Script to update document permissions needed [URGENT]Script to update document permissions needed [URGENT]https://liferay.dev/c/message_boards/find_thread?p_l_id=119785294&threadId=523350812026-06-22T09:31:16Z2026-06-22T09:31:16ZRE: Script to update document permissions needed [URGENT]Taruchit Goyalhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1141340042019-06-26T16:49:05Z2019-06-26T16:49:05ZThe issue got resolved by adding following property to portal-ext.properties<br />permissions.view.dynamic.inheritance=true And then restarted the server.Taruchit Goyal2019-06-26T16:49:05ZRE: Script to update document permissions needed [URGENT]Taruchit Goyalhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=1140736612019-06-20T11:42:29Z2019-06-20T11:42:29ZHello Mike,<br />I have Liferay 7.<br />I have a folder whose permission is set as Owner.That folder consists of multiple documents which are accessible to other users via search functionality in classic theme.As the result, I need to manually revoke permission of each document to prevent its unauthorized access.<br />Thus, please suggest a Groovy script to revoke permission of multiple documents at once to resolve the issue.<br /><br />Thanks <br />Taruchit GoyalTaruchit Goyal2019-06-20T11:42:29ZScript to update document permissions needed [URGENT]Mike Cunninghamhttps://liferay.dev/c/message_boards/find_message?p_l_id=119785294&messageId=523350802015-04-14T12:46:53Z2015-04-14T12:46:53ZFirst, let me emphasize that I'm not a programmer/developer.<br /><br />I have seven top level file folders in a Documents and Media portlet. (LR CE 6.2 GA3)<br />Thousands of files were uploaded with permissions set to owner only.<br />I need a script to assign full permissions to a particular role for all files and subfolders under a top level folder.<br />i.e. I created a Role and a User Group called Design; one of the top level folders is Design; members of the Design group have full access, BUT all the files and subfolders under Design have full permissions only for Owner...<br /><br />I found the following which could be the basis of such a script on Sourceforge - can anyone suggest what changes I'd need to make?: <br /><br /><code><br />Groovy script to update document permission <br /><br />I need a quick way to update 20+ permissions among 100+ permissions for each document uploaded. So this script does the job.<br /><br />import java.util.ArrayList<br />import java.util.Iterator<br />import java.util.List<br />import java.util.ListIterator<br /><br />import com.liferay.portlet.documentlibrary.model.DLFileEntry<br />import com.liferay.portlet.documentlibrary.model.DLFileEntryModel<br />import com.liferay.portlet.documentlibrary.model.DLFileEntryType<br />import com.liferay.portal.service.ResourcePermissionLocalServiceUtil<br />import com.liferay.portal.service.RoleLocalServiceUtil<br />import com.liferay.portal.model.ResourceConstants<br />import com.liferay.portal.model.ResourcePermission<br />import com.liferay.portal.model.Role<br />import com.liferay.portal.model.RoleConstants<br />import com.liferay.portal.security.permission.ActionKeys<br /><br />// Replace companyId and fileEntryId<br />long companyId = 10253<br />String fileEntryId = 432617<br /><br />// Get Guest and Site Member roles<br />Role guestRole = RoleLocalServiceUtil.getRole(companyId, RoleConstants.GUEST)<br />Role siteMemberRole = RoleLocalServiceUtil.getRole(companyId, RoleConstants.SITE_MEMBER)<br /><br />// Get user created roles<br />List roles = new ArrayList()<br /><br />Role bsmRole = RoleLocalServiceUtil.getRole(companyId, "Branch Sales Manager")<br />Role boaRole = RoleLocalServiceUtil.getRole(companyId, "Branch Office Admin")<br />Role usmRole = RoleLocalServiceUtil.getRole(companyId, "Unit Sales Manager")<br />Role uftRole = RoleLocalServiceUtil.getRole(companyId, "Unit Field Trainer")<br />Role agtRole = RoleLocalServiceUtil.getRole(companyId, "Agent")<br />Role auRole = RoleLocalServiceUtil.getRole(companyId, "Applied User")<br />Role rdRole = RoleLocalServiceUtil.getRole(companyId, "Regional Director")<br />Role usRole = RoleLocalServiceUtil.getRole(companyId, "Unit Supervisor")<br />Role fvpnrRole = RoleLocalServiceUtil.getRole(companyId, "Field Vice President National Recruiting")<br />Role hoaRole = RoleLocalServiceUtil.getRole(companyId, "Home Office Admin")<br />Role houRole = RoleLocalServiceUtil.getRole(companyId, "Home Office User")<br />Role loaRole = RoleLocalServiceUtil.getRole(companyId, "Leave of Absence User")<br />Role mtRole = RoleLocalServiceUtil.getRole(companyId, "Manager Trainee")<br />Role roaRole = RoleLocalServiceUtil.getRole(companyId, "Regional Office Admin")<br />Role soaRole = RoleLocalServiceUtil.getRole(companyId, "Satellite Office Admin")<br />Role svpRole = RoleLocalServiceUtil.getRole(companyId, "Senior Vice President")<br />Role toaRole = RoleLocalServiceUtil.getRole(companyId, "Territory Office Admin")<br />Role tvpRole = RoleLocalServiceUtil.getRole(companyId, "Territory Vice President")<br />Role tdmbRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Branch)")<br />Role tdmhRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Home Office)")<br />Role tdmtRole = RoleLocalServiceUtil.getRole(companyId, "Territory Development Manager (Territory)")<br /><br />roles.add(bsmRole)<br />roles.add(boaRole)<br />roles.add(usmRole)<br />roles.add(uftRole)<br />roles.add(agtRole)<br />roles.add(auRole)<br />roles.add(rdRole)<br />roles.add(usRole)<br />roles.add(fvpnrRole)<br />roles.add(hoaRole)<br />roles.add(houRole)<br />roles.add(loaRole)<br />roles.add(mtRole)<br />roles.add(roaRole)<br />roles.add(soaRole)<br />roles.add(svpRole)<br />roles.add(toaRole)<br />roles.add(tvpRole)<br />roles.add(tdmbRole)<br />roles.add(tdmhRole)<br />roles.add(tdmtRole)<br /><br />Iterator roleIterator = null<br />Role role = null<br /><br />String resourceName = DLFileEntry.class.getName()<br />ResourcePermission permission = null<br /><br />/*<br />* Remove all permissions from guest and site member if they have view permission<br />*/<br />try {<br /><br /> if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, guestRole.getRoleId(), ActionKeys.VIEW)) {<br /> permission = ResourcePermissionLocalServiceUtil.getResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, guestRole.getRoleId());<br /> permission.setActionIds(0);<br /> ResourcePermissionLocalServiceUtil.updateResourcePermission(permission, true); <br /> }<br /><br /> if (ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, siteMemberRole.getRoleId(), ActionKeys.VIEW)) {<br /> permission = ResourcePermissionLocalServiceUtil.getResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, siteMemberRole.getRoleId());<br /> permission.setActionIds(0);<br /> ResourcePermissionLocalServiceUtil.updateResourcePermission(permission, true);<br /> }<br /><br /> /*<br /> * Add view permission to each user created role<br /> */<br /> roleIterator = roles.iterator();<br /><br /> def keys = new String[1]<br /> keys[0] = ActionKeys.VIEW<br /><br /> while (roleIterator.hasNext()) {<br /> role = roleIterator.next()<br /> if (!ResourcePermissionLocalServiceUtil.hasResourcePermission(companyId, resourceName, ResourceConstants.SCOPE_INDIVIDUAL, fileEntryId, role.getRoleId(), ActionKeys.VIEW)) {<br /> ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId, DLFileEntry.class.getName(), 4, fileEntryId, role.getRoleId(), keys)<br /> } <br /> }<br /><br /> out.println("***** Success *****"); <br />}<br />catch (e) {<br /> out.println("***** Error = " + e.getMessage());<br />}<br /></code>Mike Cunningham2015-04-14T12:46:53Z