@Test public void testFilterFindByG_N() throws Exception { Group scopeGroup = addScopeGroup(); Group siteGroup = scopeGroup.getParentGroup(); String assetTagName = ServiceTestUtil.randomString(); addAssetTag(siteGroup.getGroupId(), assetTagName, null); User user = UserTestUtil.addUser(null, 0); PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker(); try { PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user); PermissionThreadLocal.setPermissionChecker(permissionChecker); try { AssetTagFinderUtil.filterFindByG_N(scopeGroup.getGroupId(), assetTagName); Assert.fail(); } catch (NoSuchTagException nste) { } AssetTag siteGroupAssetTag = AssetTagFinderUtil.filterFindByG_N(siteGroup.getGroupId(), assetTagName); Assert.assertEquals(StringUtil.toLowerCase(assetTagName), siteGroupAssetTag.getName()); } finally { PermissionThreadLocal.setPermissionChecker(originalPermissionChecker); } }
@Test(expected = PrincipalException.class) public void testCreateRepositoryFromExistingFolderWithoutPermissions() throws Exception { DLFolder dlFolder = DLTestUtil.addDLFolder(_group.getGroupId()); PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker(); try { PermissionThreadLocal.setPermissionChecker(new AlwaysDenyingPermissionChecker()); RepositoryFactoryUtil.create(dlFolder.getFolderId(), 0, 0); } finally { PermissionThreadLocal.setPermissionChecker(originalPermissionChecker); } }
protected void addModelResources( long companyId, long groupId, long userId, String name, String primKey, String[] groupPermissions, String[] guestPermissions, PermissionedModel permissionedModel) throws PortalException, SystemException { if (!PermissionThreadLocal.isAddResource()) { return; } validate(name, false); if (primKey == null) { return; } // Individual Resource resource = getResource(companyId, name, ResourceConstants.SCOPE_INDIVIDUAL, primKey); // Permissions boolean flushEnabled = PermissionThreadLocal.isFlushEnabled(); PermissionThreadLocal.setIndexEnabled(false); try { addModelResources( companyId, groupId, userId, resource, groupPermissions, guestPermissions, permissionedModel); } finally { PermissionThreadLocal.setIndexEnabled(flushEnabled); PermissionCacheUtil.clearCache(); SearchEngineUtil.updatePermissionFields(name, primKey); } }
private static void _populateThreadLocalsFromContext(Map<String, Serializable> context) { long companyId = GetterUtil.getLong(context.get("companyId")); if (companyId > 0) { CompanyThreadLocal.setCompanyId(companyId); } Locale defaultLocale = (Locale) context.get("defaultLocale"); if (defaultLocale != null) { LocaleThreadLocal.setDefaultLocale(defaultLocale); } long groupId = GetterUtil.getLong(context.get("groupId")); if (groupId > 0) { GroupThreadLocal.setGroupId(groupId); } String principalName = GetterUtil.getString(context.get("principalName")); if (Validator.isNotNull(principalName)) { PrincipalThreadLocal.setName(principalName); } PermissionChecker permissionChecker = null; if (Validator.isNotNull(principalName)) { try { User user = UserLocalServiceUtil.fetchUser(PrincipalThreadLocal.getUserId()); permissionChecker = PermissionCheckerFactoryUtil.create(user); } catch (Exception e) { throw new RuntimeException(e); } } if (permissionChecker != null) { PermissionThreadLocal.setPermissionChecker(permissionChecker); } String principalPassword = GetterUtil.getString(context.get("principalPassword")); if (Validator.isNotNull(principalPassword)) { PrincipalThreadLocal.setPassword(principalPassword); } Locale siteDefaultLocale = (Locale) context.get("siteDefaultLocale"); if (siteDefaultLocale != null) { LocaleThreadLocal.setSiteDefaultLocale(siteDefaultLocale); } Locale themeDisplayLocale = (Locale) context.get("themeDisplayLocale"); if (themeDisplayLocale != null) { LocaleThreadLocal.setThemeDisplayLocale(themeDisplayLocale); } }
protected void addSearchAnyTags(BooleanQuery contextQuery, SearchContext searchContext) throws Exception { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); long[] anyTagIds = _assetEntryQuery.getAnyTagIds(); if (anyTagIds.length == 0) { return; } long[] filteredAnyTagIds = AssetUtil.filterTagIds(permissionChecker, anyTagIds); if (filteredAnyTagIds.length == 0) { addImpossibleTerm(contextQuery, Field.ASSET_TAG_IDS); return; } BooleanQuery tagIdsQuery = BooleanQueryFactoryUtil.create(searchContext); for (long tagId : anyTagIds) { tagIdsQuery.addTerm(Field.ASSET_TAG_IDS, tagId); } contextQuery.add(tagIdsQuery, BooleanClauseOccur.MUST); }
