public void init(Object obj) { if (!Config.getBooleanProperty("ENABLE_SCRIPTING", false)) { return; } ViewContext context = (ViewContext) obj; this.request = context.getRequest(); ctx = context.getVelocityContext(); try { host = WebAPILocator.getHostWebAPI().getCurrentHost(request); } catch (PortalException e1) { Logger.error(this, e1.getMessage(), e1); } catch (SystemException e1) { Logger.error(this, e1.getMessage(), e1); } catch (DotDataException e1) { Logger.error(this, e1.getMessage(), e1); } catch (DotSecurityException e1) { Logger.error(this, e1.getMessage(), e1); } userAPI = WebAPILocator.getUserWebAPI(); try { user = userAPI.getLoggedInFrontendUser(request); backuser = userAPI.getLoggedInUser(request); respectFrontendRoles = true; } catch (Exception e) { Logger.error(this, "Error finding the logged in user", e); } }
/** * Retrieve the current host from the request * * @return the current host * @throws RuntimeException an exception that wraps the actual dotCMS exception when the host * can't be found */ public static Host getCurrentHost(HttpServletRequest request) { try { return WebAPILocator.getHostWebAPI().getCurrentHost(request); } catch (PortalException e) { throw new RuntimeException(e); } catch (SystemException e) { throw new RuntimeException(e); } catch (DotDataException e) { throw new RuntimeException(e); } catch (DotSecurityException e) { throw new RuntimeException(e); } }
public static ClickstreamRequest getClickstreamRequest( HttpServletRequest request, Date timestamp) { HttpSession session = request.getSession(); long languageId = langAPI.getDefaultLanguage().getId(); if (session.getAttribute(WebKeys.HTMLPAGE_LANGUAGE) != null) { languageId = Long.parseLong(session.getAttribute(WebKeys.HTMLPAGE_LANGUAGE).toString()); } String uri = request.getRequestURI(); if (request.getAttribute(WebKeys.CLICKSTREAM_URI_OVERRIDE) != null) { uri = (String) request.getAttribute(WebKeys.CLICKSTREAM_URI_OVERRIDE); } HostWebAPI hostWebAPI = WebAPILocator.getHostWebAPI(); Host host = null; try { host = hostWebAPI.getCurrentHost(request); } catch (PortalException e) { Logger.error( ClickstreamRequestFactory.class, "Unable to retrieve current request host for URI " + uri); } catch (SystemException e) { Logger.error( ClickstreamRequestFactory.class, "Unable to retrieve current request host for URI " + uri); } catch (DotDataException e) { Logger.error( ClickstreamRequestFactory.class, "Unable to retrieve current request host for URI " + uri); } catch (DotSecurityException e) { Logger.error( ClickstreamRequestFactory.class, "Unable to retrieve current request host for URI " + uri); } String hostIdentifier = host.getIdentifier(); ClickstreamRequest cr = new ClickstreamRequest(); cr.setProtocol(request.getProtocol()); cr.setServerName(request.getServerName()); cr.setServerPort(request.getServerPort()); cr.setQueryString(request.getQueryString()); cr.setRemoteUser(request.getRemoteUser()); cr.setRequestURI(uri); cr.setLanguageId(languageId); cr.setTimestamp(timestamp); cr.setHostId(hostIdentifier); return cr; }
public abstract class VelocityServlet extends HttpServlet { private static final long serialVersionUID = 1L; private ContentletAPI conAPI = APILocator.getContentletAPI(); private static PortletURLUtil portletURLUtil = new PortletURLUtil(); private static UtilMethods utilMethods = new UtilMethods(); private static InodeUtils inodeUtils = new InodeUtils(); private static PermissionAPI permissionAPI = APILocator.getPermissionAPI(); private static PortletAPI portletAPI = APILocator.getPortletAPI(); private static LanguageAPI langAPI = APILocator.getLanguageAPI(); private static HostWebAPI hostWebAPI = WebAPILocator.getHostWebAPI(); /** @param permissionAPI the permissionAPI to set */ public static void setPermissionAPI(PermissionAPI permissionAPIRef) { permissionAPI = permissionAPIRef; } private String CHARSET = null; private String VELOCITY_HTMLPAGE_EXTENSION = null; public static final String VELOCITY_CONTEXT = "velocityContext"; protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (DbConnectionFactory.getDBType().equals(DbConnectionFactory.MSSQL) && LicenseUtil.getLevel() < 299) { request.getRequestDispatcher("/portal/no_license.jsp").forward(request, response); return; } if (DbConnectionFactory.getDBType().equals(DbConnectionFactory.ORACLE) && LicenseUtil.getLevel() < 399) { request.getRequestDispatcher("/portal/no_license.jsp").forward(request, response); return; } if (!LicenseUtil.isASAllowed()) { request.getRequestDispatcher("/portal/no_license.jsp").forward(request, response); return; } Long profileTime = null; if (Config.getBooleanProperty("VELOCITY_PROFILING", false)) { profileTime = Calendar.getInstance().getTimeInMillis(); } try { // Check if the uri is a physical file. Fix for the cases when the // site configure VELOCITY_PAGE_EXTENSION as htm, html or any known // extension. // Example: // /html/js/tinymce/jscripts/tiny_mce/plugins/advlink/link.htm String uri = request.getRequestURI(); uri = URLDecoder.decode(uri, "UTF-8"); File file = new File(Config.CONTEXT.getRealPath(uri)); if (file.exists()) { FileInputStream fileIS = new FileInputStream(file); ServletOutputStream servletOS = response.getOutputStream(); int b; for (; -1 < (b = fileIS.read()); ) { servletOS.write(b); } fileIS.close(); servletOS.flush(); servletOS.close(); return; } // If we are at a directory, e.g. /home // we need to redirect to /home/ String forwardFor = (String) request.getRequestURL().toString(); if (request.getAttribute(Globals.MAPPING_KEY) == null && forwardFor != null && !forwardFor.endsWith("/") && !forwardFor.endsWith("." + Config.getStringProperty("VELOCITY_PAGE_EXTENSION"))) { // The query string parameters should be preserved as well String queryString = request.getQueryString(); response.sendRedirect( forwardFor + "/" + (UtilMethods.isSet(queryString) ? "?" + queryString : "")); return; } HttpSession session = request.getSession(false); boolean ADMIN_MODE = session != null && (session.getAttribute(com.dotmarketing.util.WebKeys.ADMIN_MODE_SESSION) != null); boolean PREVIEW_MODE = ADMIN_MODE && (session.getAttribute(com.dotmarketing.util.WebKeys.PREVIEW_MODE_SESSION) != null); boolean EDIT_MODE = ADMIN_MODE && (session.getAttribute(com.dotmarketing.util.WebKeys.EDIT_MODE_SESSION) != null); String value = request.getHeader("X-Requested-With"); if ((value != null) && value.equals("XMLHttpRequest") && EDIT_MODE && ADMIN_MODE) { ADMIN_MODE = false; } // ### VALIDATE ARCHIVE ### if ((EDIT_MODE || PREVIEW_MODE) && isArchive(request)) { PREVIEW_MODE = true; EDIT_MODE = false; request.setAttribute("archive", true); } // ### END VALIDATE ARCHIVE ### LanguageWebAPI langWebAPI = WebAPILocator.getLanguageWebAPI(); langWebAPI.checkSessionLocale(request); if (PREVIEW_MODE && ADMIN_MODE) { // preview mode has the left hand menu and edit buttons on the // working page Logger.debug(VelocityServlet.class, "VELOCITY SERVLET I'M ON PREVIEW MODE!!!"); doPreviewMode(request, response); } else if (EDIT_MODE && ADMIN_MODE) { // edit mode has the left hand menu and edit buttons on the // working page Logger.debug(VelocityServlet.class, "VELOCITY SERVLET I'M ON EDIT MODE!!!"); doEditMode(request, response); } else if (ADMIN_MODE) { // admin mode has the left hand menu and shows the live page in // the frame Logger.debug(VelocityServlet.class, "VELOCITY SERVLET I'M ON ADMIN MODE!!!"); doAdminMode(request, response); } else { // live mode has no frame and shows the live page Logger.debug(VelocityServlet.class, "VELOCITY SERVLET I'M ON LIVE MODE!!!"); doLiveMode(request, response); } } catch (ResourceNotFoundException rnfe) { // response.sendError(404); request.setAttribute(Constants.SERVE_URL, request.getRequestURI()); request.getRequestDispatcher("/localResourceServlet").forward(request, response); } catch (ParseErrorException pee) { Logger.error(this, "Template Parse Exception : " + pee.toString(), pee); try { response.sendError(500, "Template Parse Exception"); } catch (Throwable t) { Logger.error(this, t.getMessage(), t); PrintWriter out = response.getWriter(); out.println("Template Parse Exception"); out.println("On template:" + request.getRequestURI() + request.getQueryString()); } } catch (MethodInvocationException mie) { Logger.error(this, "MethodInvocationException" + mie.toString(), mie); try { response.sendError(500, "MethodInvocationException Error on template"); } catch (Throwable t) { Logger.error(this, t.getMessage(), t); PrintWriter out = response.getWriter(); out.println( "MethodInvocationException Error on template:" + request.getRequestURI() + request.getQueryString()); } } catch (Exception e) { Logger.error(this, e.toString(), e); try { response.sendError(500, "MethodInvocationException Error on template"); } catch (Throwable t) { Logger.error(this, t.getMessage(), t); PrintWriter out = response.getWriter(); out.println("Error on template:" + request.getRequestURI() + request.getQueryString()); } } finally { // catchall // added finally because of // http://jira.dotmarketing.net/browse/DOTCMS-1334 try { HibernateUtil.commitTransaction(); } catch (Exception e) { Logger.error(this, e.getMessage(), e); } DbConnectionFactory.closeConnection(); } if (profileTime != null) { profileTime = Calendar.getInstance().getTimeInMillis() - profileTime; VelocityProfiler.log( VelocityServlet.class, "VelocityPage time: " + request.getRequestURL() + " " + profileTime + " millis"); } } public void init(ServletConfig config) throws ServletException { // build the dirs new File(config.getServletContext().getRealPath("/WEB-INF/velocity/working")).mkdirs(); new File(config.getServletContext().getRealPath("/WEB-INF/velocity/live")).mkdir(); Config.initializeConfig(); CHARSET = Config.getStringProperty("CHARSET"); VELOCITY_HTMLPAGE_EXTENSION = Config.getStringProperty("VELOCITY_HTMLPAGE_EXTENSION"); } protected void doAdminMode(HttpServletRequest request, HttpServletResponse response) throws Exception { // LIVE MODE - LIVE PAGE com.liferay.portal.model.User backendUser = null; backendUser = com.liferay.portal.util.PortalUtil.getUser(request); response.setContentType(CHARSET); Context context = VelocityUtil.getWebContext(request, response); String uri = URLDecoder.decode(request.getRequestURI(), UtilMethods.getCharsetConfiguration()); uri = UtilMethods.cleanURI(uri); Host host = hostWebAPI.getCurrentHost(request); Identifier id = APILocator.getIdentifierAPI().find(host, uri); request.setAttribute("idInode", id.getInode()); HTMLPage htmlPage = (HTMLPage) APILocator.getVersionableAPI() .findWorkingVersion(id, APILocator.getUserAPI().getSystemUser(), false); HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI(); VelocityUtil.makeBackendContext( context, htmlPage, "", id.getURI(), request, true, false, false, host); boolean canUserWriteOnTemplate = permissionAPI.doesUserHavePermission( htmlPageAPI.getTemplateForWorkingHTMLPage(htmlPage), PERMISSION_WRITE, backendUser); context.put("EDIT_TEMPLATE_PERMISSION", canUserWriteOnTemplate); Template template = null; if (request.getParameter("leftMenu") != null) { template = VelocityUtil.getEngine().getTemplate("/preview_left_menu.vl"); } else if (request.getParameter("mainFrame") != null) { template = VelocityUtil.getEngine() .getTemplate("/live/" + id.getInode() + "." + VELOCITY_HTMLPAGE_EXTENSION); } else { template = VelocityUtil.getEngine().getTemplate("/preview_mode.vl"); } Logger.debug(VelocityServlet.class, "Got the template!!!!" + id.getInode()); PrintWriter out = response.getWriter(); request.setAttribute(VELOCITY_CONTEXT, context); try { template.merge(context, out); } catch (ParseErrorException e) { out.append(e.getMessage()); } } public void doLiveMode(HttpServletRequest request, HttpServletResponse response) throws Exception { String uri = URLDecoder.decode(request.getRequestURI(), UtilMethods.getCharsetConfiguration()); uri = UtilMethods.cleanURI(uri); Host host = hostWebAPI.getCurrentHost(request); // Map with all identifier inodes for a given uri. String idInode = APILocator.getIdentifierAPI().find(host, uri).getInode(); // Checking the path is really live using the livecache String cachedUri = LiveCache.getPathFromCache(uri, host); // if we still have nothing. if (!InodeUtils.isSet(idInode) || cachedUri == null) { throw new ResourceNotFoundException( String.format("Resource %s not found in Live mode!", uri)); } response.setContentType(CHARSET); request.setAttribute("idInode", String.valueOf(idInode)); Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + idInode); /* * JIRA http://jira.dotmarketing.net/browse/DOTCMS-4659 //Set long lived cookie regardless of who this is */ String _dotCMSID = UtilMethods.getCookieValue( request.getCookies(), com.dotmarketing.util.WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE); if (!UtilMethods.isSet(_dotCMSID)) { // create unique generator engine Cookie idCookie = CookieUtil.createCookie(); response.addCookie(idCookie); } com.liferay.portal.model.User user = null; HttpSession session = request.getSession(false); try { if (session != null) user = (com.liferay.portal.model.User) session.getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); } catch (Exception nsue) { Logger.warn(this, "Exception trying to getUser: "******"Page Permissions for URI=" + uri); HTMLPage page = null; try { // we get the page and check permissions below page = APILocator.getHTMLPageAPI() .loadLivePageById(idInode, APILocator.getUserAPI().getSystemUser(), false); } catch (Exception e) { Logger.error( HTMLPageWebAPI.class, "unable to load