Created
October 10, 2012 20:54
-
-
Save bmvakili/3868350 to your computer and use it in GitHub Desktop.
Liferay scripts - check every page permission in default Group to see which roles have VIEW access
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Description: Liferay scripts - check every page permission in default Group to see which roles have VIEW access. It can also give the VIEW action permission to the Site Member role. | |
| // Usage: Modify settings under "##CHANGE THESE##" section. Paste this script in the Control Panel->Server Administration->Script console and click "Execute" | |
| // | |
| // ## CHANGE THESE ## | |
| var groupName = "Guest"; // this is the main group name | |
| var showPublic = false; // set to true if public pages should be listed too. default behavior is that only private pages are considered when looking for VIEW action permission for Site Member role | |
| var givePermission = false; // set to true to give VIEW action permission for Site Member role to all pages. Optionally apply this permission to a subset of pages by providing regular experssion to filter pages. See givePermissionRegex property below. | |
| var givePermissionRegex = ".*"; // provide regular expression to filter Page Names | |
| // ## No need to change below ## | |
| var companyId = Packages.com.liferay.portal.util.PortalUtil.getCompanyIds()[0]; | |
| var company = Packages.com.liferay.portal.service.CompanyLocalServiceUtil.getCompany(companyId); | |
| var isSecure = Packages.com.liferay.portal.util.PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS; | |
| var port = Packages.com.liferay.portal.util.PortalUtil.getPortalPort(); | |
| mainPath = Packages.com.liferay.portal.util.PortalUtil.getPortalURL(company.getVirtualHostname(), port, isSecure); | |
| var companyId = Packages.com.liferay.portal.util.PortalUtil.getCompanyIds()[0]; | |
| var largestLayoutId = 99999; | |
| var className = "com.liferay.portal.model.Layout"; | |
| var groupId = Packages.com.liferay.portal.service.GroupLocalServiceUtil.getGroup(companyId, groupName).getGroupId(); | |
| var count = 0; | |
| var newline = "<br/>"; | |
| var hasPermission = 0; | |
| var outtext = ""; | |
| var lacksPermission = 0; | |
| var rolesList = Packages.com.liferay.portal.service.RoleLocalServiceUtil.getRoles(companyId); | |
| // ## get all layouts containing custom portlets (that is, ones whose ID is not numeric) and print their URLs | |
| var layouts = Packages.com.liferay.portal.service.LayoutLocalServiceUtil.getLayouts(0, largestLayoutId); | |
| number = layouts.size(); | |
| var names = ""; | |
| var portletNum = 0; | |
| var dashes = 0; | |
| function getDashes(i) { | |
| ret = ""; | |
| for (x = 0; x < i; x++) { | |
| ret += "-"; | |
| } | |
| return ret; | |
| } | |
| for (i = 0; i < number; i++) { | |
| var layout = layouts.get(i); | |
| var viewPerms = ""; | |
| layoutName = ""; | |
| if (layout.isTypePortlet()) { | |
| layoutName = layout.getName(); | |
| var layoutTypePortlet = layout.getLayoutType(); | |
| var layoutTemplate = layoutTypePortlet.getLayoutTemplate(); | |
| var columns = layoutTemplate.getColumns(); | |
| defaultPortletCount = 0; | |
| totalPortletCount = 0; | |
| portletNum++; | |
| if (layout.getGroupId() == groupId) { | |
| var ind = 0; | |
| var permsSize = 0; | |
| var primaryKey = layout.getPlid() + ""; | |
| var resource = Packages.com.liferay.portal.service.ResourceLocalServiceUtil.getResource(companyId, className, Packages.com.liferay.portal.model.ResourceConstants.SCOPE_INDIVIDUAL, primaryKey); | |
| var permissionsList = Packages.com.liferay.portal.service.ResourcePermissionLocalServiceUtil.getResourcePermissions(companyId, className, Packages.com.liferay.portal.model.ResourceConstants.SCOPE_INDIVIDUAL, layout.getPlid()); | |
| for (ind = 0; ind < permissionsList.size(); ind++) { | |
| var resourcePermission = permissionsList.get(ind); | |
| var actionId = resourcePermission.getActionIds(); | |
| var roleId = resourcePermission.getRoleId(); | |
| var aRole = Packages.com.liferay.portal.service.RoleLocalServiceUtil.getRole(roleId); | |
| var text = " rid: " + roleId + " " + aRole.getName() + " has access? "; | |
| try { | |
| var resourceAction = Packages.com.liferay.portal.service.ResourceActionLocalServiceUtil.getResourceAction(actionId); | |
| var resourceActionId = resourceAction.getResourceActionId(); | |
| if (resourceActionId % 2 == 1) { | |
| if (viewPerms.length != 0) { | |
| viewPerms += ", "; | |
| } | |
| viewPerms += aRole.getName(); | |
| } else if (givePermission && layout.getName().matches(givePermissionRegex)) { | |
| resourceActionId = resourceActionId + 1; | |
| resourceAction.getResourceActionId(resourceActionId); | |
| Packages.com.liferay.portal.service.ResourceActionLocalServiceUtil.updateResourceAction(resourceAction, true); | |
| } | |
| /** | |
| if ( "Sit" + "e" + " Member".equalsIgnoreCase(aRole.getName())) { | |
| if (resourceActionId %2 ==1) { | |
| out.println(text + "Yes, also has " + resourceActionId); | |
| } else { | |
| out.print(text); | |
| if ( resourceAction > 0) { | |
| out.println(" does not have view permission but has: " + resourceAction); | |
| } else { | |
| out.println(" does not have any permissions"); | |
| } | |
| } | |
| } else { | |
| out.println(aRole.getName()); | |
| } | |
| **/ | |
| } catch (e) { | |
| out.println(e); | |
| if (givePermission && layout.getName().matches(givePermissionRegex)) { | |
| var viewResourceActionId = "1"; | |
| var siteMemberRole = Packages.com.liferay.portal.service.RoleLocalServiceUtil.getRole(companyId, "Site Member"); | |
| try { | |
| var nextCounter = Packages.com.liferay.counter.service.CounterLocalServiceUtil.increment() | |
| var resourcePermissionTemp = Packages.com.liferay.portal.service.ResourcePermissionLocalServiceUtil.createResourcePermission(nextCounter); | |
| resourcePermissionTemp.setPrimKey(layout.getPlid() + ""); | |
| resourcePermissionTemp.setRoleId(siteMemberRole.getRoleId()); | |
| resourcePermissionTemp.setActionIds(viewResourceActionId); | |
| resourcePermissionTemp.setName(className); | |
| resourcePermissionTemp.setCompanyId(companyId); | |
| resourcePermissionTemp.setScope(Packages.com.liferay.portal.model.ResourceConstants.SCOPE_INDIVIDUAL); | |
| Packages.com.liferay.portal.service.ResourcePermissionLocalServiceUtil.addResourcePermission(resourcePermissionTemp); | |
| //Packages.com.liferay.portal.service.ResourcePermissionLocalServiceUtil.addResourcePermission(companyId, className, Packages.com.liferay.portal.model.ResourceConstants.SCOPE_INDIVIDUAL, layout.getPlid()+"", siteMemberRole.getRoleId(), viewResourceActionId); | |
| } catch (ex) { | |
| out.println(ex); | |
| } | |
| } | |
| } | |
| } | |
| permsSize += permissionsList.size(); | |
| if ((showPublic && layout.isPublicLayout()) || (!showPublic && layout.isPrivateLayout())) { | |
| if (viewPerms.indexOf("Sit" + "e Member") != -1) { | |
| outtext += layoutName + " in " + layout.getGroupId() + " ( " + (!layout.isPublicLayout() ? "private" : "public") + " ), roles with VIEW action permission: " + viewPerms + " "; | |
| count++; | |
| hasPermission = hasPermission + 1; | |
| } else { | |
| outtext += "xxx " + layoutName + " in " + layout.getGroupId() + " ( " + (!layout.isPublicLayout() ? "private" : "public") + " ), roles with VIEW action permission: " + viewPerms + " "; | |
| lacksPermission = lacksPermission + 1; | |
| } | |
| var link = mainPath + Packages.com.liferay.portal.util.PortalUtil.getLayoutActualURL(layout); | |
| outtext += "<a href='" + link + "'>" + link + "</a>" + newline; | |
| } | |
| } | |
| } | |
| } | |
| var lines = outtext.split(newline); | |
| var linesList = Packages.java.util.Arrays.asList(lines) | |
| Packages.java.util.Collections.sort(linesList); | |
| lines = linesList.toArray(); | |
| outtext = ""; | |
| for (i = 0; i < lines.length; i++) { | |
| outtext += lines[i] + newline; | |
| } | |
| var totalCount = lines.length; | |
| out.println(hasPermission + " pages of " + totalCount + " <b>with</b> Site Member having VIEW permission in group '" + groupName + "'." + newline); | |
| out.println(lacksPermission + " pages of " + totalCount + " <b>without</b> Site Member having VIEW permission in group '" + groupName + "'." + newline); | |
| out.println("Below entries are pages in group '" + groupName + "'; entries starting with 'xxx' do not give the VIEW action permission to Site Members."); | |
| out.println(outtext); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment