Exemplo n.º 1
0
  protected ResourceBlock convertResourcePermissions(long companyId, String name, long primKey)
      throws PortalException, SystemException {

    PermissionedModel permissionedModel =
        ResourceBlockLocalServiceUtil.getPermissionedModel(name, primKey);

    long groupId = 0;

    if (permissionedModel instanceof GroupedModel) {
      GroupedModel groupedModel = (GroupedModel) permissionedModel;

      groupId = groupedModel.getGroupId();
    }

    ResourceBlockPermissionsContainer resourceBlockPermissionsContainer =
        getResourceBlockPermissionsContainer(companyId, groupId, name, primKey);

    String permissionsHash =
        ResourceBlockLocalServiceUtil.getPermissionsHash(resourceBlockPermissionsContainer);

    ResourceBlock resourceBlock =
        ResourceBlockLocalServiceUtil.updateResourceBlockId(
            companyId,
            groupId,
            name,
            permissionedModel,
            permissionsHash,
            resourceBlockPermissionsContainer);

    return resourceBlock;
  }
Exemplo n.º 2
0
  protected void convertResourcePermissions(String name, String tableName, String pkColumnName)
      throws Exception {

    Connection con = null;
    PreparedStatement ps = null;
    ResultSet rs = null;

    try {
      con = DataAccess.getConnection();

      ps = con.prepareStatement("select " + pkColumnName + ", companyId from " + tableName);

      rs = ps.executeQuery();

      while (rs.next()) {
        long primKey = rs.getLong(pkColumnName);
        long companyId = rs.getLong("companyId");

        ResourceBlock resourceBlock = convertResourcePermissions(companyId, name, primKey);

        if (_log.isInfoEnabled() && ((resourceBlock.getResourceBlockId() % 100) == 0)) {

          _log.info("Processed 100 resource blocks for " + name);
        }
      }
    } finally {
      DataAccess.cleanUp(con, ps, rs);
    }

    List<ResourcePermission> resourcePermissions =
        ResourcePermissionLocalServiceUtil.getScopeResourcePermissions(_SCOPES);

    for (ResourcePermission resourcePermission : resourcePermissions) {
      int scope = resourcePermission.getScope();

      if (!name.equals(resourcePermission.getName())) {
        continue;
      }

      if ((scope == ResourceConstants.SCOPE_COMPANY)
          || (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE)) {

        ResourceBlockLocalServiceUtil.setCompanyScopePermissions(
            resourcePermission.getCompanyId(),
            name,
            resourcePermission.getRoleId(),
            resourcePermission.getActionIds());
      } else if (scope == ResourceConstants.SCOPE_GROUP) {
        ResourceBlockLocalServiceUtil.setGroupScopePermissions(
            resourcePermission.getCompanyId(),
            GetterUtil.getLong(resourcePermission.getPrimaryKey()),
            name,
            resourcePermission.getRoleId(),
            resourcePermission.getActionIds());
      }
    }
  }
Exemplo n.º 3
0
  public void deletePermission(ActionRequest actionRequest, ActionResponse actionResponse)
      throws Exception {

    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);

    long roleId = ParamUtil.getLong(actionRequest, "roleId");
    String name = ParamUtil.getString(actionRequest, "name");
    int scope = ParamUtil.getInteger(actionRequest, "scope");
    String primKey = ParamUtil.getString(actionRequest, "primKey");
    String actionId = ParamUtil.getString(actionRequest, "actionId");

    Role role = RoleLocalServiceUtil.getRole(roleId);

    String roleName = role.getName();

    if (roleName.equals(RoleConstants.ADMINISTRATOR)
        || roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR)
        || roleName.equals(RoleConstants.ORGANIZATION_OWNER)
        || roleName.equals(RoleConstants.OWNER)
        || roleName.equals(RoleConstants.SITE_ADMINISTRATOR)
        || roleName.equals(RoleConstants.SITE_OWNER)) {

      throw new RolePermissionsException(roleName);
    }

    if (ResourceBlockLocalServiceUtil.isSupported(name)) {
      if (scope == ResourceConstants.SCOPE_GROUP) {
        ResourceBlockServiceUtil.removeGroupScopePermission(
            themeDisplay.getScopeGroupId(),
            themeDisplay.getCompanyId(),
            GetterUtil.getLong(primKey),
            name,
            roleId,
            actionId);
      } else {
        ResourceBlockServiceUtil.removeCompanyScopePermission(
            themeDisplay.getScopeGroupId(), themeDisplay.getCompanyId(), name, roleId, actionId);
      }
    } else {
      ResourcePermissionServiceUtil.removeResourcePermission(
          themeDisplay.getScopeGroupId(),
          themeDisplay.getCompanyId(),
          name,
          scope,
          primKey,
          roleId,
          actionId);
    }

