use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.
the class BaseNodeCommandProcessor method validateArguments.
/**
* @see org.alfresco.web.app.servlet.command.CommandProcessor#validateArguments(javax.servlet.ServletContext, java.lang.String, java.util.Map, java.lang.String[])
*/
public boolean validateArguments(ServletContext sc, String command, Map<String, String> args, String[] urlElements) {
if (urlElements.length < 3) {
throw new IllegalArgumentException("Not enough URL arguments passed to command servlet.");
}
// get NodeRef to the node with the workflow attached to it
StoreRef storeRef = new StoreRef(urlElements[0], urlElements[1]);
this.targetRef = new NodeRef(storeRef, urlElements[2]);
// get the services we need to execute the workflow command
PermissionService permissionService = Repository.getServiceRegistry(sc).getPermissionService();
// check that the user has at least READ access on the node - else redirect to the login page
return (permissionService.hasPermission(this.targetRef, PermissionService.READ) == AccessStatus.ALLOWED);
}
use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.
the class ScriptCommandProcessor method validateArguments.
/**
* @see org.alfresco.web.app.servlet.command.CommandProcessor#validateArguments(javax.servlet.ServletContext, java.lang.String, java.util.Map, java.lang.String[])
*/
public boolean validateArguments(ServletContext sc, String command, Map<String, String> args, String[] urlElements) {
boolean allowed = false;
String scriptPath = args.get(ARG_SCRIPT_PATH);
if (scriptPath != null) {
// resolve path to a node
this.scriptRef = BaseServlet.resolveNamePath(sc, scriptPath).NodeRef;
// same for the document context path if specified
String docPath = args.get(ARG_CONTEXT_PATH);
if (docPath != null) {
this.docRef = BaseServlet.resolveNamePath(sc, docPath).NodeRef;
}
} else {
if (urlElements.length < 3) {
throw new IllegalArgumentException("Not enough URL arguments passed to command servlet.");
}
// get NodeRef to the node script to execute
StoreRef storeRef = new StoreRef(urlElements[0], urlElements[1]);
this.scriptRef = new NodeRef(storeRef, urlElements[2]);
if (urlElements.length >= 6) {
storeRef = new StoreRef(urlElements[3], urlElements[4]);
this.docRef = new NodeRef(storeRef, urlElements[5]);
}
}
// check we can READ access the nodes specified
PermissionService ps = Repository.getServiceRegistry(sc).getPermissionService();
allowed = (ps.hasPermission(this.scriptRef, PermissionService.READ) == AccessStatus.ALLOWED);
if (this.docRef != null) {
allowed &= (ps.hasPermission(this.docRef, PermissionService.READ) == AccessStatus.ALLOWED);
}
// check to see if user is allowed to execute arbituary javascript
// by default only an admin authority can perform this action
ConfigService configService = Application.getConfigService(sc);
ClientConfigElement configElement = (ClientConfigElement) configService.getGlobalConfig().getConfigElement("client");
boolean allowScriptExecute = configElement.getAllowUserScriptExecute();
AuthorityService authService = Repository.getServiceRegistry(sc).getAuthorityService();
allowed &= (allowScriptExecute || authService.isAdminAuthority(AuthenticationUtil.getFullyAuthenticatedUser()));
return allowed;
}
use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.
the class ExternalAccessServlet method service.