live version of page: " + idInode + " because " + e.getMessage()); return; } // Check if the page is visible by a CMS Anonymous role if (!permissionAPI.doesUserHavePermission(page, PERMISSION_READ, user, true)) { // this page is protected. not anonymous access /** * ***************************************************************** If we need to redirect * someone somewhere to login before seeing a page, we need to edit the /portal/401.jsp page * to sendRedirect the user to the proper login page. We are not using the REDIRECT_TO_LOGIN * variable in the config any longer. * **************************************************************** */ if (!signedIn) { // No need for the below LAST_PATH attribute on the front end // http://jira.dotmarketing.net/browse/DOTCMS-2675 // request.getSession().setAttribute(WebKeys.LAST_PATH, // new ObjectValuePair(uri, request.getParameterMap())); request.getSession().setAttribute(com.dotmarketing.util.WebKeys.REDIRECT_AFTER_LOGIN, uri); Logger.debug( VelocityServlet.class, "VELOCITY CHECKING PERMISSION: Page doesn't have anonymous access" + uri); Logger.debug(VelocityServlet.class, "401 URI = " + uri); Logger.debug(VelocityServlet.class, "Unauthorized URI = " + uri); response.sendError(401, "The requested page/file is unauthorized"); return; } else if (!permissionAPI .getReadRoles(ident) .contains(APILocator.getRoleAPI().loadLoggedinSiteRole())) { // user is logged in need to check user permissions Logger.debug(VelocityServlet.class, "VELOCITY CHECKING PERMISSION: User signed in"); // check user permissions on this asset if (!permissionAPI.doesUserHavePermission(ident, PERMISSION_READ, user, true)) { // the user doesn't have permissions to see this page // go to unauthorized page Logger.warn( VelocityServlet.class, "VELOCITY CHECKING PERMISSION: Page doesn't have any access for this user"); response.sendError(403, "The requested page/file is forbidden"); return; } } } Logger.debug(VelocityServlet.class, "Recording the ClickStream"); if (Config.getBooleanProperty("ENABLE_CLICKSTREAM_TRACKING", false)) { if (user != null) { UserProxy userProxy = com.dotmarketing.business.APILocator.getUserProxyAPI() .getUserProxy(user, APILocator.getUserAPI().getSystemUser(), false); if (!userProxy.isNoclicktracking()) { ClickstreamFactory.addRequest( (HttpServletRequest) request, ((HttpServletResponse) response), host); } } else { ClickstreamFactory.addRequest( (HttpServletRequest) request, ((HttpServletResponse) response), host); } } // Begin Page Caching boolean buildCache = false; String key = getPageCacheKey(request); if (key != null) { String cachedPage = CacheLocator.getBlockDirectiveCache().get(key, (int) page.getCacheTTL()); if (cachedPage == null || "refresh".equals(request.getParameter("dotcache")) || "refresh".equals(request.getAttribute("dotcache")) || "refresh".equals(request.getSession().getAttribute("dotcache"))) { // build cached response buildCache = true; } else { // have cached response and are not refreshing, send it response.getWriter().write(cachedPage); return; } } Writer out = (buildCache) ? new StringWriter(4096) : new VelocityFilterWriter(response.getWriter()); // get the context from the requst if possible Context context = VelocityUtil.getWebContext(request, response); request.setAttribute("velocityContext", context); Logger.debug(VelocityServlet.class, "HTMLPage Identifier:" + idInode); try { VelocityUtil.getEngine() .getTemplate("/live/" + idInode + "." + VELOCITY_HTMLPAGE_EXTENSION) .merge(context, out); } catch (ParseErrorException e) { // out.append(e.getMessage()); } context = null; if (buildCache) { String trimmedPage = out.toString().trim(); response.getWriter().write(trimmedPage); response.getWriter().close(); synchronized (key) { String x = CacheLocator.getBlockDirectiveCache().get(key, (int) page.getCacheTTL()); if (x != null) { return; } CacheLocator.getBlockDirectiveCache() .add(getPageCacheKey(request), trimmedPage, (int) page.getCacheTTL()); } } else { out.close(); } } @SuppressWarnings("unchecked") public void doPreviewMode(HttpServletRequest request, HttpServletResponse response) throws Exception { String uri = URLDecoder.decode(request.getRequestURI(), UtilMethods.getCharsetConfiguration()); uri = UtilMethods.cleanURI(uri); Host host = hostWebAPI.getCurrentHost(request); StringBuilder preExecuteCode = new StringBuilder(); Boolean widgetPreExecute = false; // Getting the user to check the permissions com.liferay.portal.model.User user = null; HttpSession session = request.getSession(false); try { if (session != null) user = (com.liferay.portal.model.User) session.getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); } catch (Exception nsue) { Logger.warn(this, "Exception trying getUser: "******"idInode", id.getInode()); Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + id.getInode()); Template template = null; Template hostVariablesTemplate = null; // creates the context where to place the variables response.setContentType(CHARSET); Context context = VelocityUtil.getWebContext(request, response); HTMLPage htmlPage = (HTMLPage) APILocator.getVersionableAPI().findWorkingVersion(id, user, true); HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI(); // to check user has permission to write on this page boolean hasWritePermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, user); boolean hasPublishPermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_PUBLISH, user); context.put("EDIT_HTMLPAGE_PERMISSION", new Boolean(hasWritePermOverHTMLPage)); context.put("PUBLISH_HTMLPAGE_PERMISSION", new Boolean(hasPublishPermOverHTMLPage)); boolean canUserWriteOnTemplate = permissionAPI.doesUserHavePermission( htmlPageAPI.getTemplateForWorkingHTMLPage(htmlPage), PERMISSION_WRITE, user, true); context.put("EDIT_TEMPLATE_PERMISSION", canUserWriteOnTemplate); com.dotmarketing.portlets.templates.model.Template cmsTemplate = com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate( htmlPage, true); Identifier templateIdentifier = APILocator.getIdentifierAPI().find(cmsTemplate); Logger.debug(VelocityServlet.class, "VELOCITY TEMPLATE INODE=" + cmsTemplate.getInode()); VelocityUtil.makeBackendContext( context, htmlPage, cmsTemplate.getInode(), id.getURI(), request, true, false, true, host); context.put("previewPage", "2"); context.put("livePage", "0"); // get the containers for the page and stick them in context List<Container> containers = APILocator.getTemplateAPI() .