protected void updateResourceBlocks(
      long companyId,
      long groupId,
      Resource resource,
      String[] groupPermissions,
      String[] guestPermissions,
      PermissionedModel permissionedModel)
      throws PortalException, SystemException {

    if (permissionedModel == null) {
      throw new IllegalArgumentException("Permissioned model is null");
    }

    // Scope is assumed to always be individual

    Role role = roleLocalService.getDefaultGroupRole(groupId);

    resourceBlockLocalService.setIndividualScopePermissions(
        companyId,
        groupId,
        resource.getName(),
        permissionedModel,
        role.getRoleId(),
        Arrays.asList(groupPermissions));

    role = roleLocalService.getRole(companyId, RoleConstants.GUEST);

    resourceBlockLocalService.setIndividualScopePermissions(
        companyId,
        groupId,
        resource.getName(),
        permissionedModel,
        role.getRoleId(),
        Arrays.asList(guestPermissions));
  }
  protected void updateResourcePermissions(
      long companyId,
      long groupId,
      Resource resource,
      String[] groupPermissions,
      String[] guestPermissions)
      throws PortalException, SystemException {

    Role role = roleLocalService.getDefaultGroupRole(groupId);

    resourcePermissionLocalService.setResourcePermissions(
        resource.getCompanyId(),
        resource.getName(),
        resource.getScope(),
        resource.getPrimKey(),
        role.getRoleId(),
        groupPermissions);

    role = roleLocalService.getRole(companyId, RoleConstants.GUEST);

    resourcePermissionLocalService.setResourcePermissions(
        resource.getCompanyId(),
        resource.getName(),
        resource.getScope(),
        resource.getPrimKey(),
        role.getRoleId(),
        guestPermissions);
  }
  protected void notifyCommunityAdministrators(MembershipRequest membershipRequest)
      throws IOException, PortalException, SystemException {

    List<UserGroupRole> admins = new UniqueList<UserGroupRole>();

    Role communityAdminRole =
        roleLocalService.getRole(
            membershipRequest.getCompanyId(), RoleConstants.COMMUNITY_ADMINISTRATOR);

    List<UserGroupRole> communityAdmins =
        userGroupRoleLocalService.getUserGroupRolesByGroupAndRole(
            membershipRequest.getGroupId(), communityAdminRole.getRoleId());

    admins.addAll(communityAdmins);

    Role communityOwnerRole =
        rolePersistence.findByC_N(membershipRequest.getCompanyId(), RoleConstants.COMMUNITY_OWNER);

    List<UserGroupRole> communityOwners =
        userGroupRoleLocalService.getUserGroupRolesByGroupAndRole(
            membershipRequest.getGroupId(), communityOwnerRole.getRoleId());

    admins.addAll(communityOwners);

    for (UserGroupRole userGroupRole : admins) {
      notify(
          userGroupRole.getUserId(),
          membershipRequest,
          PropsKeys.COMMUNITIES_EMAIL_MEMBERSHIP_REQUEST_SUBJECT,
          PropsKeys.COMMUNITIES_EMAIL_MEMBERSHIP_REQUEST_BODY);
    }
  }
  public static void updatePermissions(Layout layout, boolean addDefaultActionIds)
      throws Exception {

    long companyId = layout.getCompanyId();

    Role role = RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST);

    String[] actionIds = new String[0];

    String name = Layout.class.getName();
    int scope = ResourceConstants.SCOPE_INDIVIDUAL;
    String primKey = String.valueOf(layout.getPrimaryKey());

    ResourcePermissionLocalServiceUtil.setResourcePermissions(
        companyId, name, scope, primKey, role.getRoleId(), actionIds);

    role = RoleLocalServiceUtil.getRole(companyId, RoleConstants.POWER_USER);

    ResourcePermissionLocalServiceUtil.setResourcePermissions(
        companyId, name, scope, primKey, role.getRoleId(), actionIds);

    if (addDefaultActionIds) {
      actionIds = new String[] {ActionKeys.VIEW};
    }

    role = RoleLocalServiceUtil.getRole(companyId, RoleConstants.USER);

    ResourcePermissionLocalServiceUtil.setResourcePermissions(
        companyId, name, scope, primKey, role.getRoleId(), actionIds);
  }
  public void joinOrganization(ActionRequest actionRequest, ActionResponse actionResponse)
      throws Exception {

    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);

    Group group = _groupLocalService.getGroup(themeDisplay.getScopeGroupId());

    Organization organization = _organizationLocalService.getOrganization(group.getClassPK());

    Role role =
        _roleLocalService.getRole(themeDisplay.getCompanyId(), "Organization Administrator");

    LinkedHashMap<String, Object> userParams = new LinkedHashMap<>();

    userParams.put("userGroupRole", new Long[] {group.getGroupId(), role.getRoleId()});

    List<User> users =
        _userLocalService.search(
            themeDisplay.getCompanyId(),
            null,
            WorkflowConstants.STATUS_APPROVED,
            userParams,
            QueryUtil.ALL_POS,
            QueryUtil.ALL_POS,
            (OrderByComparator<User>) null);

    if (users.isEmpty()) {
      Role adminRole =
          _roleLocalService.getRole(themeDisplay.getCompanyId(), RoleConstants.ADMINISTRATOR);

      userParams.clear();

      userParams.put("usersRoles", adminRole.getRoleId());

      users =
          _userLocalService.search(
              themeDisplay.getCompanyId(),
              null,
              WorkflowConstants.STATUS_APPROVED,
              userParams,
              QueryUtil.ALL_POS,
              QueryUtil.ALL_POS,
              (OrderByComparator<User>) null);
    }

    JSONObject extraDataJSONObject = getExtraDataJSONObject(actionRequest);

    for (User user : users) {
      _socialRequestLocalService.addRequest(
          themeDisplay.getUserId(),
          0,
          Organization.class.getName(),
          organization.getOrganizationId(),
          MembersRequestKeys.ADD_MEMBER,
          extraDataJSONObject.toString(),
          user.getUserId());
    }
  }
  /**
   * Returns <code>true</code> if the user is associated with the named regular role.
   *
   * @param userId the primary key of the user
   * @param companyId the primary key of the company
   * @param name the name of the role
   * @param inherited whether to include the user's inherited roles in the search
   * @return <code>true</code> if the user is associated with the regular role; <code>false</code>
   *     otherwise
   * @throws PortalException if a role with the name could not be found in the company or if a
   *     default user for the company could not be found
   * @throws SystemException if a system exception occurred
   */
  @ThreadLocalCachable
  public boolean hasUserRole(long userId, long companyId, String name, boolean inherited)
      throws PortalException, SystemException {

    Role role = rolePersistence.findByC_N(companyId, name);

    if (role.getType() != RoleConstants.TYPE_REGULAR) {
      throw new IllegalArgumentException(name + " is not a regular role");
    }

    long defaultUserId = userLocalService.getDefaultUserId(companyId);

    if (userId == defaultUserId) {
      if (name.equals(RoleConstants.GUEST)) {
        return true;
      } else {
        return false;
      }
    }

    if (inherited) {
      if (userPersistence.containsRole(userId, role.getRoleId())) {
        return true;
      }

      ThreadLocalCache<Integer> threadLocalCache =
          ThreadLocalCacheManager.getThreadLocalCache(
              Lifecycle.REQUEST, RoleLocalServiceImpl.class.getName());

      String key = String.valueOf(role.getRoleId()).concat(String.valueOf(userId));

      Integer value = threadLocalCache.get(key);

      if (value == null) {
        value = roleFinder.countByR_U(role.getRoleId(), userId);

        threadLocalCache.put(key, value);
      }

      if (value > 0) {
        return true;
      } else {
        return false;
      }
    } else {
      return userPersistence.containsRole(userId, role.getRoleId());
    }
  }
  protected void addResources(
      long companyId,
      long groupId,
      long userId,
      Resource resource,
      boolean portletActions,
      PermissionedModel permissionedModel)
      throws PortalException, SystemException {

