private static void _populateThreadLocalsFromContext(Map<String, Serializable> context) {

    long companyId = GetterUtil.getLong(context.get("companyId"));

    if (companyId > 0) {
      CompanyThreadLocal.setCompanyId(companyId);
    }

    Locale defaultLocale = (Locale) context.get("defaultLocale");

    if (defaultLocale != null) {
      LocaleThreadLocal.setDefaultLocale(defaultLocale);
    }

    long groupId = GetterUtil.getLong(context.get("groupId"));

    if (groupId > 0) {
      GroupThreadLocal.setGroupId(groupId);
    }

    String principalName = GetterUtil.getString(context.get("principalName"));

    if (Validator.isNotNull(principalName)) {
      PrincipalThreadLocal.setName(principalName);
    }

    PermissionChecker permissionChecker = null;

    if (Validator.isNotNull(principalName)) {
      try {
        User user = UserLocalServiceUtil.fetchUser(PrincipalThreadLocal.getUserId());

        permissionChecker = PermissionCheckerFactoryUtil.create(user);
      } catch (Exception e) {
        throw new RuntimeException(e);
      }
    }

    if (permissionChecker != null) {
      PermissionThreadLocal.setPermissionChecker(permissionChecker);
    }

    String principalPassword = GetterUtil.getString(context.get("principalPassword"));

    if (Validator.isNotNull(principalPassword)) {
      PrincipalThreadLocal.setPassword(principalPassword);
    }

    Locale siteDefaultLocale = (Locale) context.get("siteDefaultLocale");

    if (siteDefaultLocale != null) {
      LocaleThreadLocal.setSiteDefaultLocale(siteDefaultLocale);
    }

    Locale themeDisplayLocale = (Locale) context.get("themeDisplayLocale");

    if (themeDisplayLocale != null) {
      LocaleThreadLocal.setThemeDisplayLocale(themeDisplayLocale);
    }
  }
  @Test
  public void testFilterFindByG_N() throws Exception {
    Group scopeGroup = addScopeGroup();

    Group siteGroup = scopeGroup.getParentGroup();

    String assetTagName = ServiceTestUtil.randomString();

    addAssetTag(siteGroup.getGroupId(), assetTagName, null);

    User user = UserTestUtil.addUser(null, 0);

    PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();

    try {
      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      try {
        AssetTagFinderUtil.filterFindByG_N(scopeGroup.getGroupId(), assetTagName);

        Assert.fail();
      } catch (NoSuchTagException nste) {
      }

      AssetTag siteGroupAssetTag =
          AssetTagFinderUtil.filterFindByG_N(siteGroup.getGroupId(), assetTagName);

      Assert.assertEquals(StringUtil.toLowerCase(assetTagName), siteGroupAssetTag.getName());
    } finally {
      PermissionThreadLocal.setPermissionChecker(originalPermissionChecker);
    }
  }
  protected void testUserPermissions(
      boolean addBaseModelPermission, boolean addParentBaseModelPermission) throws Exception {

    ServiceContext serviceContext = ServiceContextTestUtil.getServiceContext(group.getGroupId());

    SearchContext searchContext = SearchContextTestUtil.getSearchContext(group.getGroupId());

    searchContext.setKeywords(getSearchKeywords());

    int initialBaseModelsSearchCount =
        searchBaseModelsCount(getBaseModelClass(), group.getGroupId(), searchContext);

    serviceContext.setAddGroupPermissions(addParentBaseModelPermission);
    serviceContext.setAddGuestPermissions(addParentBaseModelPermission);

    BaseModel<?> parentBaseModel = getParentBaseModel(group, serviceContext);

    serviceContext.setAddGroupPermissions(addBaseModelPermission);
    serviceContext.setAddGuestPermissions(addBaseModelPermission);

    baseModel = addBaseModel(parentBaseModel, true, getSearchKeywords(), serviceContext);

    User user = UserTestUtil.addUser(null, 0);

    PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();

    try {
      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      searchContext.setUserId(user.getUserId());

      int baseModelsCount = initialBaseModelsSearchCount;

      if (addBaseModelPermission && !isCheckBaseModelPermission()) {
        baseModelsCount++;
      }

      Assert.assertEquals(
          baseModelsCount,
          searchBaseModelsCount(getBaseModelClass(), group.getGroupId(), searchContext));
    } finally {
      PermissionThreadLocal.setPermissionChecker(originalPermissionChecker);
    }
  }
  @Override
  public void initContextUser(long userId) throws AuthException {
    try {
      User user = UserLocalServiceUtil.getUser(userId);

      CompanyThreadLocal.setCompanyId(user.getCompanyId());

      PrincipalThreadLocal.setName(userId);

      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      AccessControlThreadLocal.setRemoteAccess(false);
    } catch (Exception e) {
      throw new AuthException(e.getMessage(), e);
    }
  }
  @Test
  public void testFilterCountByG_N_P() throws Exception {
    Group scopeGroup = addScopeGroup();

    Group siteGroup = scopeGroup.getParentGroup();

    String assetTagName = ServiceTestUtil.randomString();
    String[] assetTagProperties = {
      "key" + AssetTagConstants.PROPERTY_KEY_VALUE_SEPARATOR + "value"
    };

    int initialScopeGroupAssetTagsCount =
        AssetTagFinderUtil.filterCountByG_N_P(
            scopeGroup.getGroupId(), assetTagName, assetTagProperties);
    int initialTagsCountSiteGroup =
        AssetTagFinderUtil.filterCountByG_N_P(
            siteGroup.getGroupId(), assetTagName, assetTagProperties);

    addAssetTag(siteGroup.getGroupId(), assetTagName, assetTagProperties);

    User user = UserTestUtil.addUser(null, 0);

    PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();

    try {
      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      int scopeGroupAssetTagsCount =
          AssetTagFinderUtil.filterCountByG_N_P(
              scopeGroup.getGroupId(), assetTagName, assetTagProperties);

      Assert.assertEquals(initialScopeGroupAssetTagsCount, scopeGroupAssetTagsCount);

      int siteGroupAssetTagsCount =
          AssetTagFinderUtil.filterCountByG_N_P(
              siteGroup.getGroupId(), assetTagName, assetTagProperties);

      Assert.assertEquals(initialTagsCountSiteGroup + 1, siteGroupAssetTagsCount);
    } finally {
      PermissionThreadLocal.setPermissionChecker(originalPermissionChecker);
    }
  }
  @Override
  public boolean updateCourse(Course course) throws SystemException {
    try {
      for (User userOfCourse : UserLocalServiceUtil.getGroupUsers(course.getGroupCreatedId())) {
        if (!PermissionCheckerFactoryUtil.create(userOfCourse)
            .hasPermission(
                course.getGroupCreatedId(),
                "com.liferay.lms.model",
                course.getGroupCreatedId(),
                "VIEW_RESULTS")) {
          updateCourse(course, userOfCourse.getUserId());
        }
      }

      return true;
    } catch (Exception e) {
      throw new SystemException(e);
    }
  }
Example #7
0
  protected void initThreadLocals(User user) throws Exception {
    CompanyThreadLocal.setCompanyId(user.getCompanyId());

    PrincipalThreadLocal.setName(user.getUserId());

    if (!_usePermissionChecker) {
      return;
    }

    PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();

    if (permissionChecker != null) {
      return;
    }

    permissionChecker = PermissionCheckerFactoryUtil.create(user);

    PermissionThreadLocal.setPermissionChecker(permissionChecker);
  }
  @Test
  public void testFilterCountByG_C_N() throws Exception {
    Group scopeGroup = addScopeGroup();

    Group siteGroup = scopeGroup.getParentGroup();

    long classNameId = PortalUtil.getClassNameId(BlogsEntry.class);
    String assetTagName = ServiceTestUtil.randomString();

    int initialScopeGroupAssetTagsCount =
        AssetTagFinderUtil.filterCountByG_C_N(scopeGroup.getGroupId(), classNameId, assetTagName);
    int initialSiteGroupAssetTagsCount =
        AssetTagFinderUtil.filterCountByG_C_N(siteGroup.getGroupId(), classNameId, assetTagName);

    addBlogsEntry(scopeGroup.getGroupId(), assetTagName);

    User user = UserTestUtil.addUser(null, 0);

    PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();

    try {
      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      int scopeGroupAssetTagsCount =
          AssetTagFinderUtil.filterCountByG_C_N(scopeGroup.getGroupId(), classNameId, assetTagName);

      Assert.assertEquals(initialScopeGroupAssetTagsCount + 1, scopeGroupAssetTagsCount);

      int siteGroupAssetTagsCount =
          AssetTagFinderUtil.filterCountByG_C_N(siteGroup.getGroupId(), classNameId, assetTagName);

      Assert.assertEquals(initialSiteGroupAssetTagsCount, siteGroupAssetTagsCount);
    } finally {
      PermissionThreadLocal.setPermissionChecker(originalPermissionChecker);
    }
  }
Example #9
0
  protected HttpServletRequest setCredentials(
      HttpServletRequest request, HttpSession session, long userId) throws Exception {

    User user = UserLocalServiceUtil.getUser(userId);