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false); for (Container c : containers) { context.put( String.valueOf("container" + c.getIdentifier()), "/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); context.put( "EDIT_CONTAINER_PERMISSION" + c.getIdentifier(), permissionAPI.doesUserHavePermission(c, PERMISSION_WRITE, user, true)); // to check user has permission to write this container Structure st = (Structure) InodeFactory.getInode(c.getStructureInode(), Structure.class); boolean hasWritePermOverTheStructure = permissionAPI.doesUserHavePermission(st, PERMISSION_WRITE, user, true); context.put( "ADD_CONTENT_PERMISSION" + c.getIdentifier(), new Boolean(hasWritePermOverTheStructure)); Logger.debug( VelocityServlet.class, String.valueOf("container" + c.getIdentifier()) + "=/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy(); boolean staticContainer = !UtilMethods.isSet(c.getLuceneQuery()); List<Contentlet> contentlets = null; // get contentlets only for main frame if (request.getParameter("mainFrame") != null) { if (staticContainer) { Logger.debug(VelocityServlet.class, "Static Container!!!!"); Logger.debug( VelocityServlet.class, "html=" + htmlPage.getInode() + " container=" + c.getInode()); // The container doesn't have categories Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); Identifier idenContainer = APILocator.getIdentifierAPI().find(c); contentlets = conAPI.findPageContentlets( idenHtmlPage.getInode(), idenContainer.getInode(), sort, true, -1, user, true); Logger.debug( VelocityServlet.class, "Getting contentlets for language=" + (String) request .getSession() .getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE) + " contentlets =" + contentlets.size()); } if (UtilMethods.isSet(contentlets) && contentlets.size() > 0) { Set<String> contentletIdentList = new HashSet<String>(); List<Contentlet> contentletsFilter = new ArrayList<Contentlet>(); for (Contentlet cont : contentlets) { if (!contentletIdentList.contains(cont.getIdentifier())) { contentletIdentList.add(cont.getIdentifier()); contentletsFilter.add(cont); } } contentlets = contentletsFilter; } List<String> contentletList = new ArrayList<String>(); if (contentlets != null && contentlets.size() > 0) { Iterator<Contentlet> iter = contentlets.iterator(); int count = 0; while (iter.hasNext() && (count < c.getMaxContentlets())) { count++; Contentlet contentlet = (Contentlet) iter.next(); Identifier contentletIdentifier = APILocator.getIdentifierAPI().find(contentlet); boolean hasWritePermOverContentlet = permissionAPI.doesUserHavePermission(contentlet, PERMISSION_WRITE, user, true); context.put( "EDIT_CONTENT_PERMISSION" + contentletIdentifier.getInode(), new Boolean(hasWritePermOverContentlet)); contentletList.add(String.valueOf(contentletIdentifier.getInode())); Logger.debug(this, "Adding contentlet=" + contentletIdentifier.getInode()); Structure contStructure = contentlet.getStructure(); if (contStructure.getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) { Field field = contStructure.getFieldVar("widgetPreexecute"); if (field != null && UtilMethods.isSet(field.getValues())) { preExecuteCode.append(field.getValues().trim() + "\n"); widgetPreExecute = true; } } } } // sets contentletlist with all the files to load per // container context.put("contentletList" + c.getIdentifier(), contentletList); context.put("totalSize" + c.getIdentifier(), new Integer(contentletList.size())); } } Logger.debug( VelocityServlet.class, "Before finding template: /working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); Logger.debug( VelocityServlet.class, "Velocity directory:" + VelocityUtil.getEngine().getProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH)); if (request.getParameter("leftMenu") != null) { /* * try to get the messages from the session */ List<String> list = new ArrayList<String>(); if (SessionMessages.contains(request, "message")) { list.add((String) SessionMessages.get(request, "message")); SessionMessages.clear(request); } if (SessionMessages.contains(request, "custommessage")) { list.add((String) SessionMessages.get(request, "custommessage")); SessionMessages.clear(request); } if (list.size() > 0) { ArrayList<String> mymessages = new ArrayList<String>(); Iterator<String> it = list.iterator(); while (it.hasNext()) { try { String message = (String) it.next(); Company comp = PublicCompanyFactory.getDefaultCompany(); mymessages.add(LanguageUtil.get(comp.getCompanyId(), user.getLocale(), message)); } catch (Exception e) { } } context.put("vmessages", mymessages); } template = VelocityUtil.getEngine().getTemplate("/preview_left_menu.vl"); } else if (request.getParameter("mainFrame") != null) { hostVariablesTemplate = VelocityUtil.getEngine() .getTemplate( "/working/" + host.getIdentifier() + "." + Config.getStringProperty("VELOCITY_HOST_EXTENSION")); template = VelocityUtil.getEngine() .getTemplate( "/working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); } else { template = VelocityUtil.getEngine().getTemplate("/preview_mode.vl"); } PrintWriter out = response.getWriter(); request.setAttribute("velocityContext", context); try { if (widgetPreExecute) { VelocityUtil.getEngine().evaluate(context, out, "", preExecuteCode.toString()); } if (hostVariablesTemplate != null) hostVariablesTemplate.merge(context, out); template.merge(context, out); } catch (ParseErrorException e) { out.append(e.getMessage()); } } @SuppressWarnings("unchecked") protected void doEditMode(HttpServletRequest request, HttpServletResponse response) throws Exception { String uri = request.getRequestURI(); uri = UtilMethods.cleanURI(uri); Host host = hostWebAPI.getCurrentHost(request); StringBuilder preExecuteCode = new StringBuilder(); Boolean widgetPreExecute = false; // Getting the user to check the permissions com.liferay.portal.model.User backendUser = null; try { backendUser = com.liferay.portal.util.PortalUtil.getUser(request); } catch (Exception nsue) { Logger.warn(this, "Exception trying getUser: "******"idInode", String.valueOf(id.getInode())); Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + id.getInode()); Template template = null; Template hostVariablesTemplate = null; // creates the context where to place the variables response.setContentType(CHARSET); Context context = VelocityUtil.getWebContext(request, response); HTMLPage htmlPage = (HTMLPage) APILocator.getVersionableAPI() .findWorkingVersion(id, APILocator.getUserAPI().getSystemUser(), false); HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI(); // to check user has permission to write on this page boolean hasAddChildrenPermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_CAN_ADD_CHILDREN, backendUser); boolean hasWritePermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_WRITE, backendUser); boolean hasPublishPermOverHTMLPage = permissionAPI.doesUserHavePermission(htmlPage, PERMISSION_PUBLISH, backendUser); context.put("ADD_CHILDREN_HTMLPAGE_PERMISSION", new Boolean(hasAddChildrenPermOverHTMLPage)); context.put("EDIT_HTMLPAGE_PERMISSION", new Boolean(hasWritePermOverHTMLPage)); context.put("PUBLISH_HTMLPAGE_PERMISSION", new