    List<String> actionIds = null;

    if (portletActions) {
      actionIds = ResourceActionsUtil.getPortletResourceActions(resource.getName());
    } else {
      actionIds = ResourceActionsUtil.getModelResourceActions(resource.getName());

      actionIds = ListUtil.copy(actionIds);

      filterOwnerActions(resource.getName(), actionIds);
    }

    Role role = roleLocalService.getRole(companyId, RoleConstants.OWNER);

    if (resourceBlockLocalService.isSupported(resource.getName())) {
      if (permissionedModel == null) {
        throw new IllegalArgumentException("Permissioned model is null");
      }

      // Scope is assumed to always be individual

      resourceBlockLocalService.setIndividualScopePermissions(
          resource.getCompanyId(),
          groupId,
          resource.getName(),
          permissionedModel,
          role.getRoleId(),
          actionIds);
    } else {
      resourcePermissionLocalService.setOwnerResourcePermissions(
          resource.getCompanyId(),
          resource.getName(),
          resource.getScope(),
          resource.getPrimKey(),
          role.getRoleId(),
          userId,
          actionIds.toArray(new String[actionIds.size()]));
    }
  }
  protected void importResourcePermissions(
      PortletDataContext portletDataContext, Role importedRole, Permission permission)
      throws PortalException, SystemException {

    int scope = permission.getScope();

    if (scope == ResourceConstants.SCOPE_COMPANY) {
      ResourcePermissionServiceUtil.addResourcePermission(
          portletDataContext.getCompanyGroupId(),
          portletDataContext.getCompanyId(),
          permission.getName(),
          scope,
          String.valueOf(portletDataContext.getCompanyGroupId()),
          importedRole.getRoleId(),
          permission.getActionId());
    } else if (scope == ResourceConstants.SCOPE_GROUP) {
      long groupId = portletDataContext.getCompanyGroupId();

      long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());

      if (sourceGroupId == portletDataContext.getSourceUserPersonalSiteGroupId()) {

        groupId = portletDataContext.getUserPersonalSiteGroupId();
      }

      ResourcePermissionServiceUtil.addResourcePermission(
          groupId,
          portletDataContext.getCompanyId(),
          permission.getName(),
          ResourceConstants.SCOPE_GROUP,
          String.valueOf(groupId),
          importedRole.getRoleId(),
          permission.getActionId());
    } else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
      ResourcePermissionServiceUtil.addResourcePermission(
          GroupConstants.DEFAULT_PARENT_GROUP_ID,
          portletDataContext.getCompanyId(),
          permission.getName(),
          ResourceConstants.SCOPE_GROUP_TEMPLATE,
          String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),
          importedRole.getRoleId(),
          permission.getActionId());
    } else {
      if (_log.isDebugEnabled()) {
        _log.debug("Individually scoped permissions are not imported");
      }
    }
  }
  protected void setRolePermissions(Role role, String name, String[] actionIds)
      throws PortalException, SystemException {

    if (resourceBlockLocalService.isSupported(name)) {
      resourceBlockLocalService.setCompanyScopePermissions(
          role.getCompanyId(), name, role.getRoleId(), Arrays.asList(actionIds));
    } else {
      resourcePermissionLocalService.setResourcePermissions(
          role.getCompanyId(),
          name,
          ResourceConstants.SCOPE_COMPANY,
          String.valueOf(role.getCompanyId()),
          role.getRoleId(),
          actionIds);
    }
  }
  protected void validate(long roleId, long companyId, long classNameId, String name)
      throws PortalException, SystemException {

    if (classNameId == PortalUtil.getClassNameId(Role.class)) {
      if (Validator.isNull(name)
          || (name.indexOf(CharPool.COMMA) != -1)
          || (name.indexOf(CharPool.STAR) != -1)) {

        throw new RoleNameException();
      }

      if (Validator.isNumber(name) && !PropsValues.ROLES_NAME_ALLOW_NUMERIC) {

        throw new RoleNameException();
      }
    }

    try {
      Role role = roleFinder.findByC_N(companyId, name);

      if (role.getRoleId() != roleId) {
        throw new DuplicateRoleException();
      }
    } catch (NoSuchRoleException nsre) {
    }
  }
  protected List<ResourceTypePermission> getResourceTypePermissions(
      PortletDataContext portletDataContext, Role importedRole) throws SystemException {