    // Send redirect

    SessionMessages.add(actionRequest, "permissionDeleted");

    String redirect = PortalUtil.escapeRedirect(ParamUtil.getString(actionRequest, "redirect"));

    if (Validator.isNotNull(redirect)) {
      actionResponse.sendRedirect(redirect);
    }
  }
Exemplo n.º 4
0
  @AfterClass
  public static void tearDownClass() throws Exception {
    ResourcePermissionLocalServiceUtil.deleteResourcePermission(_resourcePermission);

    ResourceBlockLocalServiceUtil.deleteResourceBlock(_resourceBlock);

    ResourceBlockPermissionLocalServiceUtil.deleteResourceBlockPermission(_resourceBlockPermission);
  }
Exemplo n.º 5
0
  public ResourceBlockActionableDynamicQuery() {
    setBaseLocalService(ResourceBlockLocalServiceUtil.getService());

    setClassLoader(PortalClassLoaderUtil.getClassLoader());

    setModelClass(ResourceBlock.class);

    setPrimaryKeyPropertyName("resourceBlockId");
  }
Exemplo n.º 6
0
  protected void importResourceBlock(
      PortletDataContext portletDataContext, Role importedRole, Permission permission)
      throws PortalException, SystemException {

    int scope = permission.getScope();

    if (scope == ResourceConstants.SCOPE_COMPANY) {
      ResourceBlockLocalServiceUtil.addCompanyScopePermission(
          portletDataContext.getCompanyId(), permission.getName(),
          importedRole.getRoleId(), permission.getActionId());
    } else if (scope == ResourceConstants.SCOPE_GROUP) {
      long groupId = portletDataContext.getCompanyGroupId();

      long sourceGroupId = GetterUtil.getLong(permission.getPrimKey());

      if (sourceGroupId == portletDataContext.getSourceUserPersonalSiteGroupId()) {

        groupId = portletDataContext.getUserPersonalSiteGroupId();
      }

      ResourceBlockLocalServiceUtil.addGroupScopePermission(
          portletDataContext.getCompanyId(),
          groupId,
          permission.getName(),
          importedRole.getRoleId(),
          permission.getActionId());
    } else if (scope == ResourceConstants.SCOPE_GROUP_TEMPLATE) {
      ResourceBlockLocalServiceUtil.addGroupScopePermission(
          portletDataContext.getCompanyId(),
          GroupConstants.DEFAULT_PARENT_GROUP_ID,
          permission.getName(),
          importedRole.getRoleId(),
          permission.getActionId());
    } else {
      if (_log.isDebugEnabled()) {
        _log.debug("Individually scoped permissions are not exported");
      }
    }
  }
Exemplo n.º 7
0
  protected Map<Long, Set<String>> getActionIds(
      long companyId, long[] roleIds, String className, long primKey, List<String> actionIds)
      throws PortalException, SystemException {

    if (ResourceBlockLocalServiceUtil.isSupported(className)) {
      return ResourceBlockPermissionLocalServiceUtil.getAvailableResourceBlockPermissionActionIds(
          roleIds, className, primKey, actionIds);
    } else {
      return ResourcePermissionLocalServiceUtil.getAvailableResourcePermissionActionIds(
          companyId,
          className,
          ResourceConstants.SCOPE_INDIVIDUAL,
          String.valueOf(primKey),
          roleIds,
          actionIds);
    }
  }
Exemplo n.º 8
0
  @Test
  public void testActionableDynamicQuery() throws Exception {
    final IntegerWrapper count = new IntegerWrapper();

    ActionableDynamicQuery actionableDynamicQuery =
        ResourceBlockLocalServiceUtil.getActionableDynamicQuery();

    actionableDynamicQuery.setPerformActionMethod(
        new ActionableDynamicQuery.PerformActionMethod() {
          @Override
          public void performAction(Object object) {
            ResourceBlock resourceBlock = (ResourceBlock) object;

            Assert.assertNotNull(resourceBlock);

            count.increment();
          }
        });

    actionableDynamicQuery.performActions();

