Planned maintenance is scheduled for the week of June 15th - the exact date and time will be announced soon.
See More Details
Ask Questions and Find Answers
Important:
Ask is now read-only. You can review any existing questions and answers, but not add anything new.
But - don't panic! While ask is no more, we've replaced it with discuss - the new Liferay Discussion Forum! Read more here here or just visit the site here:
discuss.liferay.com
Script to update document permissions needed [URGENT]
First, let me emphasize that I'm not a programmer/developer.
I have seven top level file folders in a Documents and Media portlet. (LR CE 6.2 GA3)
Thousands of files were uploaded with permissions set to owner only.
I need a script to assign full permissions to a particular role for all files and subfolders under a top level folder.
i.e. I created a Role and a User Group called Design; one of the top level folders is Design; members of the Design group have full access, BUT all the files and subfolders under Design have full permissions only for Owner...
I found the following which could be the basis of such a script on Sourceforge - can anyone suggest what changes I'd need to make?:
<code>
Groovy script to update document permission
I need a quick way to update 20+ permissions among 100+ permissions for each document uploaded. So this script does the job.
import java.util.ArrayList
import java.util.Iterator
import java.util.List
import java.util.ListIterator
import com.liferay.portlet.documentlibrary.model.DLFileEntry
import com.liferay.portlet.documentlibrary.model.DLFileEntryModel
import com.liferay.portlet.documentlibrary.model.DLFileEntryType
import com.liferay.portal.service.ResourcePermissionLocalServiceUtil
import com.liferay.portal.service.RoleLocalServiceUtil
import com.liferay.portal.model.ResourceConstants
import com.liferay.portal.model.ResourcePermission
import com.liferay.portal.model.Role
import com.liferay.portal.model.RoleConstants
import com.liferay.portal.security.permission.ActionKeys
// Replace companyId and fileEntryId
long companyId = 10253
String fileEntryId = 432617
// Get Guest and Site Member roles
Role guestRole = RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST)
Role siteMemberRole = RoleLocalServiceUtil.getRole(companyId, RoleConstants.SITE_MEMBER)
// Get user created roles
List roles = new ArrayList()
Role bsmRole = RoleLocalServiceUtil.getRole(companyId, "Branch Sales Manager")
Role boaRole = RoleLocalServiceUtil.getRole(companyId, "Branch Office Admin")
Role usmRole = RoleLocalServiceUtil.getRole(companyId, "Unit Sales Manager")
Role uftRole = RoleLocalServiceUtil.getRole(companyId, "Unit Field Trainer")
Role agtRole = RoleLocalServiceUtil.getRole(companyId, "Agent")
Role auRole = RoleLocalServiceUtil.getRole(companyId, "Applied User")
Role rdRole = RoleLocalServiceUtil.getRole(companyId, "Regional Director")
Role usRole = RoleLocalServiceUtil.getRole(companyId, "Unit Supervisor")
Role fvpnrRole = RoleLocalServiceUtil.getRole(companyId, "Field Vice President National Recruiting")
Role hoaRole = RoleLocalServiceUtil.getRole(companyId, "Home Office Admin")
Role houRole = RoleLocalServiceUtil.getRole(companyId, "Home Office User")
Role loaRole = RoleLocalServiceUtil.getRole(companyId, "Leave of Absence User")
Role mtRole = RoleLocalServiceUtil.getRole(companyId, "Manager Trainee")
Role roaRole = RoleLocalServiceUtil.getRole(companyId, "Regional Office Admin")
Role soaRole = RoleLocalServiceUtil.getRole(companyId, "Satellite Office Admin")
Role svpRole = RoleLocalServiceUtil.getRole(companyId, "Senior Vice President")
Role toaRole = RoleLocalServiceUtil.getRole(companyId, "Territory Office Admin")
Role tvpRole = RoleLocalServiceUtil.getRole(companyId, "Territory Vice President")
Role tdmbRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Branch)")
Role tdmhRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Home Office)")
Role tdmtRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Territory)")
roles.add(bsmRole)
roles.add(boaRole)
roles.add(usmRole)
roles.add(uftRole)
