@SuppressWarnings("deprecation") private void _loadForm(ActionForm form, ActionRequest req, ActionResponse res) { try { StructureForm structureForm = (StructureForm) form; Structure structure = (Structure) req.getAttribute(WebKeys.Structure.STRUCTURE); BeanUtils.copyProperties(structureForm, structure); structureForm.setFields(structure.getFields()); if (structure.getReviewInterval() != null) { String interval = structure.getReviewInterval(); Pattern p = Pattern.compile("(\\d+)([dmy])"); Matcher m = p.matcher(interval); boolean b = m.matches(); if (b) { structureForm.setReviewContent(true); String g1 = m.group(1); String g2 = m.group(2); structureForm.setReviewIntervalNum(g1); structureForm.setReviewIntervalSelect(g2); } } if (UtilMethods.isSet(structure.getDetailPage())) { Identifier ident = APILocator.getIdentifierAPI().find(structure.getDetailPage()); HTMLPage page = HTMLPageFactory.getLiveHTMLPageByIdentifier(ident); if (InodeUtils.isSet(page.getInode())) { structureForm.setDetailPage(page.getIdentifier()); } } } catch (Exception ex) { Logger.debug(EditStructureAction.class, ex.toString()); } }
/** * This method trys to build a cache key based on the information given in the request - if the * page can't be cached, or caching is not availbale then return null * * @param request * @return */ private String getPageCacheKey(HttpServletRequest request) { // no license if (LicenseUtil.getLevel() < 100) { return null; } // don't cache posts if (!"GET".equalsIgnoreCase(request.getMethod())) { return null; } // nocache passed either as a session var, as a request var or as a // request attribute if ("no".equals(request.getParameter("dotcache")) || "no".equals(request.getAttribute("dotcache")) || "no".equals(request.getSession().getAttribute("dotcache"))) { return null; } String idInode = (String) request.getAttribute("idInode"); User user = (com.liferay.portal.model.User) request.getSession().getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); HTMLPage page = null; try { page = APILocator.getHTMLPageAPI().loadLivePageById(idInode, user, true); } catch (Exception e) { Logger.error( HTMLPageWebAPI.class, "unable to load live version of page: " + idInode + " because " + e.getMessage()); return null; } if (page == null || page.getCacheTTL() < 1) { return null; } StringBuilder sb = new StringBuilder(); sb.append(page.getInode()); sb.append("_" + page.getModDate().getTime()); String userId = (user != null) ? user.getUserId() : "PUBLIC"; sb.append("_" + userId); String language = (String) request.getSession().getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE); sb.append("_" + language); String urlMap = (String) request.getAttribute(WebKeys.WIKI_CONTENTLET_INODE); if (urlMap != null) { sb.append("_" + urlMap); } if (UtilMethods.isSet(request.getQueryString())) { sb.append("_" + request.getQueryString()); } return sb.toString(); }
private boolean isArchive(HttpServletRequest request) throws PortalException, SystemException, DotDataException, DotSecurityException { String uri = request.getRequestURI(); uri = UtilMethods.cleanURI(uri); Host host = null; String hostId = ""; /* * String pageHostId = request.getParameter("host_id"); if (pageHostId * != null) { try { hostId = Long.parseLong(pageHostId); } catch * (Exception ex) { } } */ hostId = request.getParameter("host_id"); if (!InodeUtils.isSet(hostId)) { host = hostWebAPI.getCurrentHost(request); hostId = host.getIdentifier(); } else { User user = (com.liferay.portal.model.User) request.getSession().getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); if (user == null) { user = com.liferay.portal.util.PortalUtil.getUser(request); } host = hostWebAPI.find(hostId, user, true); } // Getting the identifier from the uri Identifier id = APILocator.getIdentifierAPI().find(host, uri); request.setAttribute("idInode", String.valueOf(id.getInode())); HTMLPage htmlPage = (HTMLPage) APILocator.getVersionableAPI() .findWorkingVersion(id, APILocator.getUserAPI().getSystemUser(), false); boolean isArchived = htmlPage.isDeleted(); return isArchived; }
@SuppressWarnings("unchecked") protected void doEditMode(HttpServletRequest request, HttpServletResponse response) throws Exception { String uri = request.getRequestURI(); uri = UtilMethods.cleanURI(uri); Host host = hostWebAPI.getCurrentHost(request); StringBuilder preExecuteCode = new StringBuilder(); Boolean widgetPreExecute = false; // Getting the user to check the permissions com.liferay.portal.model.User backendUser = null; try { backendUser = com.liferay.portal.util.PortalUtil.getUser(request); } catch (Exception nsue) { Logger.warn(this, "Exception trying getUser: "******"idInode", String.valueOf(id.getInode())); Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + id.getInode()); Template template = null; Template hostVariablesTemplate = null; // creates the context where to place the variables response.setContentType(CHARSET); Context context = VelocityUtil.getWebContext(request, response); HTMLPage htmlPage = (HTMLPage) APILocator.getVersionableAPI() .findWorkingVersion(id, APILocator.getUserAPI().getSystemUser(), false); HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI(); // to check user has permission to write on this page boolean hasAddChildrenPermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, backendUser); boolean hasWritePermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, backendUser); boolean hasPublishPermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_PUBLISH, backendUser); context.put("ADD_CHILDREN_HTMLPAGE_PERMISSION", new Boolean(hasAddChildrenPermOverHTMLPage)); context.put("EDIT_HTMLPAGE_PERMISSION", new Boolean(hasWritePermOverHTMLPage)); context.put("PUBLISH_HTMLPAGE_PERMISSION", new Boolean(hasPublishPermOverHTMLPage)); context.put("canAddForm", new Boolean(LicenseUtil.getLevel() > 199 ? true : false)); context.put("canViewDiff", new Boolean(LicenseUtil.getLevel() > 199 ? true : false)); boolean canUserWriteOnTemplate = permissionAPI.doesUserHavePermission( htmlPageAPI.getTemplateForWorkingHTMLPage(htmlPage), PERMISSION_WRITE, backendUser) && portletAPI.hasTemplateManagerRights(backendUser); context.put("EDIT_TEMPLATE_PERMISSION", canUserWriteOnTemplate); com.dotmarketing.portlets.templates.model.Template cmsTemplate = com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate( htmlPage, true); if (cmsTemplate == null) { // DOTCMS-4051 cmsTemplate = new com.dotmarketing.portlets.templates.model.Template(); Logger.debug(VelocityServlet.class, "HTMLPAGE TEMPLATE NOT FOUND"); } Identifier templateIdentifier = APILocator.getIdentifierAPI().find(cmsTemplate); Logger.debug(VelocityServlet.class, "VELOCITY TEMPLATE INODE=" + cmsTemplate.getInode()); VelocityUtil.makeBackendContext( context, htmlPage, cmsTemplate.getInode(), id.getURI(), request, true, true, false, host); // added to show tabs context.put("previewPage", "1"); // get the containers for the page and stick them in context List<Container> containers = APILocator.getTemplateAPI() .