@Override public boolean isDisabled(Object obj) { User user = (User) obj; try { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (isChecked(user)) { if (OrganizationMembershipPolicyUtil.isRoleProtected( permissionChecker, user.getUserId(), _organization.getOrganizationId(), _role.getRoleId()) || OrganizationMembershipPolicyUtil.isRoleRequired( user.getUserId(), _organization.getOrganizationId(), _role.getRoleId())) { return true; } } else { if (!OrganizationMembershipPolicyUtil.isRoleAllowed( user.getUserId(), _organization.getOrganizationId(), _role.getRoleId())) { return true; } } } catch (Exception e) { _log.error(e, e); } return super.isDisabled(obj); }
public static void updatePermissionFields(String name, String primKey) { if (isIndexReadOnly() || !PermissionThreadLocal.isFlushEnabled()) { return; } _searchPermissionChecker.updatePermissionFields(name, primKey); }
private void _checkPermission() throws PrincipalException { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if ((permissionChecker == null) || !permissionChecker.isOmniadmin()) { throw new PrincipalException(); } }
public String transform( ThemeDisplay themeDisplay, Map<String, Object> contextObjects, String script, String langType) throws Exception { if (Validator.isNull(langType)) { return null; } long companyId = 0; long companyGroupId = 0; long scopeGroupId = 0; long siteGroupId = 0; if (themeDisplay != null) { companyId = themeDisplay.getCompanyId(); companyGroupId = themeDisplay.getCompanyGroupId(); scopeGroupId = themeDisplay.getScopeGroupId(); siteGroupId = themeDisplay.getSiteGroupId(); } String templateId = String.valueOf(contextObjects.get("template_id")); templateId = getTemplateId(templateId, companyId, companyGroupId, scopeGroupId); Template template = getTemplate(templateId, script, langType); UnsyncStringWriter unsyncStringWriter = new UnsyncStringWriter(); try { if (contextObjects != null) { for (String key : contextObjects.keySet()) { template.put(key, contextObjects.get(key)); } } template.put("company", getCompany(themeDisplay, companyId)); template.put("companyId", companyId); template.put("device", getDevice(themeDisplay)); String templatesPath = getTemplatesPath(companyId, scopeGroupId); template.put("journalTemplatesPath", templatesPath); template.put("permissionChecker", PermissionThreadLocal.getPermissionChecker()); template.put( "randomNamespace", PwdGenerator.getPassword(PwdGenerator.KEY3, 4) + StringPool.UNDERLINE); template.put("scopeGroupId", scopeGroupId); template.put("siteGroupId", siteGroupId); template.put("templatesPath", templatesPath); // Deprecated variables template.put("groupId", scopeGroupId); mergeTemplate(template, unsyncStringWriter); } catch (Exception e) { throw new TransformException("Unhandled exception", e); } return unsyncStringWriter.toString(); }
@Override public boolean isDisabled(Object obj) { if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT) { return false; } User user = (User) obj; try { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (isChecked(user)) { if (OrganizationMembershipPolicyUtil.isMembershipProtected( permissionChecker, user.getUserId(), _organization.getOrganizationId()) || OrganizationMembershipPolicyUtil.isMembershipRequired( user.getUserId(), _organization.getOrganizationId())) { return true; } } else { if (!OrganizationMembershipPolicyUtil.isMembershipAllowed( user.getUserId(), _organization.getOrganizationId())) { return true; } } return !UserPermissionUtil.contains(permissionChecker, user.getUserId(), ActionKeys.UPDATE); } catch (Exception e) { _log.error(e, e); } return super.isDisabled(obj); }
protected void copyPreferences(String sourcePortletId, String targetPortletId) { Layout layout = getLayout(); PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); try { PortletPreferencesIds portletPreferencesIds = PortletPreferencesFactoryUtil.getPortletPreferencesIds( layout.getGroupId(), permissionChecker.getUserId(), layout, sourcePortletId, false); javax.portlet.PortletPreferences sourcePortletPreferences = PortletPreferencesLocalServiceUtil.getPreferences(portletPreferencesIds); portletPreferencesIds = PortletPreferencesFactoryUtil.getPortletPreferencesIds( layout.getGroupId(), permissionChecker.getUserId(), layout, targetPortletId, false); PortletPreferencesLocalServiceUtil.updatePreferences( portletPreferencesIds.getOwnerId(), portletPreferencesIds.getOwnerType(), portletPreferencesIds.getPlid(), portletPreferencesIds.getPortletId(), sourcePortletPreferences); } catch (Exception e) { } }
