--- /dev/null
+/**\r
+ * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.\r
+ *\r
+ * This library is free software; you can redistribute it and/or modify it under\r
+ * the terms of the GNU Lesser General Public License as published by the Free\r
+ * Software Foundation; either version 2.1 of the License, or (at your option)\r
+ * any later version.\r
+ *\r
+ * This library is distributed in the hope that it will be useful, but WITHOUT\r
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS\r
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more\r
+ * details.\r
+ */\r
+\r
+package com.liferay.portal.convert;\r
+\r
+import com.liferay.counter.service.CounterLocalServiceUtil;\r
+import com.liferay.portal.NoSuchResourceActionException;\r
+import com.liferay.portal.convert.util.PermissionView;\r
+import com.liferay.portal.convert.util.ResourcePermissionView;\r
+import com.liferay.portal.kernel.dao.db.DB;\r
+import com.liferay.portal.kernel.dao.db.DBFactoryUtil;\r
+import com.liferay.portal.kernel.dao.jdbc.DataAccess;\r
+import com.liferay.portal.kernel.dao.orm.QueryUtil;\r
+import com.liferay.portal.kernel.exception.PortalException;\r
+import com.liferay.portal.kernel.io.unsync.UnsyncBufferedReader;\r
+import com.liferay.portal.kernel.io.unsync.UnsyncBufferedWriter;\r
+import com.liferay.portal.kernel.log.Log;\r
+import com.liferay.portal.kernel.log.LogFactoryUtil;\r
+import com.liferay.portal.kernel.util.FileUtil;\r
+import com.liferay.portal.kernel.util.GetterUtil;\r
+import com.liferay.portal.kernel.util.MultiValueMap;\r
+import com.liferay.portal.kernel.util.MultiValueMapFactoryUtil;\r
+import com.liferay.portal.kernel.util.PropsKeys;\r
+import com.liferay.portal.kernel.util.ReleaseInfo;\r
+import com.liferay.portal.kernel.util.StringPool;\r
+import com.liferay.portal.kernel.util.StringUtil;\r
+import com.liferay.portal.kernel.util.Tuple;\r
+import com.liferay.portal.kernel.util.UnmodifiableList;\r
+import com.liferay.portal.kernel.util.Validator;\r
+import com.liferay.portal.model.Company;\r
+import com.liferay.portal.model.Group;\r
+import com.liferay.portal.model.Release;\r
+import com.liferay.portal.model.ReleaseConstants;\r
+import com.liferay.portal.model.ResourceAction;\r
+import com.liferay.portal.model.ResourceCode;\r
+import com.liferay.portal.model.ResourceConstants;\r
+import com.liferay.portal.model.ResourcePermission;\r
+import com.liferay.portal.model.Role;\r
+import com.liferay.portal.model.RoleConstants;\r
+import com.liferay.portal.model.impl.PermissionModelImpl;\r
+import com.liferay.portal.model.impl.ResourceCodeModelImpl;\r
+import com.liferay.portal.model.impl.ResourceModelImpl;\r
+import com.liferay.portal.model.impl.ResourcePermissionModelImpl;\r
+import com.liferay.portal.model.impl.RoleModelImpl;\r
+import com.liferay.portal.security.permission.PermissionCacheUtil;\r
+import com.liferay.portal.security.permission.ResourceActionsUtil;\r
+import com.liferay.portal.service.ClassNameLocalServiceUtil;\r
+import com.liferay.portal.service.CompanyLocalServiceUtil;\r