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false); for (Container c : containers) { context.put( String.valueOf("container" + c.getIdentifier()), "/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); boolean hasWritePermissionOnContainer = permissionAPI.doesUserHavePermission(c, PERMISSION_WRITE, backendUser, false) && portletAPI.hasContainerManagerRights(backendUser); boolean hasReadPermissionOnContainer = permissionAPI.doesUserHavePermission(c, PERMISSION_READ, backendUser, false); context.put("EDIT_CONTAINER_PERMISSION" + c.getIdentifier(), hasWritePermissionOnContainer); if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true)) context.put("USE_CONTAINER_PERMISSION" + c.getIdentifier(), true); else context.put("USE_CONTAINER_PERMISSION" + c.getIdentifier(), hasReadPermissionOnContainer); // to check user has permission to write this container Structure st = (Structure) InodeFactory.getInode(c.getStructureInode(), Structure.class); boolean hasWritePermOverTheStructure = permissionAPI.doesUserHavePermission(st, PERMISSION_WRITE, backendUser); context.put( "ADD_CONTENT_PERMISSION" + c.getIdentifier(), new Boolean(hasWritePermOverTheStructure)); Logger.debug( VelocityServlet.class, String.valueOf("container" + c.getIdentifier()) + "=/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy(); List<Contentlet> contentlets = null; boolean staticContainer = !UtilMethods.isSet(c.getLuceneQuery()); // get contentlets only for main frame if (request.getParameter("mainFrame") != null) { if (staticContainer) { Logger.debug(VelocityServlet.class, "Static Container!!!!"); Logger.debug( VelocityServlet.class, "html=" + htmlPage.getInode() + " container=" + c.getInode()); // The container doesn't have categories Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); Identifier idenContainer = APILocator.getIdentifierAPI().find(c); contentlets = conAPI.findPageContentlets( idenHtmlPage.getInode(), idenContainer.getInode(), sort, true, -1, backendUser, true); Logger.debug( VelocityServlet.class, "Getting contentlets for language=" + (String) request .getSession() .getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE) + " contentlets =" + contentlets.size()); } else { String luceneQuery = c.getLuceneQuery(); int limit = c.getMaxContentlets(); String sortBy = c.getSortContentletsBy(); int offset = 0; contentlets = conAPI.search(luceneQuery, limit, offset, sortBy, backendUser, true); } if (UtilMethods.isSet(contentlets) && contentlets.size() > 0) { Set<String> contentletIdentList = new HashSet<String>(); List<Contentlet> contentletsFilter = new ArrayList<Contentlet>(); for (Contentlet cont : contentlets) { if (!contentletIdentList.contains(cont.getIdentifier())) { contentletIdentList.add(cont.getIdentifier()); contentletsFilter.add(cont); } } contentlets = contentletsFilter; } List<String> contentletList = new ArrayList<String>(); if (contentlets != null) { Iterator<Contentlet> iter = contentlets.iterator(); int count = 0; while (iter.hasNext() && (count < c.getMaxContentlets())) { count++; Contentlet contentlet = (Contentlet) iter.next(); Identifier contentletIdentifier = APILocator.getIdentifierAPI().find(contentlet); boolean hasWritePermOverContentlet = permissionAPI.doesUserHavePermission(contentlet, PERMISSION_WRITE, backendUser); context.put( "EDIT_CONTENT_PERMISSION" + contentletIdentifier.getInode(), new Boolean(hasWritePermOverContentlet)); contentletList.add(String.valueOf(contentletIdentifier.getInode())); Logger.debug(this, "Adding contentlet=" + contentletIdentifier.getInode()); Structure contStructure = contentlet.getStructure(); if (contStructure.getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) { Field field = contStructure.getFieldVar("widgetPreexecute"); if (field != null && UtilMethods.isSet(field.getValues())) { preExecuteCode.append(field.getValues().trim() + "\n"); widgetPreExecute = true; } } } } // sets contentletlist with all the files to load per // container context.put("contentletList" + c.getIdentifier(), contentletList); context.put("totalSize" + c.getIdentifier(), new Integer(contentletList.size())); // ### Add the structure fake contentlet ### if (contentletList.size() == 0) { Structure structure = ContainerFactory.getContainerStructure(c); contentletList.add(structure.getInode() + ""); // sets contentletlist with all the files to load per // container context.remove("contentletList" + c.getIdentifier()); context.remove("totalSize" + c.getIdentifier()); // http://jira.dotmarketing.net/browse/DOTCMS-2876 context.put("contentletList" + c.getIdentifier(), new long[0]); context.put("totalSize" + c.getIdentifier(), 0); } // ### END Add the structure fake contentlet ### } } Logger.debug( VelocityServlet.class, "Before finding template: /working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); Logger.debug( VelocityServlet.class, "Velocity directory:" + VelocityUtil.getEngine().getProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH)); if (request.getParameter("leftMenu") != null) { /* * try to get the messages from the session */ List<String> list = new ArrayList<String>(); if (SessionMessages.contains(request, "message")) { list.add((String) SessionMessages.get(request, "message")); SessionMessages.clear(request); } if (SessionMessages.contains(request, "custommessage")) { list.add((String) SessionMessages.get(request, "custommessage")); SessionMessages.clear(request); } if (list.size() > 0) { ArrayList<String> mymessages = new ArrayList<String>(); Iterator<String> it = list.iterator(); while (it.hasNext()) { try { String message = (String) it.next(); Company comp = PublicCompanyFactory.getDefaultCompany(); mymessages.add(LanguageUtil.get(comp.getCompanyId(), backendUser.getLocale(), message)); } catch (Exception e) { } } context.put("vmessages", mymessages); } template = VelocityUtil.getEngine().getTemplate("/preview_left_menu.vl"); } else if (request.getParameter("mainFrame") != null) { hostVariablesTemplate = VelocityUtil.getEngine() .getTemplate( "/working/" + host.getIdentifier() + "." + Config.getStringProperty("VELOCITY_HOST_EXTENSION")); template = VelocityUtil.getEngine() .getTemplate( "/working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); } else { // Return a resource not found right away if the page is not found, // not try to load the frames if (!InodeUtils.isSet(templateIdentifier.getInode())) throw new ResourceNotFoundException(""); template = VelocityUtil.getEngine().getTemplate("/preview_mode.vl"); } PrintWriter out = response.getWriter(); request.setAttribute("velocityContext", context); try { if (widgetPreExecute) { VelocityUtil.getEngine().evaluate(context, out, "", preExecuteCode.toString()); } if (hostVariablesTemplate != null) hostVariablesTemplate.merge(context, out); template.merge(context, out); } catch (ParseErrorException e) { out.append(e.getMessage()); } }
@SuppressWarnings("unchecked") public void doPreviewMode(HttpServletRequest request, HttpServletResponse response) throws Exception { String uri = URLDecoder.decode(request.getRequestURI(), UtilMethods.getCharsetConfiguration()); uri = UtilMethods.cleanURI(uri); Host host = hostWebAPI.getCurrentHost(request); StringBuilder preExecuteCode = new StringBuilder(); Boolean widgetPreExecute = false; // Getting the user to check the permissions com.liferay.portal.model.User user = null; HttpSession session = request.getSession(false); try { if (session != null) user = (com.liferay.portal.model.User) session.getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); } catch (Exception nsue) { Logger.warn(this, "Exception trying getUser: "******"idInode", id.getInode()); Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + id.getInode()); Template template = null; Template hostVariablesTemplate = null; // creates the context where to place the variables response.setContentType(CHARSET); Context context = VelocityUtil.getWebContext(request, response); HTMLPage htmlPage = (HTMLPage) APILocator.getVersionableAPI().findWorkingVersion(id, user, true); HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI(); // to check user has permission to write on this page boolean hasWritePermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, user); boolean hasPublishPermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_PUBLISH, user); context.put("EDIT_HTMLPAGE_PERMISSION", new Boolean(hasWritePermOverHTMLPage)); context.put("PUBLISH_HTMLPAGE_PERMISSION", new Boolean(hasPublishPermOverHTMLPage)); boolean canUserWriteOnTemplate = permissionAPI.doesUserHavePermission( htmlPageAPI.getTemplateForWorkingHTMLPage(htmlPage), PERMISSION_WRITE, user, true); context.put("EDIT_TEMPLATE_PERMISSION", canUserWriteOnTemplate); com.dotmarketing.portlets.templates.model.Template cmsTemplate = com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate( htmlPage, true); Identifier templateIdentifier = APILocator.getIdentifierAPI().find(cmsTemplate); Logger.debug(VelocityServlet.class, "VELOCITY TEMPLATE INODE=" + cmsTemplate.getInode()); VelocityUtil.makeBackendContext( context, htmlPage, cmsTemplate.getInode(), id.getURI(), request, true, false, true, host); context.put("previewPage", "2"); context.put("livePage", "0"); // get the containers for the page and stick them in context List<Container> containers = APILocator.getTemplateAPI() .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false); for (Container c : containers) { context.put( String.valueOf("container" + c.getIdentifier()), "/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); context.put( "EDIT_CONTAINER_PERMISSION" + c.getIdentifier(), permissionAPI.doesUserHavePermission(c, PERMISSION_WRITE, user, true)); // to check user has permission to write this container Structure st = (Structure) InodeFactory.getInode(c.getStructureInode(), Structure.class); boolean hasWritePermOverTheStructure = permissionAPI.doesUserHavePermission(st, PERMISSION_WRITE, user, true); context.put( "ADD_CONTENT_PERMISSION" + c.getIdentifier(), new Boolean(hasWritePermOverTheStructure)); Logger.debug( VelocityServlet.class, String.valueOf("container" + c.getIdentifier()) + "=/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy(); boolean staticContainer = !UtilMethods.isSet(c.getLuceneQuery()); List<Contentlet> contentlets = null; // get contentlets only for main frame if (request.getParameter("mainFrame") != null) { if (staticContainer) { Logger.debug(VelocityServlet.class, "Static Container!!!!"); Logger.debug( VelocityServlet.class, "html=" + htmlPage.getInode() + " container=" + c.getInode()); // The container doesn't have categories Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); Identifier idenContainer = APILocator.getIdentifierAPI().find(c); contentlets = conAPI.findPageContentlets( idenHtmlPage.getInode(), idenContainer.getInode(), sort, true, -1, user, true); Logger.debug( VelocityServlet.class, "Getting contentlets for language=" + (String) request .getSession() .getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE) + " contentlets =" + contentlets.size()); } if (UtilMethods.isSet(contentlets) && contentlets.size() > 0) { Set<String> contentletIdentList = new HashSet<String>(); List<Contentlet> contentletsFilter = new ArrayList<Contentlet>(); for (Contentlet cont : contentlets) { if (!contentletIdentList.contains(cont.getIdentifier())) { contentletIdentList.add(cont.getIdentifier()); contentletsFilter.add(cont); } } contentlets = contentletsFilter; } List<String> contentletList = new ArrayList<String>(); if (contentlets != null && contentlets.size() > 0) { Iterator<Contentlet> iter = contentlets.iterator(); int count = 0; while (iter.hasNext() && (count < c.getMaxContentlets())) { count++; Contentlet contentlet = (Contentlet) iter.next(); Identifier contentletIdentifier = APILocator.getIdentifierAPI().find(contentlet); boolean hasWritePermOverContentlet = permissionAPI.doesUserHavePermission(contentlet, PERMISSION_WRITE, user, true); context.put( "EDIT_CONTENT_PERMISSION" + contentletIdentifier.getInode(), new Boolean(hasWritePermOverContentlet)); contentletList.add(String.valueOf(contentletIdentifier.getInode())); Logger.debug(this, "Adding contentlet=" + contentletIdentifier.getInode()); Structure contStructure = contentlet.getStructure(); if (contStructure.getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) { Field field = contStructure.getFieldVar("widgetPreexecute"); if (field != null && UtilMethods.isSet(field.getValues())) { preExecuteCode.append(field.getValues().trim() + "\n"); widgetPreExecute = true; } } } } // sets contentletlist with all the files to load per // container context.put("contentletList" + c.getIdentifier(), contentletList); context.put("totalSize" + c.getIdentifier(), new Integer(contentletList.size())); } } Logger.debug( VelocityServlet.class, "Before finding template: /working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); Logger.debug( VelocityServlet.class, "Velocity directory:" + VelocityUtil.getEngine().getProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH)); if (request.getParameter("leftMenu") != null) { /* * try to get the messages from the session */ List<String> list = new ArrayList<String>(); if (SessionMessages.contains(request, "message")) { list.add((String) SessionMessages.get(request, "message")); SessionMessages.clear(request); } if (SessionMessages.contains(request, "custommessage")) { list.add((String) SessionMessages.get(request, "custommessage")); SessionMessages.clear(request); } if (list.size() > 0) { ArrayList<String> mymessages = new ArrayList<String>(); Iterator<String> it = list.iterator(); while (it.hasNext()) { try { String message = (String) it.next(); Company comp = PublicCompanyFactory.getDefaultCompany(); mymessages.add(LanguageUtil.get(comp.getCompanyId(), user.getLocale(), message)); } catch (Exception e) { } } context.put("vmessages", mymessages); } template = VelocityUtil.getEngine().getTemplate("/preview_left_menu.vl"); } else if (request.getParameter("mainFrame") != null) { hostVariablesTemplate = VelocityUtil.getEngine() .getTemplate( "/working/" + host.getIdentifier() + "." + Config.getStringProperty("VELOCITY_HOST_EXTENSION")); template = VelocityUtil.getEngine() .getTemplate( "/working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); } else { template = VelocityUtil.getEngine().getTemplate("/preview_mode.vl"); } PrintWriter out = response.getWriter(); request.setAttribute("velocityContext", context); try { if (widgetPreExecute) { VelocityUtil.getEngine().evaluate(context, out, "", preExecuteCode.toString()); } if (hostVariablesTemplate != null) hostVariablesTemplate.merge(context, out); template.merge(context, out); } catch (ParseErrorException e) { out.append(e.getMessage()); } }
public void doLiveMode(HttpServletRequest request, HttpServletResponse response) throws Exception { String uri = URLDecoder.decode(request.getRequestURI(), UtilMethods.getCharsetConfiguration()); uri = UtilMethods.cleanURI(uri); Host host = hostWebAPI.getCurrentHost(request); // Map with all identifier inodes for a given uri. String idInode = APILocator.getIdentifierAPI().find(host, uri).getInode(); // Checking the path is really live using the livecache String cachedUri = LiveCache.getPathFromCache(uri, host); // if we still have nothing. if (!InodeUtils.isSet(idInode) || cachedUri == null) { throw new ResourceNotFoundException( String.format("Resource %s not found in Live mode!", uri)); } response.setContentType(CHARSET); request.setAttribute("idInode", String.valueOf(idInode)); Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + idInode); /* * JIRA http://jira.dotmarketing.net/browse/DOTCMS-4659 //Set long lived cookie regardless of who this is */ String _dotCMSID = UtilMethods.getCookieValue( request.getCookies(), com.dotmarketing.util.WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE); if (!UtilMethods.isSet(_dotCMSID)) { // create unique generator engine Cookie idCookie = CookieUtil.createCookie(); response.addCookie(idCookie); } com.liferay.portal.model.User user = null; HttpSession session = request.getSession(false); try { if (session != null) user = (com.liferay.portal.model.User) session.getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); } catch (Exception nsue) { Logger.warn(this, "Exception trying to getUser: "******"Page Permissions for URI=" + uri); HTMLPage page = null; try { // we get the page and check permissions below page = APILocator.getHTMLPageAPI() .loadLivePageById(idInode, APILocator.getUserAPI().getSystemUser(), false); } catch (Exception e) { Logger.error( HTMLPageWebAPI.class, "unable to load live version of page: " + idInode + " because " + e.getMessage()); return; } // Check if the page is visible by a CMS Anonymous role if (!permissionAPI.doesUserHavePermission(page, PERMISSION_READ, user, true)) { // this page is protected. not anonymous access /** * ***************************************************************** If we