    Assert.assertEquals(count.getValue(), _persistence.countAll());
  }
Exemplo n.º 9
0
  public void importPermissions(String resourceName, long resourcePK, long newResourcePK)
      throws PortalException, SystemException {

    if (!MapUtil.getBoolean(_parameterMap, PortletDataHandlerKeys.PERMISSIONS)) {

      return;
    }

    List<KeyValuePair> permissions =
        _permissionsMap.get(getPrimaryKeyString(resourceName, resourcePK));

    if (permissions == null) {
      return;
    }

    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();

    for (KeyValuePair permission : permissions) {
      String roleName = permission.getKey();

      Role role = null;

      Team team = null;

      if (roleName.startsWith(PermissionExporter.ROLE_TEAM_PREFIX)) {
        roleName = roleName.substring(PermissionExporter.ROLE_TEAM_PREFIX.length());

        try {
          team = TeamLocalServiceUtil.getTeam(_groupId, roleName);
        } catch (NoSuchTeamException nste) {
          if (_log.isWarnEnabled()) {
            _log.warn("Team " + roleName + " does not exist");
          }

          continue;
        }
      }

      try {
        if (team != null) {
          role = RoleLocalServiceUtil.getTeamRole(_companyId, team.getTeamId());
        } else {
          role = RoleLocalServiceUtil.getRole(_companyId, roleName);
        }
      } catch (NoSuchRoleException nsre) {
        if (_log.isWarnEnabled()) {
          _log.warn("Role " + roleName + " does not exist");
        }

        continue;
      }

      String[] actionIds = StringUtil.split(permission.getValue());

      roleIdsToActionIds.put(role.getRoleId(), actionIds);
    }

    if (roleIdsToActionIds.isEmpty()) {
      return;
    }

    if (ResourceBlockLocalServiceUtil.isSupported(resourceName)) {
      ResourceBlockLocalServiceUtil.setIndividualScopePermissions(
          _companyId, _groupId, resourceName, newResourcePK, roleIdsToActionIds);
    } else {
      ResourcePermissionLocalServiceUtil.setResourcePermissions(
          _companyId,
          resourceName,
          ResourceConstants.SCOPE_INDIVIDUAL,
          String.valueOf(newResourcePK),
          roleIdsToActionIds);
    }
  }
Exemplo n.º 10
0
  public void updateActions(ActionRequest actionRequest, ActionResponse actionResponse)
      throws Exception {

    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);

    long roleId = ParamUtil.getLong(actionRequest, "roleId");

    Role role = RoleLocalServiceUtil.getRole(roleId);

    String roleName = role.getName();

    if (roleName.equals(RoleConstants.ADMINISTRATOR)
        || roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR)
        || roleName.equals(RoleConstants.ORGANIZATION_OWNER)
        || roleName.equals(RoleConstants.OWNER)
        || roleName.equals(RoleConstants.SITE_ADMINISTRATOR)
        || roleName.equals(RoleConstants.SITE_OWNER)) {

      throw new RolePermissionsException(roleName);
    }

    String portletResource = ParamUtil.getString(actionRequest, "portletResource");
    String[] relatedPortletResources =
        StringUtil.split(ParamUtil.getString(actionRequest, "relatedPortletResources"));
    String[] modelResources =
        StringUtil.split(ParamUtil.getString(actionRequest, "modelResources"));

    Map<String, List<String>> resourceActionsMap = new HashMap<>();

    if (Validator.isNotNull(portletResource)) {
      resourceActionsMap.put(
          portletResource, ResourceActionsUtil.getResourceActions(portletResource, null));
    }

    for (String relatedPortletResource : relatedPortletResources) {
      resourceActionsMap.put(
          relatedPortletResource,
          ResourceActionsUtil.getResourceActions(relatedPortletResource, null));
    }

    for (String modelResource : modelResources) {
      resourceActionsMap.put(
          modelResource, ResourceActionsUtil.getResourceActions(null, modelResource));
    }

    int rootResourceScope = ResourceConstants.SCOPE_COMPANY;
    String[] rootResourceGroupIds = null;