+import com.liferay.portal.service.GroupLocalServiceUtil;\r
+import com.liferay.portal.service.ReleaseLocalServiceUtil;\r
+import com.liferay.portal.service.ResourceActionLocalServiceUtil;\r
+import com.liferay.portal.service.ResourceCodeLocalServiceUtil;\r
+import com.liferay.portal.service.RoleLocalServiceUtil;\r
+import com.liferay.portal.service.UserLocalServiceUtil;\r
+import com.liferay.portal.service.persistence.BatchSessionUtil;\r
+import com.liferay.portal.upgrade.util.Table;\r
+import com.liferay.portal.util.MaintenanceUtil;\r
+import com.liferay.portal.util.PropsValues;\r
+import com.liferay.portal.util.ShutdownUtil;\r
+import com.pentila.entSavoie.ENTRolesConstants;\r
+\r
+import java.io.FileReader;\r
+import java.io.FileWriter;\r
+import java.io.Writer;\r
+\r
+import java.sql.Connection;\r
+import java.sql.PreparedStatement;\r
+import java.sql.ResultSet;\r
+import java.sql.Types;\r
+\r
+import java.util.ArrayList;\r
+import java.util.Collections;\r
+import java.util.HashMap;\r
+import java.util.HashSet;\r
+import java.util.List;\r
+import java.util.Map;\r
+import java.util.Set;\r
+\r
+/**\r
+ * <p>\r
+ * This class converts all existing permissions from the legacy permissions\r
+ * algorithm to the latest algorithm.\r
+ * </p>\r
+ *\r
+ * @author Alexander Chow\r
+ */\r
+public class ConvertPermissionAlgorithm extends ConvertProcess {\r
+\r
+ @Override\r
+ public String getDescription() {\r
+ return "convert-legacy-permission-algorithm";\r
+ }\r
+\r
+ @Override\r
+ public String[] getParameterNames() {\r
+ return new String[] {"generate-custom-roles=checkbox"};\r
+ }\r
+\r
+ @Override\r
+ public boolean isEnabled() {\r
+ boolean enabled = false;\r
+\r
+ if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 6) {\r
+ enabled = true;\r
+ }\r
+\r
+ return enabled;\r
+ }\r
+\r
+ protected String convertGuestUsers(String legacyFile) throws Exception {\r
+ UnsyncBufferedReader legacyFileReader = new UnsyncBufferedReader(\r
+ new FileReader(legacyFile));\r
+\r
+ Writer legacyFileUpdatedWriter = new UnsyncBufferedWriter(\r
+ new FileWriter(legacyFile + _UPDATED));\r
+ Writer legacyFileExtRolesPermissionsWriter = new UnsyncBufferedWriter(\r
+ new FileWriter(legacyFile + _EXT_ROLES_PERMIMISSIONS));\r
+\r
+ try {\r
+ String line = null;\r
+\r
+ while (Validator.isNotNull(line = legacyFileReader.readLine())) {\r
+ String[] values = StringUtil.split(line);\r
+\r
+ long companyId = PermissionView.getCompanyId(values);\r
+ long permissionId = PermissionView.getPermissionId(values);\r
+ int scope = PermissionView.getScopeId(values);\r
+ long userId = PermissionView.getPrimaryKey(values);\r
+\r
+ if ((scope == ResourceConstants.SCOPE_INDIVIDUAL) &&\r
+ _guestUsersSet.contains(userId)) {\r
+\r
+ long roleId = _guestRolesMap.get(companyId).getRoleId();\r
+\r
+ String key = roleId + "_" + permissionId;\r
+\r
+ if (_rolesPermissions.contains(key)) {\r
+ continue;\r
+ }\r
+ else {\r
+ _rolesPermissions.add(key);\r
+ }\r
+\r
+ legacyFileExtRolesPermissionsWriter.write(\r
+ roleId + "," + permissionId + "\n");\r
+ }\r
+ else {\r