@Override public void removePortletId(long userId, String portletId, boolean cleanUp) { try { Portlet portlet = PortletLocalServiceUtil.getPortletById(getCompanyId(), portletId); if (portlet == null) { _log.error("Portlet " + portletId + " cannot be removed because it is not registered"); return; } PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (!LayoutPermissionUtil.contains(permissionChecker, getLayout(), ActionKeys.UPDATE) && !isCustomizable()) { return; } } catch (Exception e) { _log.error(e, e); return; } List<String> columns = getColumns(); for (int i = 0; i < columns.size(); i++) { String columnId = columns.get(i); if (isCustomizable() && isColumnDisabled(columnId)) { continue; } String columnValue = StringPool.BLANK; if (hasUserPreferences()) { columnValue = getUserPreference(columnId); } else { columnValue = getTypeSettingsProperty(columnId); } columnValue = StringUtil.removeFromList(columnValue, portletId); if (hasUserPreferences()) { setUserPreference(columnId, columnValue); } else { setTypeSettingsProperty(columnId, columnValue); } } if (cleanUp) { try { onRemoveFromLayout(new String[] {portletId}); } catch (Exception e) { _log.error(e, e); } } }
protected void testUserPermissions( boolean addBaseModelPermission, boolean addParentBaseModelPermission) throws Exception { ServiceContext serviceContext = ServiceContextTestUtil.getServiceContext(group.getGroupId()); SearchContext searchContext = SearchContextTestUtil.getSearchContext(group.getGroupId()); searchContext.setKeywords(getSearchKeywords()); int initialBaseModelsSearchCount = searchBaseModelsCount(getBaseModelClass(), group.getGroupId(), searchContext); serviceContext.setAddGroupPermissions(addParentBaseModelPermission); serviceContext.setAddGuestPermissions(addParentBaseModelPermission); BaseModel<?> parentBaseModel = getParentBaseModel(group, serviceContext); serviceContext.setAddGroupPermissions(addBaseModelPermission); serviceContext.setAddGuestPermissions(addBaseModelPermission); baseModel = addBaseModel(parentBaseModel, true, getSearchKeywords(), serviceContext); User user = UserTestUtil.addUser(null, 0); PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker(); try { PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user); PermissionThreadLocal.setPermissionChecker(permissionChecker); searchContext.setUserId(user.getUserId()); int baseModelsCount = initialBaseModelsSearchCount; if (addBaseModelPermission && !isCheckBaseModelPermission()) { baseModelsCount++; } Assert.assertEquals( baseModelsCount, searchBaseModelsCount(getBaseModelClass(), group.getGroupId(), searchContext)); } finally { PermissionThreadLocal.setPermissionChecker(originalPermissionChecker); } }
@Test public void testFilterCountByG_N_P() throws Exception { Group scopeGroup = addScopeGroup(); Group siteGroup = scopeGroup.getParentGroup(); String assetTagName = ServiceTestUtil.randomString(); String[] assetTagProperties = { "key" + AssetTagConstants.PROPERTY_KEY_VALUE_SEPARATOR + "value" }; int initialScopeGroupAssetTagsCount = AssetTagFinderUtil.filterCountByG_N_P( scopeGroup.getGroupId(), assetTagName, assetTagProperties); int initialTagsCountSiteGroup = AssetTagFinderUtil.filterCountByG_N_P( siteGroup.getGroupId(), assetTagName, assetTagProperties); addAssetTag(siteGroup.getGroupId(), assetTagName, assetTagProperties); User user = UserTestUtil.addUser(null, 0); PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker(); try { PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user); PermissionThreadLocal.setPermissionChecker(permissionChecker); int scopeGroupAssetTagsCount = AssetTagFinderUtil.filterCountByG_N_P( scopeGroup.getGroupId(), assetTagName, assetTagProperties); Assert.assertEquals(initialScopeGroupAssetTagsCount, scopeGroupAssetTagsCount); int siteGroupAssetTagsCount = AssetTagFinderUtil.filterCountByG_N_P( siteGroup.getGroupId(), assetTagName, assetTagProperties); Assert.assertEquals(initialTagsCountSiteGroup + 1, siteGroupAssetTagsCount); } finally { PermissionThreadLocal.setPermissionChecker(originalPermissionChecker); } }
protected void checkWikiPagePermission(long scopeGroupId) throws PortalException { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (!permissionChecker.hasPermission( scopeGroupId, "com.liferay.portlet.wiki", scopeGroupId, ActionKeys.ADD_NODE)) { throw new PrincipalException(); } }
protected void checkMBMessagePermission(long scopeGroupId) throws PortalException { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (!permissionChecker.hasPermission( scopeGroupId, "com.liferay.portlet.messageboards", scopeGroupId, ActionKeys.BAN_USER)) { throw new PrincipalException(); } }