need to redirect * someone somewhere to login before seeing a page, we need to edit the /portal/401.jsp page * to sendRedirect the user to the proper login page. We are not using the REDIRECT_TO_LOGIN * variable in the config any longer. * **************************************************************** */ if (!signedIn) { // No need for the below LAST_PATH attribute on the front end // http://jira.dotmarketing.net/browse/DOTCMS-2675 // request.getSession().setAttribute(WebKeys.LAST_PATH, // new ObjectValuePair(uri, request.getParameterMap())); request.getSession().setAttribute(com.dotmarketing.util.WebKeys.REDIRECT_AFTER_LOGIN, uri); Logger.debug( VelocityServlet.class, "VELOCITY CHECKING PERMISSION: Page doesn't have anonymous access" + uri); Logger.debug(VelocityServlet.class, "401 URI = " + uri); Logger.debug(VelocityServlet.class, "Unauthorized URI = " + uri); response.sendError(401, "The requested page/file is unauthorized"); return; } else if (!permissionAPI .getReadRoles(ident) .contains(APILocator.getRoleAPI().loadLoggedinSiteRole())) { // user is logged in need to check user permissions Logger.debug(VelocityServlet.class, "VELOCITY CHECKING PERMISSION: User signed in"); // check user permissions on this asset if (!permissionAPI.doesUserHavePermission(ident, PERMISSION_READ, user, true)) { // the user doesn't have permissions to see this page // go to unauthorized page Logger.warn( VelocityServlet.class, "VELOCITY CHECKING PERMISSION: Page doesn't have any access for this user"); response.sendError(403, "The requested page/file is forbidden"); return; } } } Logger.debug(VelocityServlet.class, "Recording the ClickStream"); if (Config.getBooleanProperty("ENABLE_CLICKSTREAM_TRACKING", false)) { if (user != null) { UserProxy userProxy = com.dotmarketing.business.APILocator.getUserProxyAPI() .getUserProxy(user, APILocator.getUserAPI().getSystemUser(), false); if (!userProxy.isNoclicktracking()) { ClickstreamFactory.addRequest( (HttpServletRequest) request, ((HttpServletResponse) response), host); } } else { ClickstreamFactory.addRequest( (HttpServletRequest) request, ((HttpServletResponse) response), host); } } // Begin Page Caching boolean buildCache = false; String key = getPageCacheKey(request); if (key != null) { String cachedPage = CacheLocator.getBlockDirectiveCache().get(key, (int) page.getCacheTTL()); if (cachedPage == null || "refresh".equals(request.getParameter("dotcache")) || "refresh".equals(request.getAttribute("dotcache")) || "refresh".equals(request.getSession().getAttribute("dotcache"))) { // build cached response buildCache = true; } else { // have cached response and are not refreshing, send it response.getWriter().write(cachedPage); return; } } Writer out = (buildCache) ? new StringWriter(4096) : new VelocityFilterWriter(response.getWriter()); // get the context from the requst if possible Context context = VelocityUtil.getWebContext(request, response); request.setAttribute("velocityContext", context); Logger.debug(VelocityServlet.class, "HTMLPage Identifier:" + idInode); try { VelocityUtil.getEngine() .getTemplate("/live/" + idInode + "." + VELOCITY_HTMLPAGE_EXTENSION) .merge(context, out); } catch (ParseErrorException e) { // out.append(e.getMessage()); } context = null; if (buildCache) { String trimmedPage = out.toString().trim(); response.getWriter().write(trimmedPage); response.getWriter().close(); synchronized (key) { String x = CacheLocator.getBlockDirectiveCache().get(key, (int) page.getCacheTTL()); if (x != null) { return; } CacheLocator.getBlockDirectiveCache() .add(getPageCacheKey(request), trimmedPage, (int) page.getCacheTTL()); } } else { out.close(); } }
@SuppressWarnings("unchecked") public static InputStream buildStream(HTMLPage htmlPage, Identifier identifier, boolean EDIT_MODE) throws DotDataException, DotSecurityException { String folderPath = (!EDIT_MODE) ? "live/" : "working/"; InputStream result; StringBuilder sb = new StringBuilder(); ContentletAPI conAPI = APILocator.getContentletAPI(); Template cmsTemplate = com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate( htmlPage, EDIT_MODE); if (cmsTemplate == null || !InodeUtils.isSet(cmsTemplate.getInode())) { Logger.error( This.class, "PAGE DOES NOT HAVE A VALID TEMPLATE (template unpublished?) : page id " + htmlPage.getIdentifier() + ":" + identifier.getURI()); } // gets pageChannel for this path java.util.StringTokenizer st = new java.util.StringTokenizer(String.valueOf(identifier.getURI()), "/"); String pageChannel = null; if (st.hasMoreTokens()) { pageChannel = st.nextToken(); } // set the page cache var if (htmlPage.getCacheTTL() > 0 && LicenseUtil.getLevel() > 99) { sb.append("#set($dotPageCacheDate = \"").append(new java.util.Date()).append("\")"); sb.append("#set($dotPageCacheTTL = \"").append(htmlPage.getCacheTTL()).append("\")"); } // set the host variables HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI(); Host host = htmlPageAPI.getParentHost(htmlPage); sb.append("#if(!$doNotParseTemplate)"); sb.append("$velutil.mergeTemplate('") .append(folderPath) .append(host.getIdentifier()) .append(".") .append(Config.getStringProperty("VELOCITY_HOST_EXTENSION")) .append("')"); sb.append(" #end "); // creates the context where to place the variables // Build a context to pass to the page sb.append("#if(!$doNotSetPageInfo)"); sb.append("#set ( $quote = '\"' )"); sb.append("#set ($HTMLPAGE_INODE = \"") .append(String.valueOf(htmlPage.getInode())) .append("\" )"); sb.append("#set ($HTMLPAGE_IDENTIFIER = \"") .append(String.valueOf(htmlPage.getIdentifier())) .append("\" )"); sb.append("#set ($HTMLPAGE_TITLE = \"") .append(UtilMethods.espaceForVelocity(htmlPage.getTitle())) .append("\" )"); sb.append( "#set ($HTMLPAGE_FRIENDLY_NAME = \"" + UtilMethods.espaceForVelocity(htmlPage.getFriendlyName())) .append("\" )"); sb.append("#set ($TEMPLATE_INODE = \"") .append(String.valueOf(cmsTemplate.getInode())) .append("\" )"); sb.append("#set ($HTMLPAGE_META = \"") .append(UtilMethods.espaceForVelocity(htmlPage.getMetadata())) .append("\" )"); sb.append("#set ($HTMLPAGE_META = \"#fixBreaks($HTMLPAGE_META)\")"); sb.append("#set ($HTMLPAGE_DESCRIPTION = \"") .append(UtilMethods.espaceForVelocity(htmlPage.getSeoDescription())) .append("\" )"); sb.append("#set ($HTMLPAGE_DESCRIPTION = \"#fixBreaks($HTMLPAGE_DESCRIPTION)\")"); sb.append("#set ($HTMLPAGE_KEYWORDS = \"") .append(UtilMethods.espaceForVelocity(htmlPage.getSeoKeywords())) .append("\" )"); sb.append("#set ($HTMLPAGE_KEYWORDS = \"#fixBreaks($HTMLPAGE_KEYWORDS)\")"); sb.append("#set ($HTMLPAGE_SECURE = \"") .append(String.valueOf(htmlPage.isHttpsRequired())) .append("\" )"); sb.append("#set ($VTLSERVLET_URI = \"") .append(UtilMethods.encodeURIComponent(identifier.getURI())) .append("\" )"); sb.append("#set ($HTMLPAGE_REDIRECT = \"") .append(UtilMethods.espaceForVelocity(htmlPage.getRedirect())) .append("\" )"); sb.append("#set ($pageTitle = \"") .append(UtilMethods.espaceForVelocity(htmlPage.getTitle())) .append("\" )"); sb.append("#set ($pageChannel = \"").append(pageChannel).append("\" )"); sb.append("#set ($friendlyName = \"") .append(UtilMethods.espaceForVelocity(htmlPage.getFriendlyName())) .append("\" )"); Date moddate = null; if (UtilMethods.isSet(htmlPage.getModDate())) { moddate = htmlPage.getModDate(); } else { moddate = htmlPage.getStartDate(); } moddate = new Timestamp(moddate.getTime()); sb.append("#set ($HTML_PAGE_LAST_MOD_DATE= $date.toDate(\"yyyy-MM-dd HH:mm:ss.SSS\", \"") .append(moddate) .append("\"))"); sb.append("#set ($HTMLPAGE_MOD_DATE= $date.toDate(\"yyyy-MM-dd HH:mm:ss.SSS\", \"") .append(moddate) .append("\"))"); sb.append(" #end "); // get the containers for the page and stick them in context // List identifiers = InodeFactory.getChildrenClass(cmsTemplate, Identifier.class); List<Container> containerList = APILocator.getTemplateAPI() .