\r
50 import com.liferay.portal.model.RoleConstants;
\r
51 import com.liferay.portal.model.impl.PermissionModelImpl;
\r
52 import com.liferay.portal.model.impl.ResourceCodeModelImpl;
\r
53 import com.liferay.portal.model.impl.ResourceModelImpl;
\r
54 import com.liferay.portal.model.impl.ResourcePermissionModelImpl;
\r
55 import com.liferay.portal.model.impl.RoleModelImpl;
\r
56 import com.liferay.portal.security.permission.PermissionCacheUtil;
\r
57 import com.liferay.portal.security.permission.ResourceActionsUtil;
\r
58 import com.liferay.portal.service.ClassNameLocalServiceUtil;
\r
59 import com.liferay.portal.service.CompanyLocalServiceUtil;
\r
60 import com.liferay.portal.service.GroupLocalServiceUtil;
\r
61 import com.liferay.portal.service.ReleaseLocalServiceUtil;
\r
62 import com.liferay.portal.service.ResourceActionLocalServiceUtil;
\r
63 import com.liferay.portal.service.ResourceCodeLocalServiceUtil;
\r
64 import com.liferay.portal.service.RoleLocalServiceUtil;
\r
65 import com.liferay.portal.service.UserLocalServiceUtil;
\r
66 import com.liferay.portal.service.persistence.BatchSessionUtil;
\r
67 import com.liferay.portal.upgrade.util.Table;
\r
68 import com.liferay.portal.util.MaintenanceUtil;
\r
69 import com.liferay.portal.util.PropsValues;
\r
70 import com.liferay.portal.util.ShutdownUtil;
\r
71 import com.pentila.entSavoie.ENTRolesConstants;
\r
73 import java.io.FileReader;
\r
74 import java.io.FileWriter;
\r
75 import java.io.Writer;
\r
77 import java.sql.Connection;
\r
78 import java.sql.PreparedStatement;
\r
79 import java.sql.ResultSet;
\r
80 import java.sql.Types;
\r
82 import java.util.ArrayList;
\r
83 import java.util.Collections;
\r
84 import java.util.HashMap;
\r
85 import java.util.HashSet;
\r
86 import java.util.List;
\r
87 import java.util.Map;
\r
88 import java.util.Set;
\r
92 * This class converts all existing permissions from the legacy permissions
\r
93 * algorithm to the latest algorithm.
\r
96 * @author Alexander Chow
\r
98 public class ConvertPermissionAlgorithm extends ConvertProcess {
\r
101 public String getDescription() {
\r
102 return "convert-legacy-permission-algorithm";
\r
106 public String[] getParameterNames() {
\r
107 return new String[] {"generate-custom-roles=checkbox"};
\r
111 public boolean isEnabled() {
\r
112 boolean enabled = false;
\r
114 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 6) {
\r
121 protected String convertGuestUsers(String legacyFile) throws Exception {
\r
122 UnsyncBufferedReader legacyFileReader = new UnsyncBufferedReader(
\r
123 new FileReader(legacyFile));
\r
125 Writer legacyFileUpdatedWriter = new UnsyncBufferedWriter(
\r
126 new FileWriter(legacyFile + _UPDATED));
\r
127 Writer legacyFileExtRolesPermissionsWriter = new UnsyncBufferedWriter(
\r
128 new FileWriter(legacyFile + _EXT_ROLES_PERMIMISSIONS));
\r
131 String line = null;
\r
133 while (Validator.isNotNull(line = legacyFileReader.readLine())) {
\r
134 String[] values = StringUtil.split(line);
\r
136 long companyId = PermissionView.getCompanyId(values);
\r
137 long permissionId = PermissionView.getPermissionId(values);
\r
138 int scope = PermissionView.getScopeId(values);
\r
139 long userId = PermissionView.getPrimaryKey(values);
\r
141 if ((scope == ResourceConstants.SCOPE_INDIVIDUAL) &&
\r
142 _guestUsersSet.contains(userId)) {
\r
144 long roleId = _guestRolesMap.get(companyId).getRoleId();
\r
146 String key = roleId + "_" + permissionId;
\r
148 if (_rolesPermissions.contains(key)) {
\r
152 _rolesPermissions.add(key);
\r
155 legacyFileExtRolesPermissionsWriter.write(
\r
156 roleId + "," + permissionId + "\n");
\r
159 legacyFileUpdatedWriter.write(line + "\n");
\r
164 legacyFileReader.close();
\r
166 legacyFileUpdatedWriter.close();
\r
167 legacyFileExtRolesPermissionsWriter.close();
\r
170 Table table = new Table(
\r
171 "Roles_Permissions",
\r
173 {"roleId", Types.BIGINT}, {"permissionId", Types.BIGINT}
\r
176 table.populateTable(legacyFile + _EXT_ROLES_PERMIMISSIONS);
\r
178 FileUtil.delete(legacyFile);
\r
179 FileUtil.delete(legacyFile + _EXT_ROLES_PERMIMISSIONS);
\r
181 return legacyFile + _UPDATED;
\r
184 protected void convertPermissions(
\r
185 int type, String legacyName, String[] primKeys, String newName,
\r
186 Object[][] newColumns)
\r
189 MaintenanceUtil.appendStatus("Processing " + legacyName);
\r
191 Table legacyTable = new PermissionView(legacyName, primKeys);
\r
193 String legacyFile = legacyTable.generateTempFile();
\r
195 if (legacyFile == null) {
\r
199 if (type == RoleConstants.TYPE_REGULAR) {
\r
200 legacyFile = convertGuestUsers(legacyFile);
\r
202 MaintenanceUtil.appendStatus(
\r
203 "Converted guest users to guest roles");
\r
206 convertRoles(legacyFile, type, newName, newColumns);
\r
208 MaintenanceUtil.appendStatus("Converted roles for " + legacyName);
\r
210 DB db = DBFactoryUtil.getDB();
\r
212 db.runSQL(legacyTable.getDeleteSQL());
\r
214 FileUtil.delete(legacyFile);
\r
217 protected void convertResourcePermission(Writer writer, String name)
\r
220 ResourcePermissionView resourcePermissionView =
\r
221 new ResourcePermissionView(name);
\r
223 UnsyncBufferedReader resourcePermissionReader = null;
\r
225 String resourcePermissionFile =
\r
226 resourcePermissionView.generateTempFile();
\r
228 if (resourcePermissionFile == null) {
\r
232 MultiValueMap<Tuple, String> mvp =
\r
233 (MultiValueMap<Tuple, String>)
\r
234 MultiValueMapFactoryUtil.getMultiValueMap(
\r
235 _CONVERT_RESOURCE_PERMISSION);
\r
238 resourcePermissionReader = new UnsyncBufferedReader(
\r
239 new FileReader(resourcePermissionFile));
\r
241 String line = null;
\r
243 while (Validator.isNotNull(
\r
244 line = resourcePermissionReader.readLine())) {
\r
246 String[] values = StringUtil.split(line);
\r
248 String actionId = ResourcePermissionView.getActionId(values);
\r
249 long companyId = ResourcePermissionView.getCompanyId(values);
\r
250 int scope = ResourcePermissionView.getScope(values);
\r
251 String primKey = ResourcePermissionView.getPrimaryKey(values);
\r
252 long roleId = ResourcePermissionView.getRoleId(values);
\r
254 mvp.put(new Tuple(companyId, scope, primKey, roleId), actionId);
\r
258 if (resourcePermissionReader != null) {
\r
259 resourcePermissionReader.close();
\r
262 FileUtil.delete(resourcePermissionFile);
\r
265 for (Tuple key : mvp.keySet()) {
\r
266 long resourcePermissionId = CounterLocalServiceUtil.increment(
\r
267 ResourcePermission.class.getName());
\r
269 long companyId = (Long)key.getObject(0);
\r
270 int scope = (Integer)key.getObject(1);
\r
271 String primKey = (String)key.getObject(2);
\r
272 long roleId = (Long)key.getObject(3);
\r
274 long actionIds = 0;
\r
276 for (String actionId : mvp.getAll(key)) {
\r
278 ResourceAction resourceAction =
\r
279 ResourceActionLocalServiceUtil.getResourceAction(
\r
282 actionIds |= resourceAction.getBitwiseValue();
\r
284 catch (NoSuchResourceActionException nsrae) {
\r
285 if (_log.isWarnEnabled()) {