protected void initThreadLocals(User user) throws Exception { CompanyThreadLocal.setCompanyId(user.getCompanyId()); PrincipalThreadLocal.setName(user.getUserId()); if (!_usePermissionChecker) { return; } PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (permissionChecker != null) { return; } permissionChecker = PermissionCheckerFactoryUtil.create(user); PermissionThreadLocal.setPermissionChecker(permissionChecker); }
@Override public void updatePermissionFields(String name, String primKey) { if (isIndexReadOnly()) { return; } if (PermissionThreadLocal.isFlushResourcePermissionEnabled(name, primKey)) { _searchPermissionChecker.updatePermissionFields(name, primKey); } }
@Test public void testFilterCountByG_C_N() throws Exception { Group scopeGroup = addScopeGroup(); Group siteGroup = scopeGroup.getParentGroup(); long classNameId = PortalUtil.getClassNameId(BlogsEntry.class); String assetTagName = ServiceTestUtil.randomString(); int initialScopeGroupAssetTagsCount = AssetTagFinderUtil.filterCountByG_C_N(scopeGroup.getGroupId(), classNameId, assetTagName); int initialSiteGroupAssetTagsCount = AssetTagFinderUtil.filterCountByG_C_N(siteGroup.getGroupId(), classNameId, assetTagName); addBlogsEntry(scopeGroup.getGroupId(), assetTagName); User user = UserTestUtil.addUser(null, 0); PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker(); try { PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user); PermissionThreadLocal.setPermissionChecker(permissionChecker); int scopeGroupAssetTagsCount = AssetTagFinderUtil.filterCountByG_C_N(scopeGroup.getGroupId(), classNameId, assetTagName); Assert.assertEquals(initialScopeGroupAssetTagsCount + 1, scopeGroupAssetTagsCount); int siteGroupAssetTagsCount = AssetTagFinderUtil.filterCountByG_C_N(siteGroup.getGroupId(), classNameId, assetTagName); Assert.assertEquals(initialSiteGroupAssetTagsCount, siteGroupAssetTagsCount); } finally { PermissionThreadLocal.setPermissionChecker(originalPermissionChecker); } }
protected void addSearchAllCategories(BooleanQuery contextQuery, SearchContext searchContext) throws Exception { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); long[] allCategoryIds = _assetEntryQuery.getAllCategoryIds(); if (allCategoryIds.length == 0) { return; } long[] filteredAllCategoryIds = AssetUtil.filterCategoryIds(permissionChecker, allCategoryIds); if (allCategoryIds.length != filteredAllCategoryIds.length) { addImpossibleTerm(contextQuery, Field.ASSET_CATEGORY_IDS); return; } BooleanQuery categoryIdsQuery = BooleanQueryFactoryUtil.create(searchContext); for (long allCategoryId : filteredAllCategoryIds) { AssetCategory assetCategory = AssetCategoryLocalServiceUtil.fetchAssetCategory(allCategoryId); if (assetCategory == null) { continue; } List<Long> categoryIds = new ArrayList<>(); if (PropsValues.ASSET_CATEGORIES_SEARCH_HIERARCHICAL) { categoryIds.addAll(AssetCategoryLocalServiceUtil.getSubcategoryIds(allCategoryId)); } if (categoryIds.isEmpty()) { categoryIds.add(allCategoryId); } BooleanQuery categoryIdQuery = BooleanQueryFactoryUtil.create(searchContext); for (long categoryId : categoryIds) { categoryIdQuery.addTerm(Field.ASSET_CATEGORY_IDS, categoryId); } categoryIdsQuery.add(categoryIdQuery, BooleanClauseOccur.MUST); } contextQuery.add(categoryIdsQuery, BooleanClauseOccur.MUST); }
protected KBArticle getKBArticle(long resourcePrimKey, int status) throws Exception { KBArticle kbArticle = KBArticleLocalServiceUtil.fetchLatestKBArticle(resourcePrimKey, status); if (kbArticle == null) { return null; } PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (!KBArticlePermission.contains(permissionChecker, kbArticle, ActionKeys.VIEW)) { return null; } return kbArticle; }
@Override public void initContextUser(long userId) throws AuthException { try { User user = UserLocalServiceUtil.getUser(userId); CompanyThreadLocal.setCompanyId(user.getCompanyId()); PrincipalThreadLocal.setName(userId); PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user); PermissionThreadLocal.setPermissionChecker(permissionChecker); AccessControlThreadLocal.setRemoteAccess(false); } catch (Exception e) { throw new AuthException(e.getMessage(), e); } }
protected HttpServletRequest setCredentials( HttpServletRequest request, HttpSession session, long userId) throws Exception { User user = UserLocalServiceUtil.getUser(userId); String userIdString = String.valueOf(userId); request = new ProtectedServletRequest(request, userIdString); session.setAttribute(WebKeys.USER, user); session.setAttribute(_AUTHENTICATED_USER, userIdString); if (_usePermissionChecker) { PrincipalThreadLocal.setName(userId); PrincipalThreadLocal.setPassword(PortalUtil.getUserPassword(request)); PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user, false); PermissionThreadLocal.setPermissionChecker(permissionChecker); } return request; }
