Example #1
0
  @SuppressWarnings("unchecked")
  protected void doEditMode(HttpServletRequest request, HttpServletResponse response)
      throws Exception {

    String uri = request.getRequestURI();
    uri = UtilMethods.cleanURI(uri);

    Host host = hostWebAPI.getCurrentHost(request);

    StringBuilder preExecuteCode = new StringBuilder();
    Boolean widgetPreExecute = false;

    // Getting the user to check the permissions
    com.liferay.portal.model.User backendUser = null;
    try {
      backendUser = com.liferay.portal.util.PortalUtil.getUser(request);
    } catch (Exception nsue) {
      Logger.warn(this, "Exception trying getUser: "******"idInode", String.valueOf(id.getInode()));
    Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + id.getInode());

    Template template = null;
    Template hostVariablesTemplate = null;

    // creates the context where to place the variables
    response.setContentType(CHARSET);
    Context context = VelocityUtil.getWebContext(request, response);

    HTMLPage htmlPage =
        (HTMLPage)
            APILocator.getVersionableAPI()
                .findWorkingVersion(id, APILocator.getUserAPI().getSystemUser(), false);
    HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI();
    // to check user has permission to write on this page
    boolean hasAddChildrenPermOverHTMLPage =
        permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, backendUser);
    boolean hasWritePermOverHTMLPage =
        permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, backendUser);
    boolean hasPublishPermOverHTMLPage =
        permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_PUBLISH, backendUser);
    context.put("ADD_CHILDREN_HTMLPAGE_PERMISSION", new Boolean(hasAddChildrenPermOverHTMLPage));
    context.put("EDIT_HTMLPAGE_PERMISSION", new Boolean(hasWritePermOverHTMLPage));
    context.put("PUBLISH_HTMLPAGE_PERMISSION", new Boolean(hasPublishPermOverHTMLPage));
    context.put("canAddForm", new Boolean(LicenseUtil.getLevel() > 199 ? true : false));
    context.put("canViewDiff", new Boolean(LicenseUtil.getLevel() > 199 ? true : false));

    boolean canUserWriteOnTemplate =
        permissionAPI.doesUserHavePermission(
                htmlPageAPI.getTemplateForWorkingHTMLPage(htmlPage), PERMISSION_WRITE, backendUser)
            && portletAPI.hasTemplateManagerRights(backendUser);
    context.put("EDIT_TEMPLATE_PERMISSION", canUserWriteOnTemplate);

    com.dotmarketing.portlets.templates.model.Template cmsTemplate =
        com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate(
            htmlPage, true);
    if (cmsTemplate == null) { // DOTCMS-4051
      cmsTemplate = new com.dotmarketing.portlets.templates.model.Template();
      Logger.debug(VelocityServlet.class, "HTMLPAGE TEMPLATE NOT FOUND");
    }

    Identifier templateIdentifier = APILocator.getIdentifierAPI().find(cmsTemplate);

    Logger.debug(VelocityServlet.class, "VELOCITY TEMPLATE INODE=" + cmsTemplate.getInode());

    VelocityUtil.makeBackendContext(
        context, htmlPage, cmsTemplate.getInode(), id.getURI(), request, true, true, false, host);
    // added to show tabs
    context.put("previewPage", "1");
    // get the containers for the page and stick them in context
    List<Container> containers =
        APILocator.getTemplateAPI()
            .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false);
    for (Container c : containers) {

      context.put(
          String.valueOf("container" + c.getIdentifier()),
          "/working/"
              + c.getIdentifier()
              + "."
              + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION"));

      boolean hasWritePermissionOnContainer =
          permissionAPI.doesUserHavePermission(c, PERMISSION_WRITE, backendUser, false)
              && portletAPI.hasContainerManagerRights(backendUser);
      boolean hasReadPermissionOnContainer =
          permissionAPI.doesUserHavePermission(c, PERMISSION_READ, backendUser, false);
      context.put("EDIT_CONTAINER_PERMISSION" + c.getIdentifier(), hasWritePermissionOnContainer);
      if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true))
        context.put("USE_CONTAINER_PERMISSION" + c.getIdentifier(), true);
      else
        context.put("USE_CONTAINER_PERMISSION" + c.getIdentifier(), hasReadPermissionOnContainer);

      // to check user has permission to write this container
      Structure st = (Structure) InodeFactory.getInode(c.getStructureInode(), Structure.class);
      boolean hasWritePermOverTheStructure =
          permissionAPI.doesUserHavePermission(st, PERMISSION_WRITE, backendUser);
      context.put(
          "ADD_CONTENT_PERMISSION" + c.getIdentifier(), new Boolean(hasWritePermOverTheStructure));

      Logger.debug(
          VelocityServlet.class,
          String.valueOf("container" + c.getIdentifier())
              + "=/working/"
              + c.getIdentifier()
              + "."
              + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION"));

      String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy();

      List<Contentlet> contentlets = null;

      boolean staticContainer = !UtilMethods.isSet(c.getLuceneQuery());

      // get contentlets only for main frame
      if (request.getParameter("mainFrame") != null) {
        if (staticContainer) {
          Logger.debug(VelocityServlet.class, "Static Container!!!!");

          Logger.debug(
              VelocityServlet.class, "html=" + htmlPage.getInode() + " container=" + c.getInode());

          // The container doesn't have categories
          Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage);
          Identifier idenContainer = APILocator.getIdentifierAPI().find(c);
          contentlets =
              conAPI.findPageContentlets(
                  idenHtmlPage.getInode(),
                  idenContainer.getInode(),
                  sort,
                  true,
                  -1,
                  backendUser,
                  true);
          Logger.debug(
              VelocityServlet.class,
              "Getting contentlets for language="
                  + (String)
                      request
                          .getSession()
                          .getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE)
                  + " contentlets ="
                  + contentlets.size());

        } else {
          String luceneQuery = c.getLuceneQuery();
          int limit = c.getMaxContentlets();
          String sortBy = c.getSortContentletsBy();
          int offset = 0;
          contentlets = conAPI.search(luceneQuery, limit, offset, sortBy, backendUser, true);
        }

        if (UtilMethods.isSet(contentlets) && contentlets.size() > 0) {
          Set<String> contentletIdentList = new HashSet<String>();
          List<Contentlet> contentletsFilter = new ArrayList<Contentlet>();
          for (Contentlet cont : contentlets) {
            if (!contentletIdentList.contains(cont.getIdentifier())) {
              contentletIdentList.add(cont.getIdentifier());
              contentletsFilter.add(cont);
            }
          }
          contentlets = contentletsFilter;
        }
        List<String> contentletList = new ArrayList<String>();

        if (contentlets != null) {
          Iterator<Contentlet> iter = contentlets.iterator();
          int count = 0;

          while (iter.hasNext() && (count < c.getMaxContentlets())) {
            count++;

            Contentlet contentlet = (Contentlet) iter.next();
            Identifier contentletIdentifier = APILocator.getIdentifierAPI().find(contentlet);

            boolean hasWritePermOverContentlet =
                permissionAPI.doesUserHavePermission(contentlet, PERMISSION_WRITE, backendUser);

            context.put(
                "EDIT_CONTENT_PERMISSION" + contentletIdentifier.getInode(),
                new Boolean(hasWritePermOverContentlet));

            contentletList.add(String.valueOf(contentletIdentifier.getInode()));
            Logger.debug(this, "Adding contentlet=" + contentletIdentifier.getInode());
            Structure contStructure = contentlet.getStructure();
            if (contStructure.getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) {
              Field field = contStructure.getFieldVar("widgetPreexecute");
              if (field != null && UtilMethods.isSet(field.getValues())) {
                preExecuteCode.append(field.getValues().trim() + "\n");
                widgetPreExecute = true;
              }
            }
          }
        }
        // sets contentletlist with all the files to load per
        // container
        context.put("contentletList" + c.getIdentifier(), contentletList);
        context.put("totalSize" + c.getIdentifier(), new Integer(contentletList.size()));
        // ### Add the structure fake contentlet ###
        if (contentletList.size() == 0) {
          Structure structure = ContainerFactory.getContainerStructure(c);
          contentletList.add(structure.getInode() + "");
          // sets contentletlist with all the files to load per
          // container
          context.remove("contentletList" + c.getIdentifier());
          context.remove("totalSize" + c.getIdentifier());
          // http://jira.dotmarketing.net/browse/DOTCMS-2876
          context.put("contentletList" + c.getIdentifier(), new long[0]);
          context.put("totalSize" + c.getIdentifier(), 0);
        }
        // ### END Add the structure fake contentlet ###

