protected ResourceBlock convertResourcePermissions(long companyId, String name, long primKey)
throws PortalException, SystemException {
PermissionedModel permissionedModel =
ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);
long groupId = 0;
if (permissionedModel instanceof GroupedModel) {
GroupedModel groupedModel = (GroupedModel) permissionedModel;
groupId = groupedModel.getGroupId();
}
ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
getResourceBlockPermissionsContainer(companyId, groupId, name, primKey);
String permissionsHash =
ResourceBlockLocalServiceUtil.getPermissionsHash(resourceBlockPermissionsContainer);
ResourceBlock resourceBlock =
ResourceBlockLocalServiceUtil.updateResourceBlockId(
companyId,
groupId,
name,
permissionedModel,
permissionsHash,
resourceBlockPermissionsContainer);
return resourceBlock;
}
protected void convertResourcePermissions(String name, String tableName, String pkColumnName)
throws Exception {
Connection con = null;
PreparedStatement ps = null;
ResultSet rs = null;
try {
con = DataAccess.getConnection();
ps = con.prepareStatement("select " + pkColumnName + ", companyId from " + tableName);
rs = ps.executeQuery();
while (rs.next()) {
long primKey = rs.getLong(pkColumnName);
long companyId = rs.getLong("companyId");
ResourceBlock resourceBlock = convertResourcePermissions(companyId, name, primKey);
if (_log.isInfoEnabled() && ((resourceBlock.getResourceBlockId() % 100) == 0)) {
_log.info("Processed 100 resource blocks for " + name);
}
}
} finally {
DataAccess.cleanUp(con, ps, rs);
}
List<ResourcePermission> resourcePermissions =
ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(_SCOPES);
for (ResourcePermission resourcePermission : resourcePermissions) {
int scope = resourcePermission.getScope();
if (!name.equals(resourcePermission.getName())) {
continue;
}
if ((scope == ResourceConstants.SCOPE_COMPANY)
|| (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {
ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
resourcePermission.getCompanyId(),
name,
resourcePermission.getRoleId(),
resourcePermission.getActionIds());
} else if (scope == ResourceConstants.SCOPE_GROUP) {
ResourceBlockLocalServiceUtil.setGroupScopePermissions(
resourcePermission.getCompanyId(),
GetterUtil.getLong(resourcePermission.getPrimaryKey()),
name,
resourcePermission.getRoleId(),
resourcePermission.getActionIds());
}
}
}
public void deletePermission(ActionRequest actionRequest, ActionResponse actionResponse)
throws Exception {
ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
long roleId = ParamUtil.getLong(actionRequest, "roleId");
String name = ParamUtil.getString(actionRequest, "name");
int scope = ParamUtil.getInteger(actionRequest, "scope");
String primKey = ParamUtil.getString(actionRequest, "primKey");
String actionId = ParamUtil.getString(actionRequest, "actionId");
Role role = RoleLocalServiceUtil.getRole(roleId);
String roleName = role.getName();
if (roleName.equals(RoleConstants.ADMINISTRATOR)
|| roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR)
|| roleName.equals(RoleConstants.ORGANIZATION_OWNER)
|| roleName.equals(RoleConstants.OWNER)
|| roleName.equals(RoleConstants.SITE_ADMINISTRATOR)
|| roleName.equals(RoleConstants.SITE_OWNER)) {
throw new RolePermissionsException(roleName);
}
if (ResourceBlockLocalServiceUtil.isSupported(name)) {
if (scope == ResourceConstants.SCOPE_GROUP) {
ResourceBlockServiceUtil.removeGroupScopePermission(
themeDisplay.getScopeGroupId(),
themeDisplay.getCompanyId(),
GetterUtil.getLong(primKey),
name,
roleId,
actionId);
} else {
