I am trying to add a role programmatically. It works initially. I can see it in the database but when I log into the portal as an administrator, I get an error when I got to the Roles page "Roles is temporarily unavailable".
Here is my code that does the role adding:
Date now = new Date();
Long defaultCompanyId = PortalUtil.getDefaultCompanyId();
Long defaultUserId = (long) 20123;
Long roleClassNameId = ClassNameLocalServiceUtil.getClassNameId(Role.class);
Long roleId = CounterLocalServiceUtil.increment();
Role role = RoleLocalServiceUtil.createRole(roleId);
role.setName("ERIC_TEST_ROLE");
role.setDescription("This is Erics Test Role from Java Portlet");
role.setTitle("ERIC_TEST_ROLE");
role.setType(1); // role type. 1=regular, 2=site, 3=organization
role.setUserId(defaultUserId);
role.setCompanyId(defaultCompanyId);
role.setClassNameId(roleClassNameId);
role.setClassPK(roleId);
role.setCreateDate(now);
role.setModifiedDate(now);
RoleLocalServiceUtil.addRole(role);
In the catalina.out the error message is:
2023-11-29 15:42:03.150 ERROR [https-jsse-nio-8443-exec-9][PortletRequestDispatcherImpl:295] Unable to dispatch request: java.lang.IllegalArgumentException: Someone may be trying to circumvent the permission checker: {companyId=20095, name=com.liferay.portal.kernel.model.Role, primKey=33020, scope=4}
2023-11-29 15:42:03.151 ERROR [https-jsse-nio-8443-exec-9][PortletServlet:109] Unable to process portlet com_liferay_roles_admin_web_portlet_RolesAdminPortlet: org.apache.jasper.JasperException: java.lang.IllegalArgumentException: Someone may be trying to circumvent the permission checker: {companyId=20095, name=com.liferay.portal.kernel.model.Role, primKey=33020, scope=4}
javax.portlet.PortletException: org.apache.jasper.JasperException: java.lang.IllegalArgumentException: Someone may be trying to circumvent the permission checker: {companyId=20095, name=com.liferay.portal.kernel.model.Role, primKey=33020, scope=4}
at com.liferay.portlet.internal.PortletRequestDispatcherImpl.dispatch(PortletRequestDispatcherImpl.java:298) ~[portal-impl.jar:?]
at com.liferay.portlet.internal.PortletRequestDispatcherImpl.include(PortletRequestDispatcherImpl.java:114) ~[portal-impl.jar:?]
at com.liferay.portal.kernel.portlet.bridges.mvc.MVCPortlet.include(MVCPortlet.java:611) ~[portal-kernel.jar:?]
at com.liferay.portal.kernel.portlet.bridges.mvc.MVCPortlet.include(MVCPortlet.java:627) ~[portal-kernel.jar:?]
at com.liferay.portal.kernel.portlet.bridges.mvc.MVCPortlet.doView(MVCPortlet.java:172) ~[portal-kernel.jar:?]
at com.liferay.portal.kernel.portlet.LiferayPortlet.doDispatch(LiferayPortlet.java:278) ~[portal-kernel.jar:?]
at com.liferay.portal.kernel.portlet.bridges.mvc.MVCPortlet.doDispatch(MVCPortlet.java:500) ~[portal-kernel.jar:?]
at com.liferay.roles.admin.web.internal.portlet.RolesAdminPortlet.doDispatch(RolesAdminPortlet.java:562) ~[bundleFile:?]
at javax.portlet.GenericPortlet.render(GenericPortlet.java:291) ~[portlet.jar:3.0.1]
at com.liferay.portal.kernel.portlet.bridges.mvc.MVCPortlet.render(MVCPortlet.java:300) ~[portal-kernel.jar:?]
Any help appreciated.
You seem to miss setting owner/permission related resources for the new role. The easiest way to find out what you need to do is:
Search Liferay's source code for places where this is done as well and inspect them. For example, I've searched for occurrences of a call to
createRole, and found a very promising sounding SiteRoleDemoDataCreatorImpl where this is done:and addPermission comes from the superclass:
(This is from the current master branch. You may need to adapt to the specifiy version - but I don't expect significant changes in this code..