+ legacyFileUpdatedWriter.write(line + "\n");\r
+ }\r
+ }\r
+ }\r
+ finally {\r
+ legacyFileReader.close();\r
+\r
+ legacyFileUpdatedWriter.close();\r
+ legacyFileExtRolesPermissionsWriter.close();\r
+ }\r
+\r
+ Table table = new Table(\r
+ "Roles_Permissions",\r
+ new Object[][] {\r
+ {"roleId", Types.BIGINT}, {"permissionId", Types.BIGINT}\r
+ });\r
+\r
+ table.populateTable(legacyFile + _EXT_ROLES_PERMIMISSIONS);\r
+\r
+ FileUtil.delete(legacyFile);\r
+ FileUtil.delete(legacyFile + _EXT_ROLES_PERMIMISSIONS);\r
+\r
+ return legacyFile + _UPDATED;\r
+ }\r
+\r
+ protected void convertPermissions(\r
+ int type, String legacyName, String[] primKeys, String newName,\r
+ Object[][] newColumns)\r
+ throws Exception {\r
+\r
+ MaintenanceUtil.appendStatus("Processing " + legacyName);\r
+\r
+ Table legacyTable = new PermissionView(legacyName, primKeys);\r
+\r
+ String legacyFile = legacyTable.generateTempFile();\r
+\r
+ if (legacyFile == null) {\r
+ return;\r
+ }\r
+\r
+ if (type == RoleConstants.TYPE_REGULAR) {\r
+ legacyFile = convertGuestUsers(legacyFile);\r
+\r
+ MaintenanceUtil.appendStatus(\r
+ "Converted guest users to guest roles");\r
+ }\r
+\r
+ convertRoles(legacyFile, type, newName, newColumns);\r
+\r
+ MaintenanceUtil.appendStatus("Converted roles for " + legacyName);\r
+\r
+ DB db = DBFactoryUtil.getDB();\r
+\r
+ db.runSQL(legacyTable.getDeleteSQL());\r
+\r
+ FileUtil.delete(legacyFile);\r
+ }\r
+\r
+ protected void convertResourcePermission(Writer writer, String name)\r
+ throws Exception {\r
+\r
+ ResourcePermissionView resourcePermissionView =\r
+ new ResourcePermissionView(name);\r
+\r
+ UnsyncBufferedReader resourcePermissionReader = null;\r
+\r
+ String resourcePermissionFile =\r
+ resourcePermissionView.generateTempFile();\r
+\r
+ if (resourcePermissionFile == null) {\r
+ return;\r
+ }\r
+\r
+ MultiValueMap<Tuple, String> mvp =\r
+ (MultiValueMap<Tuple, String>)\r
+ MultiValueMapFactoryUtil.getMultiValueMap(\r
+ _CONVERT_RESOURCE_PERMISSION);\r
+\r
+ try {\r
+ resourcePermissionReader = new UnsyncBufferedReader(\r
+ new FileReader(resourcePermissionFile));\r
+\r
+ String line = null;\r
+\r
+ while (Validator.isNotNull(\r
+ line = resourcePermissionReader.readLine())) {\r
+\r
+ String[] values = StringUtil.split(line);\r
+\r
+ String actionId = ResourcePermissionView.getActionId(values);\r
+ long companyId = ResourcePermissionView.getCompanyId(values);\r
+ int scope = ResourcePermissionView.getScope(values);\r
+ String primKey = ResourcePermissionView.getPrimaryKey(values);\r
+ long roleId = ResourcePermissionView.getRoleId(values);\r
+\r
+ mvp.put(new Tuple(companyId, scope, primKey, roleId), actionId);\r
+ }\r
+ }\r
+ finally {\r
+ if (resourcePermissionReader != null) {\r
+ resourcePermissionReader.close();\r
+ }\r
+\r
+ FileUtil.delete(resourcePermissionFile);\r
+ }\r
+\r
+ for (Tuple key : mvp.keySet()) {\r
+ long resourcePermissionId = CounterLocalServiceUtil.increment(\r
+ ResourcePermission.class.getName());\r
+\r
+ long companyId = (Long)key.getObject(0);\r
+ int scope = (Integer)key.getObject(1);\r