\r
286 String msg = nsrae.getMessage();
\r
288 _log.warn("Could not find resource action " + msg);
\r
293 writer.append(resourcePermissionId + StringPool.COMMA);
\r
294 writer.append(companyId + StringPool.COMMA);
\r
295 writer.append(name + StringPool.COMMA);
\r
296 writer.append(scope + StringPool.COMMA);
\r
297 writer.append(primKey + StringPool.COMMA);
\r
298 writer.append(roleId + StringPool.COMMA);
\r
299 writer.append(0 + StringPool.COMMA);
\r
300 writer.append(actionIds + StringPool.COMMA + StringPool.NEW_LINE);
\r
304 protected void convertRoles(
\r
305 String legacyFile, int type, String newName, Object[][] newColumns)
\r
308 UnsyncBufferedReader legacyFileReader = new UnsyncBufferedReader(
\r
309 new FileReader(legacyFile));
\r
311 Writer legacyFileExtRoleWriter = new UnsyncBufferedWriter(
\r
312 new FileWriter(legacyFile + _EXT_ROLE));
\r
313 Writer legacyFileExtRolesPermissionsWriter = new UnsyncBufferedWriter(
\r
314 new FileWriter(legacyFile + _EXT_ROLES_PERMIMISSIONS));
\r
315 Writer legacyFileExtOtherRolesWriter = new UnsyncBufferedWriter(
\r
316 new FileWriter(legacyFile + _EXT_OTHER_ROLES));
\r
320 // Group by resource id
\r
322 MultiValueMap<Long, String[]> mvp =
\r
323 (MultiValueMap<Long, String[]>)
\r
324 MultiValueMapFactoryUtil.getMultiValueMap(_CONVERT_ROLES);
\r
326 String line = null;
\r
328 while (Validator.isNotNull(line = legacyFileReader.readLine())) {
\r
329 String[] values = StringUtil.split(line);
\r
331 long resourceId = PermissionView.getResourceId(values);
\r
333 mvp.put(resourceId, values);
\r
336 // Assign role for each grouping
\r
338 for (Long key : mvp.keySet()) {
\r
339 List<String[]> valuesList = new ArrayList<String[]>(
\r
342 String[] values = valuesList.get(0);
\r
344 long companyId = PermissionView.getCompanyId(values);
\r
345 long groupId = PermissionView.getPrimaryKey(values);
\r
346 String name = PermissionView.getNameId(values);
\r
347 int scope = PermissionView.getScopeId(values);
\r
349 // Group action ids and permission ids
\r
351 List<String> actionsIds = new ArrayList<String>();
\r
352 List<Long> permissionIds = new ArrayList<Long>();
\r
354 for (String[] curValues : valuesList) {
\r
355 String actionId = PermissionView.getActionId(curValues);
\r
356 long permissionId = PermissionView.getPermissionId(
\r
359 actionsIds.add(actionId);
\r
360 permissionIds.add(permissionId);
\r
363 // Look for owner and system roles
\r
365 if ((type != RoleConstants.TYPE_ORGANIZATION) &&
\r
366 (scope == ResourceConstants.SCOPE_INDIVIDUAL)) {
\r
368 // Find default actions
\r
370 List<String> defaultActions = null;
\r
372 if (type == RoleConstants.TYPE_REGULAR) {
\r
373 defaultActions = ResourceActionsUtil.getResourceActions(
\r
378 ResourceActionsUtil.getResourceGroupDefaultActions(
\r
382 // Resolve owner and system roles
\r
384 Role defaultRole = null;
\r
386 if (type == RoleConstants.TYPE_REGULAR) {
\r
387 if (defaultActions instanceof UnmodifiableList) {
\r
388 defaultActions = new ArrayList<String>(
\r
392 Collections.sort(actionsIds);
\r
393 Collections.sort(defaultActions);
\r
395 if (defaultActions.equals(actionsIds)) {
\r
396 defaultRole = _ownerRolesMap.get(companyId);
\r
400 if (defaultActions.containsAll(actionsIds)) {
\r
401 Role[] defaultRoles = _defaultRolesMap.get(
\r
404 Group group = _groupsMap.get(groupId);
\r
406 if (group == null) {
\r
410 if (group.isOrganization()) {
\r
411 defaultRole = defaultRoles[0];
\r
413 else if (group.isRegularSite()) {
