CheckPermissionTransform


1   /*
2    * $Id: CheckPermissionTransform.java 5462 2005-08-05 18:35:48Z jonesde $
3    * 
4    * Copyright (c) 2001-2003 The Open For Business Project - www.ofbiz.org
5    * 
6    * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal
7    * in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
9    * 
10   * The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
11   * 
12   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
13   * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
14   * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
15   *  
16   */
17  package org.ofbiz.content.webapp.ftl;
18  
19  import java.io.IOException  ;
20  import java.io.Writer  ;
21  import java.util.ArrayList  ;
22  import java.util.HashMap  ;
23  import java.util.List  ;
24  import java.util.Map  ;
25  
26  import javax.servlet.http.HttpServletRequest  ;
27  
28  import org.ofbiz.base.util.GeneralException;
29  import org.ofbiz.base.util.StringUtil;
30  import org.ofbiz.base.util.UtilValidate;
31  import org.ofbiz.base.util.template.FreeMarkerWorker;
32  import org.ofbiz.content.content.ContentWorker;
33  import org.ofbiz.content.content.PermissionRecorder;
34  import org.ofbiz.entity.GenericDelegator;
35  import org.ofbiz.entity.GenericValue;
36  import org.ofbiz.entityext.permission.EntityPermissionChecker;
37  import org.ofbiz.security.Security;
38  import org.ofbiz.service.ModelService;
39  import org.ofbiz.webapp.ftl.LoopWriter;
40  
41  import freemarker.core.Environment;
42  import freemarker.template.TemplateModelException;
43  import freemarker.template.TemplateTransformModel;
44  import freemarker.template.TransformControl;
45  
46  /**
47   * CheckPermissionTransform - Freemarker Transform for URLs (links)
48   * 
49   * @author <a HREF="mailto:byersa@automationgroups.com">Al Byers</a>
50   * @version $Rev: 5462 $
51   * @since 3.0
52   */
53  public class CheckPermissionTransform implements TemplateTransformModel {
54  
55      public static final String   module = CheckPermissionTransform.class.getName();
56  
57      public static final String   [] saveKeyNames = {"globalNodeTrail", "nodeTrail", "mode", "purposeTypeId", "statusId", "entityOperation", "targetOperation" };
58      public static final String   [] removeKeyNames = {};
59  
60      /**
61       * A wrapper for the FreeMarkerWorker version.
62       */
63      public static Object   getWrappedObject(String   varName, Environment env) {
64          return FreeMarkerWorker.getWrappedObject(varName, env);
65      }
66  
67      public static String   getArg(Map   args, String   key, Environment env) {
68          return FreeMarkerWorker.getArg(args, key, env);
69      }
70  
71      public static String   getArg(Map   args, String   key, Map   ctx) {
72          return FreeMarkerWorker.getArg(args, key, ctx);
73      }
74  
75  
76      public Writer   getWriter(final Writer   out, Map   args) {
77          final StringBuffer   buf = new StringBuffer  ();
78          final Environment env = Environment.getCurrentEnvironment();
79          final Map   templateCtx = FreeMarkerWorker.createEnvironmentMap(env);
80          //FreeMarkerWorker.convertContext(templateCtx);
81          final GenericDelegator delegator = (GenericDelegator) FreeMarkerWorker.getWrappedObject("delegator", env);
82          final HttpServletRequest   request = (HttpServletRequest  ) FreeMarkerWorker.getWrappedObject("request", env);
83          final GenericValue userLogin = (GenericValue) FreeMarkerWorker.getWrappedObject("userLogin", env);
84          FreeMarkerWorker.getSiteParameters(request, templateCtx);
85          FreeMarkerWorker.overrideWithArgs(templateCtx, args);
86          final String   mode = (String  )templateCtx.get("mode");
87          final String   quickCheckContentId = (String  )templateCtx.get("quickCheckContentId");
88          final Map   savedValues = new HashMap  ();
89                      //Debug.logInfo("in CheckPermission, contentId(1):" + templateCtx.get("contentId"),"");
90                      //Debug.logInfo("in CheckPermission, subContentId(1):" + templateCtx.get("subContentId"),"");
91  
92          return new LoopWriter(out) {
93  
94              public void write(char cbuf[], int off, int len) {
95                  buf.append(cbuf, off, len);
96              }
97  
98              public void flush() throws IOException   {
99                  out.flush();
100             }
101 
102             public int onStart() throws TemplateModelException, IOException   {
103                 List   trail = (List  )templateCtx.get("globalNodeTrail");
104                 String   trailCsv = ContentWorker.nodeTrailToCsv(trail);
105                     //Debug.logInfo("in CheckPermission, trailCsv(2):" + trailCsv,"");
106                     //Debug.logInfo("in CheckPermission, contentId(2):" + templateCtx.get("contentId"),"");
107                     //Debug.logInfo("in CheckPermission, subContentId(2):" + templateCtx.get("subContentId"),"");
108              
109                 GenericValue currentContent = null;
110         String   contentAssocPredicateId = (String  )templateCtx.get("contentAssocPredicateId");
111                 String   strNullThruDatesOnly = (String  )templateCtx.get("nullThruDatesOnly");
112                 Boolean   nullThruDatesOnly = (strNullThruDatesOnly != null && strNullThruDatesOnly.equalsIgnoreCase("true")) ? new Boolean  (true) :new Boolean  (false);
113                 GenericValue val = null;