+ String primKey = (String)key.getObject(2);\r
+ long roleId = (Long)key.getObject(3);\r
+\r
+ long actionIds = 0;\r
+\r
+ for (String actionId : mvp.getAll(key)) {\r
+ try {\r
+ ResourceAction resourceAction =\r
+ ResourceActionLocalServiceUtil.getResourceAction(\r
+ name, actionId);\r
+\r
+ actionIds |= resourceAction.getBitwiseValue();\r
+ }\r
+ catch (NoSuchResourceActionException nsrae) {\r
+ if (_log.isWarnEnabled()) {\r
+ String msg = nsrae.getMessage();\r
+\r
+ _log.warn("Could not find resource action " + msg);\r
+ }\r
+ }\r
+ }\r
+\r
+ writer.append(resourcePermissionId + StringPool.COMMA);\r
+ writer.append(companyId + StringPool.COMMA);\r
+ writer.append(name + StringPool.COMMA);\r
+ writer.append(scope + StringPool.COMMA);\r
+ writer.append(primKey + StringPool.COMMA);\r
+ writer.append(roleId + StringPool.COMMA);\r
+ writer.append(0 + StringPool.COMMA);\r
+ writer.append(actionIds + StringPool.COMMA + StringPool.NEW_LINE);\r
+ }\r
+ }\r
+\r
+ protected void convertRoles(\r
+ String legacyFile, int type, String newName, Object[][] newColumns)\r
+ throws Exception {\r
+\r
+ UnsyncBufferedReader legacyFileReader = new UnsyncBufferedReader(\r
+ new FileReader(legacyFile));\r
+\r
+ Writer legacyFileExtRoleWriter = new UnsyncBufferedWriter(\r
+ new FileWriter(legacyFile + _EXT_ROLE));\r
+ Writer legacyFileExtRolesPermissionsWriter = new UnsyncBufferedWriter(\r
+ new FileWriter(legacyFile + _EXT_ROLES_PERMIMISSIONS));\r
+ Writer legacyFileExtOtherRolesWriter = new UnsyncBufferedWriter(\r
+ new FileWriter(legacyFile + _EXT_OTHER_ROLES));\r
+\r
+ try {\r
+\r
+ // Group by resource id\r
+\r
+ MultiValueMap<Long, String[]> mvp =\r
+ (MultiValueMap<Long, String[]>)\r
+ MultiValueMapFactoryUtil.getMultiValueMap(_CONVERT_ROLES);\r
+\r
+ String line = null;\r
+\r
+ while (Validator.isNotNull(line = legacyFileReader.readLine())) {\r
+ String[] values = StringUtil.split(line);\r
+\r
+ long resourceId = PermissionView.getResourceId(values);\r
+\r
+ mvp.put(resourceId, values);\r
+ }\r
+\r
+ // Assign role for each grouping\r
+\r
+ for (Long key : mvp.keySet()) {\r
+ List<String[]> valuesList = new ArrayList<String[]>(\r
+ mvp.getAll(key));\r
+\r
+ String[] values = valuesList.get(0);\r
+\r
+ long companyId = PermissionView.getCompanyId(values);\r
+ long groupId = PermissionView.getPrimaryKey(values);\r
+ String name = PermissionView.getNameId(values);\r
+ int scope = PermissionView.getScopeId(values);\r
+\r
+ // Group action ids and permission ids\r
+\r
+ List<String> actionsIds = new ArrayList<String>();\r
+ List<Long> permissionIds = new ArrayList<Long>();\r
+\r
+ for (String[] curValues : valuesList) {\r
+ String actionId = PermissionView.getActionId(curValues);\r
+ long permissionId = PermissionView.getPermissionId(\r
+ curValues);\r
+\r
+ actionsIds.add(actionId);\r
+ permissionIds.add(permissionId);\r
+ }\r
+\r
+ // Look for owner and system roles\r
+\r
+ if ((type != RoleConstants.TYPE_ORGANIZATION) &&\r
+ (scope == ResourceConstants.SCOPE_INDIVIDUAL)) {\r
+\r
+ // Find default actions\r
+\r