      }
    }

    Logger.debug(
        VelocityServlet.class,
        "Before finding template: /working/"
            + templateIdentifier.getInode()
            + "."
            + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION"));

    Logger.debug(
        VelocityServlet.class,
        "Velocity directory:"
            + VelocityUtil.getEngine().getProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH));

    if (request.getParameter("leftMenu") != null) {
      /*
       * try to get the messages from the session
       */

      List<String> list = new ArrayList<String>();
      if (SessionMessages.contains(request, "message")) {
        list.add((String) SessionMessages.get(request, "message"));
        SessionMessages.clear(request);
      }
      if (SessionMessages.contains(request, "custommessage")) {
        list.add((String) SessionMessages.get(request, "custommessage"));
        SessionMessages.clear(request);
      }

      if (list.size() > 0) {
        ArrayList<String> mymessages = new ArrayList<String>();
        Iterator<String> it = list.iterator();

        while (it.hasNext()) {
          try {
            String message = (String) it.next();
            Company comp = PublicCompanyFactory.getDefaultCompany();
            mymessages.add(LanguageUtil.get(comp.getCompanyId(), backendUser.getLocale(), message));
          } catch (Exception e) {
          }
        }
        context.put("vmessages", mymessages);
      }

      template = VelocityUtil.getEngine().getTemplate("/preview_left_menu.vl");
    } else if (request.getParameter("mainFrame") != null) {
      hostVariablesTemplate =
          VelocityUtil.getEngine()
              .getTemplate(
                  "/working/"
                      + host.getIdentifier()
                      + "."
                      + Config.getStringProperty("VELOCITY_HOST_EXTENSION"));
      template =
          VelocityUtil.getEngine()
              .getTemplate(
                  "/working/"
                      + templateIdentifier.getInode()
                      + "."
                      + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION"));
    } else {
      // Return a resource not found right away if the page is not found,
      // not try to load the frames
      if (!InodeUtils.isSet(templateIdentifier.getInode())) throw new ResourceNotFoundException("");
      template = VelocityUtil.getEngine().getTemplate("/preview_mode.vl");
    }

    PrintWriter out = response.getWriter();
    request.setAttribute("velocityContext", context);
    try {
      if (widgetPreExecute) {
        VelocityUtil.getEngine().evaluate(context, out, "", preExecuteCode.toString());
      }
      if (hostVariablesTemplate != null) hostVariablesTemplate.merge(context, out);
      template.merge(context, out);

    } catch (ParseErrorException e) {
      out.append(e.getMessage());
    }
  }
Example #2
0
  public static InputStream buildVelocity(
      Container container, Identifier identifier, boolean EDIT_MODE) {

    InputStream result;
    StringBuilder sb = new StringBuilder();

    boolean isDynamic = UtilMethods.isSet(container.getLuceneQuery());

    //  let's write this puppy out to our file
    sb.append("#set($SERVER_NAME =\"$host.getHostname()\" )");
    sb.append("#set($CONTAINER_IDENTIFIER_INODE = '").append(identifier.getInode()).append("')");
    sb.append("#set($CONTAINER_INODE = '").append(container.getInode()).append("')");
    sb.append("#set($CONTAINER_MAX_CONTENTLETS = ")
        .append(container.getMaxContentlets())
        .append(")");
    Structure st =
        (Structure) InodeFactory.getInode(container.getStructureInode(), Structure.class);
    sb.append("#set($CONTAINER_STRUCTURE_NAME = \"")
        .append((UtilMethods.isSet(st.getName()) ? st.getName() : ""))
        .append("\")");
    sb.append("#set($STATIC_CONTAINER = ")
        .append(!UtilMethods.isSet(container.getLuceneQuery()))
        .append(")");
    sb.append("#set($SORT_PAGE = \"").append(container.getSortContentletsBy()).append("\")");
    sb.append("#set($containerInode = '").append(container.getInode()).append("')");

    if (EDIT_MODE) {
      // Permissions to read/use the container in order to be able to add content to it and reorder
      // content
      sb.append("#set($USE_CONTAINER_PERMISSION = $USE_CONTAINER_PERMISSION")
          .append(identifier.getInode())
          .append(")");

      // Permissions to edit the container based on write permission ).append( access to the portlet
      sb.append("#set($EDIT_CONTAINER_PERMISSION = $EDIT_CONTAINER_PERMISSION")
          .append(identifier.getInode())
          .append(")");

      // Permissions over the structure to add new contents
      sb.append("#set($ADD_CONTENT_PERMISSION = $ADD_CONTENT_PERMISSION")
          .append(identifier.getInode())
          .append(")");
    }

    sb.append("#set($CONTENTLETS = $contentletList").append(identifier.getInode()).append(")");
    sb.append("#set($CONTAINER_NUM_CONTENTLETS = $totalSize")
        .append(identifier.getInode())
        .append(")");

    sb.append("#set($CONTAINER_NAME = \"")
        .append(UtilMethods.espaceForVelocity(container.getTitle()))
        .append("\")");
    sb.append("#set($CONTAINER_STRUCTURE_NAME = \"")
        .append(UtilMethods.espaceForVelocity(st.getName()))
        .append("\")");
    if (UtilMethods.isSet(container.getNotes()))
      sb.append("#set($CONTAINER_NOTES = \"")
          .append(UtilMethods.espaceForVelocity(container.getNotes()))
          .append("\")");
    else sb.append("#set($CONTAINER_NOTES = \"\")");

    /*
     * isDynamic means that the content list will be pulled from lucene.
     */
    if (isDynamic) {
      String luceneQuery = container.getLuceneQuery();
      sb.append("#set($CONTENTS_PER_PAGE = \"$CONTAINER_MAX_CONTENTLETS\")");
      sb.append("#if($request.getParameter(\"cont_")
          .append(identifier.getInode())
          .append("_per_page\"))");
      sb.append("#set($CONTENTS_PER_PAGE = $request.getParameter(\"cont_")
          .append(identifier.getInode())
          .append("_per_page\"))");
      sb.append("#end");
      sb.append("#set($CURRENT_PAGE = \"1\")");
      sb.append("#if($request.getParameter(\"cont_")
          .append(identifier.getInode())
          .append("_page\"))");
      sb.append("#set($CURRENT_PAGE = $request.getParameter(\"cont_")
          .append(identifier.getInode())
          .append("_page\"))");
      sb.append("#end");
      sb.append("#set($LUCENE_QUERY = \"").append(luceneQuery).append("\")");
    }

    // if the container needs to get its contentlets
    if (container.getMaxContentlets() > 0) {
      sb.append("#if($EDIT_MODE)");

      // To edit the look, see WEB-INF/velocity/static/preview/container_controls.vtl
      sb.append("<div class='dotContainer'>");
      sb.append("#end");

      // pre loop if it exists
      if (UtilMethods.isSet(container.getPreLoop())) {
        sb.append(container.getPreLoop());
      }

      // let's do the search of contentlets using lucene query
      if (isDynamic) {
        Structure containerStructure =
            (Structure) InodeFactory.getInode(container.getStructureInode(), Structure.class);

        sb.append("#set($contentletResultsMap")
            .append(identifier.getInode())
            .append(" = $contents.searchWithLuceneQuery(\"")
            .append(containerStructure.getInode())
            .append("\", ")
            .append("\"$LUCENE_QUERY\", ")
            .append("\"$SORT_PAGE\", ")
            .append("$CURRENT_PAGE, $CONTENTS_PER_PAGE)) ");
        sb.append("#set($contentletList")
            .append(identifier.getInode())
            .append(" = $contents.getContentIdentifiersFromLuceneHits($contentletResultsMap")
            .append(identifier.getInode())
            .append(".get(\"assets\")))");

        sb.append("#set($HAS_NEXT_PAGE = $contentletResultsMap")
            .append(identifier.getInode())
            .append(".get(\"has_next_page\"))");
        sb.append("#set($HAS_PREVIOUS_PAGE = $contentletResultsMap")
            .append(identifier.getInode())
            .append(".get(\"has_previous_page\"))");
        sb.append("#set($TOTAL_CONTENTS = $contentletResultsMap")
            .append(identifier.getInode())
            .append(".get(\"total_records_int\"))");
        sb.append("#set($TOTAL_PAGES = $contentletResultsMap")
            .append(identifier.getInode())
            .append(".get(\"total_pages_int\"))");
        sb.append("#set($CONTENTLETS = $contentletList").append(identifier.getInode()).append(")");
        sb.append("#set($CONTAINER_NUM_CONTENTLETS = $totalSize")
            .append(identifier.getInode())
            .append(")");
      }

      sb.append("#foreach ($contentletId in $contentletList")
          .append(identifier.getInode())
          .append(")");