ResourceBlockServiceUtil.removeCompanyScopePermission(
themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(), name, roleId, actionId);
}
} else {
ResourcePermissionServiceUtil.removeResourcePermission(
themeDisplay.getScopeGroupId(),
themeDisplay.getCompanyId(),
name,
scope,
primKey,
roleId,
actionId);
}
// Send redirect
SessionMessages.add(actionRequest, "permissionDeleted");
String redirect = PortalUtil.escapeRedirect(ParamUtil.getString(actionRequest, "redirect"));
if (Validator.isNotNull(redirect)) {
actionResponse.sendRedirect(redirect);
}
}
@AfterClass
public static void tearDownClass() throws Exception {
ResourcePermissionLocalServiceUtil.deleteResourcePermission(_resourcePermission);
ResourceBlockLocalServiceUtil.deleteResourceBlock(_resourceBlock);
ResourceBlockPermissionLocalServiceUtil.deleteResourceBlockPermission(_resourceBlockPermission);
}
public ResourceBlockActionableDynamicQuery() {
setBaseLocalService(ResourceBlockLocalServiceUtil.getService());
setClassLoader(PortalClassLoaderUtil.getClassLoader());
setModelClass(ResourceBlock.class);
setPrimaryKeyPropertyName("resourceBlockId");
}
protected void importResourceBlock(
PortletDataContext portletDataContext, Role importedRole, Permission permission)
throws PortalException, SystemException {
int scope = permission.getScope();
if (scope == ResourceConstants.SCOPE_COMPANY) {
ResourceBlockLocalServiceUtil.addCompanyScopePermission(
portletDataContext.getCompanyId(), permission.getName(),
importedRole.getRoleId(), permission.getActionId());
} else if (scope == ResourceConstants.SCOPE_GROUP) {
long groupId = portletDataContext.getCompanyGroupId();
long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());
if (sourceGroupId == portletDataContext.getSourceUserPersonalSiteGroupId()) {
groupId = portletDataContext.getUserPersonalSiteGroupId();
}
ResourceBlockLocalServiceUtil.addGroupScopePermission(
portletDataContext.getCompanyId(),
groupId,
permission.getName(),
importedRole.getRoleId(),
permission.getActionId());
} else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
ResourceBlockLocalServiceUtil.addGroupScopePermission(
portletDataContext.getCompanyId(),
GroupConstants.DEFAULT_PARENT_GROUP_ID,
permission.getName(),
importedRole.getRoleId(),
permission.getActionId());
} else {
if (_log.isDebugEnabled()) {
_log.debug("Individually scoped permissions are not exported");
}
}
}
protected Map<Long, Set<String>> getActionIds(
long companyId, long[] roleIds, String className, long primKey, List<String> actionIds)
throws PortalException, SystemException {
if (ResourceBlockLocalServiceUtil.isSupported(className)) {
return ResourceBlockPermissionLocalServiceUtil.getAvailableResourceBlockPermissionActionIds(
roleIds, className, primKey, actionIds);
} else {
return ResourcePermissionLocalServiceUtil.getAvailableResourcePermissionActionIds(
companyId,
className,
ResourceConstants.SCOPE_INDIVIDUAL,
String.valueOf(primKey),
roleIds,
actionIds);
}
}
@Test
public void testActionableDynamicQuery() throws Exception {
final IntegerWrapper count = new IntegerWrapper();
ActionableDynamicQuery actionableDynamicQuery =
ResourceBlockLocalServiceUtil.getActionableDynamicQuery();
actionableDynamicQuery.setPerformActionMethod(
new ActionableDynamicQuery.PerformActionMethod() {
@Override
public void performAction(Object object) {
ResourceBlock resourceBlock = (ResourceBlock) object;
Assert.assertNotNull(resourceBlock);
count.increment();
}
});
actionableDynamicQuery.performActions();
Assert.assertEquals(count.getValue(), _persistence.countAll());
}