+ List<String> defaultActions = null;\r
+\r
+ if (type == RoleConstants.TYPE_REGULAR) {\r
+ defaultActions = ResourceActionsUtil.getResourceActions(\r
+ name);\r
+ }\r
+ else {\r
+ defaultActions =\r
+ ResourceActionsUtil.getResourceGroupDefaultActions(\r
+ name);\r
+ }\r
+\r
+ // Resolve owner and system roles\r
+\r
+ Role defaultRole = null;\r
+\r
+ if (type == RoleConstants.TYPE_REGULAR) {\r
+ if (defaultActions instanceof UnmodifiableList) {\r
+ defaultActions = new ArrayList<String>(\r
+ defaultActions);\r
+ }\r
+\r
+ Collections.sort(actionsIds);\r
+ Collections.sort(defaultActions);\r
+\r
+ if (defaultActions.equals(actionsIds)) {\r
+ defaultRole = _ownerRolesMap.get(companyId);\r
+ }\r
+ }\r
+ else {\r
+ if (defaultActions.containsAll(actionsIds)) {\r
+ Role[] defaultRoles = _defaultRolesMap.get(\r
+ companyId);\r
+\r
+ Group group = _groupsMap.get(groupId);\r
+\r
+ if (group == null) {\r
+ continue;\r
+ }\r
+\r
+ if (group.isOrganization()) {\r
+ defaultRole = defaultRoles[0];\r
+ }\r
+ else if (group.isRegularSite()) {\r
+ defaultRole = defaultRoles[2];\r
+ }\r
+ else if (group.isUser() || group.isUserGroup()) {\r
+ defaultRole = defaultRoles[1];\r
+ }\r
+ }\r
+ }\r
+\r
+ if (defaultRole != null) {\r
+ long roleId = defaultRole.getRoleId();\r
+\r
+ for (Long permissionId : permissionIds) {\r
+ String curKey = roleId + "_" + permissionId;\r
+\r
+ if (_rolesPermissions.contains(curKey)) {\r
+ continue;\r
+ }\r
+ else {\r
+ _rolesPermissions.add(curKey);\r
+ }\r
+\r
+ legacyFileExtRolesPermissionsWriter.write(\r
+ roleId + "," + permissionId + ",\n");\r
+ }\r
+\r
+ continue;\r
+ }\r
+ }\r
+\r
+ if (isGenerateCustomRoles()) {\r
+\r
+ // Role_\r
+\r
+ long roleId = CounterLocalServiceUtil.increment();\r
+\r
+ String roleName = StringUtil.upperCaseFirstLetter(\r
+ RoleConstants.getTypeLabel(type));\r
+\r
+ roleName += " " + StringUtil.toHexString(roleId);\r
+\r
+ String[] roleColumns = new String[] {\r
+ String.valueOf(roleId), String.valueOf(companyId),\r
+ String.valueOf(\r
+ ClassNameLocalServiceUtil.getClassNameId(\r
+ Role.class)),\r
+ String.valueOf(roleId), roleName, StringPool.BLANK,\r
+ "Autogenerated role from portal upgrade",\r
+ String.valueOf(type), "lfr-permission-algorithm-5"\r
+ };\r
+\r
+ for (int i = 0; i < roleColumns.length; i++) {\r
+ legacyFileExtRoleWriter.write(\r
+ roleColumns[i] + StringPool.COMMA);\r
+\r
+ if (i == (roleColumns.length - 1)) {\r
+ legacyFileExtRoleWriter.write(StringPool.NEW_LINE);\r
+ }\r
+ }\r
+\r
+ // Roles_Permissions\r
+\r
+ for (Long permissionId : permissionIds) {\r
+ String curKey = roleId + "_" + permissionId;\r
+\r
+ if (_rolesPermissions.contains(curKey)) {\r
+ continue;\r
+ }\r
+ else {\r
+ _rolesPermissions.add(curKey);\r
+ }\r
+\r
+ legacyFileExtRolesPermissionsWriter.write(\r
+ roleId + "," + permissionId + ",\n");\r
+ }\r
+\r
+ // Others_Roles\r
+\r
+ for (int i = 0; i < newColumns.length - 1; i++) {\r
+ legacyFileExtOtherRolesWriter.write(\r
+ values[i] + StringPool.COMMA);\r
+ }\r
+\r
+ legacyFileExtOtherRolesWriter.write(roleId + ",\n");\r
+ }\r