      // ##Checking of contentlet is parseable and not throwing errors
      if (EDIT_MODE) {
        sb.append("#if($webapi.canParseContent($contentletId,true))");
      }
      // sb.append("\n#if($webapi.canParseContent($contentletId,"+EDIT_MODE+")) ");
      sb.append(" #set($_show_working_=false) ");
      // if timemachine future enabled
      sb.append(" #if($request.session.getAttribute(\"tm_date\")) ");
      sb.append(
          "  #set($_tmdate=$date.toDate($webapi.parseLong($request.session.getAttribute(\"tm_date\")))) ");
      sb.append("  #set($_ident=$webapi.findIdentifierById($contentletId)) ");

      // if the content has expired we rewrite the identifier so it isn't loaded
      sb.append(
          "  #if($UtilMethods.isSet($_ident.sysExpireDate) && $_tmdate.after($_ident.sysExpireDate))");
      sb.append("   #set($contentletId='') ");
      sb.append("  #end ");

      // if the content should be published then force to show the working version
      sb.append(
          "  #if($UtilMethods.isSet($_ident.sysPublishDate) && $_tmdate.after($_ident.sysPublishDate))");
      sb.append("   #set($_show_working_=true) ");
      sb.append("  #end ");

      sb.append(" #end ");

      sb.append("#set($CONTENT_INODE = '')");
      sb.append(" #if($contentletId != '') ");
      sb.append("  #getContentDetail($contentletId) ");
      sb.append(" #end ");
      sb.append("#if($CONTENT_INODE != '')");

      if (!EDIT_MODE) {
        sb.append(
            "#set($_hasPermissionToViewContent = $contents.doesUserHasPermission($CONTENT_INODE, 1, $user, true))");
        // ##Checking permission to see content
        sb.append("#if($_hasPermissionToViewContent)");
      }

      String code = container.getCode();

      // ### HEADER ###
      String startTag = "${contentletStart}";
      if (!code.contains(startTag)) {
        sb.append("#if($EDIT_MODE)");
        sb.append("<div class=\"dotContentlet\">");
        // An empty div is added here because in Internet Explorer, there is a styling issue
        // http://jira.dotmarketing.net/browse/DOTCMS-1974
        sb.append("<div>");
        sb.append(" #end ");
      } else {
        String headerString =
            "#if($EDIT_MODE)" + "<div class=\"dotContentlet\">" + "<div>" + "#end ";
        code = code.replace(startTag, headerString);
      }
      // ### END HEADER ###

      // ### BODY ###
      String endTag = "${contentletEnd}";
      boolean containsEndTag = code.contains(endTag);
      if (containsEndTag) {
        String footerString =
            "#if($EDIT_MODE && ${contentletId.indexOf(\".structure\")}==-1)"
                + "$velutil.mergeTemplate('static/preview_mode/content_controls.vtl')"
                + "#end"
                + "#if($EDIT_MODE)"
                + "<div class=\"dotClear\"></div></div>"
                + "#end ";
        code = code.replace(endTag, footerString);
      }

      sb.append("#if($isWidget == true)");
      sb.append("$widgetCode");
      sb.append(" #else");
      sb.append(code);
      sb.append(" #end ");
      // The empty div added for styling issue in Internet Explorer is closed here
      // http://jira.dotmarketing.net/browse/DOTCMS-1974
      sb.append("#if($EDIT_MODE)");
      sb.append("</div>");
      sb.append("#end ");
      // ### END BODY ###

      // ### FOOTER ###

      if (!containsEndTag) {
        sb.append("#if($EDIT_MODE && ${contentletId.indexOf(\".structure\")}==-1)");
        sb.append("#getContentDetail($contentletId)");
        sb.append("$velutil.mergeTemplate('static/preview_mode/content_controls.vtl')");
        sb.append("#end ");
        sb.append("#if($EDIT_MODE) ");
        sb.append("<div class=\"dotClear\"></div></div>");
        sb.append("#end ");
      }
      // ### END FOOTER ###

      if (!EDIT_MODE) {
        // ##End of checking permission to see content
        sb.append("#end ");
      }
      // ##Ends the inner canParse call
      sb.append("#end ");
      // ##Case the contentlet is not parseable and throwing errors
      if (EDIT_MODE) {
        sb.append("#else ");
        sb.append("#set($CONTENT_INODE =\"$webapi.getContentInode($contentletId)\")");
        sb.append(
            "#set($EDIT_CONTENT_PERMISSION =\"$webapi.getContentPermissions($contentletId)\")");
        sb.append("<div class=\"dotContentlet\">");
        sb.append("	Content Parse Error. Check your Content Code. ");
        sb.append("$velutil.mergeTemplate('static/preview_mode/content_controls.vtl')");
        sb.append("<div class=\"dotClear\"></div></div>");
        sb.append("#end ");
      }

      // ##End of foreach loop
      sb.append("#end ");

      // post loop if it exists

      if (UtilMethods.isSet(container.getPostLoop())) {
        sb.append(container.getPostLoop());
      }
      // close our container preview mode div
      sb.append("#if($EDIT_MODE)");
      sb.append("$velutil.mergeTemplate('static/preview_mode/container_controls.vtl')");
      sb.append("</div>");
      sb.append("#end ");

    } else {

      sb.append(container.getCode());
    }

    try {
      String folderPath = (!EDIT_MODE) ? "live" + File.separator : "working" + File.separator;
      String velocityRootPath = Config.getStringProperty("VELOCITY_ROOT");
      if (velocityRootPath.startsWith("/WEB-INF")) {
        velocityRootPath = Config.CONTEXT.getRealPath(velocityRootPath);
      }
      velocityRootPath += File.separator;
      String filePath =
          folderPath
              + identifier.getInode()
              + "."
              + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION");

      if (Config.getBooleanProperty("SHOW_VELOCITYFILES", false)) {
        java.io.BufferedOutputStream tmpOut =
            new java.io.BufferedOutputStream(
                new java.io.FileOutputStream(
                    new java.io.File(
                        ConfigUtils.getDynamicVelocityPath() + File.separator + filePath)));
        // Specify a proper character encoding
        OutputStreamWriter out =
            new OutputStreamWriter(tmpOut, UtilMethods.getCharsetConfiguration());
        out.write(sb.toString());
        out.flush();
        out.close();
        tmpOut.close();
      }
    } catch (Exception e) {
      Logger.error(ContentletServices.class, e.toString(), e);
    }

    try {
      result = new ByteArrayInputStream(sb.toString().getBytes("UTF-8"));
    } catch (UnsupportedEncodingException e1) {
      result = new ByteArrayInputStream(sb.toString().getBytes());
      Logger.error(ContainerServices.class, e1.getMessage(), e1);
    }
    return result;
  }
Example #3
0
  @SuppressWarnings("unchecked")
  public void doPreviewMode(HttpServletRequest request, HttpServletResponse response)
      throws Exception {

    String uri = URLDecoder.decode(request.getRequestURI(), UtilMethods.getCharsetConfiguration());
    uri = UtilMethods.cleanURI(uri);

    Host host = hostWebAPI.getCurrentHost(request);

    StringBuilder preExecuteCode = new StringBuilder();
    Boolean widgetPreExecute = false;

    // Getting the user to check the permissions
    com.liferay.portal.model.User user = null;
    HttpSession session = request.getSession(false);
    try {
      if (session != null)
        user =
            (com.liferay.portal.model.User)
                session.getAttribute(com.dotmarketing.util.WebKeys.CMS_USER);
    } catch (Exception nsue) {
      Logger.warn(this, "Exception trying getUser: "******"idInode", id.getInode());
    Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + id.getInode());

    Template template = null;
    Template hostVariablesTemplate = null;

    // creates the context where to place the variables
    response.setContentType(CHARSET);
    Context context = VelocityUtil.getWebContext(request, response);

    HTMLPage htmlPage =
        (HTMLPage) APILocator.getVersionableAPI().findWorkingVersion(id, user, true);
    HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI();
    // to check user has permission to write on this page
    boolean hasWritePermOverHTMLPage =
        permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, user);
    boolean hasPublishPermOverHTMLPage =
        permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_PUBLISH, user);
    context.put("EDIT_HTMLPAGE_PERMISSION", new Boolean(hasWritePermOverHTMLPage));
    context.put("PUBLISH_HTMLPAGE_PERMISSION", new Boolean(hasPublishPermOverHTMLPage));

    boolean canUserWriteOnTemplate =
        permissionAPI.doesUserHavePermission(
            htmlPageAPI.getTemplateForWorkingHTMLPage(htmlPage), PERMISSION_WRITE, user, true);
    context.put("EDIT_TEMPLATE_PERMISSION", canUserWriteOnTemplate);

    com.dotmarketing.portlets.templates.model.Template cmsTemplate =
        com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate(
            htmlPage, true);
    Identifier templateIdentifier = APILocator.getIdentifierAPI().find(cmsTemplate);

    Logger.debug(VelocityServlet.class, "VELOCITY TEMPLATE INODE=" + cmsTemplate.getInode());

    VelocityUtil.makeBackendContext(
        context, htmlPage, cmsTemplate.getInode(), id.getURI(), request, true, false, true, host);
    context.put("previewPage", "2");
    context.put("livePage", "0");
    // get the containers for the page and stick them in context
    List<Container> containers =
        APILocator.getTemplateAPI()
            .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false);
    for (Container c : containers) {

      context.put(
          String.valueOf("container" + c.getIdentifier()),
          "/working/"
              + c.getIdentifier()
              + "."
              + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION"));

      context.put(
          "EDIT_CONTAINER_PERMISSION" + c.getIdentifier(),
          permissionAPI.doesUserHavePermission(c, PERMISSION_WRITE, user, true));

      // to check user has permission to write this container
      Structure st = (Structure) InodeFactory.getInode(c.getStructureInode(), Structure.class);

      boolean hasWritePermOverTheStructure =
          permissionAPI.doesUserHavePermission(st, PERMISSION_WRITE, user, true);
      context.put(
          "ADD_CONTENT_PERMISSION" + c.getIdentifier(), new Boolean(hasWritePermOverTheStructure));

      Logger.debug(
          VelocityServlet.class,
          String.valueOf("container" + c.getIdentifier())
              + "=/working/"
              + c.getIdentifier()
              + "."
              + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION"));

      String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy();

      boolean staticContainer = !UtilMethods.isSet(c.getLuceneQuery());

      List<Contentlet> contentlets = null;

      // get contentlets only for main frame
      if (request.getParameter("mainFrame") != null) {
        if (staticContainer) {
          Logger.debug(VelocityServlet.class, "Static Container!!!!");

          Logger.debug(
              VelocityServlet.class, "html=" + htmlPage.getInode() + " container=" + c.getInode());

          // The container doesn't have categories
          Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage);
          Identifier idenContainer = APILocator.getIdentifierAPI().find(c);
          contentlets =
              conAPI.findPageContentlets(
                  idenHtmlPage.getInode(), idenContainer.getInode(), sort, true, -1, user, true);
          Logger.debug(
              VelocityServlet.class,
              "Getting contentlets for language="
                  + (String)
                      request
                          .getSession()
                          .getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE)
                  + " contentlets ="
                  + contentlets.size());
        }

        if (UtilMethods.isSet(contentlets) && contentlets.size() > 0) {
          Set<String> contentletIdentList = new HashSet<String>();
          List<Contentlet> contentletsFilter = new ArrayList<Contentlet>();
          for (Contentlet cont : contentlets) {
            if (!contentletIdentList.contains(cont.getIdentifier())) {
              contentletIdentList.add(cont.getIdentifier());
              contentletsFilter.add(cont);
            }
          }
          contentlets = contentletsFilter;
        }
        List<String> contentletList = new ArrayList<String>();

        if (contentlets != null && contentlets.size() > 0) {
          Iterator<Contentlet> iter = contentlets.iterator();
          int count = 0;

          while (iter.hasNext() && (count < c.getMaxContentlets())) {
            count++;

            Contentlet contentlet = (Contentlet) iter.next();
            Identifier contentletIdentifier = APILocator.getIdentifierAPI().find(contentlet);

            boolean hasWritePermOverContentlet =
                permissionAPI.doesUserHavePermission(contentlet, PERMISSION_WRITE, user, true);

            context.put(
                "EDIT_CONTENT_PERMISSION" + contentletIdentifier.getInode(),
                new Boolean(hasWritePermOverContentlet));

            contentletList.add(String.valueOf(contentletIdentifier.getInode()));
            Logger.debug(this, "Adding contentlet=" + contentletIdentifier.getInode());
            Structure contStructure = contentlet.getStructure();
            if (contStructure.getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) {
              Field field = contStructure.getFieldVar("widgetPreexecute");
              if (field != null && UtilMethods.isSet(field.getValues())) {
                preExecuteCode.append(field.getValues().trim() + "\n");
                widgetPreExecute = true;
              }
            }
          }
        }

        // sets contentletlist with all the files to load per
        // container
        context.put("contentletList" + c.getIdentifier(), contentletList);
        context.put("totalSize" + c.getIdentifier(), new Integer(contentletList.size()));
      }
    }

    Logger.debug(
        VelocityServlet.class,
        "Before finding template: /working/"
            + templateIdentifier.getInode()
            + "."
            + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION"));

    Logger.debug(
        VelocityServlet.class,
        "Velocity directory:"
            + VelocityUtil.getEngine().getProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH));

    if (request.getParameter("leftMenu") != null) {
      /*
       * try to get the messages from the session
       */

      List<String> list = new ArrayList<String>();
      if (SessionMessages.contains(request, "message")) {
        list.add((String) SessionMessages.get(request, "message"));
        SessionMessages.clear(request);
      }
      if (SessionMessages.contains(request, "custommessage")) {
        list.add((String) SessionMessages.get(request, "custommessage"));
        SessionMessages.clear(request);
      }

      if (list.size() > 0) {
        ArrayList<String> mymessages = new ArrayList<String>();
        Iterator<String> it = list.iterator();

        while (it.hasNext()) {
          try {
            String message = (String) it.next();
            Company comp = PublicCompanyFactory.getDefaultCompany();
            mymessages.add(LanguageUtil.get(comp.getCompanyId(), user.getLocale(), message));
          } catch (Exception e) {
          }
        }
        context.put("vmessages", mymessages);
      }

      template = VelocityUtil.getEngine().getTemplate("/preview_left_menu.vl");
    } else if (request.getParameter("mainFrame") != null) {
      hostVariablesTemplate =
          VelocityUtil.getEngine()
              .getTemplate(
                  "/working/"
                      + host.getIdentifier()
                      + "."
                      + Config.getStringProperty("VELOCITY_HOST_EXTENSION"));
      template =
          VelocityUtil.getEngine()
              .getTemplate(
                  "/working/"
                      + templateIdentifier.getInode()
                      + "."
                      + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION"));
    } else {
      template = VelocityUtil.getEngine().getTemplate("/preview_mode.vl");
    }

    PrintWriter out = response.getWriter();
    request.setAttribute("velocityContext", context);
    try {

      if (widgetPreExecute) {
        VelocityUtil.getEngine().evaluate(context, out, "", preExecuteCode.toString());
      }
      if (hostVariablesTemplate != null) hostVariablesTemplate.merge(context, out);
      template.merge(context, out);

    } catch (ParseErrorException e) {
      out.append(e.getMessage());
    }
  }
Example #4
0
 public Structure getParentStructure() {
   return (Structure) InodeFactory.getInode(parentStructureInode, Structure.class);
 }
Example #5
0
 public Structure getChildStructure() {
   return (Structure) InodeFactory.getInode(childStructureInode, Structure.class);
 }
Example #6
0
  public void processAction(
      ActionMapping mapping,
      ActionForm form,
      PortletConfig config,
      ActionRequest req,
      ActionResponse res)
      throws Exception {

    String cmd = req.getParameter("cmd");
    String subcmd = ParamUtil.getString(req, "subcmd");
    String referer =
        (req.getParameter("referer") != null)
            ? URLDecoder.decode(req.getParameter("referer"), "UTF-8")
            : "/c";

    Logger.debug(DirectorAction.class, "DirectorAction :: referer=" + referer);

    // wraps request to get session object
    ActionRequestImpl reqImpl = (ActionRequestImpl) req;
    HttpServletRequest httpReq = reqImpl.getHttpServletRequest();
    // gets the session object for the messages
    HttpSession session = httpReq.getSession();

    Logger.debug(DirectorAction.class, "I'm inside the Director cmd = " + cmd);
    Logger.debug(DirectorAction.class, "I'm inside the Director subcmd = " + subcmd);
    Logger.debug(DirectorAction.class, "I'm inside the Director referer = " + referer);

    // get the user
    User user = _getUser(req);

    // to order menu items
    if (cmd != null && cmd.equals("orderMenu")) {

      Logger.debug(DirectorAction.class, "Director :: orderMenu");