roles.add(agtRole)
roles.add(auRole)
roles.add(rdRole)
roles.add(usRole)
roles.add(fvpnrRole)
roles.add(hoaRole)
roles.add(houRole)
roles.add(loaRole)
roles.add(mtRole)
roles.add(roaRole)
roles.add(soaRole)
roles.add(svpRole)
roles.add(toaRole)
roles.add(tvpRole)
roles.add(tdmbRole)
roles.add(tdmhRole)
roles.add(tdmtRole)
Iterator roleIterator = null
Role role = null
String resourceName = DLFileEntry.class.getName()
ResourcePermission permission = null
/*
* Remove all permissions from guest and site member if they have view permission
*/
try {
if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, guestRole.getRoleId(), ActionKeys.VIEW)) {
permission = ResourcePermissionLocalServiceUtil.getResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, guestRole.getRoleId());
permission.setActionIds(0);
ResourcePermissionLocalServiceUtil.updateResourcePermission(permission, true);
}
if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, siteMemberRole.getRoleId(), ActionKeys.VIEW)) {
permission = ResourcePermissionLocalServiceUtil.getResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, siteMemberRole.getRoleId());
permission.setActionIds(0);
ResourcePermissionLocalServiceUtil.updateResourcePermission(permission, true);
}
/*
* Add view permission to each user created role
*/
roleIterator = roles.iterator();
def keys = new String[1]
keys[0] = ActionKeys.VIEW
while (roleIterator.hasNext()) {
role = roleIterator.next()
if (!ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, role.getRoleId(), ActionKeys.VIEW)) {
ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, DLFileEntry.class.getName(), 4, fileEntryId, role.getRoleId(), keys)
}
}
out.println("***** Success *****");
}
catch (e) {
out.println("***** Error = " + e.getMessage());
}
</code>
I have seven top level file folders in a Documents and Media portlet. (LR CE 6.2 GA3)
Thousands of files were uploaded with permissions set to owner only.
I need a script to assign full permissions to a particular role for all files and subfolders under a top level folder.
i.e. I created a Role and a User Group called Design; one of the top level folders is Design; members of the Design group have full access, BUT all the files and subfolders under Design have full permissions only for Owner...
I found the following which could be the basis of such a script on Sourceforge - can anyone suggest what changes I'd need to make?:
<code>
Groovy script to update document permission
I need a quick way to update 20+ permissions among 100+ permissions for each document uploaded. So this script does the job.
import java.util.ArrayList
import java.util.Iterator
import java.util.List
import java.util.ListIterator
import com.liferay.portlet.documentlibrary.model.DLFileEntry
import com.liferay.portlet.documentlibrary.model.DLFileEntryModel
import com.liferay.portlet.documentlibrary.model.DLFileEntryType
import com.liferay.portal.service.ResourcePermissionLocalServiceUtil
import com.liferay.portal.service.RoleLocalServiceUtil
import com.liferay.portal.model.ResourceConstants
import com.liferay.portal.model.ResourcePermission
import com.liferay.portal.model.Role
import com.liferay.portal.model.RoleConstants
import com.liferay.portal.security.permission.ActionKeys
// Replace companyId and fileEntryId
long companyId = 10253
String fileEntryId = 432617
// Get Guest and Site Member roles
Role guestRole = RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST)
Role siteMemberRole = RoleLocalServiceUtil.getRole(companyId, RoleConstants.SITE_MEMBER)
// Get user created roles
List roles = new ArrayList()
Role bsmRole = RoleLocalServiceUtil.getRole(companyId, "Branch Sales Manager")
Role boaRole = RoleLocalServiceUtil.getRole(companyId, "Branch Office Admin")
Role usmRole = RoleLocalServiceUtil.getRole(companyId, "Unit Sales Manager")
Role uftRole = RoleLocalServiceUtil.getRole(companyId, "Unit Field Trainer")
Role agtRole = RoleLocalServiceUtil.getRole(companyId, "Agent")
Role auRole = RoleLocalServiceUtil.getRole(companyId, "Applied User")
Role rdRole = RoleLocalServiceUtil.getRole(companyId, "Regional Director")
