Search in sources :

Example 16 with StoreRef

use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.

the class BaseNodeCommandProcessor method validateArguments.

/**
 * @see org.alfresco.web.app.servlet.command.CommandProcessor#validateArguments(javax.servlet.ServletContext, java.lang.String, java.util.Map, java.lang.String[])
 */
public boolean validateArguments(ServletContext sc, String command, Map<String, String> args, String[] urlElements) {
    if (urlElements.length < 3) {
        throw new IllegalArgumentException("Not enough URL arguments passed to command servlet.");
    }
    // get NodeRef to the node with the workflow attached to it
    StoreRef storeRef = new StoreRef(urlElements[0], urlElements[1]);
    this.targetRef = new NodeRef(storeRef, urlElements[2]);
    // get the services we need to execute the workflow command
    PermissionService permissionService = Repository.getServiceRegistry(sc).getPermissionService();
    // check that the user has at least READ access on the node - else redirect to the login page
    return (permissionService.hasPermission(this.targetRef, PermissionService.READ) == AccessStatus.ALLOWED);
}
Also used : PermissionService(org.alfresco.service.cmr.security.PermissionService) StoreRef(org.alfresco.service.cmr.repository.StoreRef) NodeRef(org.alfresco.service.cmr.repository.NodeRef)

Example 17 with StoreRef

use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.

the class ScriptCommandProcessor method validateArguments.

/**
 * @see org.alfresco.web.app.servlet.command.CommandProcessor#validateArguments(javax.servlet.ServletContext, java.lang.String, java.util.Map, java.lang.String[])
 */
public boolean validateArguments(ServletContext sc, String command, Map<String, String> args, String[] urlElements) {
    boolean allowed = false;
    String scriptPath = args.get(ARG_SCRIPT_PATH);
    if (scriptPath != null) {
        // resolve path to a node
        this.scriptRef = BaseServlet.resolveNamePath(sc, scriptPath).NodeRef;
        // same for the document context path if specified
        String docPath = args.get(ARG_CONTEXT_PATH);
        if (docPath != null) {
            this.docRef = BaseServlet.resolveNamePath(sc, docPath).NodeRef;
        }
    } else {
        if (urlElements.length < 3) {
            throw new IllegalArgumentException("Not enough URL arguments passed to command servlet.");
        }
        // get NodeRef to the node script to execute
        StoreRef storeRef = new StoreRef(urlElements[0], urlElements[1]);
        this.scriptRef = new NodeRef(storeRef, urlElements[2]);
        if (urlElements.length >= 6) {
            storeRef = new StoreRef(urlElements[3], urlElements[4]);
            this.docRef = new NodeRef(storeRef, urlElements[5]);
        }
    }
    // check we can READ access the nodes specified
    PermissionService ps = Repository.getServiceRegistry(sc).getPermissionService();
    allowed = (ps.hasPermission(this.scriptRef, PermissionService.READ) == AccessStatus.ALLOWED);
    if (this.docRef != null) {
        allowed &= (ps.hasPermission(this.docRef, PermissionService.READ) == AccessStatus.ALLOWED);
    }
    // check to see if user is allowed to execute arbituary javascript
    // by default only an admin authority can perform this action
    ConfigService configService = Application.getConfigService(sc);
    ClientConfigElement configElement = (ClientConfigElement) configService.getGlobalConfig().getConfigElement("client");
    boolean allowScriptExecute = configElement.getAllowUserScriptExecute();
    AuthorityService authService = Repository.getServiceRegistry(sc).getAuthorityService();
    allowed &= (allowScriptExecute || authService.isAdminAuthority(AuthenticationUtil.getFullyAuthenticatedUser()));
    return allowed;
}
Also used : PermissionService(org.alfresco.service.cmr.security.PermissionService) StoreRef(org.alfresco.service.cmr.repository.StoreRef) NodeRef(org.alfresco.service.cmr.repository.NodeRef) ConfigService(org.springframework.extensions.config.ConfigService) AuthorityService(org.alfresco.service.cmr.security.AuthorityService) ClientConfigElement(org.alfresco.web.config.ClientConfigElement)

Example 18 with StoreRef

use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.

the class ExternalAccessServlet method service.