      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/folders/order_menu"});
      params.put("path", new String[] {req.getParameter("path")});
      params.put("pagePath", new String[] {req.getParameter("pagePath")});
      if (req.getParameter("openAll") != null) {
        params.put("openAll", new String[] {req.getParameter("openAll")});
      }
      params.put("hostId", new String[] {req.getParameter("hostId")});
      params.put("referer", new String[] {referer});

      params.put("startLevel", new String[] {req.getParameter("startLevel")});
      params.put("depth", new String[] {req.getParameter("depth")});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);

      return;
    }
    if (cmd != null && cmd.equals("orderContentlets")) {

      Logger.debug(DirectorAction.class, "Director :: orderContentlet");

      Container container =
          (Container) InodeFactory.getInode(req.getParameter("containerId"), Container.class);
      HTMLPage htmlPage =
          (HTMLPage) InodeFactory.getInode(req.getParameter("pageId"), HTMLPage.class);
      boolean hasReadPermissionOnContainer =
          perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false);
      boolean hasWritePermissionOnPage =
          perAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, user, false);

      if (!hasReadPermissionOnContainer || !hasWritePermissionOnPage) {
        throw new DotSecurityException(
            "User has no permission to reorder content on container = "
                + req.getParameter("container")
                + " on page = "
                + req.getParameter("htmlPage"));
      }

      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/contentlet/order_contentlets"});
      params.put("containerId", new String[] {req.getParameter("containerId")});
      params.put("pageId", new String[] {req.getParameter("pageId")});
      params.put("referer", new String[] {referer});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);

      return;
    }

    if (cmd != null && cmd.equals("newHTMLPage")) {

      Logger.debug(DirectorAction.class, "Director :: editHTMLPage");

      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/htmlpages/edit_htmlpage"});
      params.put("cmd", new String[] {"edit"});
      params.put("inode", new String[] {"0"});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }

    if (cmd != null && cmd.equals("editHTMLPage")) {

      Logger.debug(DirectorAction.class, "Director :: editHTMLPage");

      HTMLPage htmlPage =
          (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);

      Identifier identifier = APILocator.getIdentifierAPI().find(htmlPage);
      // gets the current working asset
      WebAsset workingHTMLPage =
          (WebAsset)
              APILocator.getVersionableAPI()
                  .findWorkingVersion(identifier, APILocator.getUserAPI().getSystemUser(), false);

      if ("unlockHTMLPage".equals(subcmd)) {
        WebAssetFactory.unLockAsset(workingHTMLPage);
      }

      if (workingHTMLPage.isLocked() && !workingHTMLPage.getModUser().equals(user.getUserId())) {
        req.setAttribute(WebKeys.HTMLPAGE_EDIT, workingHTMLPage);
        setForward(req, "portlet.ext.director.unlock_htmlpage");
        return;
      } else if (workingHTMLPage.isLocked()) {
        // it's locked by the same user
        WebAssetFactory.unLockAsset(workingHTMLPage);
      }

      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/htmlpages/edit_htmlpage"});
      params.put("cmd", new String[] {"edit"});
      params.put("inode", new String[] {workingHTMLPage.getInode() + ""});
      params.put("referer", new String[] {referer});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }
    if (cmd != null && cmd.equals("viewStatistics")) {

      Logger.debug(DirectorAction.class, "Director :: editHTMLPage");

      HTMLPage htmlPage =
          (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);

      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/htmlpageviews/view_htmlpage_views"});
      params.put("htmlpage", new String[] {htmlPage.getInode() + ""});
      params.put("referer", new String[] {referer});

      String af =
          com.dotmarketing.util.PortletURLUtil.getRenderURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }

    if (cmd != null && cmd.equals("editFile")) {

      Logger.debug(DirectorAction.class, "Director :: editFile");

      String fileAssetInode = "";

      if (UtilMethods.isSet(req.getParameter("file"))) fileAssetInode = req.getParameter("file");
      else return;

      Identifier identifier = APILocator.getIdentifierAPI().findFromInode(fileAssetInode);

      if (identifier.getAssetType().equals("contentlet")) {
        try {
          Contentlet cont = APILocator.getContentletAPI().find(fileAssetInode, user, false);

          java.util.Map params = new java.util.HashMap();
          params.put("struts_action", new String[] {"/ext/contentlet/edit_contentlet"});
          params.put("cmd", new String[] {"edit"});
          params.put("inode", new String[] {cont.getInode() + ""});
          params.put("referer", new String[] {referer});

          String af =
              com.dotmarketing.util.PortletURLUtil.getActionURL(
                  httpReq, WindowState.MAXIMIZED.toString(), params);

          _sendToReferral(req, res, af);
        } catch (DotSecurityException e) {
          Logger.error(this, e.getMessage());
          return;
        }
      } else {
        try {
          // gets the current working asset
          WebAsset workingFile =
              (WebAsset)
                  APILocator.getVersionableAPI()
                      .findWorkingVersion(
                          identifier, APILocator.getUserAPI().getSystemUser(), false);

          if ("unlockFile".equals(subcmd)) {
            WebAssetFactory.unLockAsset(workingFile);
          }

          if (workingFile.isLocked() && !workingFile.getModUser().equals(user.getUserId())) {
            req.setAttribute(WebKeys.FILE_EDIT, workingFile);
            setForward(req, "portlet.ext.director.unlock_file");
            return;
          } else if (workingFile.isLocked()) {
            // it's locked by the same user
            WebAssetFactory.unLockAsset(workingFile);
          }

          java.util.Map params = new java.util.HashMap();
          params.put("struts_action", new String[] {"/ext/files/edit_file"});
          params.put("cmd", new String[] {"edit"});
          params.put("inode", new String[] {workingFile.getInode() + ""});
          params.put("referer", new String[] {referer});

          String af =
              com.dotmarketing.util.PortletURLUtil.getActionURL(
                  httpReq, WindowState.MAXIMIZED.toString(), params);

          _sendToReferral(req, res, af);
        } catch (DotStateException e) {
          Logger.error(this, e.getMessage());
          return;
        } catch (DotSecurityException e) {
          Logger.error(this, e.getMessage());
          return;
        }
      }

      return;
    }

    if (cmd != null && cmd.equals("editTemplate")) {

      Logger.debug(DirectorAction.class, "Director :: editTemplate");

      HTMLPage htmlPage = new HTMLPage();
      WebAsset workingTemplate = new Template();
      if (req.getParameter("htmlPage") != null) {
        htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);
        workingTemplate = HTMLPageFactory.getHTMLPageTemplate(htmlPage, true);
      } else if (req.getParameter("template") != null) {
        workingTemplate =
            (Template) InodeFactory.getInode(req.getParameter("template"), Template.class);
      }

      if ("unlockTemplate".equals(subcmd)) {
        WebAssetFactory.unLockAsset(workingTemplate);
      }

      if (workingTemplate.isLocked() && !workingTemplate.getModUser().equals(user.getUserId())) {
        req.setAttribute(WebKeys.HTMLPAGE_EDIT, htmlPage);
        req.setAttribute(WebKeys.TEMPLATE_EDIT, workingTemplate);
        setForward(req, "portlet.ext.director.unlock_template");
        return;
      } else if (workingTemplate.isLocked()) {
        // it's locked by the same user
        WebAssetFactory.unLockAsset(workingTemplate);
      }

      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/templates/edit_template"});
      params.put("cmd", new String[] {"edit"});
      params.put("inode", new String[] {workingTemplate.getInode() + ""});
      params.put("referer", new String[] {referer});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }

    if (cmd != null && cmd.equals("publishHTMLPage")) {

      Logger.debug(DirectorAction.class, "Director :: publishHTMLPage");

      HTMLPage htmlPage =
          (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);

      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/htmlpages/publish_htmlpages"});
      params.put("cmd", new String[] {"prepublish"});
      params.put("publishInode", new String[] {htmlPage.getInode() + ""});
      params.put("referer", new String[] {referer});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }

    if (cmd != null && cmd.equals("editContainer")) {

      Logger.debug(DirectorAction.class, "Director :: editContainer" + subcmd);

      Container container =
          (Container) InodeFactory.getInode(req.getParameter("container"), Container.class);

      Identifier identifier = APILocator.getIdentifierAPI().find(container);
      // gets the current working asset
      WebAsset workingContainer =
          (WebAsset)
              APILocator.getVersionableAPI()
                  .findWorkingVersion(identifier, APILocator.getUserAPI().getSystemUser(), false);

      if ("unlockContainer".equals(subcmd)) {
        WebAssetFactory.unLockAsset(workingContainer);
      }
      if (workingContainer.isLocked() && !workingContainer.getModUser().equals(user.getUserId())) {
        req.setAttribute(WebKeys.CONTAINER_EDIT, workingContainer);
        setForward(req, "portlet.ext.director.unlock_container");
        return;
      } else if (workingContainer.isLocked()) {
        // it's locked by the same user
        WebAssetFactory.unLockAsset(workingContainer);
      }
      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/containers/edit_container"});
      params.put("cmd", new String[] {"edit"});
      params.put("inode", new String[] {workingContainer.getInode() + ""});
      params.put("referer", new String[] {referer});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }

    if (cmd != null && cmd.equals("editLink")) {

      Logger.debug(DirectorAction.class, "Director :: editLink");

      String popup = req.getParameter("popup");
      Link link = (Link) InodeFactory.getInode(req.getParameter("link"), Link.class);

      Identifier identifier = APILocator.getIdentifierAPI().find(link);
      // gets the current working asset
      WebAsset workingLink =
          (WebAsset)
              APILocator.getVersionableAPI()
                  .findWorkingVersion(identifier, APILocator.getUserAPI().getSystemUser(), false);

      if ("unlockLink".equals(subcmd)) {
        WebAssetFactory.unLockAsset(workingLink);
      }
      if (workingLink.isLocked() && !workingLink.getModUser().equals(user.getUserId())) {
        req.setAttribute(WebKeys.LINK_EDIT, workingLink);
        if (UtilMethods.isSet(popup)) {
          Logger.debug(DirectorAction.class, "Going to SIX I have popup!!!!!!!!!!!!!!!!");
          setForward(req, "portlet.ext.director.unlock_popup_link");
          return;
        } else {
          Logger.debug(DirectorAction.class, "Going to FIVE I dont have popup!!!!!!!!!!!!!!!!");
          setForward(req, "portlet.ext.director.unlock_link");
          return;
        }
      } else if (workingLink.isLocked()) {
        // it's locked by the same user
        WebAssetFactory.unLockAsset(workingLink);
      }
      String popURL = "";
      if (UtilMethods.isSet(popup)) {
        popURL = "_popup";
      }
      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/links/edit_link"});
      params.put("cmd", new String[] {"edit"});
      params.put("inode", new String[] {workingLink.getInode() + ""});
      params.put("popup", new String[] {popup});
      params.put("referer", new String[] {referer});
      params.put(
          "child",
          new String[] {(req.getParameter("child") != null) ? req.getParameter("child") : ""});
      params.put(
          "page_width",
          new String[] {
            (req.getParameter("page_width") != null) ? req.getParameter("page_width") : ""
          });
      params.put(
          "browse",
          new String[] {(req.getParameter("browse") != null) ? req.getParameter("browse") : ""});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }

    if (cmd != null && cmd.equals("addChild")) {

      try {
        Logger.debug(DirectorAction.class, "Director :: addChild");

        HibernateUtil.startTransaction();

        Contentlet contentlet = new Contentlet();
        String cInode = req.getParameter("contentlet");
        if (InodeUtils.isSet(cInode)) {
          contentlet = conAPI.find(cInode, user, true);
        }
        Container container =
            (Container) InodeFactory.getInode(req.getParameter("container"), Container.class);
        HTMLPage htmlPage =
            (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);

        boolean hasPermissionOnContainer =
            perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false);
        if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true))
          hasPermissionOnContainer = true;

        boolean hasPermissionsOnPage =
            perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false);
        boolean duplicateContentCheck = false;

        if (!hasPermissionOnContainer || !hasPermissionsOnPage) {
          throw new DotSecurityException(
              "User has no permission to add content on container = "
                  + req.getParameter("container")
                  + " on page = "
                  + req.getParameter("htmlPage"));
        }

        Identifier identifier = APILocator.getIdentifierAPI().find(contentlet);

        Identifier htmlPageIdentifier = APILocator.getIdentifierAPI().find(htmlPage);
        Identifier containerIdentifier = APILocator.getIdentifierAPI().find(container);

        if (InodeUtils.isSet(identifier.getInode())
            && InodeUtils.isSet(htmlPageIdentifier.getInode())
            && InodeUtils.isSet(containerIdentifier.getInode())) {
          MultiTree mTree =
              new MultiTree(
                  htmlPageIdentifier.getInode(),
                  containerIdentifier.getInode(),
                  identifier.getInode());
          java.util.List<MultiTree> treeList = MultiTreeFactory.getMultiTree(htmlPage, container);
          for (int i = 0; i < treeList.size(); i++) {
            if (treeList.get(i).getChild().equals(identifier.getInode())) {
              duplicateContentCheck = true;
              session.setAttribute(
                  "duplicatedErrorMessage",
                  "Content already exists in the same container on the page");
            }
          }
          if (!duplicateContentCheck) {
            MultiTreeFactory.saveMultiTree(mTree);

            // Updating the last mod user and last mod date of the page
            htmlPage.setModDate(new Date());
            htmlPage.setModUser(user.getUserId());
            HibernateUtil.saveOrUpdate(htmlPage);
          }

        } else {
          Logger.error(
              this,
              "Error found trying to associate the contentlet inode: "
                  + contentlet.getInode()
                  + "(iden: "
                  + identifier.getInode()
                  + ") "
                  + "to the container: "
                  + container.getInode()
                  + "(iden: "
                  + containerIdentifier.getInode()
                  + ") "
                  + "of the page: "
                  + htmlPage.getInode()
                  + "(iden: "
                  + htmlPageIdentifier.getInode()
                  + ") "
                  + "the system was unable to find some the identifiers (tree error?)!");
        }

      } catch (DotRuntimeException e) {
        Logger.error(this, "Unable to add content to page", e);
      } finally {
        try {
          HibernateUtil.commitTransaction();
        } catch (Exception e) {
          session.setAttribute(
              "duplicatedErrorMessage", "Content already exists in the same container on the page");
          // res.sendRedirect(referer);
        }
      }
      _sendToReferral(req, res, referer);
      return;
    }

    if (cmd != null && cmd.equals("removeChild")) {

      try {

        Logger.debug(DirectorAction.class, "Director :: removeChild");

        HibernateUtil.startTransaction();

        Contentlet contentlet = new Contentlet();
        String cInode = req.getParameter("contentlet");
        if (InodeUtils.isSet(cInode)) {
          contentlet = conAPI.find(cInode, user, true);
        }
        Container container =
            (Container) InodeFactory.getInode(req.getParameter("container"), Container.class);
        HTMLPage htmlPage =
            (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);

        boolean hasPermissionOnPage =
            perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false);
        boolean hasPermissionOnContainer =
            perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false);
        if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true))
          hasPermissionOnContainer = true;

        if (!hasPermissionOnContainer || !hasPermissionOnPage) {
          throw new DotSecurityException(
              "User has no permission to remove content from container = "
                  + req.getParameter("container")
                  + " on page = "
                  + req.getParameter("htmlPage"));
        }

        Identifier identifier = APILocator.getIdentifierAPI().find(contentlet);
        Logger.debug(
            DirectorAction.class,
            "Identifier of Contentlet to be removed=" + identifier.getInode());

        Contentlet contentletWorking =
            conAPI.findContentletByIdentifier(
                identifier.getInode(), false, contentlet.getLanguageId(), user, true);
        Contentlet liveContentlet =
            conAPI.findContentletByIdentifier(
                identifier.getInode(), false, contentlet.getLanguageId(), user, true);
        Logger.debug(
            DirectorAction.class,
            "\n\nContentlet Working to be removed=" + contentletWorking.getInode());

        Identifier htmlPageIdentifier = APILocator.getIdentifierAPI().find(htmlPage);
        Identifier containerIdentifier = APILocator.getIdentifierAPI().find(container);
        MultiTree multiTree =
            MultiTreeFactory.getMultiTree(htmlPageIdentifier, containerIdentifier, identifier);
        Logger.debug(DirectorAction.class, "multiTree=" + multiTree);
        MultiTreeFactory.deleteMultiTree(multiTree);

        // Updating the last mod user and last mod date of the page
        htmlPage.setModDate(new Date());
        htmlPage.setModUser(user.getUserId());
        HibernateUtil.saveOrUpdate(htmlPage);
      } catch (DotRuntimeException e) {
        Logger.error(this, "Unable to remove content from page", e);
      } finally {
        HibernateUtil.commitTransaction();
      }
      _sendToReferral(req, res, referer);
      return;
    }

    if (cmd != null && cmd.equals("makeHomePage")) {

      Logger.debug(DirectorAction.class, "Director :: makeHomePage");

      if (InodeUtils.isSet(req.getParameter("htmlPage"))) {
        HTMLPage htmlPage =
            (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);
        Folder folder = APILocator.getFolderAPI().findParentFolder(htmlPage, user, false);

        UserPreference up =
            UserPreferencesFactory.getUserPreferenceValue(
                user.getUserId(), WebKeys.USER_PREFERENCE_HOME_PAGE);

        if (up.getId() > 0) {
          up.setValue(htmlPage.getURI(folder));

        } else {
          up.setUserId(user.getUserId());
          up.setPreference(WebKeys.USER_PREFERENCE_HOME_PAGE);
          up.setValue(htmlPage.getURI(folder));
        }
        UserPreferencesFactory.saveUserPreference(up);
      } else {
        // the user clicked on set with no page that means unsetting the page
        UserPreferencesFactory.deleteUserPreference(
            user.getUserId(), WebKeys.USER_PREFERENCE_HOME_PAGE);
      }

      _sendToReferral(req, res, referer);
      return;
    }

    if (cmd != null && cmd.equals("moveUp")) {

      Logger.debug(DirectorAction.class, "Director :: moveUp");
      Contentlet contentlet = new Contentlet();
      String cInode = req.getParameter("contentlet");
      if (InodeUtils.isSet(cInode)) {
        contentlet = conAPI.find(cInode, user, true);
      }
      Container container =
          (Container) InodeFactory.getInode(req.getParameter("container"), Container.class);
      HTMLPage htmlPage =
          (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);

      boolean hasPermissionOnPage =
          perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false);
      boolean hasPermissionOnContainer =
          perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false);
      if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true))
        hasPermissionOnContainer = true;

      if (!hasPermissionOnContainer || !hasPermissionOnPage) {
        throw new DotSecurityException(
            "User has no permission to reorder content on container = "
                + req.getParameter("container")
                + " on page = "
                + req.getParameter("htmlPage"));
      }

      String staticContainer = req.getParameter("static");

      Logger.debug(DirectorAction.class, "staticContainer=" + staticContainer);

      java.util.List cletList = new ArrayList();
      String sort =
          (container.getSortContentletsBy() == null)
              ? "tree_order"
              : container.getSortContentletsBy();

      Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage);
      Identifier idenContainer = APILocator.getIdentifierAPI().find(container);
      cletList =
          conAPI.findPageContentlets(
              idenHtmlPage.getInode(),
              idenContainer.getInode(),
              sort,
              true,
              contentlet.getLanguageId(),
              user,
              false);
      Logger.debug(DirectorAction.class, "Number of contentlets = " + cletList.size());

      int newPosition = cletList.indexOf(contentlet) - 1;

      if (newPosition >= 0) {

        idenContainer = APILocator.getIdentifierAPI().find(container);
        idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage);
        int x = 0;
        Iterator i = cletList.iterator();

        while (i.hasNext()) {

          Identifier iden;
          MultiTree multiTree;
          Contentlet c = (Contentlet) i.next();

          Logger.debug(DirectorAction.class, "Contentlet inode = " + c.getInode());

          if (newPosition == x) {
            iden = APILocator.getIdentifierAPI().find(contentlet);
            multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden);
            multiTree.setTreeOrder(x);
            MultiTreeFactory.saveMultiTree(multiTree);
            x++;
          }

          if (!c.getInode().equalsIgnoreCase(contentlet.getInode())) {
            iden = APILocator.getIdentifierAPI().find(c);
            multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden);
            multiTree.setTreeOrder(x);
            MultiTreeFactory.saveMultiTree(multiTree);
            x++;
          }
        }
      }
      _sendToReferral(req, res, referer);
      return;
    }

    if (cmd != null && cmd.equals("moveDown")) {

      Logger.debug(DirectorAction.class, "Director :: moveDown");
      Contentlet contentlet = new Contentlet();
      String cInode = req.getParameter("contentlet");
      if (InodeUtils.isSet(cInode)) {
        contentlet = conAPI.find(cInode, user, true);
      }
      Container container =
          (Container) InodeFactory.getInode(req.getParameter("container"), Container.class);
      HTMLPage htmlPage =
          (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);
      String staticContainer = req.getParameter("static");

      boolean hasPermissionOnPage =
          perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false);
      boolean hasPermissionOnContainer =
          perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false);
      if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true))
        hasPermissionOnContainer = true;

      if (!hasPermissionOnContainer || !hasPermissionOnPage) {
        throw new DotSecurityException(
            "User has no permission to reorder content on container = "
                + req.getParameter("container")
                + " on page = "
                + req.getParameter("htmlPage"));
      }
      Logger.debug(DirectorAction.class, "staticContainer=" + staticContainer);

      java.util.List cletList = new ArrayList();
      String sort =
          (container.getSortContentletsBy() == null)
              ? "tree_order"
              : container.getSortContentletsBy();

      Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage);
      Identifier idenContainer = APILocator.getIdentifierAPI().find(container);
      cletList =
          conAPI.findPageContentlets(
              idenHtmlPage.getInode(),
              idenContainer.getInode(),
              sort,
              true,
              contentlet.getLanguageId(),
              user,
              false);
      Logger.debug(DirectorAction.class, "Number of contentlets = " + cletList.size());

      int newPosition = cletList.indexOf(contentlet) + 1;

      if (newPosition < cletList.size()) {

        idenContainer = APILocator.getIdentifierAPI().find(container);
        idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage);
        int x = 0;
        Iterator i = cletList.iterator();

        while (i.hasNext()) {

          Identifier iden;
          MultiTree multiTree;
          Contentlet c = (Contentlet) i.next();

          Logger.debug(DirectorAction.class, "Contentlet inode = " + c.getInode());

          if (!c.getInode().equalsIgnoreCase(contentlet.getInode())) {
            iden = APILocator.getIdentifierAPI().find(c);
            multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden);
            multiTree.setTreeOrder(x);
            MultiTreeFactory.saveMultiTree(multiTree);
            x++;
          }

          if (newPosition == x) {
            iden = APILocator.getIdentifierAPI().find(contentlet);
            multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden);
            multiTree.setTreeOrder(x);
            MultiTreeFactory.saveMultiTree(multiTree);
            x++;
          }
        }
      }

      _sendToReferral(req, res, referer);
      return;
    }

    if (cmd != null && cmd.equals("unlock")) {

      Logger.debug(DirectorAction.class, "Director :: unlock Contentlet");

      Contentlet contentlet = new Contentlet();
      String cInode = req.getParameter("contentlet");
      if (InodeUtils.isSet(cInode)) {
        contentlet = conAPI.find(cInode, user, true);
      }
      conAPI.unlock(contentlet, user, true);
    }

    if (cmd != null && cmd.equals("createForm")) {

      Logger.debug(DirectorAction.class, "Director :: createForrm");
      java.util.Map params = new java.util.HashMap();
      params.put("struts_action", new String[] {"/ext/structure/edit_structure"});
      params.put("structureType", new String[] {Integer.toString(Structure.STRUCTURE_TYPE_FORM)});
      params.put("cmd", new String[] {"null"});

      String af =
          com.dotmarketing.util.PortletURLUtil.getActionURL(
              httpReq, WindowState.MAXIMIZED.toString(), params);

      _sendToReferral(req, res, af);
      return;
    }

    Contentlet contentlet = new Contentlet();
    String cInode = req.getParameter("contentlet");
    if (InodeUtils.isSet(cInode)) {
      contentlet = conAPI.find(cInode, user, true);
    }
    if (contentlet == null) {
      throw new DotStateException("Trying to edit an invalid contentlet - inode:" + cInode);
    }
    Container container =
        (Container) InodeFactory.getInode(req.getParameter("container"), Container.class);
    HTMLPage htmlPage =
        (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class);

    Logger.debug(DirectorAction.class, "contentlet=" + contentlet.getInode());

    String contentletInode = "";
    if (InodeUtils.isSet(contentlet.getInode())) {

      Identifier identifier = APILocator.getIdentifierAPI().find(contentlet);
      // gets the current working asset
      Contentlet workingContentlet =
          conAPI.findContentletByIdentifier(
              identifier.getInode(), false, contentlet.getLanguageId(), user, false);

      Logger.debug(DirectorAction.class, "workingContentlet=" + workingContentlet.getInode());
      Logger.debug(
          DirectorAction.class, "workingContentlet.getModUser()=" + workingContentlet.getModUser());
      Logger.debug(
          DirectorAction.class, "workingContentlet.isLocked()=" + workingContentlet.isLocked());

      contentletInode = workingContentlet.getInode();
    } else {
      contentletInode = contentlet.getInode();
    }

    Logger.debug(DirectorAction.class, "Director :: Edit Contentlet");

    java.util.Map params = new java.util.HashMap();
    params.put("struts_action", new String[] {"/ext/contentlet/edit_contentlet"});