private void _doServeResource( HttpServletRequest request, HttpServletResponse response, Portlet portlet) throws Exception { HttpServletRequest ownerLayoutRequest = getOwnerLayoutRequestWrapper(request, portlet); Layout ownerLayout = (Layout) ownerLayoutRequest.getAttribute(WebKeys.LAYOUT); boolean allowAddPortletDefaultResource = PortalUtil.isAllowAddPortletDefaultResource(ownerLayoutRequest, portlet); if (!allowAddPortletDefaultResource) { String url = null; LastPath lastPath = (LastPath) request.getAttribute(WebKeys.LAST_PATH); if (lastPath != null) { StringBundler sb = new StringBundler(3); sb.append(PortalUtil.getPortalURL(request)); sb.append(lastPath.getContextPath()); sb.append(lastPath.getPath()); url = sb.toString(); } else { url = String.valueOf(request.getRequestURI()); } response.setHeader(HttpHeaders.CACHE_CONTROL, HttpHeaders.CACHE_CONTROL_NO_CACHE_VALUE); response.setStatus(HttpServletResponse.SC_BAD_REQUEST); _log.error("Reject serveResource for " + url + " on " + portlet.getPortletId()); return; } WindowState windowState = (WindowState) request.getAttribute(WebKeys.WINDOW_STATE); PortletMode portletMode = PortletModeFactory.getPortletMode(ParamUtil.getString(request, "p_p_mode")); PortletPreferencesIds portletPreferencesIds = PortletPreferencesFactoryUtil.getPortletPreferencesIds(request, portlet.getPortletId()); PortletPreferences portletPreferences = PortletPreferencesLocalServiceUtil.getPreferences(portletPreferencesIds); ServletContext servletContext = (ServletContext) request.getAttribute(WebKeys.CTX); InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(portlet, servletContext); PortletConfig portletConfig = PortletConfigFactoryUtil.create(portlet, servletContext); PortletContext portletContext = portletConfig.getPortletContext(); ThemeDisplay themeDisplay = (ThemeDisplay) request.getAttribute(WebKeys.THEME_DISPLAY); PortletDisplay portletDisplay = themeDisplay.getPortletDisplay(); Layout layout = (Layout) request.getAttribute(WebKeys.LAYOUT); String portletPrimaryKey = PortletPermissionUtil.getPrimaryKey(layout.getPlid(), portlet.getPortletId()); portletDisplay.setId(portlet.getPortletId()); portletDisplay.setRootPortletId(portlet.getRootPortletId()); portletDisplay.setInstanceId(portlet.getInstanceId()); portletDisplay.setResourcePK(portletPrimaryKey); portletDisplay.setPortletName(portletConfig.getPortletName()); portletDisplay.setNamespace(PortalUtil.getPortletNamespace(portlet.getPortletId())); WebDAVStorage webDAVStorage = portlet.getWebDAVStorageInstance(); if (webDAVStorage != null) { portletDisplay.setWebDAVEnabled(true); } else { portletDisplay.setWebDAVEnabled(false); } ResourceRequestImpl resourceRequestImpl = ResourceRequestFactory.create( request, portlet, invokerPortlet, portletContext, windowState, portletMode, portletPreferences, layout.getPlid()); long companyId = PortalUtil.getCompanyId(request); ResourceResponseImpl resourceResponseImpl = ResourceResponseFactory.create( resourceRequestImpl, response, portlet.getPortletId(), companyId); resourceRequestImpl.defineObjects(portletConfig, resourceResponseImpl); try { ServiceContext serviceContext = ServiceContextFactory.getInstance(resourceRequestImpl); ServiceContextThreadLocal.pushServiceContext(serviceContext); PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); long scopeGroupId = themeDisplay.getScopeGroupId(); boolean access = PortletPermissionUtil.hasAccessPermission( permissionChecker, scopeGroupId, ownerLayout, portlet, portletMode); if (access) { invokerPortlet.serveResource(resourceRequestImpl, resourceResponseImpl); resourceResponseImpl.transferHeaders(response); } } finally { ServiceContextThreadLocal.popServiceContext(); } }