/**
 * @see javax.servlet.http.HttpServlet#service(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 */
protected void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
    String uri = req.getRequestURI();
    if (logger.isDebugEnabled())
        logger.debug("Processing URL: " + uri + (req.getQueryString() != null ? ("?" + req.getQueryString()) : ""));
    AuthenticationStatus status = servletAuthenticate(req, res);
    if (status == AuthenticationStatus.Failure) {
        return;
    }
    setNoCacheHeaders(res);
    uri = uri.substring(req.getContextPath().length());
    StringTokenizer t = new StringTokenizer(uri, "/");
    int tokenCount = t.countTokens();
    if (tokenCount < 2) {
        throw new IllegalArgumentException("Externally addressable URL did not contain all required args: " + uri);
    }
    // skip servlet name
    t.nextToken();
    String outcome = t.nextToken();
    // get rest of the tokens arguments
    String[] args = new String[tokenCount - 2];
    for (int i = 0; i < tokenCount - 2; i++) {
        args[i] = t.nextToken();
    }
    if (logger.isDebugEnabled())
        logger.debug("External outcome found: " + outcome);
    // we almost always need this bean reference
    FacesContext fc = FacesHelper.getFacesContext(req, res, getServletContext());
    BrowseBean browseBean = (BrowseBean) FacesHelper.getManagedBean(fc, "BrowseBean");
    // get services we need
    ServiceRegistry serviceRegistry = getServiceRegistry(getServletContext());
    PermissionService permissionService = serviceRegistry.getPermissionService();
    // as we are potentially coming in from an external app reset the view stack
    Stack viewStack = (Stack) fc.getExternalContext().getSessionMap().get("_alfViewStack");
    if (viewStack != null) {
        viewStack.clear();
        if (logger.isDebugEnabled())
            logger.debug("Cleared view stack");
    }
    // setup is required for certain outcome requests
    if (OUTCOME_DOCDETAILS.equals(outcome)) {
        NodeRef nodeRef = null;
        if (args[0].equals(WebDAVServlet.WEBDAV_PREFIX)) {
            nodeRef = resolveWebDAVPath(fc, args);
        } else if (args.length == 3) {
            StoreRef storeRef = new StoreRef(args[0], args[1]);
            nodeRef = new NodeRef(storeRef, args[2]);
        }
        if (nodeRef != null) {
            // check that the user has at least READ access - else redirect to an error or login page
            if (!checkAccess(req, res, nodeRef, PermissionService.READ_CONTENT, true)) {
                return;
            }
            // setup the Document on the browse bean
            browseBean.setupContentAction(nodeRef.getId(), true);
        }
        // perform the appropriate JSF navigation outcome
        NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
        navigationHandler.handleNavigation(fc, null, "dialog:" + OUTCOME_DOCDETAILS);
    } else if (OUTCOME_SPACEDETAILS.equals(outcome)) {
        NodeRef nodeRef = null;
        if (args[0].equals(WebDAVServlet.WEBDAV_PREFIX)) {
            nodeRef = resolveWebDAVPath(fc, args);
        } else if (args.length == 3) {
            StoreRef storeRef = new StoreRef(args[0], args[1]);
            nodeRef = new NodeRef(storeRef, args[2]);
        }
        if (nodeRef != null) {
            // check that the user has at least READ access - else redirect to an error or login page
            if (!checkAccess(req, res, nodeRef, PermissionService.READ_CONTENT, true)) {
                return;
            }
            // setup the Space on the browse bean
            browseBean.setupSpaceAction(nodeRef.getId(), true);
        }
        // perform the appropriate JSF navigation outcome
        NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
        navigationHandler.handleNavigation(fc, null, "dialog:" + OUTCOME_SPACEDETAILS);
    } else if (OUTCOME_BROWSE.equals(outcome)) {
        NodeRef nodeRef = null;
        if (args.length != 0 && args[0].equals(WebDAVServlet.WEBDAV_PREFIX)) {
            nodeRef = resolveWebDAVPath(fc, args);
        } else if (args.length >= 3) {
            int offset = 0;
            offset = args.length - 3;
            StoreRef storeRef = new StoreRef(args[0 + offset], args[1 + offset]);
            nodeRef = new NodeRef(storeRef, args[2 + offset]);
        }
        if (nodeRef != null) {
            // check that the user has at least READ access - else redirect to an error or login page
            if (!checkAccess(req, res, nodeRef, PermissionService.READ_CONTENT, true)) {