    String[] selectedTargets =
        StringUtil.split(ParamUtil.getString(actionRequest, "selectedTargets"));
    String[] unselectedTargets =
        StringUtil.split(ParamUtil.getString(actionRequest, "unselectedTargets"));

    for (Map.Entry<String, List<String>> entry : resourceActionsMap.entrySet()) {

      String selResource = entry.getKey();
      List<String> actions = entry.getValue();

      actions = ListUtil.sort(actions, new ActionComparator(themeDisplay.getLocale()));

      for (String actionId : actions) {
        String target = selResource + actionId;

        boolean selected = ArrayUtil.contains(selectedTargets, target);

        if (!selected && !ArrayUtil.contains(unselectedTargets, target)) {

          continue;
        }

        String[] groupIds =
            StringUtil.split(ParamUtil.getString(actionRequest, "groupIds" + target));

        groupIds = ArrayUtil.distinct(groupIds);

        int scope = ResourceConstants.SCOPE_COMPANY;

        if ((role.getType() == RoleConstants.TYPE_ORGANIZATION)
            || (role.getType() == RoleConstants.TYPE_PROVIDER)
            || (role.getType() == RoleConstants.TYPE_SITE)) {

          scope = ResourceConstants.SCOPE_GROUP_TEMPLATE;
        } else {
          if (groupIds.length > 0) {
            scope = ResourceConstants.SCOPE_GROUP;
          }
        }

        if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
          updateActions_Blocks(
              role,
              themeDisplay.getScopeGroupId(),
              selResource,
              actionId,
              selected,
              scope,
              groupIds);
        } else {
          updateAction(
              role,
              themeDisplay.getScopeGroupId(),
              selResource,
              actionId,
              selected,
              scope,
              groupIds);
        }

        if (selected && actionId.equals(ActionKeys.ACCESS_IN_CONTROL_PANEL)) {

          updateViewControlPanelPermission(
              role, themeDisplay.getScopeGroupId(), selResource, scope, groupIds);

          rootResourceScope = scope;
          rootResourceGroupIds = groupIds;
        }
      }
    }

    // LPS-38031

    if (rootResourceGroupIds != null) {
      updateViewRootResourcePermission(
          role,
          themeDisplay.getScopeGroupId(),
          portletResource,
          rootResourceScope,
          rootResourceGroupIds);
    }

    // Send redirect

    SessionMessages.add(actionRequest, "permissionsUpdated");

    String redirect = PortalUtil.escapeRedirect(ParamUtil.getString(actionRequest, "redirect"));

    if (Validator.isNotNull(redirect)) {
      actionResponse.sendRedirect(redirect);
    }
  }
Exemplo n.º 11
0
  @Override
  protected void doImportStagedModel(PortletDataContext portletDataContext, Role role)
      throws Exception {

    long userId = portletDataContext.getUserId(role.getUserUuid());

    ServiceContext serviceContext = portletDataContext.createServiceContext(role);

    Role existingRole =
        RoleLocalServiceUtil.fetchRoleByUuidAndCompanyId(
            role.getUuid(), portletDataContext.getCompanyId());

    if (existingRole == null) {
      existingRole =
          RoleLocalServiceUtil.fetchRole(portletDataContext.getCompanyId(), role.getName());
    }

    Role importedRole = null;

    if (existingRole == null) {
      serviceContext.setUuid(role.getUuid());

      importedRole =
          RoleLocalServiceUtil.addRole(
              userId,
              null,
              0,
              role.getName(),
              role.getTitleMap(),
              role.getDescriptionMap(),
              role.getType(),
              role.getSubtype(),
              serviceContext);
    } else {
      importedRole =
          RoleLocalServiceUtil.updateRole(
              existingRole.getRoleId(),
              role.getName(),
              role.getTitleMap(),
              role.getDescriptionMap(),
              role.getSubtype(),
              serviceContext);

      deleteRolePermissions(portletDataContext, importedRole);
    }

    String permissionsPath = ExportImportPathUtil.getModelPath(role, "permissions.xml");

    List<Permission> permissions =
        (List<Permission>) portletDataContext.getZipEntryAsObject(permissionsPath);

    for (Permission permission : permissions) {
      if (ResourceBlockLocalServiceUtil.isSupported(permission.getName())) {

        importResourceBlock(portletDataContext, importedRole, permission);
      } else {
        importResourcePermissions(portletDataContext, importedRole, permission);
      }
    }

    portletDataContext.importClassedModel(role, importedRole);
  }
Exemplo n.º 12
0
  protected void updateRolePermissions(ActionRequest actionRequest) throws Exception {

    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);

    String portletResource = ParamUtil.getString(actionRequest, "portletResource");
    String modelResource = ParamUtil.getString(actionRequest, "modelResource");
    long[] roleIds =
        StringUtil.split(ParamUtil.getString(actionRequest, "rolesSearchContainerPrimaryKeys"), 0L);