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false); Iterator i = containerList.iterator(); while (i.hasNext()) { Container ident = (Container) i.next(); Container c = null; if (EDIT_MODE) { c = (Container) APILocator.getVersionableAPI() .findWorkingVersion( ident.getIdentifier(), APILocator.getUserAPI().getSystemUser(), false); } else { c = (Container) APILocator.getVersionableAPI() .findLiveVersion( ident.getIdentifier(), APILocator.getUserAPI().getSystemUser(), false); } // sets container to load the container file sb.append("#set ($container") .append(ident.getIdentifier()) .append(" = \"") .append(folderPath) .append(ident.getIdentifier()) .append(".") .append(Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")) .append("\" )"); String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy(); boolean dynamicContainer = UtilMethods.isSet(c.getLuceneQuery()); int langCounter = 0; List<Contentlet> contentlets = new ArrayList<Contentlet>(); List<Contentlet> contentletsFull = new ArrayList<Contentlet>(); if (!dynamicContainer) { Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); Identifier idenContainer = APILocator.getIdentifierAPI().find(c); // The container doesn't have categories try { contentlets = conAPI.findPageContentlets( idenHtmlPage.getId(), idenContainer.getId(), sort, EDIT_MODE, -1, APILocator.getUserAPI().getSystemUser(), false); if (EDIT_MODE) contentletsFull = contentlets; else contentletsFull = conAPI.findPageContentlets( idenHtmlPage.getId(), idenContainer.getId(), sort, true, -1, APILocator.getUserAPI().getSystemUser(), false); } catch (Exception e) { Logger.error(PageServices.class, "Unable to retrive contentlets on page", e); } Logger.debug( PageServices.class, "HTMLPage= " + htmlPage.getInode() + " Container=" + c.getInode() + " Language=-1 Contentlets=" + contentlets.size()); } // this is to filter the contentlets list removing the repited identifiers if (contentlets.size() > 0) { Set<String> contentletIdentList = new HashSet<String>(); List<Contentlet> contentletsFilter = new ArrayList<Contentlet>(); for (Contentlet cont : contentlets) { if (!contentletIdentList.contains(cont.getIdentifier())) { contentletIdentList.add(cont.getIdentifier()); contentletsFilter.add(cont); } } contentlets = contentletsFilter; } if (contentletsFull.size() > 0) { Set<String> contentletIdentList = new HashSet<String>(); List<Contentlet> contentletsFilter = new ArrayList<Contentlet>(); for (Contentlet cont : contentletsFull) { if (!contentletIdentList.contains(cont.getIdentifier())) { contentletIdentList.add(cont.getIdentifier()); contentletsFilter.add(cont); } } contentletsFull = contentletsFilter; } StringBuilder widgetpree = new StringBuilder(); StringBuilder widgetpreeFull = new StringBuilder(); StringBuilder contentletList = new StringBuilder(); int count = 0; for (Contentlet contentlet : contentlets) { contentletList .append(count == 0 ? "" : ",") .append('"') .append(contentlet.getIdentifier()) .append('"'); if (contentlet.getStructure().getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) { Field field = contentlet.getStructure().getFieldVar("widgetPreexecute"); if (field != null && UtilMethods.isSet(field.getValues())) widgetpree.append(field.getValues().trim()); } if (++count >= c.getMaxContentlets()) break; } StringBuilder contentletListFull = new StringBuilder(); int countFull = 0; for (Contentlet contentlet : contentletsFull) { contentletListFull .append(countFull == 0 ? "" : ",") .append('"') .append(contentlet.getIdentifier()) .append('"'); if (contentlet.getStructure().getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) { Field field = contentlet.getStructure().getFieldVar("widgetPreexecute"); if (field != null && UtilMethods.isSet(field.getValues())) widgetpreeFull.append(field.getValues().trim()); } if (++countFull >= c.getMaxContentlets()) break; } sb.append("#if($request.session.getAttribute(\"tm_date\"))"); sb.append(widgetpreeFull); sb.append("#set ($contentletList") .append(ident.getIdentifier()) .append(" = [") .append(contentletListFull.toString()) .append("] )"); sb.append("#set ($totalSize") .append(ident.getIdentifier()) .append("=") .append(countFull) .append(")"); sb.append("#else "); sb.append(widgetpree); sb.append("#set ($contentletList") .append(ident.getIdentifier()) .append(" = [") .append(contentletList.toString()) .append("] )"); sb.append("#set ($totalSize") .append(ident.getIdentifier()) .append("=") .append(count) .append(")"); sb.append("#end "); langCounter++; } if (htmlPage.isHttpsRequired()) { sb.append(" #if(!$ADMIN_MODE && !$request.isSecure())"); sb.append(" #if($request.getQueryString())"); sb.append( " #set ($REDIRECT_URL = \"https://${request.getServerName()}$request.getAttribute('javax.servlet.forward.request_uri')?$request.getQueryString()\")"); sb.append(" #else "); sb.append( " #set ($REDIRECT_URL = \"https://${request.getServerName()}$request.getAttribute('javax.servlet.forward.request_uri')\")"); sb.append(" #end "); sb.append(" $response.sendRedirect(\"$REDIRECT_URL\")"); sb.append(" #end "); } sb.append("#if($HTMLPAGE_REDIRECT != \"\")"); sb.append(" $response.sendRedirect(\"$HTMLPAGE_REDIRECT\")"); sb.append("#end"); Identifier iden = APILocator.getIdentifierAPI().find(cmsTemplate); sb.append("#if(!$doNotParseTemplate)"); if (cmsTemplate.isDrawed()) { // We have a designed template // Setting some theme variables sb.append("#set ($dotTheme = $templatetool.theme(\"") .append(cmsTemplate.getTheme()) .append("\",\"") .append(host.getIdentifier()) .append("\"))"); sb.append("#set ($dotThemeLayout = $templatetool.themeLayout(\"") .append(cmsTemplate.getInode()) .append("\" ))"); // Merging our template sb.append("$velutil.mergeTemplate(\"$dotTheme.templatePath\")"); } else { sb.append("$velutil.mergeTemplate('") .append(folderPath) .append(iden.getInode()) .append(".") .append(Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")) .append("')"); } sb.append("#end"); try { if (Config.getBooleanProperty("SHOW_VELOCITYFILES", false)) { String realFolderPath = (!EDIT_MODE) ? "live" + java.io.File.separator : "working" + java.io.File.separator; String velocityRootPath = Config.getStringProperty("VELOCITY_ROOT"); String filePath = realFolderPath + identifier.getInode() + "." + Config.getStringProperty("VELOCITY_HTMLPAGE_EXTENSION"); if (velocityRootPath.startsWith("/WEB-INF")) { velocityRootPath = com.liferay.util.FileUtil.getRealPath(velocityRootPath); } velocityRootPath += java.io.File.separator; java.io.BufferedOutputStream tmpOut = new java.io.BufferedOutputStream( new java.io.FileOutputStream( new java.io.File( ConfigUtils.getDynamicVelocityPath() + java.io.File.separator + filePath))); // Specify a proper character encoding OutputStreamWriter out = new OutputStreamWriter(tmpOut, UtilMethods.getCharsetConfiguration()); out.write(sb.toString()); out.flush(); out.close(); tmpOut.close(); } } catch (Exception e) { Logger.error(PageServices.class, e.toString(), e); } try { result = new ByteArrayInputStream(sb.toString().getBytes("UTF-8")); } catch (UnsupportedEncodingException e1) { result = new ByteArrayInputStream(sb.toString().getBytes()); Logger.error(ContainerServices.class, e1.getMessage(), e1); } return result; }