                return;
            }
            // this call sets up the current node Id, and updates or initialises the
            // breadcrumb component with the selected node as appropriate.
            browseBean.updateUILocation(nodeRef);
            // force a "late" refresh of the BrowseBean to handle external servlet access URL
            browseBean.externalAccessRefresh();
            // check for view mode first argument
            if (args[0].equals(ARG_TEMPLATE)) {
                browseBean.setDashboardView(true);
            }
        // the above calls into BrowseBean setup the NavigationHandler automatically
        } else {
            // perform the appropriate JSF navigation outcome
            NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
            navigationHandler.handleNavigation(fc, null, outcome);
        }
    } else if (OUTCOME_MYALFRESCO.equals(outcome)) {
        // setup the Dashboard Manager ready for the page we want to display
        if (req.getParameter(ARG_PAGE) != null) {
            DashboardManager manager = (DashboardManager) FacesHelper.getManagedBean(fc, DashboardManager.BEAN_NAME);
            manager.getPageConfig().setCurrentPage(req.getParameter(ARG_PAGE));
        }
        // perform the appropriate JSF navigation outcome
        NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
        navigationHandler.handleNavigation(fc, null, outcome);
    } else if (OUTCOME_DIALOG.equals(outcome) || OUTCOME_WIZARD.equals(outcome)) {
        if (args.length != 0) {
            if (args.length > 1) {
                String currentNodeId = null;
                if (args[1].equals(WebDAVServlet.WEBDAV_PREFIX)) {
                    // Drop the first argument
                    String[] args2 = new String[args.length - 1];
                    for (int i = 1; i < args.length; i++) {
                        args2[i - 1] = args[i];
                        if (logger.isDebugEnabled()) {
                            logger.debug("Added segment " + args2[i - 1]);
                        }
                    }
                    NodeRef nodeRef = resolveWebDAVPath(fc, args2);
                    currentNodeId = nodeRef.getId();
                } else {
                    currentNodeId = args[1];
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("currentNodeId: " + currentNodeId);
                }
                // if a GUID was passed, use it to init the NavigationBean current context
                NavigationBean navigator = (NavigationBean) FacesHelper.getManagedBean(fc, NavigationBean.BEAN_NAME);
                navigator.setCurrentNodeId(currentNodeId);
                browseBean.setupSpaceAction(currentNodeId, true);
                // setup the Document on the browse bean
                // avoid java.lang.NullPointerException
                // at org.alfresco.web.bean.content.InviteContentUsersWizard.getPermissionsForType(InviteContentUsersWizard.java:49)
                // at org.alfresco.web.bean.wizard.BaseInviteUsersWizard.getRoles(BaseInviteUsersWizard.java:562)
                browseBean.setupContentAction(currentNodeId, true);
            }
            NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
            navigationHandler.handleNavigation(fc, null, outcome + ':' + args[0]);
        }
    } else if (OUTCOME_LOGOUT.equals(outcome)) {
        // special case for logout
        // invalidate ticket and clear the Security context for this thread
        Application.logOut(fc);
        res.sendRedirect(req.getContextPath() + FACES_SERVLET + Application.getLoginPage(getServletContext()));
        return;
    }
    // perform the forward to the page processed by the Faces servlet
    String viewId = fc.getViewRoot().getViewId();
    ViewSequenceUtils.nextViewSequence(fc);
    getServletContext().getRequestDispatcher(FACES_SERVLET + viewId).forward(req, res);
}
Also used : FacesContext(javax.faces.context.FacesContext) StoreRef(org.alfresco.service.cmr.repository.StoreRef) BrowseBean(org.alfresco.web.bean.BrowseBean) AlfrescoNavigationHandler(org.alfresco.web.app.AlfrescoNavigationHandler) NavigationHandler(javax.faces.application.NavigationHandler) Stack(java.util.Stack) PermissionService(org.alfresco.service.cmr.security.PermissionService) NodeRef(org.alfresco.service.cmr.repository.NodeRef) StringTokenizer(java.util.StringTokenizer) DashboardManager(org.alfresco.web.bean.dashboard.DashboardManager) NavigationBean(org.alfresco.web.bean.NavigationBean) ServiceRegistry(org.alfresco.service.ServiceRegistry)