private ActionResult _doProcessAction( HttpServletRequest request, HttpServletResponse response, Portlet portlet) throws Exception { HttpServletRequest ownerLayoutRequest = getOwnerLayoutRequestWrapper(request, portlet); Layout ownerLayout = (Layout) ownerLayoutRequest.getAttribute(WebKeys.LAYOUT); boolean allowAddPortletDefaultResource = PortalUtil.isAllowAddPortletDefaultResource(ownerLayoutRequest, portlet); if (!allowAddPortletDefaultResource) { String url = null; LastPath lastPath = (LastPath) request.getAttribute(WebKeys.LAST_PATH); if (lastPath != null) { StringBundler sb = new StringBundler(3); sb.append(PortalUtil.getPortalURL(request)); sb.append(lastPath.getContextPath()); sb.append(lastPath.getPath()); url = sb.toString(); } else { url = String.valueOf(request.getRequestURI()); } _log.error("Reject processAction for " + url + " on " + portlet.getPortletId()); return ActionResult.EMPTY_ACTION_RESULT; } Layout layout = (Layout) request.getAttribute(WebKeys.LAYOUT); WindowState windowState = WindowStateFactory.getWindowState(ParamUtil.getString(request, "p_p_state")); if (layout.isTypeControlPanel() && ((windowState == null) || windowState.equals(WindowState.NORMAL) || Validator.isNull(windowState.toString()))) { windowState = WindowState.MAXIMIZED; } PortletMode portletMode = PortletModeFactory.getPortletMode(ParamUtil.getString(request, "p_p_mode")); PortletPreferencesIds portletPreferencesIds = PortletPreferencesFactoryUtil.getPortletPreferencesIds(request, portlet.getPortletId()); PortletPreferences portletPreferences = PortletPreferencesLocalServiceUtil.getPreferences(portletPreferencesIds); ServletContext servletContext = (ServletContext) request.getAttribute(WebKeys.CTX); InvokerPortlet invokerPortlet = PortletInstanceFactoryUtil.create(portlet, servletContext); PortletConfig portletConfig = PortletConfigFactoryUtil.create(portlet, servletContext); PortletContext portletContext = portletConfig.getPortletContext(); String contentType = request.getHeader(HttpHeaders.CONTENT_TYPE); if (_log.isDebugEnabled()) { _log.debug("Content type " + contentType); } UploadServletRequest uploadServletRequest = null; try { if ((contentType != null) && contentType.startsWith(ContentTypes.MULTIPART_FORM_DATA)) { PortletConfigImpl invokerPortletConfigImpl = (PortletConfigImpl) invokerPortlet.getPortletConfig(); if (invokerPortlet.isStrutsPortlet() || invokerPortletConfigImpl.isCopyRequestParameters() || !invokerPortletConfigImpl.isWARFile()) { uploadServletRequest = new UploadServletRequestImpl(request); request = uploadServletRequest; } } if (PropsValues.AUTH_TOKEN_CHECK_ENABLED && invokerPortlet.isCheckAuthToken()) { AuthTokenUtil.check(request); } ActionRequestImpl actionRequestImpl = ActionRequestFactory.create( request, portlet, invokerPortlet, portletContext, windowState, portletMode, portletPreferences, layout.getPlid()); User user = PortalUtil.getUser(request); ActionResponseImpl actionResponseImpl = ActionResponseFactory.create( actionRequestImpl, response, portlet.getPortletId(), user, layout, windowState, portletMode); actionRequestImpl.defineObjects(portletConfig, actionResponseImpl); ServiceContext serviceContext = ServiceContextFactory.getInstance(actionRequestImpl); ServiceContextThreadLocal.pushServiceContext(serviceContext); PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); ThemeDisplay themeDisplay = (ThemeDisplay) request.getAttribute(WebKeys.THEME_DISPLAY); long scopeGroupId = themeDisplay.getScopeGroupId(); boolean access = PortletPermissionUtil.hasAccessPermission( permissionChecker, scopeGroupId, ownerLayout, portlet, portletMode); if (access) { invokerPortlet.processAction(actionRequestImpl, actionResponseImpl); actionResponseImpl.transferHeaders(response); } RenderParametersPool.put( request, layout.getPlid(), portlet.getPortletId(), actionResponseImpl.getRenderParameterMap()); List<Event> events = actionResponseImpl.getEvents(); String redirectLocation = actionResponseImpl.getRedirectLocation(); if (Validator.isNull(redirectLocation) && portlet.isActionURLRedirect()) { PortletURL portletURL = new PortletURLImpl( actionRequestImpl, actionRequestImpl.getPortletName(), layout.getPlid(), PortletRequest.RENDER_PHASE); Map<String, String[]> renderParameters = actionResponseImpl.getRenderParameterMap(); for (Map.Entry<String, String[]> entry : renderParameters.entrySet()) { String key = entry.getKey(); String[] value = entry.getValue(); portletURL.setParameter(key, value); } redirectLocation = portletURL.toString(); } return new ActionResult(events, redirectLocation); } finally { if (uploadServletRequest != null) { uploadServletRequest.cleanUp(); } ServiceContextThreadLocal.popServiceContext(); } }