public void importPermissions(String resourceName, long resourcePK, long newResourcePK)
throws PortalException, SystemException {
if (!MapUtil.getBoolean(_parameterMap, PortletDataHandlerKeys.PERMISSIONS)) {
return;
}
List<KeyValuePair> permissions =
_permissionsMap.get(getPrimaryKeyString(resourceName, resourcePK));
if (permissions == null) {
return;
}
Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
for (KeyValuePair permission : permissions) {
String roleName = permission.getKey();
Role role = null;
Team team = null;
if (roleName.startsWith(PermissionExporter.ROLE_TEAM_PREFIX)) {
roleName = roleName.substring(PermissionExporter.ROLE_TEAM_PREFIX.length());
try {
team = TeamLocalServiceUtil.getTeam(_groupId, roleName);
} catch (NoSuchTeamException nste) {
if (_log.isWarnEnabled()) {
_log.warn("Team " + roleName + " does not exist");
}
continue;
}
}
try {
if (team != null) {
role = RoleLocalServiceUtil.getTeamRole(_companyId, team.getTeamId());
} else {
role = RoleLocalServiceUtil.getRole(_companyId, roleName);
}
} catch (NoSuchRoleException nsre) {
if (_log.isWarnEnabled()) {
_log.warn("Role " + roleName + " does not exist");
}
continue;
}
String[] actionIds = StringUtil.split(permission.getValue());
roleIdsToActionIds.put(role.getRoleId(), actionIds);
}
if (roleIdsToActionIds.isEmpty()) {
return;
}
if (ResourceBlockLocalServiceUtil.isSupported(resourceName)) {
ResourceBlockLocalServiceUtil.setIndividualScopePermissions(
_companyId, _groupId, resourceName, newResourcePK, roleIdsToActionIds);
} else {
ResourcePermissionLocalServiceUtil.setResourcePermissions(
_companyId,
resourceName,
ResourceConstants.SCOPE_INDIVIDUAL,
String.valueOf(newResourcePK),
roleIdsToActionIds);
}
}
public void updateActions(ActionRequest actionRequest, ActionResponse actionResponse)
throws Exception {
ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
long roleId = ParamUtil.getLong(actionRequest, "roleId");
Role role = RoleLocalServiceUtil.getRole(roleId);
String roleName = role.getName();
if (roleName.equals(RoleConstants.ADMINISTRATOR)
|| roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR)
|| roleName.equals(RoleConstants.ORGANIZATION_OWNER)
|| roleName.equals(RoleConstants.OWNER)
|| roleName.equals(RoleConstants.SITE_ADMINISTRATOR)
|| roleName.equals(RoleConstants.SITE_OWNER)) {
throw new RolePermissionsException(roleName);
}
String portletResource = ParamUtil.getString(actionRequest, "portletResource");
String[] relatedPortletResources =
StringUtil.split(ParamUtil.getString(actionRequest, "relatedPortletResources"));
String[] modelResources =
StringUtil.split(ParamUtil.getString(actionRequest, "modelResources"));
Map<String, List<String>> resourceActionsMap = new HashMap<>();
if (Validator.isNotNull(portletResource)) {
resourceActionsMap.put(
portletResource, ResourceActionsUtil.getResourceActions(portletResource, null));
}
for (String relatedPortletResource : relatedPortletResources) {
resourceActionsMap.put(
relatedPortletResource,
ResourceActionsUtil.getResourceActions(relatedPortletResource, null));
}
for (String modelResource : modelResources) {
resourceActionsMap.put(
modelResource, ResourceActionsUtil.getResourceActions(null, modelResource));
}
int rootResourceScope = ResourceConstants.SCOPE_COMPANY;
String[] rootResourceGroupIds = null;
String[] selectedTargets =
StringUtil.split(ParamUtil.getString(actionRequest, "selectedTargets"));
String[] unselectedTargets =
StringUtil.split(ParamUtil.getString(actionRequest, "unselectedTargets"));
for (Map.Entry<String, List<String>> entry : resourceActionsMap.entrySet()) {
String selResource = entry.getKey();