Example 19 with StoreRef

use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.

the class ResourceBundleWrapper method getDelegates.

/**
 * Get a list of the delegate resource bundles
 *
 * @return   List<ResourceBundle>    list of delegate resource bundles
 */
private List<ResourceBundle> getDelegates() {
    if (this.delegates == null) {
        this.delegates = new ArrayList<ResourceBundle>(ResourceBundleWrapper.addedBundleNames.size() + 2);
        // Check for custom bundle (if any) - first try in the repo otherwise try the classpath
        ResourceBundle customBundle = null;
        if (getMessageService() != null) {
            StoreRef storeRef = null;
            String path = null;
            try {
                String customName = null;
                int idx = this.bundleName.lastIndexOf(".");
                if (idx != -1) {
                    customName = this.bundleName.substring(idx + 1, this.bundleName.length());
                } else {
                    customName = this.bundleName;
                }
                storeRef = Repository.getStoreRef();
                // TODO - make path configurable in one place ...
                // Note: path here is XPath for selectNodes query
                path = PATH + "/cm:" + customName;
                customBundle = getMessageService().getRepoResourceBundle(Repository.getStoreRef(), path, locale);
            } catch (Throwable t) {
                // for now ... ignore the error, cannot be found or read from repo
                logger.debug("Custom Web Client properties not found: " + storeRef + path);
            }
        }
        if (customBundle == null) {
            // also look up the custom version of the bundle in the extension package
            String customName = determineCustomBundleName(this.bundleName);
            customBundle = getResourceBundle(locale, customName);
        }
        // Add the custom bundle (if any) - add first to allow override (eg. in MT/dynamic web client env)
        if (customBundle != null) {
            this.delegates.add(customBundle);
        }
        // Add the normal bundle
        ResourceBundle normalBundle = getResourceBundle(locale, this.bundleName);
        if (normalBundle != null) {
            this.delegates.add(normalBundle);
        } else {
            if (logger.isWarnEnabled()) {
                logger.warn("Resource bundle missing : " + this.bundleName + ", locale : " + locale);
            }
        }
        // Add the added bundles
        for (String addedBundleName : ResourceBundleWrapper.addedBundleNames) {
            this.delegates.add(getResourceBundle(locale, addedBundleName));
        }
    }
    return this.delegates;
}
Also used : StoreRef(org.alfresco.service.cmr.repository.StoreRef) ResourceBundle(java.util.ResourceBundle)

Example 20 with StoreRef

use of org.alfresco.service.cmr.repository.StoreRef in project records-management by Alfresco.

the class CapabilitiesGet method executeImpl.