public Hits search( long companyId, long userId, String portletId, long groupId, long[] repositoryIds, String keywords, int start, int end) { try { SearchContext searchContext = new SearchContext(); searchContext.setCompanyId(companyId); searchContext.setEnd(end); searchContext.setEntryClassNames(new String[] {DLFileEntryConstants.getClassName()}); searchContext.setGroupIds(new long[] {groupId}); Indexer indexer = IndexerRegistryUtil.getIndexer(DLFileEntryConstants.getClassName()); searchContext.setSearchEngineId(indexer.getSearchEngineId()); searchContext.setStart(start); searchContext.setUserId(userId); BooleanQuery contextQuery = BooleanQueryFactoryUtil.create(searchContext); contextQuery.addRequiredTerm(Field.PORTLET_ID, portletId); if (groupId > 0) { Group group = groupLocalService.getGroup(groupId); if (group.isLayout()) { contextQuery.addRequiredTerm(Field.SCOPE_GROUP_ID, groupId); groupId = group.getParentGroupId(); } contextQuery.addRequiredTerm(Field.GROUP_ID, groupId); } if (ArrayUtil.isNotEmpty(repositoryIds)) { BooleanQuery repositoryIdsQuery = BooleanQueryFactoryUtil.create(searchContext); for (long repositoryId : repositoryIds) { try { if (userId > 0) { PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); DLFolderPermission.check(permissionChecker, groupId, repositoryId, ActionKeys.VIEW); } if (repositoryId == DLFolderConstants.DEFAULT_PARENT_FOLDER_ID) { repositoryId = groupId; } TermQuery termQuery = TermQueryFactoryUtil.create(searchContext, "repositoryId", repositoryId); repositoryIdsQuery.add(termQuery, BooleanClauseOccur.SHOULD); } catch (Exception e) { } } contextQuery.add(repositoryIdsQuery, BooleanClauseOccur.MUST); } BooleanQuery searchQuery = BooleanQueryFactoryUtil.create(searchContext); searchQuery.addTerms(_KEYWORDS_FIELDS, keywords); BooleanQuery fullQuery = BooleanQueryFactoryUtil.create(searchContext); fullQuery.add(contextQuery, BooleanClauseOccur.MUST); List<BooleanClause> clauses = searchQuery.clauses(); if (!clauses.isEmpty()) { fullQuery.add(searchQuery, BooleanClauseOccur.MUST); } return SearchEngineUtil.search(searchContext, fullQuery); } catch (Exception e) { throw new SystemException(e); } }
public void removePortletId(long userId, String portletId, boolean cleanUp) { try { Portlet portlet = PortletLocalServiceUtil.getPortletById(getCompanyId(), portletId); if (portlet == null) { _log.error("Portlet " + portletId + " cannot be removed because it is not registered"); return; } PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (!LayoutPermissionUtil.contains(permissionChecker, getLayout(), ActionKeys.UPDATE) && !isCustomizable()) { return; } } catch (Exception e) { _log.error(e, e); } List<String> columns = getColumns(); for (int i = 0; i < columns.size(); i++) { String columnId = columns.get(i); if (isCustomizable() && isColumnDisabled(columnId)) { continue; } String columnValue = StringPool.BLANK; if (hasUserPreferences()) { columnValue = getUserPreference(columnId); } else { columnValue = getTypeSettingsProperties().getProperty(columnId); } columnValue = StringUtil.remove(columnValue, portletId); if (hasUserPreferences()) { setUserPreference(columnId, columnValue); try { String rootPortletId = PortletConstants.getRootPortletId(portletId); ResourceLocalServiceUtil.deleteResource( getCompanyId(), rootPortletId, ResourceConstants.SCOPE_INDIVIDUAL, PortletPermissionUtil.getPrimaryKey(getPlid(), portletId)); } catch (Exception e) { } } else { getTypeSettingsProperties().setProperty(columnId, columnValue); } } if (cleanUp) { removeStatesPortletId(portletId); removeModesPortletId(portletId); try { onRemoveFromLayout(portletId); } catch (Exception e) { _log.error("Unable to fire portlet layout listener event", e); } } }
protected String getUserPreference(String key) { String value = StringPool.BLANK; if (!hasUserPreferences()) { return value; } value = _portalPreferences.getValue(CustomizedPages.namespacePlid(getPlid()), key, StringPool.NULL); if (!value.equals(StringPool.NULL)) { return value; } value = getTypeSettingsProperty(key); if (Validator.isNull(value)) { return value; } List<String> newPortletIds = new ArrayList<>(); PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); String[] portletIds = StringUtil.split(value); for (String portletId : portletIds) { try { String rootPortletId = PortletConstants.getRootPortletId(portletId); if (!PortletPermissionUtil.contains( permissionChecker, rootPortletId, ActionKeys.ADD_TO_PAGE)) { continue; } } catch (Exception e) { _log.error(e, e); } String newPortletId = null; boolean preferencesUniquePerLayout = false; try { Portlet portlet = PortletLocalServiceUtil.getPortletById(getCompanyId(), portletId); preferencesUniquePerLayout = portlet.isPreferencesUniquePerLayout(); } catch (SystemException se) { _log.error(se, se); } if (PortletConstants.hasInstanceId(portletId) || preferencesUniquePerLayout) { String instanceId = null; if (PortletConstants.hasInstanceId(portletId)) { instanceId = PortletConstants.generateInstanceId(); } newPortletId = PortletConstants.assemblePortletId( portletId, _portalPreferences.getUserId(), instanceId); copyPreferences(_portalPreferences.getUserId(), portletId, newPortletId); } else { newPortletId = portletId; } newPortletIds.add(newPortletId); } value = StringUtil.merge(newPortletIds); setUserPreference(key, value); return value; }