    String selResource = PortletConstants.getRootPortletId(portletResource);

    if (Validator.isNotNull(modelResource)) {
      selResource = modelResource;
    }

    long resourceGroupId =
        ParamUtil.getLong(actionRequest, "resourceGroupId", themeDisplay.getScopeGroupId());
    String resourcePrimKey = ParamUtil.getString(actionRequest, "resourcePrimKey");

    Map<Long, String[]> roleIdsToActionIds = new HashMap<Long, String[]>();

    if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {
      for (long roleId : roleIds) {
        List<String> actionIds = getActionIdsList(actionRequest, roleId, true);

        roleIdsToActionIds.put(roleId, actionIds.toArray(new String[actionIds.size()]));
      }

      ResourceBlockServiceUtil.setIndividualScopePermissions(
          themeDisplay.getCompanyId(),
          resourceGroupId,
          selResource,
          GetterUtil.getLong(resourcePrimKey),
          roleIdsToActionIds);
    } else {
      for (long roleId : roleIds) {
        String[] actionIds = getActionIds(actionRequest, roleId, false);

        roleIdsToActionIds.put(roleId, actionIds);
      }

      ResourcePermissionServiceUtil.setIndividualResourcePermissions(
          resourceGroupId,
          themeDisplay.getCompanyId(),
          selResource,
          resourcePrimKey,
          roleIdsToActionIds);
    }

    int pos = resourcePrimKey.indexOf(PortletConstants.LAYOUT_SEPARATOR);

    if (pos != -1) {
      long plid = GetterUtil.getLong(resourcePrimKey.substring(0, pos));

      Layout layout = LayoutLocalServiceUtil.fetchLayout(plid);

      if (layout != null) {
        layout.setModifiedDate(new Date());

        LayoutLocalServiceUtil.updateLayout(layout);

        CacheUtil.clearCache(layout.getCompanyId());
      }
    }

    if (PropsValues.PERMISSIONS_PROPAGATION_ENABLED) {
      Portlet portlet =
          PortletLocalServiceUtil.getPortletById(themeDisplay.getCompanyId(), portletResource);

      PermissionPropagator permissionPropagator = portlet.getPermissionPropagatorInstance();

      if (permissionPropagator != null) {
        permissionPropagator.propagateRolePermissions(
            actionRequest, modelResource, resourcePrimKey, roleIds);
      }
    }
  }
Exemplo n.º 13
0
  protected void updateActions(ActionRequest actionRequest, ActionResponse actionResponse)
      throws Exception {

    ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute(WebKeys.THEME_DISPLAY);

    long roleId = ParamUtil.getLong(actionRequest, "roleId");

    Role role = RoleLocalServiceUtil.getRole(roleId);

    String roleName = role.getName();

    if (roleName.equals(RoleConstants.ADMINISTRATOR)
        || roleName.equals(RoleConstants.ORGANIZATION_ADMINISTRATOR)
        || roleName.equals(RoleConstants.ORGANIZATION_OWNER)
        || roleName.equals(RoleConstants.OWNER)
        || roleName.equals(RoleConstants.SITE_ADMINISTRATOR)
        || roleName.equals(RoleConstants.SITE_OWNER)) {

      throw new RolePermissionsException(roleName);
    }

    String portletResource = ParamUtil.getString(actionRequest, "portletResource");
    String[] modelResources =
        StringUtil.split(ParamUtil.getString(actionRequest, "modelResources"));
    boolean showModelResources = ParamUtil.getBoolean(actionRequest, "showModelResources");

    Map<String, List<String>> resourceActionsMap = new HashMap<String, List<String>>();

    if (showModelResources) {
      for (String modelResource : modelResources) {
        resourceActionsMap.put(
            modelResource, ResourceActionsUtil.getResourceActions(null, modelResource));
      }
    } else if (Validator.isNotNull(portletResource)) {
      resourceActionsMap.put(
          portletResource, ResourceActionsUtil.getResourceActions(portletResource, null));
    }

    String[] selectedTargets =
        StringUtil.split(ParamUtil.getString(actionRequest, "selectedTargets"));

    for (Map.Entry<String, List<String>> entry : resourceActionsMap.entrySet()) {

      String selResource = entry.getKey();
      List<String> actions = entry.getValue();

      actions = ListUtil.sort(actions, new ActionComparator(themeDisplay.getLocale()));

      for (String actionId : actions) {
        String target = selResource + actionId;

        boolean selected = ArrayUtil.contains(selectedTargets, target);