+ }\r
+ }\r
+ finally {\r
+ legacyFileReader.close();\r
+\r
+ legacyFileExtRoleWriter.close();\r
+ legacyFileExtRolesPermissionsWriter.close();\r
+ legacyFileExtOtherRolesWriter.close();\r
+ }\r
+\r
+ // Role_\r
+\r
+ Table roleTable = new Table(\r
+ RoleModelImpl.TABLE_NAME, RoleModelImpl.TABLE_COLUMNS);\r
+\r
+ roleTable.populateTable(legacyFile + _EXT_ROLE);\r
+\r
+ // Roles_Permissions\r
+\r
+ Table rolesPermissionsTable = new Table(\r
+ "Roles_Permissions",\r
+ new Object[][] {\r
+ {"roleId", Types.BIGINT}, {"permissionId", Types.BIGINT}\r
+ });\r
+\r
+ rolesPermissionsTable.populateTable(\r
+ legacyFile + _EXT_ROLES_PERMIMISSIONS);\r
+\r
+ // Others_Roles\r
+\r
+ Table othersRolesTable = new Table(newName, newColumns);\r
+\r
+ othersRolesTable.populateTable(legacyFile + _EXT_OTHER_ROLES);\r
+\r
+ // Clean up\r
+\r
+ FileUtil.delete(legacyFile + _EXT_ROLE);\r
+ FileUtil.delete(legacyFile + _EXT_ROLES_PERMIMISSIONS);\r
+ FileUtil.delete(legacyFile + _EXT_OTHER_ROLES);\r
+ }\r
+\r
+ protected void convertToBitwise() throws Exception {\r
+\r
+ // ResourceAction and ResourcePermission\r
+\r
+ MaintenanceUtil.appendStatus(\r
+ "Generating ResourceAction and ResourcePermission data");\r
+\r
+ Table table = new Table(\r
+ ResourceCodeModelImpl.TABLE_NAME,\r
+ new Object[][] {\r
+ {"name", new Integer(Types.VARCHAR)}\r
+ });\r
+\r
+ table.setSelectSQL(\r
+ "SELECT name FROM " + ResourceCodeModelImpl.TABLE_NAME +\r
+ " GROUP BY name");\r
+\r
+ String tempFile = table.generateTempFile();\r
+\r
+ UnsyncBufferedReader resourceNameReader = new UnsyncBufferedReader(\r
+ new FileReader(tempFile));\r
+\r
+ Writer resourcePermissionWriter = new UnsyncBufferedWriter(\r
+ new FileWriter(tempFile + _EXT_RESOURCE_PERMISSION));\r
+\r
+ PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 6;\r
+\r
+ try {\r
+ String line = null;\r
+\r
+ while (Validator.isNotNull(line = resourceNameReader.readLine())) {\r
+ String[] values = StringUtil.split(line);\r
+\r
+ if (values.length == 0) {\r
+ continue;\r
+ }\r
+\r
+ String name = values[0];\r
+\r
+ List<String> defaultActionIds =\r
+ ResourceActionsUtil.getResourceActions(name);\r
+\r
+ ResourceActionLocalServiceUtil.checkResourceActions(\r
+ name, defaultActionIds);\r
+\r
+ convertResourcePermission(resourcePermissionWriter, name);\r
+ }\r
+\r
+ resourcePermissionWriter.close();\r
+\r
+ MaintenanceUtil.appendStatus("Updating ResourcePermission table");\r
+\r
+ Table resourcePermissionTable = new Table(\r
+ ResourcePermissionModelImpl.TABLE_NAME,\r
+ ResourcePermissionModelImpl.TABLE_COLUMNS);\r
+\r
+ resourcePermissionTable.populateTable(\r
+ tempFile + _EXT_RESOURCE_PERMISSION);\r
+ }\r
+ catch (Exception e) {\r
+ PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 5;\r
+\r
+ throw e;\r
+ }\r
+ finally {\r
+ resourceNameReader.close();\r
+\r
+ resourcePermissionWriter.close();\r
+\r
+ FileUtil.delete(tempFile);\r
+ FileUtil.delete(tempFile + _EXT_RESOURCE_PERMISSION);\r
+ }\r
+\r
+ // Clean up\r
+\r
+ MaintenanceUtil.appendStatus("Cleaning up legacy tables");\r
+\r