List<String> actions = entry.getValue();
actions = ListUtil.sort(actions, new ActionComparator(themeDisplay.getLocale()));
for (String actionId : actions) {
String target = selResource + actionId;
boolean selected = ArrayUtil.contains(selectedTargets, target);
if (!selected && !ArrayUtil.contains(unselectedTargets, target)) {
continue;
}
String[] groupIds =
StringUtil.split(ParamUtil.getString(actionRequest, "groupIds" + target));
groupIds = ArrayUtil.distinct(groupIds);
int scope = ResourceConstants.SCOPE_COMPANY;
if ((role.getType() == RoleConstants.TYPE_ORGANIZATION)
|| (role.getType() == RoleConstants.TYPE_PROVIDER)
|| (role.getType() == RoleConstants.TYPE_SITE)) {
scope = ResourceConstants.SCOPE_GROUP_TEMPLATE;
} else {
if (groupIds.length > 0) {
scope = ResourceConstants.SCOPE_GROUP;
}
}
if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
updateActions_Blocks(
role,
themeDisplay.getScopeGroupId(),
selResource,
actionId,
selected,
scope,
groupIds);
} else {
updateAction(
role,
themeDisplay.getScopeGroupId(),
selResource,
actionId,
selected,
scope,
groupIds);
}
if (selected && actionId.equals(ActionKeys.ACCESS_IN_CONTROL_PANEL)) {
updateViewControlPanelPermission(
role, themeDisplay.getScopeGroupId(), selResource, scope, groupIds);
rootResourceScope = scope;
rootResourceGroupIds = groupIds;
}
}
}
// LPS-38031
if (rootResourceGroupIds != null) {
updateViewRootResourcePermission(
role,
themeDisplay.getScopeGroupId(),
portletResource,
rootResourceScope,
rootResourceGroupIds);
}
// Send redirect
SessionMessages.add(actionRequest, "permissionsUpdated");
String redirect = PortalUtil.escapeRedirect(ParamUtil.getString(actionRequest, "redirect"));
if (Validator.isNotNull(redirect)) {
actionResponse.sendRedirect(redirect);
}
}
@Override
protected void doImportStagedModel(PortletDataContext portletDataContext, Role role)
throws Exception {
long userId = portletDataContext.getUserId(role.getUserUuid());
ServiceContext serviceContext = portletDataContext.createServiceContext(role);
Role existingRole =
RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(
role.getUuid(), portletDataContext.getCompanyId());
if (existingRole == null) {
existingRole =
RoleLocalServiceUtil.fetchRole(portletDataContext.getCompanyId(), role.getName());
}
Role importedRole = null;
if (existingRole == null) {
serviceContext.setUuid(role.getUuid());
importedRole =
RoleLocalServiceUtil.addRole(
userId,
null,
0,
role.getName(),
role.getTitleMap(),
role.getDescriptionMap(),
role.getType(),
role.getSubtype(),
serviceContext);
} else {
importedRole =
RoleLocalServiceUtil.updateRole(
existingRole.getRoleId(),
role.getName(),
role.getTitleMap(),
role.getDescriptionMap(),
role.getSubtype(),
serviceContext);
deleteRolePermissions(portletDataContext, importedRole);
}
String permissionsPath = ExportImportPathUtil.getModelPath(role, "permissions.xml");
List<Permission> permissions =
(List<Permission>) portletDataContext.getZipEntryAsObject(permissionsPath);
for (Permission permission : permissions) {
if (ResourceBlockLocalServiceUtil.isSupported(permission.getName())) {
importResourceBlock(portletDataContext, importedRole, permission);
} else {
importResourcePermissions(portletDataContext, importedRole, permission);
}
}
portletDataContext.importClassedModel(role, importedRole);
}
protected void updateRolePermissions(ActionRequest actionRequest) throws Exception {
ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
String portletResource = ParamUtil.getString(actionRequest, "portletResource");
String modelResource = ParamUtil.getString(actionRequest, "modelResource");
long[] roleIds =
StringUtil.split(ParamUtil.getString(actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);
String selResource = PortletConstants.getRootPortletId(portletResource);
if (Validator.isNotNull(modelResource)) {
selResource = modelResource;
}
long resourceGroupId =
ParamUtil.getLong(actionRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
String resourcePrimKey = ParamUtil.getString(actionRequest, "resourcePrimKey");
Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();
if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
for (long roleId : roleIds) {
List<String> actionIds = getActionIdsList(actionRequest, roleId, true);
roleIdsToActionIds.put(roleId, actionIds.toArray(new String[actionIds.size()]));
}
ResourceBlockServiceUtil.setIndividualScopePermissions(
themeDisplay.getCompanyId(),
resourceGroupId,
selResource,
GetterUtil.getLong(resourcePrimKey),
roleIdsToActionIds);
} else {
for (long roleId : roleIds) {
String[] actionIds = getActionIds(actionRequest, roleId, false);
roleIdsToActionIds.put(roleId, actionIds);
}
ResourcePermissionServiceUtil.setIndividualResourcePermissions(
resourceGroupId,
themeDisplay.getCompanyId(),
selResource,
resourcePrimKey,
roleIdsToActionIds);
}
int pos = resourcePrimKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);
if (pos != -1) {
long plid = GetterUtil.getLong(resourcePrimKey.substring(0, pos));
Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);
if (layout != null) {
layout.setModifiedDate(new Date());
LayoutLocalServiceUtil.updateLayout(layout);
CacheUtil.clearCache(layout.getCompanyId());
}
}
if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
Portlet portlet =
PortletLocalServiceUtil.getPortletById(themeDisplay.getCompanyId(), portletResource);
PermissionPropagator permissionPropagator = portlet.getPermissionPropagatorInstance();
if (permissionPropagator != null) {
permissionPropagator.propagateRolePermissions(
actionRequest, modelResource, resourcePrimKey, roleIds);
}
}
}
protected void updateActions(ActionRequest actionRequest, ActionResponse actionResponse)
throws Exception {
ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);
long roleId = ParamUtil.getLong(actionRequest, "roleId");
Role role = RoleLocalServiceUtil.getRole(roleId);
String roleName = role.getName();
if (roleName.equals(RoleConstants.ADMINISTRATOR)
|| roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR)
|| roleName.equals(RoleConstants.ORGANIZATION_OWNER)
|| roleName.equals(RoleConstants.OWNER)
|| roleName.equals(RoleConstants.SITE_ADMINISTRATOR)
|| roleName.equals(RoleConstants.SITE_OWNER)) {
throw new RolePermissionsException(roleName);
}
String portletResource = ParamUtil.getString(actionRequest, "portletResource");
String[] modelResources =
StringUtil.split(ParamUtil.getString(actionRequest, "modelResources"));
boolean showModelResources = ParamUtil.getBoolean(actionRequest, "showModelResources");
Map<String, List<String>> resourceActionsMap = new HashMap<String, List<String>>();
if (showModelResources) {
for (String modelResource : modelResources) {
resourceActionsMap.put(
modelResource, ResourceActionsUtil.getResourceActions(null, modelResource));
}
} else if (Validator.isNotNull(portletResource)) {
resourceActionsMap.put(
portletResource, ResourceActionsUtil.getResourceActions(portletResource, null));
}
String[] selectedTargets =
StringUtil.split(ParamUtil.getString(actionRequest, "selectedTargets"));
for (Map.Entry<String, List<String>> entry : resourceActionsMap.entrySet()) {
String selResource = entry.getKey();