    String cmdAux = (cmd.equals("newedit") ? cmd : "edit");

    params.put("cmd", new String[] {cmdAux});
    params.put("htmlpage_inode", new String[] {htmlPage.getInode() + ""});
    params.put("contentcontainer_inode", new String[] {container.getInode() + ""});
    params.put("inode", new String[] {contentletInode + ""});
    if (InodeUtils.isSet(req.getParameter("selectedStructure"))) {
      params.put("selectedStructure", new String[] {req.getParameter("selectedStructure") + ""});
    }
    params.put(
        "lang",
        new String[] {(req.getParameter("language") != null) ? req.getParameter("language") : ""});
    params.put("referer", new String[] {referer});

    String af =
        com.dotmarketing.util.PortletURLUtil.getActionURL(
            httpReq, WindowState.MAXIMIZED.toString(), params);

    _sendToReferral(req, res, af);
    return;
  }
Example #7
0
  @SuppressWarnings("unchecked")
  public ActionForward unspecified(
      ActionMapping rMapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {
    ActionErrors errors = new ActionErrors();
    // Email parameters
    HttpSession session = request.getSession();
    Host currentHost = hostWebAPI.getCurrentHost(request);
    User currentUser = (User) session.getAttribute(WebKeys.CMS_USER);

    String method = request.getMethod();
    String errorURL = request.getParameter("errorURL");
    errorURL = (!UtilMethods.isSet(errorURL) ? request.getHeader("referer") : errorURL);
    if (errorURL.indexOf("?") > -1) {
      errorURL = errorURL.substring(0, errorURL.lastIndexOf("?"));
    }
    String x = request.getRequestURI();
    if (request.getParameterMap().size() < 2) {

      return null;
    }

    // Checking for captcha
    boolean useCaptcha = Config.getBooleanProperty("FORCE_CAPTCHA", true);
    if (!useCaptcha) {
      useCaptcha = new Boolean(request.getParameter("useCaptcha")).booleanValue();
    }

    String captcha = request.getParameter("captcha");
    if (useCaptcha) {
      Captcha captchaObj = (Captcha) session.getAttribute(Captcha.NAME);
      String captchaSession = captchaObj != null ? captchaObj.getAnswer() : null;

      if (captcha == null && Config.getBooleanProperty("FORCE_CAPTCHA", true)) {
        response
            .getWriter()
            .write(
                "Captcha is required to submit this form ( FORCE_CAPTCHA=true ).<br>To change this, edit the dotmarketing-config.properties and set FORCE_CAPTCHA=false");
        return null;
      }

      if (!UtilMethods.isSet(captcha)
          || !UtilMethods.isSet(captchaSession)
          || !captcha.equals(captchaSession)) {
        errors.add(
            Globals.ERROR_KEY,
            new ActionMessage("message.contentlet.required", "Validation Image"));
        request.setAttribute(Globals.ERROR_KEY, errors);
        session.setAttribute(Globals.ERROR_KEY, errors);
        String queryString = request.getQueryString();
        String invalidCaptchaURL = request.getParameter("invalidCaptchaReturnUrl");
        if (!UtilMethods.isSet(invalidCaptchaURL)) {
          invalidCaptchaURL = errorURL;
        }
        ActionForward af = new ActionForward();
        af.setRedirect(true);
        if (UtilMethods.isSet(queryString)) {

          af.setPath(invalidCaptchaURL + "?" + queryString + "&error=Validation-Image");
        } else {
          af.setPath(invalidCaptchaURL + "?error=Validation-Image");
        }

        return af;
      }
    }

    Map<String, Object> parameters = null;
    if (request instanceof UploadServletRequest) {
      UploadServletRequest uploadReq = (UploadServletRequest) request;
      parameters = new HashMap<String, Object>(uploadReq.getParameterMap());
      for (Entry<String, Object> entry : parameters.entrySet()) {
        if (entry.getKey().toLowerCase().indexOf("file") > -1
            && !entry.getKey().equals("attachFiles")) {
          parameters.put(entry.getKey(), uploadReq.getFile(entry.getKey()));
        }
      }
    } else {
      parameters = new HashMap<String, Object>(request.getParameterMap());
    }

    Set<String> toValidate = new java.util.HashSet<String>(parameters.keySet());

    // Enhancing the ignored parameters not to be send in the email
    String ignoredParameters = (String) EmailFactory.getMapValue("ignore", parameters);
    if (ignoredParameters == null) {
      ignoredParameters = "";
    }
    ignoredParameters +=
        ":useCaptcha:captcha:invalidCaptchaReturnUrl:return:returnUrl:errorURL:ignore:to:from:cc:bcc:dispatch:order:prettyOrder:autoReplyTo:autoReplyFrom:autoReplyText:autoReplySubject:";
    parameters.put("ignore", ignoredParameters);

    // getting categories from inodes
    // getting parent category name and child categories name
    // and replacing the "categories" parameter
    String categories = "";
    String[] categoriesArray = request.getParameterValues("categories");
    if (categoriesArray != null) {
      HashMap hashCategories = new HashMap<String, String>();
      for (int i = 0; i < categoriesArray.length; i++) {
        Category node = (Category) InodeFactory.getInode(categoriesArray[i], Category.class);
        Category parent = (Category) InodeFactory.getParentOfClass(node, Category.class);
        String parentCategoryName = parent.getCategoryName();

        if (hashCategories.containsKey(parentCategoryName)) {
          String childCategoryName = (String) hashCategories.get(parentCategoryName);
          if (UtilMethods.isSet(childCategoryName)) {
            childCategoryName += ", ";
          }
          childCategoryName += node.getCategoryName();
          hashCategories.put(parentCategoryName, childCategoryName);
        } else {
          hashCategories.put(parentCategoryName, node.getCategoryName());
        }
      }

      Set<String> keySet = hashCategories.keySet();
      for (String stringKey : keySet) {

        if (UtilMethods.isSet(categories)) {
          categories += "; ";
        }
        categories += stringKey + " : " + (String) hashCategories.get(stringKey);
        parameters.put(stringKey, (String) hashCategories.get(stringKey));
      }
      parameters.remove("categories");
    }

    WebForm webForm = new WebForm();
    try {
      /*validation parameter should ignore the returnUrl and erroURL field in the spam check*/
      String[] removeParams = ignoredParameters.split(":");
      for (String param : removeParams) {
        toValidate.remove(param);
      }

      parameters.put("request", request);
      parameters.put("response", response);

      // Sending the email
      webForm =
          EmailFactory.sendParameterizedEmail(parameters, toValidate, currentHost, currentUser);

      webForm.setCategories(categories);

      if (UtilMethods.isSet(request.getParameter("createAccount"))
          && request.getParameter("createAccount").equals("true")) {
        // if we create account set to true we create a user account and add user comments.
        createAccount(webForm, request);
        try {
          String userInode = webForm.getUserInode();
          String customFields = webForm.getCustomFields();
          customFields += " User Inode = " + String.valueOf(userInode) + " | ";
          webForm.setCustomFields(customFields);
        } catch (Exception e) {

        }
      }

      if (UtilMethods.isSet(webForm.getFormType())) {
        HibernateUtil.saveOrUpdate(webForm);
      }

      if (request.getParameter("return") != null) {
        ActionForward af =
            new ActionForward(SecurityUtils.stripReferer(request, request.getParameter("return")));
        af.setRedirect(true);
        return af;
      } else if (request.getParameter("returnUrl") != null) {
        ActionForward af =
            new ActionForward(
                SecurityUtils.stripReferer(request, request.getParameter("returnUrl")));
        af.setRedirect(true);
        return af;
      } else {
        return rMapping.findForward("thankYouPage");
      }

    } catch (DotRuntimeException e) {
      errors.add(Globals.ERROR_KEY, new ActionMessage("error.processing.your.email"));
      request.getSession().setAttribute(Globals.ERROR_KEY, errors);

      String queryString = request.getQueryString();

      if (queryString == null) {
        java.util.Enumeration<String> parameterNames = request.getParameterNames();
        queryString = "";
        String parameterName;
        for (; parameterNames.hasMoreElements(); ) {
          parameterName = parameterNames.nextElement();

          if (0 < queryString.length()) {
            queryString =
                queryString
                    + "&"
                    + parameterName
                    + "="
                    + UtilMethods.encodeURL(request.getParameter(parameterName));
          } else {
            queryString =
                parameterName + "=" + UtilMethods.encodeURL(request.getParameter(parameterName));
          }
        }
      }

      ActionForward af;
      if (UtilMethods.isSet(queryString)) {
        af = new ActionForward(SecurityUtils.stripReferer(request, errorURL + "?" + queryString));
      } else {
        af = new ActionForward(SecurityUtils.stripReferer(request, errorURL));
      }

      af.setRedirect(true);

      return af;
    }
  }