    DynamicQuery dynamicQuery = ResourceTypePermissionLocalServiceUtil.dynamicQuery();

    Property companyIdProperty = PropertyFactoryUtil.forName("companyId");

    dynamicQuery.add(companyIdProperty.eq(portletDataContext.getCompanyId()));

    Junction junction = RestrictionsFactoryUtil.disjunction();

    long[] permissibleGroupIds = {
      GroupConstants.DEFAULT_PARENT_GROUP_ID,
      portletDataContext.getCompanyId(),
      portletDataContext.getCompanyGroupId(),
      portletDataContext.getUserPersonalSiteGroupId()
    };

    for (long permissibleGroupId : permissibleGroupIds) {
      Property property = PropertyFactoryUtil.forName("groupId");

      junction.add(property.eq(permissibleGroupId));
    }

    dynamicQuery.add(junction);

    Property roleIdProperty = PropertyFactoryUtil.forName("roleId");

    dynamicQuery.add(roleIdProperty.eq(importedRole.getRoleId()));

    return ResourceTypePermissionLocalServiceUtil.dynamicQuery(dynamicQuery);
  }
  @Override
  protected void doUpgrade() throws Exception {
    List<User> users = UserLocalServiceUtil.getUsers(QueryUtil.ALL_POS, QueryUtil.ALL_POS);

    for (User user : users) {
      try {
        if (user.isDefaultUser()) {
          continue;
        }

        Group group = user.getGroup();

        LayoutSet layoutSet = LayoutSetLocalServiceUtil.getLayoutSet(group.getGroupId(), false);

        String themeId = layoutSet.getThemeId();

        if (!themeId.equals("so_WAR_sotheme")) {
          return;
        }

        Role role =
            RoleLocalServiceUtil.getRole(user.getCompanyId(), RoleConstants.SOCIAL_OFFICE_USER);

        UserLocalServiceUtil.addRoleUsers(role.getRoleId(), new long[] {user.getUserId()});

        updateUserGroup(group);
        updateSocialRelations(user);
      } catch (Exception e) {
      }
    }
  }
  static void ensureUserCustomFieldExists(
      com.liferay.portal.model.User liferayUser, PortletRequest request)
      throws PortalException, SystemException {
    ExpandoBridge exp = liferayUser.getExpandoBridge();
    if (!exp.hasAttribute(CUSTOM_FIELD_PROJECT_GROUP_FILTER)) {
      exp.addAttribute(CUSTOM_FIELD_PROJECT_GROUP_FILTER, ExpandoColumnConstants.STRING, false);
      long companyId = liferayUser.getCompanyId();

      ExpandoColumn column =
          ExpandoColumnLocalServiceUtil.getColumn(
              companyId,
              exp.getClassName(),
              ExpandoTableConstants.DEFAULT_TABLE_NAME,
              CUSTOM_FIELD_PROJECT_GROUP_FILTER);

      String[] roleNames = new String[] {RoleConstants.USER, RoleConstants.POWER_USER};
      for (String roleName : roleNames) {
        Role role = RoleLocalServiceUtil.getRole(companyId, roleName);
        if (role != null && column != null) {
          ResourcePermissionLocalServiceUtil.setResourcePermissions(
              companyId,
              ExpandoColumn.class.getName(),
              ResourceConstants.SCOPE_INDIVIDUAL,
              String.valueOf(column.getColumnId()),
              role.getRoleId(),
              new String[] {ActionKeys.VIEW, ActionKeys.UPDATE});
        }
      }
    }
  }
  public static void putUserRole(long userId, Role role, Boolean value) {
    if (value == null) {
      return;
    }