List<String> actions = entry.getValue();
actions = ListUtil.sort(actions, new ActionComparator(themeDisplay.getLocale()));
for (String actionId : actions) {
String target = selResource + actionId;
boolean selected = ArrayUtil.contains(selectedTargets, target);
String[] groupIds =
StringUtil.split(ParamUtil.getString(actionRequest, "groupIds" + target));
groupIds = ArrayUtil.distinct(groupIds);
int scope = ResourceConstants.SCOPE_COMPANY;
if ((role.getType() == RoleConstants.TYPE_ORGANIZATION)
|| (role.getType() == RoleConstants.TYPE_PROVIDER)
|| (role.getType() == RoleConstants.TYPE_SITE)) {
scope = ResourceConstants.SCOPE_GROUP_TEMPLATE;
} else {
if (groupIds.length > 0) {
scope = ResourceConstants.SCOPE_GROUP;
}
}
if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
updateActions_6Blocks(
role,
themeDisplay.getScopeGroupId(),
selResource,
actionId,
selected,
scope,
groupIds);
} else {
updateAction_6(
role,
themeDisplay.getScopeGroupId(),
selResource,
actionId,
selected,
scope,
groupIds);
}
} else {
updateAction_1to5(
role,
themeDisplay.getScopeGroupId(),
selResource,
actionId,
selected,
scope,
groupIds);
}
}
}
// Send redirect
SessionMessages.add(actionRequest, "permissionsUpdated");
String redirect = PortalUtil.escapeRedirect(ParamUtil.getString(actionRequest, "redirect"));
if (Validator.isNotNull(redirect)) {
redirect = redirect + "&" + Constants.CMD + "=" + Constants.VIEW;
actionResponse.sendRedirect(redirect);
}
}
protected void doAddPermissionFields_6(
long companyId, long groupId, String className, String classPK, Document doc)
throws Exception {
Group group = null;
if (groupId > 0) {
group = GroupLocalServiceUtil.getGroup(groupId);
}
List<Role> roles =
ListUtil.copy(ResourceActionsUtil.getRoles(companyId, group, className, null));
if (groupId > 0) {
List<Role> teamRoles = RoleLocalServiceUtil.getTeamRoles(groupId);
roles.addAll(teamRoles);
}
long[] roleIdsArray = new long[roles.size()];
for (int i = 0; i < roleIdsArray.length; i++) {
Role role = roles.get(i);
roleIdsArray[i] = role.getRoleId();
}
boolean[] hasResourcePermissions = null;
if (ResourceBlockLocalServiceUtil.isSupported(className)) {
ResourceBlockIdsBag resourceBlockIdsBag =
ResourceBlockLocalServiceUtil.getResourceBlockIdsBag(
companyId, groupId, className, roleIdsArray);
long actionId = ResourceBlockLocalServiceUtil.getActionId(className, ActionKeys.VIEW);
List<Long> resourceBlockIds = resourceBlockIdsBag.getResourceBlockIds(actionId);
hasResourcePermissions = new boolean[roleIdsArray.length];
for (long resourceBlockId : resourceBlockIds) {
for (int i = 0; i < roleIdsArray.length; i++) {
int count =
ResourceBlockPermissionLocalServiceUtil.getResourceBlockPermissionsCount(
resourceBlockId, roleIdsArray[i]);
hasResourcePermissions[i] = (count > 0);
}
}
} else {
hasResourcePermissions =
ResourcePermissionLocalServiceUtil.hasResourcePermissions(
companyId,
className,
ResourceConstants.SCOPE_INDIVIDUAL,
classPK,
roleIdsArray,
ActionKeys.VIEW);
}
List<Long> roleIds = new ArrayList<Long>();
List<String> groupRoleIds = new ArrayList<String>();
for (int i = 0; i < hasResourcePermissions.length; i++) {
if (!hasResourcePermissions[i]) {
continue;
}
Role role = roles.get(i);
if ((role.getType() == RoleConstants.TYPE_ORGANIZATION)
|| (role.getType() == RoleConstants.TYPE_SITE)) {
groupRoleIds.add(groupId + StringPool.DASH + role.getRoleId());
} else {
roleIds.add(role.getRoleId());
}
}
doc.addKeyword(Field.ROLE_ID, roleIds.toArray(new Long[roleIds.size()]));
doc.addKeyword(Field.GROUP_ROLE_ID, groupRoleIds.toArray(new String[groupRoleIds.size()]));
}