+ DB db = DBFactoryUtil.getDB();\r
+\r
+ db.runSQL("DELETE FROM " + ResourceCodeModelImpl.TABLE_NAME);\r
+ db.runSQL("DELETE FROM " + PermissionModelImpl.TABLE_NAME);\r
+ db.runSQL("DELETE FROM " + ResourceModelImpl.TABLE_NAME);\r
+ db.runSQL("DELETE FROM Roles_Permissions");\r
+\r
+ Release release = null;\r
+\r
+ try {\r
+ release = ReleaseLocalServiceUtil.getRelease(\r
+ ReleaseConstants.DEFAULT_SERVLET_CONTEXT_NAME,\r
+ ReleaseInfo.getParentBuildNumber());\r
+ }\r
+ catch (PortalException pe) {\r
+ release = ReleaseLocalServiceUtil.addRelease(\r
+ ReleaseConstants.DEFAULT_SERVLET_CONTEXT_NAME,\r
+ ReleaseInfo.getParentBuildNumber());\r
+ }\r
+\r
+ ReleaseLocalServiceUtil.updateRelease(\r
+ release.getReleaseId(), ReleaseInfo.getBuildNumber(),\r
+ ReleaseInfo.getBuildDate(), false);\r
+\r
+ MaintenanceUtil.appendStatus("Converted to bitwise permission");\r
+ }\r
+\r
+ protected void convertToRBAC() throws Exception {\r
+ initializeRBAC();\r
+\r
+ // Groups_Permissions\r
+\r
+ convertPermissions(\r
+ RoleConstants.TYPE_SITE, "Groups_Permissions",\r
+ new String[] {"groupId"}, "Groups_Roles",\r
+ new Object[][] {\r
+ {"groupId", Types.BIGINT}, {"roleId", Types.BIGINT}\r
+ });\r
+\r
+ // OrgGroupPermission\r
+\r
+ convertPermissions(\r
+ RoleConstants.TYPE_ORGANIZATION, "OrgGroupPermission",\r
+ new String[] {"organizationId", "groupId"}, "OrgGroupRole",\r
+ new Object[][] {\r
+ {"organizationId", Types.BIGINT}, {"groupId", Types.BIGINT},\r
+ {"roleId", Types.BIGINT}\r
+ });\r
+\r
+ // Users_Permissions\r
+\r
+ convertPermissions(\r
+ RoleConstants.TYPE_REGULAR, "Users_Permissions",\r
+ new String[] {"userId"}, "Users_Roles",\r
+ new Object[][] {\r
+ {"userId", Types.BIGINT}, {"roleId", Types.BIGINT}\r
+ });\r
+\r
+ // Clean up\r
+\r
+ PermissionCacheUtil.clearCache();\r
+\r
+ PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM = 5;\r
+\r
+ MaintenanceUtil.appendStatus("Converted to RBAC permission");\r
+ }\r
+\r
+ @Override\r
+ protected void doConvert() throws Exception {\r
+ try {\r
+ BatchSessionUtil.setEnabled(true);\r
+\r
+ initialize();\r
+\r
+ if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM < 5) {\r
+ convertToRBAC();\r
+ }\r
+\r
+ convertToBitwise();\r
+\r
+ MaintenanceUtil.appendStatus(\r
+ "Please set " + PropsKeys.PERMISSIONS_USER_CHECK_ALGORITHM +\r
+ " in your portal-ext.properties to 6 and restart server");\r
+ }\r
+ finally {\r
+ ShutdownUtil.shutdown(0);\r
+ }\r
+ }\r
+\r
+ protected void initialize() throws Exception {\r
+\r
+ // Resource actions for unknown portlets\r
+\r
+ List<ResourceCode> resourceCodes =\r
+ ResourceCodeLocalServiceUtil.getResourceCodes(\r
+ QueryUtil.ALL_POS, QueryUtil.ALL_POS);\r
+\r
+ for (ResourceCode resourceCode : resourceCodes) {\r
+ String name = resourceCode.getName();\r
+\r
+ if (!name.contains(StringPool.PERIOD)) {\r
+ ResourceActionsUtil.getPortletResourceActions(name);\r
+ }\r
+ }\r
+ }\r
+\r
+ protected void initializeRBAC() throws Exception {\r
+\r
+ // System roles and default users\r
+\r
+ List<Company> companies = CompanyLocalServiceUtil.getCompanies();\r