    UserRoleKey userRoleKey = new UserRoleKey(userId, role.getRoleId());

    _userRolePortalCache.put(userRoleKey, value);
  }
  @Override
  public int compare(Object obj1, Object obj2) {
    Role role1 = (Role) obj1;
    Role role2 = (Role) obj2;

    int value = 0;

    if (role1.getRoleId() > role2.getRoleId()) {
      value = 1;
    } else if (role1.getRoleId() < role2.getRoleId()) {
      value = -1;
    }

    if (_ascending) {
      return value;
    } else {
      return -value;
    }
  }
  protected void addRequiredMemberRole(Group group, BooleanQuery permissionQuery) throws Exception {

    if (group.isOrganization()) {
      Role organizationUserRole =
          RoleLocalServiceUtil.getRole(group.getCompanyId(), RoleConstants.ORGANIZATION_USER);

      permissionQuery.addTerm(
          Field.GROUP_ROLE_ID,
          group.getGroupId() + StringPool.DASH + organizationUserRole.getRoleId());
    }

    if (group.isSite()) {
      Role siteMemberRole =
          RoleLocalServiceUtil.getRole(group.getCompanyId(), RoleConstants.SITE_MEMBER);

      permissionQuery.addTerm(
          Field.GROUP_ROLE_ID, group.getGroupId() + StringPool.DASH + siteMemberRole.getRoleId());
    }
  }
  protected void deleteRolePermissions(PortletDataContext portletDataContext, Role importedRole)
      throws SystemException {

    List<ResourcePermission> resourcePermissions =
        ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
            importedRole.getRoleId(),
            new int[] {ResourceConstants.SCOPE_COMPANY, ResourceConstants.SCOPE_GROUP_TEMPLATE},
            QueryUtil.ALL_POS,
            QueryUtil.ALL_POS);

    for (ResourcePermission resourcePermission : resourcePermissions) {
      ResourcePermissionLocalServiceUtil.deleteResourcePermission(resourcePermission);
    }

    List<ResourcePermission> groupResourcePermissions =
        ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(
            importedRole.getRoleId(),
            new int[] {ResourceConstants.SCOPE_GROUP},
            QueryUtil.ALL_POS,
            QueryUtil.ALL_POS);

    for (ResourcePermission groupResourcePermission : groupResourcePermissions) {

      long groupId = GetterUtil.getLong(groupResourcePermission.getPrimKey());

      if ((groupId == portletDataContext.getCompanyGroupId())
          || (groupId == portletDataContext.getUserPersonalSiteGroupId())) {

        ResourcePermissionLocalServiceUtil.deleteResourcePermission(groupResourcePermission);
      }
    }

    List<ResourceTypePermission> resourceTypePermissions =
        getResourceTypePermissions(portletDataContext, importedRole);

    for (ResourceTypePermission resourceTypePermission : resourceTypePermissions) {

      ResourceTypePermissionLocalServiceUtil.deleteResourceTypePermission(resourceTypePermission);
    }
  }
  /**
   * Adds a role with additional parameters. The user is reindexed after role is added.
   *
   * @param userId the primary key of the user
   * @param companyId the primary key of the company
   * @param name the role's name
   * @param titleMap the role's localized titles (optionally <code>null</code>)
   * @param descriptionMap the role's localized descriptions (optionally <code>null</code>)
   * @param type the role's type (optionally <code>0</code>)
   * @param className the name of the class for which the role is created (optionally <code>null
   *     </code>)
   * @param classPK the primary key of the class for which the role is created (optionally <code>0
   *     </code>)
   * @return the role
   * @throws PortalException if the class name or the role name were invalid, if the role is a
   *     duplicate, or if a user with the primary key could not be found
   * @throws SystemException if a system exception occurred
   */
  public Role addRole(
      long userId,
      long companyId,
      String name,
      Map<Locale, String> titleMap,
      Map<Locale, String> descriptionMap,
      int type,
      String className,
      long classPK)
      throws PortalException, SystemException {