/**
 * @see org.alfresco.repo.web.scripts.content.StreamContent#executeImpl(org.springframework.extensions.webscripts.WebScriptRequest, org.springframework.extensions.webscripts.Status, org.springframework.extensions.webscripts.Cache)
 */
@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) {
    Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
    String storeType = templateVars.get("store_type");
    String storeId = templateVars.get("store_id");
    String nodeId = templateVars.get("id");
    NodeRef nodeRef = null;
    if (StringUtils.isNotBlank(storeType) && StringUtils.isNotBlank(storeId) && StringUtils.isNotBlank(nodeId)) {
        nodeRef = new NodeRef(new StoreRef(storeType, storeId), nodeId);
    } else {
        // we are talking about the file plan node
        // TODO we are making the assumption there is only one file plan here!
        nodeRef = filePlanService.getFilePlanBySiteId(FilePlanService.DEFAULT_RM_SITE_ID);
        if (nodeRef == null) {
            throw new WebScriptException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "The default file plan node could not be found.");
        }
    }
    boolean grouped = false;
    String groupedString = req.getParameter("grouped");
    if (StringUtils.isNotBlank(groupedString)) {
        grouped = Boolean.parseBoolean(groupedString);
    }
    Map<String, Object> model = new TreeMap<String, Object>();
    if (grouped) {
        // Construct the map which is needed to build the model
        Map<String, GroupedCapabilities> groupedCapabilitiesMap = new TreeMap<String, GroupedCapabilities>();
        List<Group> groups = capabilityService.getGroups();
        for (Group group : groups) {
            String capabilityGroupTitle = group.getTitle();
            if (StringUtils.isNotBlank(capabilityGroupTitle)) {
                String capabilityGroupId = group.getId();
                List<Capability> capabilities = capabilityService.getCapabilitiesByGroupId(capabilityGroupId);
                for (Capability capability : capabilities) {
                    String capabilityName = capability.getName();
                    String capabilityTitle = capability.getTitle();
                    if (groupedCapabilitiesMap.containsKey(capabilityGroupId)) {
                        groupedCapabilitiesMap.get(capabilityGroupId).addCapability(capabilityName, capabilityTitle);
                    } else {
                        GroupedCapabilities groupedCapabilities = new GroupedCapabilities(capabilityGroupId, capabilityGroupTitle, capabilityName, capabilityTitle);
                        groupedCapabilities.addCapability(capabilityName, capabilityTitle);
                        groupedCapabilitiesMap.put(capabilityGroupId, groupedCapabilities);
                    }
                }
            }
        }
        model.put("groupedCapabilities", groupedCapabilitiesMap);
    } else {
        boolean includePrivate = false;
        String includePrivateString = req.getParameter("includeAll");
        if (StringUtils.isNotBlank(includePrivateString)) {
            includePrivate = Boolean.parseBoolean(includePrivateString);
        }
        Map<Capability, AccessStatus> map = capabilityService.getCapabilitiesAccessState(nodeRef, includePrivate);
        List<String> list = new ArrayList<String>(map.size());
        for (Map.Entry<Capability, AccessStatus> entry : map.entrySet()) {
            AccessStatus accessStatus = entry.getValue();
            if (!AccessStatus.DENIED.equals(accessStatus)) {
                Capability capability = entry.getKey();
                list.add(capability.getName());
            }
        }
        model.put("capabilities", list);
    }
    return model;
}
Also used : StoreRef(org.alfresco.service.cmr.repository.StoreRef) Group(org.alfresco.module.org_alfresco_module_rm.capability.Group) Capability(org.alfresco.module.org_alfresco_module_rm.capability.Capability) ArrayList(java.util.ArrayList) TreeMap(java.util.TreeMap) AccessStatus(org.alfresco.service.cmr.security.AccessStatus) NodeRef(org.alfresco.service.cmr.repository.NodeRef) WebScriptException(org.springframework.extensions.webscripts.WebScriptException) TreeMap(java.util.TreeMap) Map(java.util.Map)

Aggregations

StoreRef (org.alfresco.service.cmr.repository.StoreRef)67 NodeRef (org.alfresco.service.cmr.repository.NodeRef)50 HashMap (java.util.HashMap)18 QName (org.alfresco.service.namespace.QName)17 ChildAssociationRef (org.alfresco.service.cmr.repository.ChildAssociationRef)13 StringPropertyValue (org.alfresco.solr.client.StringPropertyValue)13 PropertyValue (org.alfresco.solr.client.PropertyValue)11 WebScriptException (org.springframework.extensions.webscripts.WebScriptException)10 ArrayList (java.util.ArrayList)9 ContentPropertyValue (org.alfresco.solr.client.ContentPropertyValue)9 MLTextPropertyValue (org.alfresco.solr.client.MLTextPropertyValue)9 IOException (java.io.IOException)7 Date (java.util.Date)6 MultiPropertyValue (org.alfresco.solr.client.MultiPropertyValue)6 AlfrescoRuntimeException (org.alfresco.error.AlfrescoRuntimeException)5 PermissionService (org.alfresco.service.cmr.security.PermissionService)5 SolrCore (org.apache.solr.core.SolrCore)5 StringTokenizer (java.util.StringTokenizer)4 RetryingTransactionHelper (org.alfresco.repo.transaction.RetryingTransactionHelper)4 ServiceRegistry (org.alfresco.service.ServiceRegistry)4