    String userIdString = String.valueOf(userId);

    request = new ProtectedServletRequest(request, userIdString);

    session.setAttribute(WebKeys.USER, user);
    session.setAttribute(_AUTHENTICATED_USER, userIdString);

    if (_usePermissionChecker) {
      PrincipalThreadLocal.setName(userId);
      PrincipalThreadLocal.setPassword(PortalUtil.getUserPassword(request));

      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user, false);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);
    }

    return request;
  }
  @Test
  public void testFilterFindByG_N_P() throws Exception {
    Group scopeGroup = addScopeGroup();

    Group siteGroup = scopeGroup.getParentGroup();

    String assetTagName = ServiceTestUtil.randomString();
    String[] assetTagProperties = {
      "key" + AssetTagConstants.PROPERTY_KEY_VALUE_SEPARATOR + "value"
    };

    List<AssetTag> initialScopeGroupAssetTags =
        AssetTagFinderUtil.filterFindByG_N_P(
            new long[] {scopeGroup.getGroupId()},
            assetTagName,
            assetTagProperties,
            QueryUtil.ALL_POS,
            QueryUtil.ALL_POS,
            null);
    List<AssetTag> initialSiteGroupAssetTags =
        AssetTagFinderUtil.filterFindByG_N_P(
            new long[] {siteGroup.getGroupId()},
            assetTagName,
            assetTagProperties,
            QueryUtil.ALL_POS,
            QueryUtil.ALL_POS,
            null);

    addAssetTag(siteGroup.getGroupId(), assetTagName, assetTagProperties);

    User user = UserTestUtil.addUser(null, 0);

    PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();

    try {
      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      List<AssetTag> scopeGroupAssetTags =
          AssetTagFinderUtil.filterFindByG_N_P(
              new long[] {scopeGroup.getGroupId()},
              assetTagName,
              assetTagProperties,
              QueryUtil.ALL_POS,
              QueryUtil.ALL_POS,
              null);

      Assert.assertEquals(initialScopeGroupAssetTags.size(), scopeGroupAssetTags.size());

      List<AssetTag> siteGroupAssetTags =
          AssetTagFinderUtil.filterFindByG_N_P(
              new long[] {siteGroup.getGroupId()},
              assetTagName,
              assetTagProperties,
              QueryUtil.ALL_POS,
              QueryUtil.ALL_POS,
              null);

      Assert.assertEquals(initialSiteGroupAssetTags.size() + 1, siteGroupAssetTags.size());
    } finally {
      PermissionThreadLocal.setPermissionChecker(originalPermissionChecker);
    }
  }
  @Override
  public void service(HttpServletRequest request, HttpServletResponse response)
      throws IOException, ServletException {

    User user = null;

    try {
      user = _getUser(request);

      PrincipalThreadLocal.setName(user.getUserId());
      PrincipalThreadLocal.setPassword(PortalUtil.getUserPassword(request));

      PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      if (_lastModified) {
        long lastModified = getLastModified(request);

        if (lastModified > 0) {
          long ifModifiedSince = request.getDateHeader(HttpHeaders.IF_MODIFIED_SINCE);

          if ((ifModifiedSince > 0) && (ifModifiedSince == lastModified)) {

            response.setStatus(HttpServletResponse.SC_NOT_MODIFIED);

            return;
          }
        }

        if (lastModified > 0) {
          response.setDateHeader(HttpHeaders.LAST_MODIFIED, lastModified);
        }
      }

      String path = HttpUtil.fixPath(request.getPathInfo());
      String[] pathArray = StringUtil.split(path, CharPool.SLASH);

      if (pathArray.length == 0) {
        sendGroups(response, user, request.getServletPath() + StringPool.SLASH + path);
      } else {
        if (_PATH_DDM.equals(pathArray[0])) {
          sendDDMRecordFile(request, response, pathArray);
        } else if (Validator.isNumber(pathArray[0])) {
          sendFile(request, response, user, pathArray);
        } else {
          if (isLegacyImageGalleryImageId(request, response)) {
            return;
          }

          Image image = getImage(request, true);

          if (image != null) {
            writeImage(image, request, response);
          } else {
            sendDocumentLibrary(
                request,
                response,
                user,
                request.getServletPath() + StringPool.SLASH + path,
                pathArray);
          }
        }
      }
    } catch (NoSuchFileEntryException nsfee) {
      PortalUtil.sendError(HttpServletResponse.SC_NOT_FOUND, nsfee, request, response);
    } catch (PrincipalException pe) {
      processPrincipalException(pe, user, request, response);
    } catch (Exception e) {
      PortalUtil.sendError(e, request, response);
    }
  }
  protected void resetPermissionThreadLocal() throws Exception {
    PermissionChecker permissionChecker =
        PermissionCheckerFactoryUtil.create(TestPropsValues.getUser());

    PermissionThreadLocal.setPermissionChecker(permissionChecker);
  }