/**
* @see javax.servlet.http.HttpServlet#service(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
protected void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
String uri = req.getRequestURI();
if (logger.isDebugEnabled())
logger.debug("Processing URL: " + uri + (req.getQueryString() != null ? ("?" + req.getQueryString()) : ""));
AuthenticationStatus status = servletAuthenticate(req, res);
if (status == AuthenticationStatus.Failure) {
return;
}
setNoCacheHeaders(res);
uri = uri.substring(req.getContextPath().length());
StringTokenizer t = new StringTokenizer(uri, "/");
int tokenCount = t.countTokens();
if (tokenCount < 2) {
throw new IllegalArgumentException("Externally addressable URL did not contain all required args: " + uri);
}
// skip servlet name
t.nextToken();
String outcome = t.nextToken();
// get rest of the tokens arguments
String[] args = new String[tokenCount - 2];
for (int i = 0; i < tokenCount - 2; i++) {
args[i] = t.nextToken();
}
if (logger.isDebugEnabled())
logger.debug("External outcome found: " + outcome);
// we almost always need this bean reference
FacesContext fc = FacesHelper.getFacesContext(req, res, getServletContext());
BrowseBean browseBean = (BrowseBean) FacesHelper.getManagedBean(fc, "BrowseBean");
// get services we need
ServiceRegistry serviceRegistry = getServiceRegistry(getServletContext());
PermissionService permissionService = serviceRegistry.getPermissionService();
// as we are potentially coming in from an external app reset the view stack
Stack viewStack = (Stack) fc.getExternalContext().getSessionMap().get("_alfViewStack");
if (viewStack != null) {
viewStack.clear();
if (logger.isDebugEnabled())
logger.debug("Cleared view stack");
}
// setup is required for certain outcome requests
if (OUTCOME_DOCDETAILS.equals(outcome)) {
NodeRef nodeRef = null;
if (args[0].equals(WebDAVServlet.WEBDAV_PREFIX)) {
nodeRef = resolveWebDAVPath(fc, args);
} else if (args.length == 3) {
StoreRef storeRef = new StoreRef(args[0], args[1]);
nodeRef = new NodeRef(storeRef, args[2]);
}
if (nodeRef != null) {
// check that the user has at least READ access - else redirect to an error or login page
if (!checkAccess(req, res, nodeRef, PermissionService.READ_CONTENT, true)) {
return;
}
// setup the Document on the browse bean
browseBean.setupContentAction(nodeRef.getId(), true);
}
// perform the appropriate JSF navigation outcome
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, "dialog:" + OUTCOME_DOCDETAILS);
} else if (OUTCOME_SPACEDETAILS.equals(outcome)) {
NodeRef nodeRef = null;
if (args[0].equals(WebDAVServlet.WEBDAV_PREFIX)) {
nodeRef = resolveWebDAVPath(fc, args);
} else if (args.length == 3) {
StoreRef storeRef = new StoreRef(args[0], args[1]);
nodeRef = new NodeRef(storeRef, args[2]);
}
if (nodeRef != null) {
// check that the user has at least READ access - else redirect to an error or login page
if (!checkAccess(req, res, nodeRef, PermissionService.READ_CONTENT, true)) {
return;
}
// setup the Space on the browse bean
browseBean.setupSpaceAction(nodeRef.getId(), true);
}
// perform the appropriate JSF navigation outcome
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, "dialog:" + OUTCOME_SPACEDETAILS);
} else if (OUTCOME_BROWSE.equals(outcome)) {
NodeRef nodeRef = null;
if (args.length != 0 && args[0].equals(WebDAVServlet.WEBDAV_PREFIX)) {
nodeRef = resolveWebDAVPath(fc, args);
} else if (args.length >= 3) {
int offset = 0;
offset = args.length - 3;
StoreRef storeRef = new StoreRef(args[0 + offset], args[1 + offset]);
nodeRef = new NodeRef(storeRef, args[2 + offset]);
}
if (nodeRef != null) {
// check that the user has at least READ access - else redirect to an error or login page
if (!checkAccess(req, res, nodeRef, PermissionService.READ_CONTENT, true)) {
return;
}
// this call sets up the current node Id, and updates or initialises the
// breadcrumb component with the selected node as appropriate.