    // Role

    className = GetterUtil.getString(className);
    long classNameId = PortalUtil.getClassNameId(className);

    long roleId = counterLocalService.increment();

    if ((classNameId <= 0) || className.equals(Role.class.getName())) {
      classNameId = PortalUtil.getClassNameId(Role.class);
      classPK = roleId;
    }

    validate(0, companyId, classNameId, name);

    Role role = rolePersistence.create(roleId);

    role.setCompanyId(companyId);
    role.setClassNameId(classNameId);
    role.setClassPK(classPK);
    role.setName(name);
    role.setTitleMap(titleMap);
    role.setDescriptionMap(descriptionMap);
    role.setType(type);

    rolePersistence.update(role, false);

    // Resources

    if (userId > 0) {
      resourceLocalService.addResources(
          companyId, 0, userId, Role.class.getName(), role.getRoleId(), false, false, false);

      if (!ImportExportThreadLocal.isImportInProcess()) {
        Indexer indexer = IndexerRegistryUtil.nullSafeGetIndexer(User.class);

        indexer.reindex(userId);
      }
    }

    return role;
  }
Exemple #19
0
  public static void propagatePermissions(
      long companyId, long groupId, long parentMessageId, ServiceContext serviceContext)
      throws PortalException {

    MBMessage parentMessage = MBMessageLocalServiceUtil.getMBMessage(parentMessageId);

    Role defaultGroupRole = RoleLocalServiceUtil.getDefaultGroupRole(groupId);
    Role guestRole = RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST);

    long[] roleIds = {defaultGroupRole.getRoleId(), guestRole.getRoleId()};

    List<String> actionIds = ResourceActionsUtil.getModelResourceActions(MBMessage.class.getName());

    Map<Long, Set<String>> roleIdsToActionIds =
        ResourcePermissionLocalServiceUtil.getAvailableResourcePermissionActionIds(
            companyId,
            MBMessage.class.getName(),
            ResourceConstants.SCOPE_INDIVIDUAL,
            String.valueOf(parentMessage.getMessageId()),
            roleIds,
            actionIds);

    Set<String> defaultGroupActionIds = roleIdsToActionIds.get(defaultGroupRole.getRoleId());

    if (defaultGroupActionIds == null) {
      serviceContext.setGroupPermissions(new String[] {});
    } else {
      serviceContext.setGroupPermissions(
          defaultGroupActionIds.toArray(new String[defaultGroupActionIds.size()]));
    }

    Set<String> guestActionIds = roleIdsToActionIds.get(guestRole.getRoleId());

    if (guestActionIds == null) {
      serviceContext.setGuestPermissions(new String[] {});
    } else {
      serviceContext.setGuestPermissions(guestActionIds.toArray(new String[guestActionIds.size()]));
    }
  }
  public long[] getRoleIds() throws SystemException {
    List<Role> roles = getRoles();

    long[] roleIds = new long[roles.size()];

    for (int i = 0; i < roles.size(); i++) {
      Role role = roles.get(i);

      roleIds[i] = role.getRoleId();
    }

    return roleIds;
  }
  protected void addGroupPermissions(long groupId, Resource resource, String[] actionIds)
      throws PortalException, SystemException {

    Role role = roleLocalService.getDefaultGroupRole(groupId);

    resourcePermissionLocalService.setResourcePermissions(
        resource.getCompanyId(),
        resource.getName(),
        resource.getScope(),
        resource.getPrimKey(),
        role.getRoleId(),
        actionIds);
  }
  protected void addGuestPermissions(long companyId, Resource resource, String[] actionIds)
      throws PortalException, SystemException {