Role usRole = RoleLocalServiceUtil.getRole(companyId, "Unit Supervisor")
Role fvpnrRole = RoleLocalServiceUtil.getRole(companyId, "Field Vice President National Recruiting")
Role hoaRole = RoleLocalServiceUtil.getRole(companyId, "Home Office Admin")
Role houRole = RoleLocalServiceUtil.getRole(companyId, "Home Office User")
Role loaRole = RoleLocalServiceUtil.getRole(companyId, "Leave of Absence User")
Role mtRole = RoleLocalServiceUtil.getRole(companyId, "Manager Trainee")
Role roaRole = RoleLocalServiceUtil.getRole(companyId, "Regional Office Admin")
Role soaRole = RoleLocalServiceUtil.getRole(companyId, "Satellite Office Admin")
Role svpRole = RoleLocalServiceUtil.getRole(companyId, "Senior Vice President")
Role toaRole = RoleLocalServiceUtil.getRole(companyId, "Territory Office Admin")
Role tvpRole = RoleLocalServiceUtil.getRole(companyId, "Territory Vice President")
Role tdmbRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Branch)")
Role tdmhRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Home Office)")
Role tdmtRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Territory)")
roles.add(bsmRole)
roles.add(boaRole)
roles.add(usmRole)
roles.add(uftRole)
roles.add(agtRole)
roles.add(auRole)
roles.add(rdRole)
roles.add(usRole)
roles.add(fvpnrRole)
roles.add(hoaRole)
roles.add(houRole)
roles.add(loaRole)
roles.add(mtRole)
roles.add(roaRole)
roles.add(soaRole)
roles.add(svpRole)
roles.add(toaRole)
roles.add(tvpRole)
roles.add(tdmbRole)
roles.add(tdmhRole)
roles.add(tdmtRole)
Iterator roleIterator = null
Role role = null
String resourceName = DLFileEntry.class.getName()
ResourcePermission permission = null
/*
* Remove all permissions from guest and site member if they have view permission
*/
try {
if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, guestRole.getRoleId(), ActionKeys.VIEW)) {
permission = ResourcePermissionLocalServiceUtil.getResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, guestRole.getRoleId());
permission.setActionIds(0);
ResourcePermissionLocalServiceUtil.updateResourcePermission(permission, true);
}
if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, siteMemberRole.getRoleId(), ActionKeys.VIEW)) {
permission = ResourcePermissionLocalServiceUtil.getResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, siteMemberRole.getRoleId());
permission.setActionIds(0);
ResourcePermissionLocalServiceUtil.updateResourcePermission(permission, true);
}
/*
* Add view permission to each user created role
*/
roleIterator = roles.iterator();
def keys = new String[1]
keys[0] = ActionKeys.VIEW
while (roleIterator.hasNext()) {
role = roleIterator.next()
if (!ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, role.getRoleId(), ActionKeys.VIEW)) {
ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, DLFileEntry.class.getName(), 4, fileEntryId, role.getRoleId(), keys)
}
}
out.println("***** Success *****");
}
catch (e) {
out.println("***** Error = " + e.getMessage());
}
</code>
Hello Mike,
I have Liferay 7.
I have a folder whose permission is set as Owner.That folder consists of multiple documents which are accessible to other users via search functionality in classic theme.As the result, I need to manually revoke permission of each document to prevent its unauthorized access.
Thus, please suggest a Groovy script to revoke permission of multiple documents at once to resolve the issue.
Thanks
Taruchit Goyal
I have Liferay 7.
I have a folder whose permission is set as Owner.That folder consists of multiple documents which are accessible to other users via search functionality in classic theme.As the result, I need to manually revoke permission of each document to prevent its unauthorized access.
Thus, please suggest a Groovy script to revoke permission of multiple documents at once to resolve the issue.
Thanks
Taruchit Goyal
The issue got resolved by adding following property to portal-ext.properties
permissions.view.dynamic.inheritance=true And then restarted the server.
permissions.view.dynamic.inheritance=true And then restarted the server.
Community
Company
Feedback