Search in sources :

Example 1 with PermissionRecorder

use of org.apache.ofbiz.content.content.PermissionRecorder in project ofbiz-framework by apache.

the class CheckPermissionTransform method getWriter.

@Override
@SuppressWarnings("unchecked")
public Writer getWriter(final Writer out, Map args) {
    final StringBuilder buf = new StringBuilder();
    final Environment env = Environment.getCurrentEnvironment();
    final Map<String, Object> templateCtx = FreeMarkerWorker.createEnvironmentMap(env);
    final Delegator delegator = FreeMarkerWorker.getWrappedObject("delegator", env);
    final HttpServletRequest request = FreeMarkerWorker.getWrappedObject("request", env);
    final GenericValue userLogin = FreeMarkerWorker.getWrappedObject("userLogin", env);
    FreeMarkerWorker.getSiteParameters(request, templateCtx);
    FreeMarkerWorker.overrideWithArgs(templateCtx, args);
    final String mode = (String) templateCtx.get("mode");
    final String quickCheckContentId = (String) templateCtx.get("quickCheckContentId");
    final Map<String, Object> savedValues = new HashMap<>();
    return new LoopWriter(out) {

        @Override
        public void write(char[] cbuf, int off, int len) {
            buf.append(cbuf, off, len);
        }

        @Override
        public void flush() throws IOException {
            out.flush();
        }

        @Override
        public int onStart() throws TemplateModelException, IOException {
            List<Map<String, ? extends Object>> trail = UtilGenerics.checkList(templateCtx.get("globalNodeTrail"));
            GenericValue currentContent = null;
            String contentAssocPredicateId = (String) templateCtx.get("contentAssocPredicateId");
            String strNullThruDatesOnly = (String) templateCtx.get("nullThruDatesOnly");
            Boolean nullThruDatesOnly = (strNullThruDatesOnly != null && "true".equalsIgnoreCase(strNullThruDatesOnly)) ? Boolean.TRUE : Boolean.FALSE;
            GenericValue val = null;
            try {
                val = ContentWorker.getCurrentContent(delegator, trail, userLogin, templateCtx, nullThruDatesOnly, contentAssocPredicateId);
            } catch (GeneralException e) {
                throw new RuntimeException("Error getting current content. " + e.toString());
            }
            currentContent = val;
            if (currentContent == null) {
                currentContent = delegator.makeValue("Content");
                currentContent.put("ownerContentId", templateCtx.get("ownerContentId"));
            }
            Security security = null;
            if (request != null) {
                security = (Security) request.getAttribute("security");
            }
            String statusId = (String) currentContent.get("statusId");
            String passedStatusId = (String) templateCtx.get("statusId");
            List<String> statusList = StringUtil.split(passedStatusId, "|");
            if (statusList == null) {
                statusList = new LinkedList<>();
            }
            if (UtilValidate.isNotEmpty(statusId) && !statusList.contains(statusId)) {
                statusList.add(statusId);
            }
            String targetPurpose = (String) templateCtx.get("contentPurposeList");
            List<String> purposeList = StringUtil.split(targetPurpose, "|");
            String entityOperation = (String) templateCtx.get("entityOperation");
            String targetOperation = (String) templateCtx.get("targetOperation");
            if (UtilValidate.isEmpty(targetOperation)) {
                if (UtilValidate.isNotEmpty(entityOperation)) {
                    targetOperation = "CONTENT" + entityOperation;
                }
            }
            List<String> targetOperationList = StringUtil.split(targetOperation, "|");
            if (targetOperationList.size() == 0) {
                throw new IOException("targetOperationList has zero size.");
            }
            List<String> roleList = new LinkedList<>();
            String privilegeEnumId = (String) currentContent.get("privilegeEnumId");
            Map<String, Object> results = EntityPermissionChecker.checkPermission(currentContent, statusList, userLogin, purposeList, targetOperationList, roleList, delegator, security, entityOperation, privilegeEnumId, quickCheckContentId);
            boolean isError = ModelService.RESPOND_ERROR.equals(results.get(ModelService.RESPONSE_MESSAGE));
            if (isError) {
                throw new IOException(ModelService.RESPONSE_MESSAGE);
            }
            String permissionStatus = (String) results.get("permissionStatus");
            if (UtilValidate.isEmpty(permissionStatus) || !"granted".equals(permissionStatus)) {
                String errorMessage = "Permission to add response is denied (2)";
                PermissionRecorder recorder = (PermissionRecorder) results.get("permissionRecorder");
                if (recorder != null) {
                    String permissionMessage = recorder.toHtml();
                    errorMessage += " \n " + permissionMessage;
                }
                templateCtx.put("permissionErrorMsg", errorMessage);
            }
            if (permissionStatus != null && "granted".equalsIgnoreCase(permissionStatus)) {
                FreeMarkerWorker.saveContextValues(templateCtx, saveKeyNames, savedValues);
                if (mode == null || !"not-equals".equalsIgnoreCase(mode)) {
                    return TransformControl.EVALUATE_BODY;
                }
                return TransformControl.SKIP_BODY;
            }
            if (mode == null || !"not-equals".equalsIgnoreCase(mode)) {
                return TransformControl.SKIP_BODY;
            }
            return TransformControl.EVALUATE_BODY;
        }

        @Override
        public void close() throws IOException {
            FreeMarkerWorker.reloadValues(templateCtx, savedValues, env);
            String wrappedContent = buf.toString();
            out.write(wrappedContent);
        }
    };
}
Also used : GenericValue(org.apache.ofbiz.entity.GenericValue) GeneralException(org.apache.ofbiz.base.util.GeneralException) HashMap(java.util.HashMap) IOException(java.io.IOException) Security(org.apache.ofbiz.security.Security) PermissionRecorder(org.apache.ofbiz.content.content.PermissionRecorder) LinkedList(java.util.LinkedList) HttpServletRequest(javax.servlet.http.HttpServletRequest) Delegator(org.apache.ofbiz.entity.Delegator) LoopWriter(org.apache.ofbiz.webapp.ftl.LoopWriter) Environment(freemarker.core.Environment) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

Environment (freemarker.core.Environment)1 IOException (java.io.IOException)1 HashMap (java.util.HashMap)1 LinkedList (java.util.LinkedList)1 Map (java.util.Map)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 GeneralException (org.apache.ofbiz.base.util.GeneralException)1 PermissionRecorder (org.apache.ofbiz.content.content.PermissionRecorder)1 Delegator (org.apache.ofbiz.entity.Delegator)1 GenericValue (org.apache.ofbiz.entity.GenericValue)1 Security (org.apache.ofbiz.security.Security)1 LoopWriter (org.apache.ofbiz.webapp.ftl.LoopWriter)1