    Role guestRole = roleLocalService.getRole(companyId, RoleConstants.GUEST);

    resourcePermissionLocalService.setResourcePermissions(
        resource.getCompanyId(),
        resource.getName(),
        resource.getScope(),
        resource.getPrimKey(),
        guestRole.getRoleId(),
        actionIds);
  }
  /**
   * Deletes the role and its associated permissions.
   *
   * @param role the role
   * @return the deleted role
   * @throws PortalException if the role is a default system role or if the role's resource could
   *     not be found
   * @throws SystemException if a system exception occurred
   */
  @Override
  public Role deleteRole(Role role) throws PortalException, SystemException {
    if (PortalUtil.isSystemRole(role.getName())) {
      throw new RequiredRoleException();
    }

    // Resources

    String className = role.getClassName();
    long classNameId = role.getClassNameId();

    if ((classNameId <= 0) || className.equals(Role.class.getName())) {
      resourceLocalService.deleteResource(
          role.getCompanyId(),
          Role.class.getName(),
          ResourceConstants.SCOPE_INDIVIDUAL,
          role.getRoleId());
    }

    if ((role.getType() == RoleConstants.TYPE_ORGANIZATION)
        || (role.getType() == RoleConstants.TYPE_SITE)) {

      userGroupRoleLocalService.deleteUserGroupRolesByRoleId(role.getRoleId());

      userGroupGroupRoleLocalService.deleteUserGroupGroupRolesByRoleId(role.getRoleId());
    }

    // Role

    rolePersistence.remove(role);

    // Permission cache

    PermissionCacheUtil.clearCache();

    return role;
  }
  protected void addRole(long companyId, LDAPGroup ldapGroup, UserGroup userGroup)
      throws Exception {

    if (!PropsValues.LDAP_IMPORT_CREATE_ROLE_PER_GROUP) {
      return;
    }

    Role role = null;

    try {
      role = RoleLocalServiceUtil.getRole(companyId, ldapGroup.getGroupName());
    } catch (NoSuchRoleException nsre) {
      User defaultUser = UserLocalServiceUtil.getDefaultUser(companyId);

      Map<Locale, String> descriptionMap = new HashMap<Locale, String>();

      descriptionMap.put(LocaleUtil.getDefault(), "Autogenerated role from LDAP import");

      role =
          RoleLocalServiceUtil.addRole(
              defaultUser.getUserId(),
              companyId,
              ldapGroup.getGroupName(),
              null,
              descriptionMap,
              RoleConstants.TYPE_REGULAR);
    }

    Group group = userGroup.getGroup();

    if (GroupLocalServiceUtil.hasRoleGroup(role.getRoleId(), group.getGroupId())) {

      return;
    }

    GroupLocalServiceUtil.addRoleGroups(role.getRoleId(), new long[] {group.getGroupId()});
  }
  protected void updateAction_1to5(
      Role role,
      long groupId,
      String selResource,
      String actionId,
      boolean selected,
      int scope,
      String[] groupIds)
      throws Exception {

    long roleId = role.getRoleId();

    if (selected) {
      if (scope == ResourceConstants.SCOPE_COMPANY) {
        PermissionServiceUtil.setRolePermission(
            roleId, groupId, selResource, scope, String.valueOf(role.getCompanyId()), actionId);
      } else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
        PermissionServiceUtil.setRolePermission(
            roleId,
            groupId,
            selResource,
            ResourceConstants.SCOPE_GROUP_TEMPLATE,
            String.valueOf(GroupConstants.DEFAULT_PARENT_GROUP_ID),
            actionId);
      } else {
        PermissionServiceUtil.unsetRolePermissions(
            roleId, groupId, selResource, ResourceConstants.SCOPE_GROUP, actionId);

        for (String curGroupId : groupIds) {
          PermissionServiceUtil.setRolePermission(
              roleId, groupId, selResource, ResourceConstants.SCOPE_GROUP, curGroupId, actionId);
        }
      }
    } else {

      // Remove company, group template, and group permissions

      PermissionServiceUtil.unsetRolePermissions(
          roleId, groupId, selResource, ResourceConstants.SCOPE_COMPANY, actionId);