Boolean(hasPublishPermOverHTMLPage)); context.put("canAddForm", new Boolean(LicenseUtil.getLevel() > 199 ? true : false)); context.put("canViewDiff", new Boolean(LicenseUtil.getLevel() > 199 ? true : false)); boolean canUserWriteOnTemplate = permissionAPI.doesUserHavePermission( htmlPageAPI.getTemplateForWorkingHTMLPage(htmlPage), PERMISSION_WRITE, backendUser) && portletAPI.hasTemplateManagerRights(backendUser); context.put("EDIT_TEMPLATE_PERMISSION", canUserWriteOnTemplate); com.dotmarketing.portlets.templates.model.Template cmsTemplate = com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate( htmlPage, true); if (cmsTemplate == null) { // DOTCMS-4051 cmsTemplate = new com.dotmarketing.portlets.templates.model.Template(); Logger.debug(VelocityServlet.class, "HTMLPAGE TEMPLATE NOT FOUND"); } Identifier templateIdentifier = APILocator.getIdentifierAPI().find(cmsTemplate); Logger.debug(VelocityServlet.class, "VELOCITY TEMPLATE INODE=" + cmsTemplate.getInode()); VelocityUtil.makeBackendContext( context, htmlPage, cmsTemplate.getInode(), id.getURI(), request, true, true, false, host); // added to show tabs context.put("previewPage", "1"); // get the containers for the page and stick them in context List<Container> containers = APILocator.getTemplateAPI() .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false); for (Container c : containers) { context.put( String.valueOf("container" + c.getIdentifier()), "/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); boolean hasWritePermissionOnContainer = permissionAPI.doesUserHavePermission(c, PERMISSION_WRITE, backendUser, false) && portletAPI.hasContainerManagerRights(backendUser); boolean hasReadPermissionOnContainer = permissionAPI.doesUserHavePermission(c, PERMISSION_READ, backendUser, false); context.put("EDIT_CONTAINER_PERMISSION" + c.getIdentifier(), hasWritePermissionOnContainer); if (Config.getBooleanProperty("SIMPLE_PAGE_CONTENT_PERMISSIONING", true)) context.put("USE_CONTAINER_PERMISSION" + c.getIdentifier(), true); else context.put("USE_CONTAINER_PERMISSION" + c.getIdentifier(), hasReadPermissionOnContainer); // to check user has permission to write this container Structure st = (Structure) InodeFactory.getInode(c.getStructureInode(), Structure.class); boolean hasWritePermOverTheStructure = permissionAPI.doesUserHavePermission(st, PERMISSION_WRITE, backendUser); context.put( "ADD_CONTENT_PERMISSION" + c.getIdentifier(), new Boolean(hasWritePermOverTheStructure)); Logger.debug( VelocityServlet.class, String.valueOf("container" + c.getIdentifier()) + "=/working/" + c.getIdentifier() + "." + Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION")); String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy(); List<Contentlet> contentlets = null; boolean staticContainer = !UtilMethods.isSet(c.getLuceneQuery()); // get contentlets only for main frame if (request.getParameter("mainFrame") != null) { if (staticContainer) { Logger.debug(VelocityServlet.class, "Static Container!!!!"); Logger.debug( VelocityServlet.class, "html=" + htmlPage.getInode() + " container=" + c.getInode()); // The container doesn't have categories Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage); Identifier idenContainer = APILocator.getIdentifierAPI().find(c); contentlets = conAPI.findPageContentlets( idenHtmlPage.getInode(), idenContainer.getInode(), sort, true, -1, backendUser, true); Logger.debug( VelocityServlet.class, "Getting contentlets for language=" + (String) request .getSession() .getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE) + " contentlets =" + contentlets.size()); } else { String luceneQuery = c.getLuceneQuery(); int limit = c.getMaxContentlets(); String sortBy = c.getSortContentletsBy(); int offset = 0; contentlets = conAPI.search(luceneQuery, limit, offset, sortBy, backendUser, true); } if (UtilMethods.isSet(contentlets) && contentlets.size() > 0) { Set<String> contentletIdentList = new HashSet<String>(); List<Contentlet> contentletsFilter = new ArrayList<Contentlet>(); for (Contentlet cont : contentlets) { if (!contentletIdentList.contains(cont.getIdentifier())) { contentletIdentList.add(cont.getIdentifier()); contentletsFilter.add(cont); } } contentlets = contentletsFilter; } List<String> contentletList = new ArrayList<String>(); if (contentlets != null) { Iterator<Contentlet> iter = contentlets.iterator(); int count = 0; while (iter.hasNext() && (count < c.getMaxContentlets())) { count++; Contentlet contentlet = (Contentlet) iter.next(); Identifier contentletIdentifier = APILocator.getIdentifierAPI().find(contentlet); boolean hasWritePermOverContentlet = permissionAPI.doesUserHavePermission(contentlet, PERMISSION_WRITE, backendUser); context.put( "EDIT_CONTENT_PERMISSION" + contentletIdentifier.getInode(), new Boolean(hasWritePermOverContentlet)); contentletList.add(String.valueOf(contentletIdentifier.getInode())); Logger.debug(this, "Adding contentlet=" + contentletIdentifier.getInode()); Structure contStructure = contentlet.getStructure(); if (contStructure.getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) { Field field = contStructure.getFieldVar("widgetPreexecute"); if (field != null && UtilMethods.isSet(field.getValues())) { preExecuteCode.append(field.getValues().trim() + "\n"); widgetPreExecute = true; } } } } // sets contentletlist with all the files to load per // container context.put("contentletList" + c.getIdentifier(), contentletList); context.put("totalSize" + c.getIdentifier(), new Integer(contentletList.size())); // ### Add the structure fake contentlet ### if (contentletList.size() == 0) { Structure structure = ContainerFactory.getContainerStructure(c); contentletList.add(structure.getInode() + ""); // sets contentletlist with all the files to load per // container context.remove("contentletList" + c.getIdentifier()); context.remove("totalSize" + c.getIdentifier()); // http://jira.dotmarketing.net/browse/DOTCMS-2876 context.put("contentletList" + c.getIdentifier(), new long[0]); context.put("totalSize" + c.getIdentifier(), 0); } // ### END Add the structure fake contentlet ### } } Logger.debug( VelocityServlet.class, "Before finding template: /working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); Logger.debug( VelocityServlet.class, "Velocity directory:" + VelocityUtil.getEngine().getProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH)); if (request.getParameter("leftMenu") != null) { /* * try to get the messages from the session */ List<String> list = new ArrayList<String>(); if (SessionMessages.contains(request, "message")) { list.add((String) SessionMessages.get(request, "message")); SessionMessages.clear(request); } if (SessionMessages.contains(request, "custommessage")) { list.add((String) SessionMessages.get(request, "custommessage")); SessionMessages.clear(request); } if (list.size() > 0) { ArrayList<String> mymessages = new ArrayList<String>(); Iterator<String> it = list.iterator(); while (it.hasNext()) { try { String message = (String) it.next(); Company comp = PublicCompanyFactory.getDefaultCompany(); mymessages.add(LanguageUtil.get(comp.getCompanyId(), backendUser.getLocale(), message)); } catch (Exception e) { } } context.put("vmessages", mymessages); } template = VelocityUtil.getEngine().getTemplate("/preview_left_menu.vl"); } else if (request.getParameter("mainFrame") != null) { hostVariablesTemplate = VelocityUtil.getEngine() .getTemplate( "/working/" + host.getIdentifier() + "." + Config.getStringProperty("VELOCITY_HOST_EXTENSION")); template = VelocityUtil.getEngine() .getTemplate( "/working/" + templateIdentifier.getInode() + "." + Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION")); } else { // Return a resource not found right away if the page is not found, // not try to load the frames if (!InodeUtils.isSet(templateIdentifier.getInode())) throw new ResourceNotFoundException(""); template = VelocityUtil.getEngine().getTemplate("/preview_mode.vl"); } PrintWriter out = response.getWriter(); request.setAttribute("velocityContext", context); try { if (widgetPreExecute) { VelocityUtil.getEngine().evaluate(context, out, "", preExecuteCode.toString()); } if (hostVariablesTemplate != null) hostVariablesTemplate.merge(context, out); template.merge(context, out); } catch (ParseErrorException e) { out.append(e.getMessage()); } } // EACH CLIENT MAY HAVE ITS OWN VARIABLES // WE HAVE THE CLASS CLIENT THAT WILL IMPLEMENT THIS METHOD AND WILL BE ON // THE WEB.XML FILE protected abstract void _setClientVariablesOnContext( HttpServletRequest request, ChainedContext context); private boolean isArchive(HttpServletRequest request) throws PortalException, SystemException, DotDataException, DotSecurityException { String uri = request.getRequestURI(); uri = UtilMethods.cleanURI(uri); Host host = null; String hostId = ""; /* * String pageHostId = request.getParameter("host_id"); if (pageHostId * != null) { try { hostId = Long.parseLong(pageHostId); } catch * (Exception ex) { } } */ hostId = request.getParameter("host_id"); if (!InodeUtils.isSet(hostId)) { host = hostWebAPI.getCurrentHost(request); hostId = host.getIdentifier(); } else { User user = (com.liferay.portal.model.User) request.getSession().getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); host = hostWebAPI.find(hostId, user, true); } // Getting the identifier from the uri Identifier id = APILocator.getIdentifierAPI().find(host, uri); request.setAttribute("idInode", String.valueOf(id.getInode())); HTMLPage htmlPage = (HTMLPage) APILocator.getVersionableAPI() .findWorkingVersion(id, APILocator.getUserAPI().getSystemUser(), false); boolean isArchived = htmlPage.isDeleted(); return isArchived; } /** * @author will this filter class strips all leading whitespace from the server response which is * helpful for xml feeds and the like. */ public class VelocityFilterWriter extends FilterWriter { private boolean firstNonWhiteSpace = false; public VelocityFilterWriter(Writer arg0) { super(arg0); } @Override public void write(char[] arg0) throws IOException { if (firstNonWhiteSpace) { super.write(arg0); } else { for (int i = 0; i < arg0.length; i++) { if (arg0[i] > 32) { firstNonWhiteSpace = true; } if (firstNonWhiteSpace) { super.write(arg0[i]); } } } } @Override public void write(String arg0) throws IOException { if (firstNonWhiteSpace) { super.write(arg0); } else { char[] stringChar = arg0.toCharArray(); for (int i = 0; i < stringChar.length; i++) { if (stringChar[i] > 32) { firstNonWhiteSpace = true; super.write(arg0.substring(i, stringChar.length)); break; } } } } } /** * This method trys to build a cache key based on the information given in the request - if the * page can't be cached, or caching is not availbale then return null * * @param request * @return */ private String getPageCacheKey(HttpServletRequest request) { // no license if (LicenseUtil.getLevel() < 100) { return null; } // don't cache posts if (!"GET".equalsIgnoreCase(request.getMethod())) { return null; } // nocache passed either as a session var, as a request var or as a // request attribute if ("no".equals(request.getParameter("dotcache")) || "no".equals(request.getAttribute("dotcache")) || "no".equals(request.getSession().getAttribute("dotcache"))) { return null; } String idInode = (String) request.getAttribute("idInode"); User user = (com.liferay.portal.model.User) request.getSession().getAttribute(com.dotmarketing.util.WebKeys.CMS_USER); HTMLPage page = null; try { page = APILocator.getHTMLPageAPI().loadLivePageById(idInode, user, true); } catch (Exception e) { Logger.error( HTMLPageWebAPI.class, "unable to load live version of page: " + idInode + " because " + e.getMessage()); return null; } if (page == null || page.getCacheTTL() < 1) { return null; } StringBuilder sb = new StringBuilder(); sb.append(page.getInode()); sb.append("_" + page.getModDate().getTime()); String userId = (user != null) ? user.getUserId() : "PUBLIC"; sb.append("_" + userId); String language = (String) request.getSession().getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE); sb.append("_" + language); String urlMap = (String) request.getAttribute(WebKeys.WIKI_CONTENTLET_INODE); if (urlMap != null) { sb.append("_" + urlMap); } if (UtilMethods.isSet(request.getQueryString())) { sb.append("_" + request.getQueryString()); } return sb.toString(); } }
public class SiteSearchWebAPI implements ViewTool { private static HostWebAPI hostWebAPI = WebAPILocator.getHostWebAPI(); private static UserAPI userAPI = APILocator.getUserAPI(); private static SiteSearchAPI siteSearchAPI = APILocator.getSiteSearchAPI(); public void init(Object initData) {} /** * Performs a search on the site search index using the current host in the request Sample usage * from velocity: * * <pre>{@code * #set($searchresults = $sitesearch.search("dotcms",null,0,10,$request)) * #set($hitsdetail = $searchresults.getDetails()) * #set($summaries = $searchresults.getSummaries()) * #foreach ($i in [0..$math.sub($searchresults.getEnd(),1)]) * $hitsdetail.get($i).getValue("title") * $hitsdetail.get($i).getValue("url") * $summaries.get($i).toHtml(true) * #end * }</pre> * * @param query String to search for * @param sort Property to sort the results * @param start Start row * @param rows Number of rows to return (10 by default) * @param request * @return DotSearchResults * @throws IOException */ public DotSearchResults search( String query, String sort, int start, int rows, HttpServletRequest request) throws IOException { Host host = null; try { host = hostWebAPI.getCurrentHost(request); } catch (Exception e) { Logger.error(this, e.getMessage(), e); try { Logger.warn(this, "Error getting host from request, trying default host"); host = hostWebAPI.findDefaultHost(userAPI.getSystemUser(), false); } catch (Exception e1) { Logger.error(this, e1.getMessage(), e1); throw new DotRuntimeException(e.getMessage(), e); } } Locale locale = (Locale) request.getSession().getAttribute(WebKeys.Globals_FRONTEND_LOCALE_KEY); String lang = request.getLocale().getLanguage(); if (locale != null) { lang = locale.getLanguage(); } DotSearchResults dsr = siteSearchAPI.search(query, sort, start, rows, lang, host.getIdentifier()); dsr.setHost(host); dsr.setLang(lang); return dsr; } }