public void processAction( ActionMapping mapping, ActionForm form, PortletConfig config, ActionRequest req, ActionResponse res) throws Exception { String cmd = req.getParameter("cmd"); String subcmd = ParamUtil.getString(req, "subcmd"); String referer = (req.getParameter("referer") != null) ? URLDecoder.decode(req.getParameter("referer"), "UTF-8") : "/c"; Logger.debug(DirectorAction.class, "DirectorAction :: referer=" + referer); // wraps request to get session object ActionRequestImpl reqImpl = (ActionRequestImpl) req; HttpServletRequest httpReq = reqImpl.getHttpServletRequest(); // gets the session object for the messages HttpSession session = httpReq.getSession(); Logger.debug(DirectorAction.class, "I'm inside the Director cmd = " + cmd); Logger.debug(DirectorAction.class, "I'm inside the Director subcmd = " + subcmd); Logger.debug(DirectorAction.class, "I'm inside the Director referer = " + referer); // get the user User user = _getUser(req); // to order menu items if (cmd != null && cmd.equals("orderMenu")) { Logger.debug(DirectorAction.class, "Director :: orderMenu"); java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/folders/order_menu"}); params.put("path", new String[] {req.getParameter("path")}); params.put("pagePath", new String[] {req.getParameter("pagePath")}); if (req.getParameter("openAll") != null) { params.put("openAll", new String[] {req.getParameter("openAll")}); } params.put("hostId", new String[] {req.getParameter("hostId")}); params.put("referer", new String[] {referer}); params.put("startLevel", new String[] {req.getParameter("startLevel")}); params.put("depth", new String[] {req.getParameter("depth")}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("orderContentlets")) { Logger.debug(DirectorAction.class, "Director :: orderContentlet"); Container container = (Container) InodeFactory.getInode(req.getParameter("containerId"), Container.class); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("pageId"), HTMLPage.class); boolean hasReadPermissionOnContainer = perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false); boolean hasWritePermissionOnPage = perAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, user, false); if (!hasReadPermissionOnContainer || !hasWritePermissionOnPage) { throw new DotSecurityException( "User has no permission to reorder content on container = " + req.getParameter("container") + " on page = " + req.getParameter("htmlPage")); } java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/contentlet/order_contentlets"}); params.put("containerId", new String[] {req.getParameter("containerId")}); params.put("pageId", new String[] {req.getParameter("pageId")}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("newHTMLPage")) { Logger.debug(DirectorAction.class, "Director :: editHTMLPage"); java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/htmlpages/edit_htmlpage"}); params.put("cmd", new String[] {"edit"}); params.put("inode", new String[] {"0"}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("editHTMLPage")) { Logger.debug(DirectorAction.class, "Director :: editHTMLPage"); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); Identifier identifier = APILocator.getIdentifierAPI().find(htmlPage); // gets the current working asset WebAsset workingHTMLPage = (WebAsset) APILocator.getVersionableAPI() .findWorkingVersion(identifier, APILocator.getUserAPI().getSystemUser(), false); if ("unlockHTMLPage".equals(subcmd)) { WebAssetFactory.unLockAsset(workingHTMLPage); } if (workingHTMLPage.isLocked() && !workingHTMLPage.getModUser().equals(user.getUserId())) { req.setAttribute(WebKeys.HTMLPAGE_EDIT, workingHTMLPage); setForward(req, "portlet.ext.director.unlock_htmlpage"); return; } else if (workingHTMLPage.isLocked()) { // it's locked by the same user WebAssetFactory.unLockAsset(workingHTMLPage); } java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/htmlpages/edit_htmlpage"}); params.put("cmd", new String[] {"edit"}); params.put("inode", new String[] {workingHTMLPage.getInode() + ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("viewStatistics")) { Logger.debug(DirectorAction.class, "Director :: editHTMLPage"); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/htmlpageviews/view_htmlpage_views"}); params.put("htmlpage", new String[] {htmlPage.getInode() + ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getRenderURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("editFile")) { Logger.debug(DirectorAction.class, "Director :: editFile"); String fileAssetInode = ""; if (UtilMethods.isSet(req.getParameter("file"))) fileAssetInode = req.getParameter("file"); else return; Identifier identifier = APILocator.getIdentifierAPI().findFromInode(fileAssetInode); if (identifier.getAssetType().equals("contentlet")) { try { Contentlet cont = APILocator.getContentletAPI().find(fileAssetInode, user, false); java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/contentlet/edit_contentlet"}); params.put("cmd", new String[] {"edit"}); params.put("inode", new String[] {cont.getInode() + ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); } catch (DotSecurityException e) { Logger.error(this, e.getMessage()); return; } } else { try { // gets the current working asset WebAsset workingFile = (WebAsset) APILocator.getVersionableAPI() .findWorkingVersion( identifier, APILocator.getUserAPI().getSystemUser(), false); if ("unlockFile".equals(subcmd)) { WebAssetFactory.unLockAsset(workingFile); } if (workingFile.isLocked() && !workingFile.getModUser().equals(user.getUserId())) { req.setAttribute(WebKeys.FILE_EDIT, workingFile); setForward(req, "portlet.ext.director.unlock_file"); return; } else if (workingFile.isLocked()) { // it's locked by the same user WebAssetFactory.unLockAsset(workingFile); } java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/files/edit_file"}); params.put("cmd", new String[] {"edit"}); params.put("inode", new String[] {workingFile.getInode() + ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); } catch (DotStateException e) { Logger.error(this, e.getMessage()); return; } catch (DotSecurityException e) { Logger.error(this, e.getMessage()); return; } } return; } if (cmd != null && cmd.equals("editTemplate")) { Logger.debug(DirectorAction.class, "Director :: editTemplate"); HTMLPage htmlPage = new HTMLPage(); WebAsset workingTemplate = new Template(); if (req.getParameter("htmlPage") != null) { htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); workingTemplate = HTMLPageFactory.getHTMLPageTemplate(htmlPage, true); } else if (req.getParameter("template") != null) { workingTemplate = (Template) InodeFactory.getInode(req.getParameter("template"), Template.class); } if ("unlockTemplate".equals(subcmd)) { WebAssetFactory.unLockAsset(workingTemplate); } if (workingTemplate.isLocked() && !workingTemplate.getModUser().equals(user.getUserId())) { req.setAttribute(WebKeys.HTMLPAGE_EDIT, htmlPage); req.setAttribute(WebKeys.TEMPLATE_EDIT, workingTemplate); setForward(req, "portlet.ext.director.unlock_template"); return; } else if (workingTemplate.isLocked()) { // it's locked by the same user WebAssetFactory.unLockAsset(workingTemplate); } java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/templates/edit_template"}); params.put("cmd", new String[] {"edit"}); params.put("inode", new String[] {workingTemplate.getInode() + ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("publishHTMLPage")) { Logger.debug(DirectorAction.class, "Director :: publishHTMLPage"); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/htmlpages/publish_htmlpages"}); params.put("cmd", new String[] {"prepublish"}); params.put("publishInode", new String[] {htmlPage.getInode() + ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("editContainer")) { Logger.debug(DirectorAction.class, "Director :: editContainer" + subcmd); Container container = (Container) InodeFactory.getInode(req.getParameter("container"), Container.class); Identifier identifier = APILocator.getIdentifierAPI().find(container); // gets the current working asset WebAsset workingContainer = (WebAsset) APILocator.getVersionableAPI() .findWorkingVersion(identifier, APILocator.getUserAPI().getSystemUser(), false); if ("unlockContainer".equals(subcmd)) { WebAssetFactory.unLockAsset(workingContainer); } if (workingContainer.isLocked() && !workingContainer.getModUser().equals(user.getUserId())) { req.setAttribute(WebKeys.CONTAINER_EDIT, workingContainer); setForward(req, "portlet.ext.director.unlock_container"); return; } else if (workingContainer.isLocked()) { // it's locked by the same user WebAssetFactory.unLockAsset(workingContainer); } java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/containers/edit_container"}); params.put("cmd", new String[] {"edit"}); params.put("inode", new String[] {workingContainer.getInode() + ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("editLink")) { Logger.debug(DirectorAction.class, "Director :: editLink"); String popup = req.getParameter("popup"); Link link = (Link) InodeFactory.getInode(req.getParameter("link"), Link.class); Identifier identifier = APILocator.getIdentifierAPI().find(link); // gets the current working asset WebAsset workingLink = (WebAsset) APILocator.getVersionableAPI() .findWorkingVersion(identifier, APILocator.getUserAPI().getSystemUser(), false); if ("unlockLink".equals(subcmd)) { WebAssetFactory.unLockAsset(workingLink); } if (workingLink.isLocked() && !workingLink.getModUser().equals(user.getUserId())) { req.setAttribute(WebKeys.LINK_EDIT, workingLink); if (UtilMethods.isSet(popup)) { Logger.debug(DirectorAction.class, "Going to SIX I have popup!!!!!!!!!!!!!!!!"); setForward(req, "portlet.ext.director.unlock_popup_link"); return; } else { Logger.debug(DirectorAction.class, "Going to FIVE I dont have popup!!!!!!!!!!!!!!!!"); setForward(req, "portlet.ext.director.unlock_link"); return; } } else if (workingLink.isLocked()) { // it's locked by the same user WebAssetFactory.unLockAsset(workingLink); } String popURL = ""; if (UtilMethods.isSet(popup)) { popURL = "_popup"; } java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/links/edit_link"}); params.put("cmd", new String[] {"edit"}); params.put("inode", new String[] {workingLink.getInode() + ""}); params.put("popup", new String[] {popup}); params.put("referer", new String[] {referer}); params.put( "child", new String[] {(req.getParameter("child") != null) ? req.getParameter("child") : ""}); params.put( "page_width", new String[] { (req.getParameter("page_width") != null) ? req.getParameter("page_width") : "" }); params.put( "browse", new String[] {(req.getParameter("browse") != null) ? req.getParameter("browse") : ""}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } if (cmd != null && cmd.equals("addChild")) { try { Logger.debug(DirectorAction.class, "Director :: addChild"); HibernateUtil.startTransaction(); Contentlet contentlet = new Contentlet(); String cInode = req.getParameter("contentlet"); if (InodeUtils.isSet(cInode)) { contentlet = conAPI.find(cInode, user, true); } Container container = (Container) InodeFactory.getInode(req.getParameter("container"), Container.class); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); boolean hasPermissionOnContainer = perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false); if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true)) hasPermissionOnContainer = true; boolean hasPermissionsOnPage = perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false); boolean duplicateContentCheck = false; if (!hasPermissionOnContainer || !hasPermissionsOnPage) { throw new DotSecurityException( "User has no permission to add content on container = " + req.getParameter("container") + " on page = " + req.getParameter("htmlPage")); } Identifier identifier = APILocator.getIdentifierAPI().find(contentlet); Identifier htmlPageIdentifier = APILocator.getIdentifierAPI().find(htmlPage); Identifier containerIdentifier = APILocator.getIdentifierAPI().find(container); if (InodeUtils.isSet(identifier.getInode()) && InodeUtils.isSet(htmlPageIdentifier.getInode()) && InodeUtils.isSet(containerIdentifier.getInode())) { MultiTree mTree = new MultiTree( htmlPageIdentifier.getInode(), containerIdentifier.getInode(), identifier.getInode()); java.util.List<MultiTree> treeList = MultiTreeFactory.getMultiTree(htmlPage, container); for (int i = 0; i < treeList.size(); i++) { if (treeList.get(i).getChild().equals(identifier.getInode())) { duplicateContentCheck = true; session.setAttribute( "duplicatedErrorMessage", "Content already exists in the same container on the page"); } } if (!duplicateContentCheck) { MultiTreeFactory.saveMultiTree(mTree); // Updating the last mod user and last mod date of the page htmlPage.setModDate(new Date()); htmlPage.setModUser(user.getUserId()); HibernateUtil.saveOrUpdate(htmlPage); } } else { Logger.error( this, "Error found trying to associate the contentlet inode: " + contentlet.getInode() + "(iden: " + identifier.getInode() + ") " + "to the container: " + container.getInode() + "(iden: " + containerIdentifier.getInode() + ") " + "of the page: " + htmlPage.getInode() + "(iden: " + htmlPageIdentifier.getInode() + ") " + "the system was unable to find some the identifiers (tree error?)!"); } } catch (DotRuntimeException e) { Logger.error(this, "Unable to add content to page", e); } finally { try { HibernateUtil.commitTransaction(); } catch (Exception e) { session.setAttribute( "duplicatedErrorMessage", "Content already exists in the same container on the page"); // res.sendRedirect(referer); } } _sendToReferral(req, res, referer); return; } if (cmd != null && cmd.equals("removeChild")) { try { Logger.debug(DirectorAction.class, "Director :: removeChild"); HibernateUtil.startTransaction(); Contentlet contentlet = new Contentlet(); String cInode = req.getParameter("contentlet"); if (InodeUtils.isSet(cInode)) { contentlet = conAPI.find(cInode, user, true); } Container container = (Container) InodeFactory.getInode(req.getParameter("container"), Container.class); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); boolean hasPermissionOnPage = perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false); boolean hasPermissionOnContainer = perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false); if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true)) hasPermissionOnContainer = true; if (!hasPermissionOnContainer || !hasPermissionOnPage) { throw new DotSecurityException( "User has no permission to remove content from container = " + req.getParameter("container") + " on page = " + req.getParameter("htmlPage")); } Identifier identifier = APILocator.getIdentifierAPI().find(contentlet); Logger.debug( DirectorAction.class, "Identifier of Contentlet to be removed=" + identifier.getInode()); Contentlet contentletWorking = conAPI.findContentletByIdentifier( identifier.getInode(), false, contentlet.getLanguageId(), user, true); Contentlet liveContentlet = conAPI.findContentletByIdentifier( identifier.getInode(), false, contentlet.getLanguageId(), user, true); Logger.debug( DirectorAction.class, "\n\nContentlet Working to be removed=" + contentletWorking.getInode()); Identifier htmlPageIdentifier = APILocator.getIdentifierAPI().find(htmlPage); Identifier containerIdentifier = APILocator.getIdentifierAPI().find(container); MultiTree multiTree = MultiTreeFactory.getMultiTree(htmlPageIdentifier, containerIdentifier, identifier); Logger.debug(DirectorAction.class, "multiTree=" + multiTree); MultiTreeFactory.deleteMultiTree(multiTree); // Updating the last mod user and last mod date of the page htmlPage.setModDate(new Date()); htmlPage.setModUser(user.getUserId()); HibernateUtil.saveOrUpdate(htmlPage); } catch (DotRuntimeException e) { Logger.error(this, "Unable to remove content from page", e); } finally { HibernateUtil.commitTransaction(); } _sendToReferral(req, res, referer); return; } if (cmd != null && cmd.equals("makeHomePage")) { Logger.debug(DirectorAction.class, "Director :: makeHomePage"); if (InodeUtils.isSet(req.getParameter("htmlPage"))) { HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); Folder folder = APILocator.getFolderAPI().findParentFolder(htmlPage, user, false); UserPreference up = UserPreferencesFactory.getUserPreferenceValue( user.getUserId(), WebKeys.USER_PREFERENCE_HOME_PAGE); if (up.getId() > 0) { up.setValue(htmlPage.getURI(folder)); } else { up.setUserId(user.getUserId()); up.setPreference(WebKeys.USER_PREFERENCE_HOME_PAGE); up.setValue(htmlPage.getURI(folder)); } UserPreferencesFactory.saveUserPreference(up); } else { // the user clicked on set with no page that means unsetting the page UserPreferencesFactory.deleteUserPreference( user.getUserId(), WebKeys.USER_PREFERENCE_HOME_PAGE); } _sendToReferral(req, res, referer); return; } if (cmd != null && cmd.equals("moveUp")) { Logger.debug(DirectorAction.class, "Director :: moveUp"); Contentlet contentlet = new Contentlet(); String cInode = req.getParameter("contentlet"); if (InodeUtils.isSet(cInode)) { contentlet = conAPI.find(cInode, user, true); } Container container = (Container) InodeFactory.getInode(req.getParameter("container"), Container.class); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); boolean hasPermissionOnPage = perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false); boolean hasPermissionOnContainer = perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false); if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true)) hasPermissionOnContainer = true; if (!hasPermissionOnContainer || !hasPermissionOnPage) { throw new DotSecurityException( "User has no permission to reorder content on container = " + req.getParameter("container") + " on page = " + req.getParameter("htmlPage")); } String staticContainer = req.getParameter("static"); Logger.debug(DirectorAction.class, "staticContainer=" + staticContainer); java.util.List cletList = new ArrayList(); String sort = (container.getSortContentletsBy() == null) ? "tree_order" : container.getSortContentletsBy(); Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); Identifier idenContainer = APILocator.getIdentifierAPI().find(container); cletList = conAPI.findPageContentlets( idenHtmlPage.getInode(), idenContainer.getInode(), sort, true, contentlet.getLanguageId(), user, false); Logger.debug(DirectorAction.class, "Number of contentlets = " + cletList.size()); int newPosition = cletList.indexOf(contentlet) - 1; if (newPosition >= 0) { idenContainer = APILocator.getIdentifierAPI().find(container); idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); int x = 0; Iterator i = cletList.iterator(); while (i.hasNext()) { Identifier iden; MultiTree multiTree; Contentlet c = (Contentlet) i.next(); Logger.debug(DirectorAction.class, "Contentlet inode = " + c.getInode()); if (newPosition == x) { iden = APILocator.getIdentifierAPI().find(contentlet); multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden); multiTree.setTreeOrder(x); MultiTreeFactory.saveMultiTree(multiTree); x++; } if (!c.getInode().equalsIgnoreCase(contentlet.getInode())) { iden = APILocator.getIdentifierAPI().find(c); multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden); multiTree.setTreeOrder(x); MultiTreeFactory.saveMultiTree(multiTree); x++; } } } _sendToReferral(req, res, referer); return; } if (cmd != null && cmd.equals("moveDown")) { Logger.debug(DirectorAction.class, "Director :: moveDown"); Contentlet contentlet = new Contentlet(); String cInode = req.getParameter("contentlet"); if (InodeUtils.isSet(cInode)) { contentlet = conAPI.find(cInode, user, true); } Container container = (Container) InodeFactory.getInode(req.getParameter("container"), Container.class); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); String staticContainer = req.getParameter("static"); boolean hasPermissionOnPage = perAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, user, false); boolean hasPermissionOnContainer = perAPI.doesUserHavePermission(container, PERMISSION_READ, user, false); if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true)) hasPermissionOnContainer = true; if (!hasPermissionOnContainer || !hasPermissionOnPage) { throw new DotSecurityException( "User has no permission to reorder content on container = " + req.getParameter("container") + " on page = " + req.getParameter("htmlPage")); } Logger.debug(DirectorAction.class, "staticContainer=" + staticContainer); java.util.List cletList = new ArrayList(); String sort = (container.getSortContentletsBy() == null) ? "tree_order" : container.getSortContentletsBy(); Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); Identifier idenContainer = APILocator.getIdentifierAPI().find(container); cletList = conAPI.findPageContentlets( idenHtmlPage.getInode(), idenContainer.getInode(), sort, true, contentlet.getLanguageId(), user, false); Logger.debug(DirectorAction.class, "Number of contentlets = " + cletList.size()); int newPosition = cletList.indexOf(contentlet) + 1; if (newPosition < cletList.size()) { idenContainer = APILocator.getIdentifierAPI().find(container); idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); int x = 0; Iterator i = cletList.iterator(); while (i.hasNext()) { Identifier iden; MultiTree multiTree; Contentlet c = (Contentlet) i.next(); Logger.debug(DirectorAction.class, "Contentlet inode = " + c.getInode()); if (!c.getInode().equalsIgnoreCase(contentlet.getInode())) { iden = APILocator.getIdentifierAPI().find(c); multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden); multiTree.setTreeOrder(x); MultiTreeFactory.saveMultiTree(multiTree); x++; } if (newPosition == x) { iden = APILocator.getIdentifierAPI().find(contentlet); multiTree = MultiTreeFactory.getMultiTree(idenHtmlPage, idenContainer, iden); multiTree.setTreeOrder(x); MultiTreeFactory.saveMultiTree(multiTree); x++; } } } _sendToReferral(req, res, referer); return; } if (cmd != null && cmd.equals("unlock")) { Logger.debug(DirectorAction.class, "Director :: unlock Contentlet"); Contentlet contentlet = new Contentlet(); String cInode = req.getParameter("contentlet"); if (InodeUtils.isSet(cInode)) { contentlet = conAPI.find(cInode, user, true); } conAPI.unlock(contentlet, user, true); } if (cmd != null && cmd.equals("createForm")) { Logger.debug(DirectorAction.class, "Director :: createForrm"); java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/structure/edit_structure"}); params.put("structureType", new String[] {Integer.toString(Structure.STRUCTURE_TYPE_FORM)}); params.put("cmd", new String[] {"null"}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; } Contentlet contentlet = new Contentlet(); String cInode = req.getParameter("contentlet"); if (InodeUtils.isSet(cInode)) { contentlet = conAPI.find(cInode, user, true); } if (contentlet == null) { throw new DotStateException("Trying to edit an invalid contentlet - inode:" + cInode); } Container container = (Container) InodeFactory.getInode(req.getParameter("container"), Container.class); HTMLPage htmlPage = (HTMLPage) InodeFactory.getInode(req.getParameter("htmlPage"), HTMLPage.class); Logger.debug(DirectorAction.class, "contentlet=" + contentlet.getInode()); String contentletInode = ""; if (InodeUtils.isSet(contentlet.getInode())) { Identifier identifier = APILocator.getIdentifierAPI().find(contentlet); // gets the current working asset Contentlet workingContentlet = conAPI.findContentletByIdentifier( identifier.getInode(), false, contentlet.getLanguageId(), user, false); Logger.debug(DirectorAction.class, "workingContentlet=" + workingContentlet.getInode()); Logger.debug( DirectorAction.class, "workingContentlet.getModUser()=" + workingContentlet.getModUser()); Logger.debug( DirectorAction.class, "workingContentlet.isLocked()=" + workingContentlet.isLocked()); contentletInode = workingContentlet.getInode(); } else { contentletInode = contentlet.getInode(); } Logger.debug(DirectorAction.class, "Director :: Edit Contentlet"); java.util.Map params = new java.util.HashMap(); params.put("struts_action", new String[] {"/ext/contentlet/edit_contentlet"}); String cmdAux = (cmd.equals("newedit") ? cmd : "edit"); params.put("cmd", new String[] {cmdAux}); params.put("htmlpage_inode", new String[] {htmlPage.getInode() + ""}); params.put("contentcontainer_inode", new String[] {container.getInode() + ""}); params.put("inode", new String[] {contentletInode + ""}); if (InodeUtils.isSet(req.getParameter("selectedStructure"))) { params.put("selectedStructure", new String[] {req.getParameter("selectedStructure") + ""}); } params.put( "lang", new String[] {(req.getParameter("language") != null) ? req.getParameter("language") : ""}); params.put("referer", new String[] {referer}); String af = com.dotmarketing.util.PortletURLUtil.getActionURL( httpReq, WindowState.MAXIMIZED.toString(), params); _sendToReferral(req, res, af); return; }