\r
414 defaultRole = defaultRoles[2];
\r
416 else if (group.isUser() || group.isUserGroup()) {
\r
417 defaultRole = defaultRoles[1];
\r
422 if (defaultRole != null) {
\r
423 long roleId = defaultRole.getRoleId();
\r
425 for (Long permissionId : permissionIds) {
\r
426 String curKey = roleId + "_" + permissionId;
\r
428 if (_rolesPermissions.contains(curKey)) {
\r
432 _rolesPermissions.add(curKey);
\r
435 legacyFileExtRolesPermissionsWriter.write(
\r
436 roleId + "," + permissionId + ",\n");
\r
443 if (isGenerateCustomRoles()) {
\r
447 long roleId = CounterLocalServiceUtil.increment();
\r
449 String roleName = StringUtil.upperCaseFirstLetter(
\r
450 RoleConstants.getTypeLabel(type));
\r
452 roleName += " " + StringUtil.toHexString(roleId);
\r
454 String[] roleColumns = new String[] {
\r
455 String.valueOf(roleId), String.valueOf(companyId),
\r
457 ClassNameLocalServiceUtil.getClassNameId(
\r
459 String.valueOf(roleId), roleName, StringPool.BLANK,
\r
460 "Autogenerated role from portal upgrade",
\r
461 String.valueOf(type), "lfr-permission-algorithm-5"
\r
464 for (int i = 0; i < roleColumns.length; i++) {
\r
465 legacyFileExtRoleWriter.write(
\r
466 roleColumns[i] + StringPool.COMMA);
\r
468 if (i == (roleColumns.length - 1)) {
\r
469 legacyFileExtRoleWriter.write(StringPool.NEW_LINE);
\r
473 // Roles_Permissions
\r
475 for (Long permissionId : permissionIds) {
\r
476 String curKey = roleId + "_" + permissionId;
\r
478 if (_rolesPermissions.contains(curKey)) {
\r
482 _rolesPermissions.add(curKey);
\r
485 legacyFileExtRolesPermissionsWriter.write(
\r
486 roleId + "," + permissionId + ",\n");
\r
491 for (int i = 0; i < newColumns.length - 1; i++) {
\r
492 legacyFileExtOtherRolesWriter.write(
\r
493 values[i] + StringPool.COMMA);
\r
496 legacyFileExtOtherRolesWriter.write(roleId + ",\n");
\r
501 legacyFileReader.close();
\r
503 legacyFileExtRoleWriter.close();
\r
504 legacyFileExtRolesPermissionsWriter.close();
\r
505 legacyFileExtOtherRolesWriter.close();
\r
510 Table roleTable = new Table(
\r
511 RoleModelImpl.TABLE_NAME, RoleModelImpl.TABLE_COLUMNS);
\r
513 roleTable.populateTable(legacyFile + _EXT_ROLE);
\r
515 // Roles_Permissions
\r
517 Table rolesPermissionsTable = new Table(
\r
518 "Roles_Permissions",
\r
520 {"roleId", Types.BIGINT}, {"permissionId", Types.BIGINT}
\r
523 rolesPermissionsTable.populateTable(
\r
524 legacyFile + _EXT_ROLES_PERMIMISSIONS);
\r
528 Table othersRolesTable = new Table(newName, newColumns);
\r
530 othersRolesTable.populateTable(legacyFile + _EXT_OTHER_ROLES);
\r
534 FileUtil.delete(legacyFile + _EXT_ROLE);
\r
535 FileUtil.delete(legacyFile + _EXT_ROLES_PERMIMISSIONS);
\r
536 FileUtil.delete(legacyFile + _EXT_OTHER_ROLES);
\r
539 protected void convertToBitwise() throws Exception {
\r
541 // ResourceAction and ResourcePermission
\r
543 MaintenanceUtil.appendStatus(
\r
544 "Generating ResourceAction and ResourcePermission data");
\r
546 Table table = new Table(
\r
547 ResourceCodeModelImpl.TABLE_NAME,
\r
549 {"name", new Integer(Types.VARCHAR)}
\r
552 table.setSelectSQL(
\r
553 "SELECT name FROM " + ResourceCodeModelImpl.TABLE_NAME +
\r
556 String tempFile = table.generateTempFile();
\r
558 UnsyncBufferedReader resourceNameReader = new UnsyncBufferedReader(
\r
559 new FileReader(tempFile));
\r
561 Writer resourcePermissionWriter = new UnsyncBufferedWriter(
\r
562 new FileWriter(tempFile + _EXT_RESOURCE_PERMISSION));
\r
564 PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 6;