/** * @author David * @version $Revision: 1.5 $ $Date: 2007/07/18 16:48:42 $ */ public final class SubmitWebFormAction extends DispatchAction { HostWebAPI hostWebAPI = WebAPILocator.getHostWebAPI(); @SuppressWarnings("unchecked") public ActionForward unspecified( ActionMapping rMapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { ActionErrors errors = new ActionErrors(); // Email parameters HttpSession session = request.getSession(); Host currentHost = hostWebAPI.getCurrentHost(request); User currentUser = (User) session.getAttribute(WebKeys.CMS_USER); String method = request.getMethod(); String errorURL = request.getParameter("errorURL"); errorURL = (!UtilMethods.isSet(errorURL) ? request.getHeader("referer") : errorURL); if (errorURL.indexOf("?") > -1) { errorURL = errorURL.substring(0, errorURL.lastIndexOf("?")); } String x = request.getRequestURI(); if (request.getParameterMap().size() < 2) { return null; } // Checking for captcha boolean useCaptcha = Config.getBooleanProperty("FORCE_CAPTCHA", true); if (!useCaptcha) { useCaptcha = new Boolean(request.getParameter("useCaptcha")).booleanValue(); } String captcha = request.getParameter("captcha"); if (useCaptcha) { Captcha captchaObj = (Captcha) session.getAttribute(Captcha.NAME); String captchaSession = captchaObj != null ? captchaObj.getAnswer() : null; if (captcha == null && Config.getBooleanProperty("FORCE_CAPTCHA", true)) { response .getWriter() .write( "Captcha is required to submit this form ( FORCE_CAPTCHA=true ).<br>To change this, edit the dotmarketing-config.properties and set FORCE_CAPTCHA=false"); return null; } if (!UtilMethods.isSet(captcha) || !UtilMethods.isSet(captchaSession) || !captcha.equals(captchaSession)) { errors.add( Globals.ERROR_KEY, new ActionMessage("message.contentlet.required", "Validation Image")); request.setAttribute(Globals.ERROR_KEY, errors); session.setAttribute(Globals.ERROR_KEY, errors); String queryString = request.getQueryString(); String invalidCaptchaURL = request.getParameter("invalidCaptchaReturnUrl"); if (!UtilMethods.isSet(invalidCaptchaURL)) { invalidCaptchaURL = errorURL; } ActionForward af = new ActionForward(); af.setRedirect(true); if (UtilMethods.isSet(queryString)) { af.setPath(invalidCaptchaURL + "?" + queryString + "&error=Validation-Image"); } else { af.setPath(invalidCaptchaURL + "?error=Validation-Image"); } return af; } } Map<String, Object> parameters = null; if (request instanceof UploadServletRequest) { UploadServletRequest uploadReq = (UploadServletRequest) request; parameters = new HashMap<String, Object>(uploadReq.getParameterMap()); for (Entry<String, Object> entry : parameters.entrySet()) { if (entry.getKey().toLowerCase().indexOf("file") > -1 && !entry.getKey().equals("attachFiles")) { parameters.put(entry.getKey(), uploadReq.getFile(entry.getKey())); } } } else { parameters = new HashMap<String, Object>(request.getParameterMap()); } Set<String> toValidate = new java.util.HashSet<String>(parameters.keySet()); // Enhancing the ignored parameters not to be send in the email String ignoredParameters = (String) EmailFactory.getMapValue("ignore", parameters); if (ignoredParameters == null) { ignoredParameters = ""; } ignoredParameters += ":useCaptcha:captcha:invalidCaptchaReturnUrl:return:returnUrl:errorURL:ignore:to:from:cc:bcc:dispatch:order:prettyOrder:autoReplyTo:autoReplyFrom:autoReplyText:autoReplySubject:"; parameters.put("ignore", ignoredParameters); // getting categories from inodes // getting parent category name and child categories name // and replacing the "categories" parameter String categories = ""; String[] categoriesArray = request.getParameterValues("categories"); if (categoriesArray != null) { HashMap hashCategories = new HashMap<String, String>(); for (int i = 0; i < categoriesArray.length; i++) { Category node = (Category) InodeFactory.getInode(categoriesArray[i], Category.class); Category parent = (Category) InodeFactory.getParentOfClass(node, Category.class); String parentCategoryName = parent.getCategoryName(); if (hashCategories.containsKey(parentCategoryName)) { String childCategoryName = (String) hashCategories.get(parentCategoryName); if (UtilMethods.isSet(childCategoryName)) { childCategoryName += ", "; } childCategoryName += node.getCategoryName(); hashCategories.put(parentCategoryName, childCategoryName); } else { hashCategories.put(parentCategoryName, node.getCategoryName()); } } Set<String> keySet = hashCategories.keySet(); for (String stringKey : keySet) { if (UtilMethods.isSet(categories)) { categories += "; "; } categories += stringKey + " : " + (String) hashCategories.get(stringKey); parameters.put(stringKey, (String) hashCategories.get(stringKey)); } parameters.remove("categories"); } WebForm webForm = new WebForm(); try { /*validation parameter should ignore the returnUrl and erroURL field in the spam check*/ String[] removeParams = ignoredParameters.split(":"); for (String param : removeParams) { toValidate.remove(param); } parameters.put("request", request); parameters.put("response", response); // Sending the email webForm = EmailFactory.sendParameterizedEmail(parameters, toValidate, currentHost, currentUser); webForm.setCategories(categories); if (UtilMethods.isSet(request.getParameter("createAccount")) && request.getParameter("createAccount").equals("true")) { // if we create account set to true we create a user account and add user comments. createAccount(webForm, request); try { String userInode = webForm.getUserInode(); String customFields = webForm.getCustomFields(); customFields += " User Inode = " + String.valueOf(userInode) + " | "; webForm.setCustomFields(customFields); } catch (Exception e) { } } if (UtilMethods.isSet(webForm.getFormType())) { HibernateUtil.saveOrUpdate(webForm); } if (request.getParameter("return") != null) { ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, request.getParameter("return"))); af.setRedirect(true); return af; } else if (request.getParameter("returnUrl") != null) { ActionForward af = new