protected String addPortletId( long userId, String portletId, String columnId, int columnPos, boolean checkPermission, boolean strictHasPortlet) throws PortalException { portletId = JS.getSafeName(portletId); Layout layout = getLayout(); Portlet portlet = null; try { portlet = PortletLocalServiceUtil.getPortletById(layout.getCompanyId(), portletId); if (portlet == null) { if (_log.isWarnEnabled()) { _log.warn("Portlet " + portletId + " cannot be added because it is not registered"); } return null; } PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker(); if (checkPermission && !PortletPermissionUtil.contains( permissionChecker, layout, portlet, ActionKeys.ADD_TO_PAGE)) { return null; } } catch (Exception e) { _log.error(e, e); } if (portlet.isSystem()) { return null; } if (portlet.isInstanceable() && !PortletConstants.hasInstanceId(portletId)) { portletId = PortletConstants.assemblePortletId(portletId, PortletConstants.generateInstanceId()); } if (hasPortletId(portletId, strictHasPortlet)) { return null; } if (columnId == null) { LayoutTemplate layoutTemplate = getLayoutTemplate(); List<String> columns = layoutTemplate.getColumns(); if (!columns.isEmpty()) { columnId = columns.get(0); } } if (columnId == null) { return null; } if (isCustomizable()) { if (isColumnDisabled(columnId)) { return null; } if ((PortletConstants.hasInstanceId(portletId) || portlet.isPreferencesUniquePerLayout()) && hasUserPreferences()) { portletId = PortletConstants.assemblePortletId(portletId, userId); } } String columnValue = StringPool.BLANK; if (hasUserPreferences()) { columnValue = getUserPreference(columnId); } else { columnValue = getTypeSettingsProperty(columnId); } if ((columnValue == null) && columnId.startsWith(_NESTED_PORTLETS_NAMESPACE)) { addNestedColumn(columnId); } if (columnPos >= 0) { List<String> portletIds = ListUtil.fromArray(StringUtil.split(columnValue)); if (columnPos <= portletIds.size()) { portletIds.add(columnPos, portletId); } else { portletIds.add(portletId); } columnValue = StringUtil.merge(portletIds); } else { columnValue = StringUtil.add(columnValue, portletId); } if (hasUserPreferences()) { setUserPreference(columnId, columnValue); } else { setTypeSettingsProperty(columnId, columnValue); } try { if (_enablePortletLayoutListener) { PortletLayoutListener portletLayoutListener = portlet.getPortletLayoutListenerInstance(); if (portletLayoutListener != null) { portletLayoutListener.onAddToLayout(portletId, layout.getPlid()); } } } catch (Exception e) { _log.error("Unable to fire portlet layout listener event", e); } return portletId; }
@Test public void testFilterFindByG_N_P() throws Exception { Group scopeGroup = addScopeGroup(); Group siteGroup = scopeGroup.getParentGroup(); String assetTagName = ServiceTestUtil.randomString(); String[] assetTagProperties = { "key" + AssetTagConstants.PROPERTY_KEY_VALUE_SEPARATOR + "value" }; List<AssetTag> initialScopeGroupAssetTags = AssetTagFinderUtil.filterFindByG_N_P( new long[] {scopeGroup.getGroupId()}, assetTagName, assetTagProperties, QueryUtil.ALL_POS, QueryUtil.ALL_POS, null); List<AssetTag> initialSiteGroupAssetTags = AssetTagFinderUtil.filterFindByG_N_P( new long[] {siteGroup.getGroupId()}, assetTagName, assetTagProperties, QueryUtil.ALL_POS, QueryUtil.ALL_POS, null); addAssetTag(siteGroup.getGroupId(), assetTagName, assetTagProperties); User user = UserTestUtil.addUser(null, 0); PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker(); try { PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user); PermissionThreadLocal.setPermissionChecker(permissionChecker); List<AssetTag> scopeGroupAssetTags = AssetTagFinderUtil.filterFindByG_N_P( new long[] {scopeGroup.getGroupId()}, assetTagName, assetTagProperties, QueryUtil.ALL_POS, QueryUtil.ALL_POS, null); Assert.assertEquals(initialScopeGroupAssetTags.size(), scopeGroupAssetTags.size()); List<AssetTag> siteGroupAssetTags = AssetTagFinderUtil.filterFindByG_N_P( new long[] {siteGroup.getGroupId()}, assetTagName, assetTagProperties, QueryUtil.ALL_POS, QueryUtil.ALL_POS, null); Assert.assertEquals(initialSiteGroupAssetTags.size() + 1, siteGroupAssetTags.size()); } finally { PermissionThreadLocal.setPermissionChecker(originalPermissionChecker); } }