\r
567 String line = null;
\r
569 while (Validator.isNotNull(line = resourceNameReader.readLine())) {
\r
570 String[] values = StringUtil.split(line);
\r
572 if (values.length == 0) {
\r
576 String name = values[0];
\r
578 List<String> defaultActionIds =
\r
579 ResourceActionsUtil.getResourceActions(name);
\r
581 ResourceActionLocalServiceUtil.checkResourceActions(
\r
582 name, defaultActionIds);
\r
584 convertResourcePermission(resourcePermissionWriter, name);
\r
587 resourcePermissionWriter.close();
\r
589 MaintenanceUtil.appendStatus("Updating ResourcePermission table");
\r
591 Table resourcePermissionTable = new Table(
\r
592 ResourcePermissionModelImpl.TABLE_NAME,
\r
593 ResourcePermissionModelImpl.TABLE_COLUMNS);
\r
595 resourcePermissionTable.populateTable(
\r
596 tempFile + _EXT_RESOURCE_PERMISSION);
\r
598 catch (Exception e) {
\r
599 PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 5;
\r
604 resourceNameReader.close();
\r
606 resourcePermissionWriter.close();
\r
608 FileUtil.delete(tempFile);
\r
609 FileUtil.delete(tempFile + _EXT_RESOURCE_PERMISSION);
\r
614 MaintenanceUtil.appendStatus("Cleaning up legacy tables");
\r
616 DB db = DBFactoryUtil.getDB();
\r
618 db.runSQL("DELETE FROM " + ResourceCodeModelImpl.TABLE_NAME);
\r
619 db.runSQL("DELETE FROM " + PermissionModelImpl.TABLE_NAME);
\r
620 db.runSQL("DELETE FROM " + ResourceModelImpl.TABLE_NAME);
\r
621 db.runSQL("DELETE FROM Roles_Permissions");
\r
623 Release release = null;
\r
626 release = ReleaseLocalServiceUtil.getRelease(
\r
627 ReleaseConstants.DEFAULT_SERVLET_CONTEXT_NAME,
\r
628 ReleaseInfo.getParentBuildNumber());
\r
630 catch (PortalException pe) {
\r
631 release = ReleaseLocalServiceUtil.addRelease(
\r
632 ReleaseConstants.DEFAULT_SERVLET_CONTEXT_NAME,
\r
633 ReleaseInfo.getParentBuildNumber());
\r
636 ReleaseLocalServiceUtil.updateRelease(
\r
637 release.getReleaseId(), ReleaseInfo.getBuildNumber(),
\r
638 ReleaseInfo.getBuildDate(), false);
\r
640 MaintenanceUtil.appendStatus("Converted to bitwise permission");
\r
643 protected void convertToRBAC() throws Exception {
\r
646 // Groups_Permissions
\r
648 convertPermissions(
\r
649 RoleConstants.TYPE_SITE, "Groups_Permissions",
\r
650 new String[] {"groupId"}, "Groups_Roles",
\r
652 {"groupId", Types.BIGINT}, {"roleId", Types.BIGINT}
\r
655 // OrgGroupPermission
\r
657 convertPermissions(
\r
658 RoleConstants.TYPE_ORGANIZATION, "OrgGroupPermission",
\r
659 new String[] {"organizationId", "groupId"}, "OrgGroupRole",
\r
661 {"organizationId", Types.BIGINT}, {"groupId", Types.BIGINT},
\r
662 {"roleId", Types.BIGINT}
\r
665 // Users_Permissions
\r
667 convertPermissions(
\r
668 RoleConstants.TYPE_REGULAR, "Users_Permissions",
\r
669 new String[] {"userId"}, "Users_Roles",
\r
671 {"userId", Types.BIGINT}, {"roleId", Types.BIGINT}
\r
676 PermissionCacheUtil.clearCache();
\r
678 PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 5;
\r
680 MaintenanceUtil.appendStatus("Converted to RBAC permission");
\r
684 protected void doConvert() throws Exception {
\r
686 BatchSessionUtil.setEnabled(true);
\r
690 if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {
\r
694 convertToBitwise();
\r
696 MaintenanceUtil.appendStatus(
\r
697 "Please set " + PropsKeys.PERMISSIONS_USER_CHECK_ALGORITHM +
\r
698 " in your portal-ext.properties to 6 and restart server");
\r
701 ShutdownUtil.shutdown(0);
\r
705 protected void initialize() throws Exception {
\r
707 // Resource actions for unknown portlets