        String[] groupIds =
            StringUtil.split(ParamUtil.getString(actionRequest, "groupIds" + target));

        groupIds = ArrayUtil.distinct(groupIds);

        int scope = ResourceConstants.SCOPE_COMPANY;

        if ((role.getType() == RoleConstants.TYPE_ORGANIZATION)
            || (role.getType() == RoleConstants.TYPE_PROVIDER)
            || (role.getType() == RoleConstants.TYPE_SITE)) {

          scope = ResourceConstants.SCOPE_GROUP_TEMPLATE;
        } else {
          if (groupIds.length > 0) {
            scope = ResourceConstants.SCOPE_GROUP;
          }
        }

        if (PropsValues.PERMISSIONS_USER_CHECK_ALGORITHM == 6) {
          if (ResourceBlockLocalServiceUtil.isSupported(selResource)) {

            updateActions_6Blocks(
                role,
                themeDisplay.getScopeGroupId(),
                selResource,
                actionId,
                selected,
                scope,
                groupIds);
          } else {
            updateAction_6(
                role,
                themeDisplay.getScopeGroupId(),
                selResource,
                actionId,
                selected,
                scope,
                groupIds);
          }
        } else {
          updateAction_1to5(
              role,
              themeDisplay.getScopeGroupId(),
              selResource,
              actionId,
              selected,
              scope,
              groupIds);
        }
      }
    }

    // Send redirect

    SessionMessages.add(actionRequest, "permissionsUpdated");

    String redirect = PortalUtil.escapeRedirect(ParamUtil.getString(actionRequest, "redirect"));

    if (Validator.isNotNull(redirect)) {
      redirect = redirect + "&" + Constants.CMD + "=" + Constants.VIEW;

      actionResponse.sendRedirect(redirect);
    }
  }
Exemplo n.º 14
0
  protected void doAddPermissionFields_6(
      long companyId, long groupId, String className, String classPK, Document doc)
      throws Exception {

    Group group = null;

    if (groupId > 0) {
      group = GroupLocalServiceUtil.getGroup(groupId);
    }

    List<Role> roles =
        ListUtil.copy(ResourceActionsUtil.getRoles(companyId, group, className, null));

    if (groupId > 0) {
      List<Role> teamRoles = RoleLocalServiceUtil.getTeamRoles(groupId);

      roles.addAll(teamRoles);
    }

    long[] roleIdsArray = new long[roles.size()];

    for (int i = 0; i < roleIdsArray.length; i++) {
      Role role = roles.get(i);

      roleIdsArray[i] = role.getRoleId();
    }

    boolean[] hasResourcePermissions = null;

    if (ResourceBlockLocalServiceUtil.isSupported(className)) {
      ResourceBlockIdsBag resourceBlockIdsBag =
          ResourceBlockLocalServiceUtil.getResourceBlockIdsBag(
              companyId, groupId, className, roleIdsArray);

      long actionId = ResourceBlockLocalServiceUtil.getActionId(className, ActionKeys.VIEW);

      List<Long> resourceBlockIds = resourceBlockIdsBag.getResourceBlockIds(actionId);

      hasResourcePermissions = new boolean[roleIdsArray.length];

      for (long resourceBlockId : resourceBlockIds) {
        for (int i = 0; i < roleIdsArray.length; i++) {
          int count =
              ResourceBlockPermissionLocalServiceUtil.getResourceBlockPermissionsCount(
                  resourceBlockId, roleIdsArray[i]);

          hasResourcePermissions[i] = (count > 0);
        }
      }
    } else {
      hasResourcePermissions =
          ResourcePermissionLocalServiceUtil.hasResourcePermissions(
              companyId,
              className,
              ResourceConstants.SCOPE_INDIVIDUAL,
              classPK,
              roleIdsArray,
              ActionKeys.VIEW);
    }

    List<Long> roleIds = new ArrayList<Long>();
    List<String> groupRoleIds = new ArrayList<String>();

    for (int i = 0; i < hasResourcePermissions.length; i++) {
      if (!hasResourcePermissions[i]) {
        continue;
      }

      Role role = roles.get(i);

      if ((role.getType() == RoleConstants.TYPE_ORGANIZATION)
          || (role.getType() == RoleConstants.TYPE_SITE)) {

        groupRoleIds.add(groupId + StringPool.DASH + role.getRoleId());
      } else {
        roleIds.add(role.getRoleId());
      }
    }

    doc.addKeyword(Field.ROLE_ID, roleIds.toArray(new Long[roleIds.size()]));
    doc.addKeyword(Field.GROUP_ROLE_ID, groupRoleIds.toArray(new String[groupRoleIds.size()]));
  }