      PermissionServiceUtil.unsetRolePermissions(
          roleId, groupId, selResource, ResourceConstants.SCOPE_GROUP_TEMPLATE, actionId);

      PermissionServiceUtil.unsetRolePermissions(
          roleId, groupId, selResource, ResourceConstants.SCOPE_GROUP, actionId);
    }
  }
  @Test
  public void testFindByR_N_A() throws Exception {
    List<Role> roles =
        RoleFinderUtil.findByR_N_A(
            _resourceBlock.getResourceBlockId(),
            _resourceBlock.getName(),
            _bookmarkFolderResourceAction.getActionId());

    for (Role role : roles) {
      if (role.getRoleId() == _arbitraryRole.getRoleId()) {
        return;
      }
    }

    Assert.fail(
        "The method findByR_N_A should have returned the role " + _arbitraryRole.getRoleId());
  }
  protected void addPortletModelViewPermission() throws Exception {
    RoleTestUtil.addResourcePermission(
        getRoleName(),
        getResourceName(),
        ResourceConstants.SCOPE_GROUP,
        getPrimKey(),
        ActionKeys.VIEW);

    Role role = RoleLocalServiceUtil.getRole(TestPropsValues.getCompanyId(), getRoleName());

    ResourcePermissionLocalServiceUtil.setResourcePermissions(
        group.getCompanyId(),
        getResourceName(),
        ResourceConstants.SCOPE_INDIVIDUAL,
        getPrimKey(),
        role.getRoleId(),
        new String[] {ActionKeys.VIEW});
  }
  @Test
  public void testFindByC_N_S_P_A() throws Exception {
    List<Role> roles =
        RoleFinderUtil.findByC_N_S_P_A(
            _resourcePermission.getCompanyId(),
            _resourcePermission.getName(),
            _resourcePermission.getScope(),
            _resourcePermission.getPrimKey(),
            _arbitraryResourceAction.getActionId());

    for (Role role : roles) {
      if (role.getRoleId() == _arbitraryRole.getRoleId()) {
        return;
      }
    }

    Assert.fail(
        "The method findByC_N_S_P_A should have returned the role " + _arbitraryRole.getRoleId());
  }
  protected void deletePermissions_6(long companyId) throws Exception {
    Group group = GroupLocalServiceUtil.getGroup(companyId, GroupConstants.CONTROL_PANEL);

    long plid = LayoutLocalServiceUtil.getDefaultPlid(group.getGroupId(), true);

    Role role = RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST);

    List<ResourcePermission> resourcePermissions =
        ResourcePermissionLocalServiceUtil.getRoleResourcePermissions(role.getRoleId());

    for (ResourcePermission resourcePermission : resourcePermissions) {
      if (isControlPanelLayout(plid, resourcePermission.getPrimKey())
          || isPrivateLayout(resourcePermission.getName(), resourcePermission.getPrimKey())) {

        ResourcePermissionLocalServiceUtil.deleteResourcePermission(
            resourcePermission.getResourcePermissionId());
      }
    }
  }
Exemple #30
0
 public List<TtUser> getUsersForRole(String roleName, long userId) {
   List<TtUser> roleUsrs = new ArrayList<TtUser>();
   try {
     List<Organization> usrOrgs = orgService.getUserOrganizations(userId);
     for (Organization org : usrOrgs) {
       Role role = roleService.getRole(org.getCompanyId(), roleName);
       if (role != null) {
         List<User> usrs = usrService.getRoleUsers(role.getRoleId());
         for (User usr : usrs) {
           roleUsrs.add(UserServiceConversionHelper.convertPortalUserToTtUser(usr));
         }
       }
     }
   } catch (PortalException ex) {
     Logger.getLogger(UserServiceImpl.class.getName()).log(Level.SEVERE, null, ex);
   } catch (SystemException ex) {
     Logger.getLogger(UserServiceImpl.class.getName()).log(Level.SEVERE, null, ex);
   }
   return roleUsrs;
 }