\r
709 List<ResourceCode> resourceCodes =
\r
710 ResourceCodeLocalServiceUtil.getResourceCodes(
\r
711 QueryUtil.ALL_POS, QueryUtil.ALL_POS);
\r
713 for (ResourceCode resourceCode : resourceCodes) {
\r
714 String name = resourceCode.getName();
\r
716 if (!name.contains(StringPool.PERIOD)) {
\r
717 ResourceActionsUtil.getPortletResourceActions(name);
\r
722 protected void initializeRBAC() throws Exception {
\r
724 // System roles and default users
\r
726 List<Company> companies = CompanyLocalServiceUtil.getCompanies();
\r
728 for (Company company : companies) {
\r
729 long companyId = company.getCompanyId();
\r
731 _defaultRolesMap.put(
\r
734 RoleLocalServiceUtil.getRole(
\r
735 companyId, RoleConstants.ORGANIZATION_USER),
\r
736 RoleLocalServiceUtil.getRole(
\r
737 companyId, ENTRolesConstants.COMMUNITY_VISITOR),
\r
738 RoleLocalServiceUtil.getRole(
\r
739 companyId, RoleConstants.POWER_USER),
\r
740 RoleLocalServiceUtil.getRole(
\r
741 companyId, RoleConstants.SITE_MEMBER)
\r
745 Role guestRole = RoleLocalServiceUtil.getRole(
\r
746 companyId, RoleConstants.GUEST);
\r
748 _guestRolesMap.put(companyId, guestRole);
\r
750 Role ownerRole = RoleLocalServiceUtil.getRole(
\r
751 companyId, RoleConstants.OWNER);
\r
753 _ownerRolesMap.put(companyId, ownerRole);
\r
755 long defaultUserId = UserLocalServiceUtil.getDefaultUserId(
\r
758 _guestUsersSet.add(defaultUserId);
\r
761 // Roles_Permissions
\r
763 Connection con = null;
\r
764 PreparedStatement ps = null;
\r
765 ResultSet rs = null;
\r
768 con = DataAccess.getConnection();
\r
770 ps = con.prepareStatement("SELECT * FROM Roles_Permissions");
\r
772 rs = ps.executeQuery();
\r
774 while (rs.next()) {
\r
775 long roleId = rs.getLong("roleId");
\r
776 long permissionId = rs.getLong("permissionId");
\r
778 _rolesPermissions.add(roleId + "_" + permissionId);
\r
782 DataAccess.cleanUp(con, ps, rs);
\r
787 List<Group> groups = GroupLocalServiceUtil.getGroups(
\r
788 QueryUtil.ALL_POS, QueryUtil.ALL_POS);
\r
790 for (Group group : groups) {
\r
791 _groupsMap.put(group.getGroupId(), group);
\r
795 protected boolean isGenerateCustomRoles() {
\r
796 String[] parameterValues = getParameterValues();
\r
798 return GetterUtil.getBoolean(parameterValues[0]);
\r
801 private static final String _CONVERT_RESOURCE_PERMISSION =
\r
802 PropsKeys.MULTI_VALUE_MAP + ConvertPermissionAlgorithm.class.getName() +
\r
803 ".convertResourcePermission";
\r
805 private static final String _CONVERT_ROLES =
\r
806 PropsKeys.MULTI_VALUE_MAP + ConvertPermissionAlgorithm.class.getName() +
\r
809 private static final String _EXT_OTHER_ROLES = ".others_roles";
\r
811 private static final String _EXT_RESOURCE_PERMISSION =
\r
812 ".resource_permission";
\r
814 private static final String _EXT_ROLE = ".role";
\r
816 private static final String _EXT_ROLES_PERMIMISSIONS = ".roles_permissions";
\r
818 private static final String _UPDATED = ".updated";
\r
820 private static Log _log = LogFactoryUtil.getLog(
\r
821 ConvertPermissionAlgorithm.class);
\r
823 private Map<Long, Role[]> _defaultRolesMap = new HashMap<Long, Role[]>();
\r
824 private Map<Long, Group> _groupsMap = new HashMap<Long, Group>();
\r
825 private Map<Long, Role> _guestRolesMap = new HashMap<Long, Role>();
\r
826 private Set<Long> _guestUsersSet = new HashSet<Long>();
\r
827 private Map<Long, Role> _ownerRolesMap = new HashMap<Long, Role>();
\r
828 private Set<String> _rolesPermissions = new HashSet<String>();
\r