Example 1 with PermissionRecorder
use of org.apache.ofbiz.content.content.PermissionRecorder in project ofbiz-framework by apache.
the class CheckPermissionTransform method getWriter.
@Override
@SuppressWarnings("unchecked")
public Writer getWriter(final Writer out, Map args) {
final StringBuilder buf = new StringBuilder();
final Environment env = Environment.getCurrentEnvironment();
final Map<String, Object> templateCtx = FreeMarkerWorker.createEnvironmentMap(env);
final Delegator delegator = FreeMarkerWorker.getWrappedObject("delegator", env);
final HttpServletRequest request = FreeMarkerWorker.getWrappedObject("request", env);
final GenericValue userLogin = FreeMarkerWorker.getWrappedObject("userLogin", env);
FreeMarkerWorker.getSiteParameters(request, templateCtx);
FreeMarkerWorker.overrideWithArgs(templateCtx, args);
final String mode = (String) templateCtx.get("mode");
final String quickCheckContentId = (String) templateCtx.get("quickCheckContentId");
final Map<String, Object> savedValues = new HashMap<>();
return new LoopWriter(out) {
@Override
public void write(char[] cbuf, int off, int len) {
buf.append(cbuf, off, len);
}
@Override
public void flush() throws IOException {
out.flush();
}
@Override
public int onStart() throws TemplateModelException, IOException {
List<Map<String, ? extends Object>> trail = UtilGenerics.checkList(templateCtx.get("globalNodeTrail"));
GenericValue currentContent = null;
String contentAssocPredicateId = (String) templateCtx.get("contentAssocPredicateId");
String strNullThruDatesOnly = (String) templateCtx.get("nullThruDatesOnly");
Boolean nullThruDatesOnly = (strNullThruDatesOnly != null && "true".equalsIgnoreCase(strNullThruDatesOnly)) ? Boolean.TRUE : Boolean.FALSE;
GenericValue val = null;
try {
val = ContentWorker.getCurrentContent(delegator, trail, userLogin, templateCtx, nullThruDatesOnly, contentAssocPredicateId);
} catch (GeneralException e) {
throw new RuntimeException("Error getting current content. " + e.toString());
}
currentContent = val;
if (currentContent == null) {
currentContent = delegator.makeValue("Content");
currentContent.put("ownerContentId", templateCtx.get("ownerContentId"));
}
Security security = null;
if (request != null) {
security = (Security) request.getAttribute("security");
}
String statusId = (String) currentContent.get("statusId");
String passedStatusId = (String) templateCtx.get("statusId");
List<String> statusList = StringUtil.split(passedStatusId, "|");
if (statusList == null) {
statusList = new LinkedList<>();
}
if (UtilValidate.isNotEmpty(statusId) && !statusList.contains(statusId)) {
statusList.add(statusId);
}
String targetPurpose = (String) templateCtx.get("contentPurposeList");
List<String> purposeList = StringUtil.split(targetPurpose, "|");
String entityOperation = (String) templateCtx.get("entityOperation");
String targetOperation = (String) templateCtx.get("targetOperation");
if (UtilValidate.isEmpty(targetOperation)) {
if (UtilValidate.isNotEmpty(entityOperation)) {
targetOperation = "CONTENT" + entityOperation;
}
}
List<String> targetOperationList = StringUtil.split(targetOperation, "|");
if (targetOperationList.size() == 0) {
throw new IOException("targetOperationList has zero size.");
}
List<String> roleList = new LinkedList<>();
String privilegeEnumId = (String) currentContent.get("privilegeEnumId");
Map<String, Object> results = EntityPermissionChecker.checkPermission(currentContent, statusList, userLogin, purposeList, targetOperationList, roleList, delegator, security, entityOperation, privilegeEnumId, quickCheckContentId);
boolean isError = ModelService.RESPOND_ERROR.equals(results.get(ModelService.RESPONSE_MESSAGE));
if (isError) {
throw new IOException(ModelService.RESPONSE_MESSAGE);
}
String permissionStatus = (String) results.get("permissionStatus");
if (UtilValidate.isEmpty(permissionStatus) || !"granted".equals(permissionStatus)) {
String errorMessage = "Permission to add response is denied (2)";
PermissionRecorder recorder = (PermissionRecorder) results.get("permissionRecorder");
if (recorder != null) {
String permissionMessage = recorder.toHtml();
errorMessage += " \n " + permissionMessage;
}
templateCtx.put("permissionErrorMsg", errorMessage);
}
if (permissionStatus != null && "granted".equalsIgnoreCase(permissionStatus)) {
FreeMarkerWorker.saveContextValues(templateCtx, saveKeyNames, savedValues);
if (mode == null || !"not-equals".equalsIgnoreCase(mode)) {
return TransformControl.EVALUATE_BODY;
}
return TransformControl.SKIP_BODY;
}
if (mode == null || !"not-equals".equalsIgnoreCase(mode)) {
return TransformControl.SKIP_BODY;
}
return TransformControl.EVALUATE_BODY;
}
@Override
public void close() throws IOException {
FreeMarkerWorker.reloadValues(templateCtx, savedValues, env);
String wrappedContent = buf.toString();
out.write(wrappedContent);
}
};
}
Also used :
GenericValue(org.apache.ofbiz.entity.GenericValue)
GeneralException(org.apache.ofbiz.base.util.GeneralException)
HashMap(java.util.HashMap)
IOException(java.io.IOException)
Security(org.apache.ofbiz.security.Security)
PermissionRecorder(org.apache.ofbiz.content.content.PermissionRecorder)
LinkedList(java.util.LinkedList)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Delegator(org.apache.ofbiz.entity.Delegator)
LoopWriter(org.apache.ofbiz.webapp.ftl.LoopWriter)
Environment(freemarker.core.Environment)
HashMap(java.util.HashMap)
Map(java.util.Map)
Aggregations
Environment (freemarker.core.Environment)1
IOException (java.io.IOException)1
HashMap (java.util.HashMap)1
LinkedList (java.util.LinkedList)1
Map (java.util.Map)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
GeneralException (org.apache.ofbiz.base.util.GeneralException)1
PermissionRecorder (org.apache.ofbiz.content.content.PermissionRecorder)1
Delegator (org.apache.ofbiz.entity.Delegator)1
GenericValue (org.apache.ofbiz.entity.GenericValue)1
Security (org.apache.ofbiz.security.Security)1
LoopWriter (org.apache.ofbiz.webapp.ftl.LoopWriter)1