browseBean.updateUILocation(nodeRef);
// force a "late" refresh of the BrowseBean to handle external servlet access URL
browseBean.externalAccessRefresh();
// check for view mode first argument
if (args[0].equals(ARG_TEMPLATE)) {
browseBean.setDashboardView(true);
}
// the above calls into BrowseBean setup the NavigationHandler automatically
} else {
// perform the appropriate JSF navigation outcome
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, outcome);
}
} else if (OUTCOME_MYALFRESCO.equals(outcome)) {
// setup the Dashboard Manager ready for the page we want to display
if (req.getParameter(ARG_PAGE) != null) {
DashboardManager manager = (DashboardManager) FacesHelper.getManagedBean(fc, DashboardManager.BEAN_NAME);
manager.getPageConfig().setCurrentPage(req.getParameter(ARG_PAGE));
}
// perform the appropriate JSF navigation outcome
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, outcome);
} else if (OUTCOME_DIALOG.equals(outcome) || OUTCOME_WIZARD.equals(outcome)) {
if (args.length != 0) {
if (args.length > 1) {
String currentNodeId = null;
if (args[1].equals(WebDAVServlet.WEBDAV_PREFIX)) {
// Drop the first argument
String[] args2 = new String[args.length - 1];
for (int i = 1; i < args.length; i++) {
args2[i - 1] = args[i];
if (logger.isDebugEnabled()) {
logger.debug("Added segment " + args2[i - 1]);
}
}
NodeRef nodeRef = resolveWebDAVPath(fc, args2);
currentNodeId = nodeRef.getId();
} else {
currentNodeId = args[1];
}
if (logger.isDebugEnabled()) {
logger.debug("currentNodeId: " + currentNodeId);
}
// if a GUID was passed, use it to init the NavigationBean current context
NavigationBean navigator = (NavigationBean) FacesHelper.getManagedBean(fc, NavigationBean.BEAN_NAME);
navigator.setCurrentNodeId(currentNodeId);
browseBean.setupSpaceAction(currentNodeId, true);
// setup the Document on the browse bean
// avoid java.lang.NullPointerException
// at org.alfresco.web.bean.content.InviteContentUsersWizard.getPermissionsForType(InviteContentUsersWizard.java:49)
// at org.alfresco.web.bean.wizard.BaseInviteUsersWizard.getRoles(BaseInviteUsersWizard.java:562)
browseBean.setupContentAction(currentNodeId, true);
}
NavigationHandler navigationHandler = fc.getApplication().getNavigationHandler();
navigationHandler.handleNavigation(fc, null, outcome + ':' + args[0]);
}
} else if (OUTCOME_LOGOUT.equals(outcome)) {
// special case for logout
// invalidate ticket and clear the Security context for this thread
Application.logOut(fc);
res.sendRedirect(req.getContextPath() + FACES_SERVLET + Application.getLoginPage(getServletContext()));
return;
}
// perform the forward to the page processed by the Faces servlet
String viewId = fc.getViewRoot().getViewId();
ViewSequenceUtils.nextViewSequence(fc);
getServletContext().getRequestDispatcher(FACES_SERVLET + viewId).forward(req, res);
}
use of org.alfresco.service.cmr.repository.StoreRef in project acs-community-packaging by Alfresco.
the class ResourceBundleWrapper method getDelegates.
/**
* Get a list of the delegate resource bundles
*
* @return List<ResourceBundle> list of delegate resource bundles
*/
private List<ResourceBundle> getDelegates() {
if (this.delegates == null) {
this.delegates = new ArrayList<ResourceBundle>(ResourceBundleWrapper.addedBundleNames.size() + 2);
// Check for custom bundle (if any) - first try in the repo otherwise try the classpath
ResourceBundle customBundle = null;
if (getMessageService() != null) {
StoreRef storeRef = null;
String path = null;
try {
String customName = null;
int idx = this.bundleName.lastIndexOf(".");
if (idx != -1) {
customName = this.bundleName.substring(idx + 1, this.bundleName.length());
} else {
customName = this.bundleName;
}
storeRef = Repository.getStoreRef();
// TODO - make path configurable in one place ...
// Note: path here is XPath for selectNodes query
path = PATH + "/cm:" + customName;
customBundle = getMessageService().getRepoResourceBundle(Repository.getStoreRef(), path, locale);
} catch (Throwable t) {
// for now ... ignore the error, cannot be found or read from repo
logger.debug("Custom Web Client properties not found: " + storeRef + path);
}
}
if (customBundle == null) {
// also look up the custom version of the bundle in the extension package
String customName = determineCustomBundleName(this.bundleName);
customBundle = getResourceBundle(locale, customName);
}
// Add the custom bundle (if any) - add first to allow override (eg. in MT/dynamic web client env)
if (customBundle != null) {
this.delegates.add(customBundle);
}
// Add the normal bundle
ResourceBundle normalBundle = getResourceBundle(locale, this.bundleName);
if (normalBundle != null) {
this.delegates.add(normalBundle);
} else {
if (logger.isWarnEnabled()) {
logger.warn("Resource bundle missing : " + this.bundleName + ", locale : " + locale);
}
}
// Add the added bundles
for (String addedBundleName : ResourceBundleWrapper.addedBundleNames) {
this.delegates.add(getResourceBundle(locale, addedBundleName));
}
}
return this.delegates;
}
use of org.alfresco.service.cmr.repository.StoreRef in project records-management by Alfresco.
the class CapabilitiesGet method executeImpl.
/**
* @see org.alfresco.repo.web.scripts.content.StreamContent#executeImpl(org.springframework.extensions.webscripts.WebScriptRequest, org.springframework.extensions.webscripts.Status, org.springframework.extensions.webscripts.Cache)
*/
@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) {
Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
String storeType = templateVars.get("store_type");
String storeId = templateVars.get("store_id");
String nodeId = templateVars.get("id");
NodeRef nodeRef = null;
if (StringUtils.isNotBlank(storeType) && StringUtils.isNotBlank(storeId) && StringUtils.isNotBlank(nodeId)) {
nodeRef = new NodeRef(new StoreRef(storeType, storeId), nodeId);
} else {
// we are talking about the file plan node
// TODO we are making the assumption there is only one file plan here!
nodeRef = filePlanService.getFilePlanBySiteId(FilePlanService.DEFAULT_RM_SITE_ID);
if (nodeRef == null) {
throw new WebScriptException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "The default file plan node could not be found.");
}
}
boolean grouped = false;
String groupedString = req.getParameter("grouped");
if (StringUtils.isNotBlank(groupedString)) {
grouped = Boolean.parseBoolean(groupedString);
}
Map<String, Object> model = new TreeMap<String, Object>();
if (grouped) {
// Construct the map which is needed to build the model
Map<String, GroupedCapabilities> groupedCapabilitiesMap = new TreeMap<String, GroupedCapabilities>();
List<Group> groups = capabilityService.getGroups();
for (Group group : groups) {
String capabilityGroupTitle = group.getTitle();
if (StringUtils.isNotBlank(capabilityGroupTitle)) {
String capabilityGroupId = group.getId();
List<Capability> capabilities = capabilityService.getCapabilitiesByGroupId(capabilityGroupId);
for (Capability capability : capabilities) {
String capabilityName = capability.getName();
String capabilityTitle = capability.getTitle();
if (groupedCapabilitiesMap.containsKey(capabilityGroupId)) {
groupedCapabilitiesMap.get(capabilityGroupId).addCapability(capabilityName, capabilityTitle);
} else {
GroupedCapabilities groupedCapabilities = new GroupedCapabilities(capabilityGroupId, capabilityGroupTitle, capabilityName, capabilityTitle);
groupedCapabilities.addCapability(capabilityName, capabilityTitle);
groupedCapabilitiesMap.put(capabilityGroupId, groupedCapabilities);
}
}
}
}
model.put("groupedCapabilities", groupedCapabilitiesMap);
} else {
boolean includePrivate = false;
String includePrivateString = req.getParameter("includeAll");
if (StringUtils.isNotBlank(includePrivateString)) {
includePrivate = Boolean.parseBoolean(includePrivateString);
}
Map<Capability, AccessStatus> map = capabilityService.getCapabilitiesAccessState(nodeRef, includePrivate);
List<String> list = new ArrayList<String>(map.size());
for (Map.Entry<Capability, AccessStatus> entry : map.entrySet()) {
AccessStatus accessStatus = entry.getValue();
if (!AccessStatus.DENIED.equals(accessStatus)) {
Capability capability = entry.getKey();
list.add(capability.getName());
}
}
model.put("capabilities", list);
}
return model;
}
Aggregations