ActionForward( SecurityUtils.stripReferer(request, request.getParameter("returnUrl"))); af.setRedirect(true); return af; } else { return rMapping.findForward("thankYouPage"); } } catch (DotRuntimeException e) { errors.add(Globals.ERROR_KEY, new ActionMessage("error.processing.your.email")); request.getSession().setAttribute(Globals.ERROR_KEY, errors); String queryString = request.getQueryString(); if (queryString == null) { java.util.Enumeration<String> parameterNames = request.getParameterNames(); queryString = ""; String parameterName; for (; parameterNames.hasMoreElements(); ) { parameterName = parameterNames.nextElement(); if (0 < queryString.length()) { queryString = queryString + "&" + parameterName + "=" + UtilMethods.encodeURL(request.getParameter(parameterName)); } else { queryString = parameterName + "=" + UtilMethods.encodeURL(request.getParameter(parameterName)); } } } ActionForward af; if (UtilMethods.isSet(queryString)) { af = new ActionForward(SecurityUtils.stripReferer(request, errorURL + "?" + queryString)); } else { af = new ActionForward(SecurityUtils.stripReferer(request, errorURL)); } af.setRedirect(true); return af; } } private void createAccount(WebForm form, HttpServletRequest request) throws Exception { User user = APILocator.getUserAPI() .loadByUserByEmail(form.getEmail(), APILocator.getUserAPI().getSystemUser(), false); User defaultUser = APILocator.getUserAPI().getDefaultUser(); Date today = new Date(); if (user.isNew() || (!user.isNew() && user.getLastLoginDate() == null)) { // ### CREATE USER ### Company company = PublicCompanyFactory.getDefaultCompany(); user.setEmailAddress(form.getEmail().trim().toLowerCase()); user.setFirstName(form.getFirstName() == null ? "" : form.getFirstName()); user.setMiddleName(form.getMiddleName() == null ? "" : form.getMiddleName()); user.setLastName(form.getLastName() == null ? "" : form.getLastName()); user.setNickName(""); user.setCompanyId(company.getCompanyId()); user.setPasswordEncrypted(true); user.setGreeting("Welcome, " + user.getFullName() + "!"); // Set defaults values if (user.isNew()) { // if it's a new user we set random password String pass = PublicEncryptionFactory.getRandomPassword(); user.setPassword(PublicEncryptionFactory.digestString(pass)); user.setLanguageId(defaultUser.getLanguageId()); user.setTimeZoneId(defaultUser.getTimeZoneId()); user.setSkinId(defaultUser.getSkinId()); user.setDottedSkins(defaultUser.isDottedSkins()); user.setRoundedSkins(defaultUser.isRoundedSkins()); user.setResolution(defaultUser.getResolution()); user.setRefreshRate(defaultUser.getRefreshRate()); user.setLayoutIds(""); user.setActive(true); user.setCreateDate(today); } APILocator.getUserAPI().save(user, APILocator.getUserAPI().getSystemUser(), false); // ### END CREATE USER ### // ### CREATE USER_PROXY ### UserProxy userProxy = com.dotmarketing.business.APILocator.getUserProxyAPI() .getUserProxy(user.getUserId(), APILocator.getUserAPI().getSystemUser(), false); userProxy.setPrefix(""); userProxy.setTitle(form.getTitle()); userProxy.setOrganization(form.getOrganization()); userProxy.setUserId(user.getUserId()); com.dotmarketing.business.APILocator.getUserProxyAPI() .saveUserProxy(userProxy, APILocator.getUserAPI().getSystemUser(), false); // ### END CRETE USER_PROXY ### // saving user inode on web form form.setUserInode(userProxy.getInode()); if (UtilMethods.isSet(form.getFormType())) { HibernateUtil.saveOrUpdate(form); } ///// WE CAN DO THIS! BUT WE NEED TO ADD CATEGORIES TO WEBFORM AND ALSO CHANGE THE PROCESSES // THAT //// CREATE THE EXCEL DOWNLOAD FROM WEB FORMS. I DIDN'T ADD IT SO I COMMENTED THIS CODE FOR // NOW // get the old categories, wipe them out /* List<Category> categories = InodeFactory.getParentsOfClass(userProxy, Category.class); for (int i = 0; i < categories.size(); i++) { categories.get(i).deleteChild(userProxy); } */ // Save the new categories /*String[] arr = form.getCategories(); if (arr != null) { for (int i = 0; i < arr.length; i++) { Category node = (Category) InodeFactory.getInode(arr[i], Category.class); node.addChild(userProxy); } }*/ // ### CREATE ADDRESS ### try { List<Address> addresses = PublicAddressFactory.getAddressesByUserId(user.getUserId()); Address address = (addresses.size() > 0 ? addresses.get(0) : PublicAddressFactory.getInstance()); address.setStreet1(form.getAddress1() == null ? "" : form.getAddress1()); address.setStreet2(form.getAddress2() == null ? "" : form.getAddress2()); address.setCity(form.getCity() == null ? "" : form.getCity()); address.setState(form.getState() == null ? "" : form.getState()); address.setZip(form.getZip() == null ? "" : form.getZip()); String phone = form.getPhone(); address.setPhone(phone == null ? "" : phone); address.setUserId(user.getUserId()); address.setCompanyId(company.getCompanyId()); PublicAddressFactory.save(address); } catch (Exception ex) { Logger.error(this, ex.getMessage(), ex); } Role defaultRole = com.dotmarketing.business.APILocator.getRoleAPI() .loadRoleByKey(Config.getStringProperty("CMS_VIEWER_ROLE")); String roleId = defaultRole.getId(); if (InodeUtils.isSet(roleId)) { com.dotmarketing.business.APILocator.getRoleAPI().addRoleToUser(roleId, user); } } // ### END CREATE ADDRESS ### // ### BUILD THE USER COMMENT ### addUserComments(user.getUserId(), form, request); // ### END BUILD THE USER COMMENT ### /* associate user with their clickstream request */ if (Config.getBooleanProperty("ENABLE_CLICKSTREAM_TRACKING", false)) { ClickstreamFactory.setClickStreamUser(user.getUserId(), request); } } private void addUserComments(String userid, WebForm webForm, HttpServletRequest request) throws Exception { Date now = new Date(); String webFormType = webForm.getFormType(); String webFormId = webForm.getWebFormId(); UserComment userComments = new UserComment(); userComments.setUserId(userid); userComments.setCommentUserId(userid); userComments.setDate(now); if (request.getParameter("comments") != null) { userComments.setComment(request.getParameter("comments")); } else if (UtilMethods.isSet(webForm.getFormType())) { userComments.setSubject("User submitted: " + webFormType); userComments.setComment("Web Form: " + webFormType + " - ID: " + webFormId); } else { userComments.setSubject("User submitted Form: Open Entry "); StringBuffer buffy = new StringBuffer(); Enumeration x = request.getParameterNames(); while (x.hasMoreElements()) { String key = (String) x.nextElement(); buffy.append(key); buffy.append(":\t"); buffy.append(request.getParameter(key)); buffy.append("\n"); if (buffy.length() > 65000) { break; } } userComments.setComment(buffy.toString()); } userComments.setTypeComment(UserComment.TYPE_INCOMING); userComments.setMethod(UserComment.METHOD_WEB); userComments.setCommunicationId(null); UserCommentsFactory.saveUserComment(userComments); } }