+\r
+ for (Company company : companies) {\r
+ long companyId = company.getCompanyId();\r
+\r
+ _defaultRolesMap.put(\r
+ companyId,\r
+ new Role[] {\r
+ RoleLocalServiceUtil.getRole(\r
+ companyId, RoleConstants.ORGANIZATION_USER),\r
+ RoleLocalServiceUtil.getRole(\r
+ companyId, ENTRolesConstants.COMMUNITY_VISITOR),\r
+ RoleLocalServiceUtil.getRole(\r
+ companyId, RoleConstants.POWER_USER),\r
+ RoleLocalServiceUtil.getRole(\r
+ companyId, RoleConstants.SITE_MEMBER)\r
+ }\r
+ );\r
+\r
+ Role guestRole = RoleLocalServiceUtil.getRole(\r
+ companyId, RoleConstants.GUEST);\r
+\r
+ _guestRolesMap.put(companyId, guestRole);\r
+\r
+ Role ownerRole = RoleLocalServiceUtil.getRole(\r
+ companyId, RoleConstants.OWNER);\r
+\r
+ _ownerRolesMap.put(companyId, ownerRole);\r
+\r
+ long defaultUserId = UserLocalServiceUtil.getDefaultUserId(\r
+ companyId);\r
+\r
+ _guestUsersSet.add(defaultUserId);\r
+ }\r
+\r
+ // Roles_Permissions\r
+\r
+ Connection con = null;\r
+ PreparedStatement ps = null;\r
+ ResultSet rs = null;\r
+\r
+ try {\r
+ con = DataAccess.getConnection();\r
+\r
+ ps = con.prepareStatement("SELECT * FROM Roles_Permissions");\r
+\r
+ rs = ps.executeQuery();\r
+\r
+ while (rs.next()) {\r
+ long roleId = rs.getLong("roleId");\r
+ long permissionId = rs.getLong("permissionId");\r
+\r
+ _rolesPermissions.add(roleId + "_" + permissionId);\r
+ }\r
+ }\r
+ finally {\r
+ DataAccess.cleanUp(con, ps, rs);\r
+ }\r
+\r
+ // Groups\r
+\r
+ List<Group> groups = GroupLocalServiceUtil.getGroups(\r
+ QueryUtil.ALL_POS, QueryUtil.ALL_POS);\r
+\r
+ for (Group group : groups) {\r
+ _groupsMap.put(group.getGroupId(), group);\r
+ }\r
+ }\r
+\r
+ protected boolean isGenerateCustomRoles() {\r
+ String[] parameterValues = getParameterValues();\r
+\r
+ return GetterUtil.getBoolean(parameterValues[0]);\r
+ }\r
+\r
+ private static final String _CONVERT_RESOURCE_PERMISSION =\r
+ PropsKeys.MULTI_VALUE_MAP + ConvertPermissionAlgorithm.class.getName() +\r
+ ".convertResourcePermission";\r
+\r
+ private static final String _CONVERT_ROLES =\r
+ PropsKeys.MULTI_VALUE_MAP + ConvertPermissionAlgorithm.class.getName() +\r
+ ".convertRoles";\r
+\r
+ private static final String _EXT_OTHER_ROLES = ".others_roles";\r
+\r
+ private static final String _EXT_RESOURCE_PERMISSION =\r
+ ".resource_permission";\r
+\r
+ private static final String _EXT_ROLE = ".role";\r
+\r
+ private static final String _EXT_ROLES_PERMIMISSIONS = ".roles_permissions";\r
+\r
+ private static final String _UPDATED = ".updated";\r
+\r
+ private static Log _log = LogFactoryUtil.getLog(\r
+ ConvertPermissionAlgorithm.class);\r
+\r
+ private Map<Long, Role[]> _defaultRolesMap = new HashMap<Long, Role[]>();\r
+ private Map<Long, Group> _groupsMap = new HashMap<Long, Group>();\r
+ private Map<Long, Role> _guestRolesMap = new HashMap<Long, Role>();\r
+ private Set<Long> _guestUsersSet = new HashSet<Long>();\r
+ private Map<Long, Role> _ownerRolesMap = new HashMap<Long, Role>();\r
+ private Set<String> _rolesPermissions = new HashSet<String>();\r
+\r
+}
\ No newline at end of file