114                 try {
115                     val = ContentWorker.getCurrentContent(delegator, trail, userLogin, templateCtx, nullThruDatesOnly, contentAssocPredicateId);
116                 } catch(GeneralException e) {
117                     throw new RuntimeException  ("Error getting current content. " + e.toString());
118                 }
119                 final GenericValue view = val;
120                 currentContent = val;
121                 if (currentContent != null) {
122                     //Debug.logInfo("in CheckPermission, currentContent(0):" + currentContent.get("contentId"),"");
123                 }
124 
125                 if (currentContent == null) {
126                     currentContent = delegator.makeValue("Content", null);
127                     currentContent.put("ownerContentId", templateCtx.get("ownerContentId"));
128                 }
129                     //Debug.logInfo("in CheckPermission, currentContent(1):" + currentContent.get("contentId"),"");
130         
131                 Security security = null;
132                 if (request != null) {
133                     security = (Security) request.getAttribute("security");
134                 }
135              
136                 String   statusId = (String  )currentContent.get("statusId");
137                 String   passedStatusId = (String  )templateCtx.get("statusId");
138                 List   statusList = StringUtil.split(passedStatusId, "|");
139                 if (statusList == null)
140                     statusList = new ArrayList  ();
141                 if (UtilValidate.isNotEmpty(statusId) && !statusList.contains(statusId)) {
142                     statusList.add(statusId);
143                 } 
144                 String   targetPurpose = (String  )templateCtx.get("contentPurposeList");
145                 List   purposeList = StringUtil.split(targetPurpose, "|");
146                 String   entityOperation = (String  )templateCtx.get("entityOperation");
147                 String   targetOperation = (String  )templateCtx.get("targetOperation");
148                 if (UtilValidate.isEmpty(targetOperation)) {
149                     if (UtilValidate.isNotEmpty(entityOperation))
150                         targetOperation = "CONTENT" + entityOperation;
151                 }
152                 List   targetOperationList = StringUtil.split(targetOperation, "|");
153                 if (targetOperationList.size() == 0) {
154                     //Debug.logInfo("in CheckPermission, entityOperation:" + entityOperation,"");
155                     //Debug.logInfo("in CheckPermission, templateCtx:" + templateCtx,"");
156                     throw new IOException  ("targetOperationList has zero size.");
157                 }
158                 List   roleList = new ArrayList  ();
159         
160                 String   privilegeEnumId = (String  )currentContent.get("privilegeEnumId");
161                 Map   results = EntityPermissionChecker.checkPermission(currentContent, statusList, userLogin, purposeList, targetOperationList, roleList, delegator, security, entityOperation, privilegeEnumId, quickCheckContentId); 
162 
163                 boolean isError = ModelService.RESPOND_ERROR.equals(results.get(ModelService.RESPONSE_MESSAGE));
164                 if (isError) {
165                     throw new IOException  (ModelService.RESPONSE_MESSAGE);
166                 }
167 
168                 String   permissionStatus = (String  ) results.get("permissionStatus");
169 
170                 if (UtilValidate.isEmpty(permissionStatus) || !permissionStatus.equals("granted")) {
171                 
172                     String   errorMessage = "Permission to add response is denied (2)";
173                     PermissionRecorder recorder = (PermissionRecorder)results.get("permissionRecorder");
174                         //Debug.logInfo("recorder(0):" + recorder, "");
175                     if (recorder != null) {
176                         String   permissionMessage = recorder.toHtml();
177                         //Debug.logInfo("permissionMessage(0):" + permissionMessage, "");
178                         errorMessage += " \n " + permissionMessage;
179                     }
180                     templateCtx.put("permissionErrorMsg", errorMessage);
181                 }
182 
183 
184                 if (permissionStatus != null && permissionStatus.equalsIgnoreCase("granted")) {
185                     FreeMarkerWorker.saveContextValues(templateCtx, saveKeyNames, savedValues);
186                     if (mode == null || !mode.equalsIgnoreCase("not-equals"))
187                         return TransformControl.EVALUATE_BODY;
188                     else
189                         return TransformControl.SKIP_BODY;
190                 } else {
191                     if (mode == null || !mode.equalsIgnoreCase("not-equals"))
192                         return TransformControl.SKIP_BODY;
193                     else
194                         return TransformControl.EVALUATE_BODY;
195                 }
196             }
197 
198 
199             public void close() throws IOException   {
200                 FreeMarkerWorker.reloadValues(templateCtx, savedValues, env);
201                 String   wrappedContent = buf.toString();
202                 out.write(wrappedContent);
203             }
204         };
205     }
206 }
207
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags