Exemplo n.º 1
0
  /**
   * This method trys to build a cache key based on the information given in the request - if the
   * page can't be cached, or caching is not availbale then return null
   *
   * @param request
   * @return
   */
  private String getPageCacheKey(HttpServletRequest request) {
    // no license
    if (LicenseUtil.getLevel() < 100) {
      return null;
    }
    // don't cache posts
    if (!"GET".equalsIgnoreCase(request.getMethod())) {
      return null;
    }
    // nocache passed either as a session var, as a request var or as a
    // request attribute
    if ("no".equals(request.getParameter("dotcache"))
        || "no".equals(request.getAttribute("dotcache"))
        || "no".equals(request.getSession().getAttribute("dotcache"))) {
      return null;
    }

    String idInode = (String) request.getAttribute("idInode");

    User user =
        (com.liferay.portal.model.User)
            request.getSession().getAttribute(com.dotmarketing.util.WebKeys.CMS_USER);

    HTMLPage page = null;
    try {
      page = APILocator.getHTMLPageAPI().loadLivePageById(idInode, user, true);
    } catch (Exception e) {
      Logger.error(
          HTMLPageWebAPI.class,
          "unable to load live version of page: " + idInode + " because " + e.getMessage());
      return null;
    }
    if (page == null || page.getCacheTTL() < 1) {
      return null;
    }

    StringBuilder sb = new StringBuilder();
    sb.append(page.getInode());
    sb.append("_" + page.getModDate().getTime());

    String userId = (user != null) ? user.getUserId() : "PUBLIC";
    sb.append("_" + userId);

    String language =
        (String) request.getSession().getAttribute(com.dotmarketing.util.WebKeys.HTMLPAGE_LANGUAGE);
    sb.append("_" + language);

    String urlMap = (String) request.getAttribute(WebKeys.WIKI_CONTENTLET_INODE);
    if (urlMap != null) {
      sb.append("_" + urlMap);
    }

    if (UtilMethods.isSet(request.getQueryString())) {
      sb.append("_" + request.getQueryString());
    }

    return sb.toString();
  }
Exemplo n.º 2
0
  public void doLiveMode(HttpServletRequest request, HttpServletResponse response)
      throws Exception {

    String uri = URLDecoder.decode(request.getRequestURI(), UtilMethods.getCharsetConfiguration());
    uri = UtilMethods.cleanURI(uri);

    Host host = hostWebAPI.getCurrentHost(request);

    // Map with all identifier inodes for a given uri.
    String idInode = APILocator.getIdentifierAPI().find(host, uri).getInode();

    // Checking the path is really live using the livecache
    String cachedUri = LiveCache.getPathFromCache(uri, host);

    // if we still have nothing.
    if (!InodeUtils.isSet(idInode) || cachedUri == null) {
      throw new ResourceNotFoundException(
          String.format("Resource %s not found in Live mode!", uri));
    }

    response.setContentType(CHARSET);

    request.setAttribute("idInode", String.valueOf(idInode));
    Logger.debug(VelocityServlet.class, "VELOCITY HTML INODE=" + idInode);

    /*
     * JIRA http://jira.dotmarketing.net/browse/DOTCMS-4659
    //Set long lived cookie regardless of who this is */
    String _dotCMSID =
        UtilMethods.getCookieValue(
            request.getCookies(), com.dotmarketing.util.WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE);

    if (!UtilMethods.isSet(_dotCMSID)) {
      // create unique generator engine
      Cookie idCookie = CookieUtil.createCookie();
      response.addCookie(idCookie);
    }

    com.liferay.portal.model.User user = null;
    HttpSession session = request.getSession(false);
    try {
      if (session != null)
        user =
            (com.liferay.portal.model.User)
                session.getAttribute(com.dotmarketing.util.WebKeys.CMS_USER);
    } catch (Exception nsue) {
      Logger.warn(this, "Exception trying to getUser: "******"Page Permissions for URI=" + uri);

    HTMLPage page = null;
    try {
      // we get the page and check permissions below
      page =
          APILocator.getHTMLPageAPI()
              .loadLivePageById(idInode, APILocator.getUserAPI().getSystemUser(), false);
    } catch (Exception e) {
      Logger.error(
          HTMLPageWebAPI.class,
          "unable to load live version of page: " + idInode + " because " + e.getMessage());
      return;
    }

    // Check if the page is visible by a CMS Anonymous role
    if (!permissionAPI.doesUserHavePermission(page, PERMISSION_READ, user, true)) {
      // this page is protected. not anonymous access

      /**
       * ***************************************************************** If we need to redirect
       * someone somewhere to login before seeing a page, we need to edit the /portal/401.jsp page
       * to sendRedirect the user to the proper login page. We are not using the REDIRECT_TO_LOGIN
       * variable in the config any longer.
       * ****************************************************************
       */
      if (!signedIn) {
        // No need for the below LAST_PATH attribute on the front end
        // http://jira.dotmarketing.net/browse/DOTCMS-2675
        // request.getSession().setAttribute(WebKeys.LAST_PATH,
        // new ObjectValuePair(uri, request.getParameterMap()));
        request.getSession().setAttribute(com.dotmarketing.util.WebKeys.REDIRECT_AFTER_LOGIN, uri);

        Logger.debug(
            VelocityServlet.class,
            "VELOCITY CHECKING PERMISSION: Page doesn't have anonymous access" + uri);

        Logger.debug(VelocityServlet.class, "401 URI = " + uri);

        Logger.debug(VelocityServlet.class, "Unauthorized URI = " + uri);
        response.sendError(401, "The requested page/file is unauthorized");
        return;

      } else if (!permissionAPI
          .getReadRoles(ident)
          .contains(APILocator.getRoleAPI().loadLoggedinSiteRole())) {
        // user is logged in need to check user permissions
        Logger.debug(VelocityServlet.class, "VELOCITY CHECKING PERMISSION: User signed in");

        // check user permissions on this asset
        if (!permissionAPI.doesUserHavePermission(ident, PERMISSION_READ, user, true)) {
          // the user doesn't have permissions to see this page
          // go to unauthorized page
          Logger.warn(
              VelocityServlet.class,
              "VELOCITY CHECKING PERMISSION: Page doesn't have any access for this user");
          response.sendError(403, "The requested page/file is forbidden");
          return;
        }
      }
    }

    Logger.debug(VelocityServlet.class, "Recording the ClickStream");
    if (Config.getBooleanProperty("ENABLE_CLICKSTREAM_TRACKING", false)) {
      if (user != null) {
        UserProxy userProxy =
            com.dotmarketing.business.APILocator.getUserProxyAPI()
                .getUserProxy(user, APILocator.getUserAPI().getSystemUser(), false);
        if (!userProxy.isNoclicktracking()) {
          ClickstreamFactory.addRequest(
              (HttpServletRequest) request, ((HttpServletResponse) response), host);
        }
      } else {
        ClickstreamFactory.addRequest(
            (HttpServletRequest) request, ((HttpServletResponse) response), host);
      }
    }

    // Begin Page Caching
    boolean buildCache = false;
    String key = getPageCacheKey(request);
    if (key != null) {

      String cachedPage = CacheLocator.getBlockDirectiveCache().get(key, (int) page.getCacheTTL());

      if (cachedPage == null
          || "refresh".equals(request.getParameter("dotcache"))
          || "refresh".equals(request.getAttribute("dotcache"))
          || "refresh".equals(request.getSession().getAttribute("dotcache"))) {
        // build cached response
        buildCache = true;
      } else {
        // have cached response and are not refreshing, send it
        response.getWriter().write(cachedPage);
        return;
      }
    }

    Writer out =
        (buildCache) ? new StringWriter(4096) : new VelocityFilterWriter(response.getWriter());

    // get the context from the requst if possible
    Context context = VelocityUtil.getWebContext(request, response);

    request.setAttribute("velocityContext", context);
    Logger.debug(VelocityServlet.class, "HTMLPage Identifier:" + idInode);

    try {

      VelocityUtil.getEngine()
          .getTemplate("/live/" + idInode + "." + VELOCITY_HTMLPAGE_EXTENSION)
          .merge(context, out);

    } catch (ParseErrorException e) {
      // out.append(e.getMessage());
    }

    context = null;
    if (buildCache) {
      String trimmedPage = out.toString().trim();
      response.getWriter().write(trimmedPage);
      response.getWriter().close();
      synchronized (key) {
        String x = CacheLocator.getBlockDirectiveCache().get(key, (int) page.getCacheTTL());
        if (x != null) {
          return;
        }
        CacheLocator.getBlockDirectiveCache()
            .add(getPageCacheKey(request), trimmedPage, (int) page.getCacheTTL());
      }
    } else {
      out.close();
    }
  }
Exemplo n.º 3
0
  @SuppressWarnings("unchecked")
  public static InputStream buildStream(HTMLPage htmlPage, Identifier identifier, boolean EDIT_MODE)
      throws DotDataException, DotSecurityException {
    String folderPath = (!EDIT_MODE) ? "live/" : "working/";
    InputStream result;
    StringBuilder sb = new StringBuilder();

    ContentletAPI conAPI = APILocator.getContentletAPI();
    Template cmsTemplate =
        com.dotmarketing.portlets.htmlpages.factories.HTMLPageFactory.getHTMLPageTemplate(
            htmlPage, EDIT_MODE);
    if (cmsTemplate == null || !InodeUtils.isSet(cmsTemplate.getInode())) {
      Logger.error(
          This.class,
          "PAGE DOES NOT HAVE A VALID TEMPLATE (template unpublished?) : page id "
              + htmlPage.getIdentifier()
              + ":"
              + identifier.getURI());
    }

    // gets pageChannel for this path
    java.util.StringTokenizer st =
        new java.util.StringTokenizer(String.valueOf(identifier.getURI()), "/");
    String pageChannel = null;
    if (st.hasMoreTokens()) {
      pageChannel = st.nextToken();
    }

    // set the page cache var
    if (htmlPage.getCacheTTL() > 0 && LicenseUtil.getLevel() > 99) {
      sb.append("#set($dotPageCacheDate = \"").append(new java.util.Date()).append("\")");
      sb.append("#set($dotPageCacheTTL = \"").append(htmlPage.getCacheTTL()).append("\")");
    }

    // set the host variables
    HTMLPageAPI htmlPageAPI = APILocator.getHTMLPageAPI();

    Host host = htmlPageAPI.getParentHost(htmlPage);
    sb.append("#if(!$doNotParseTemplate)");
    sb.append("$velutil.mergeTemplate('")
        .append(folderPath)
        .append(host.getIdentifier())
        .append(".")
        .append(Config.getStringProperty("VELOCITY_HOST_EXTENSION"))
        .append("')");
    sb.append(" #end ");

    // creates the context where to place the variables
    // Build a context to pass to the page
    sb.append("#if(!$doNotSetPageInfo)");
    sb.append("#set ( $quote = '\"' )");
    sb.append("#set ($HTMLPAGE_INODE = \"")
        .append(String.valueOf(htmlPage.getInode()))
        .append("\" )");
    sb.append("#set ($HTMLPAGE_IDENTIFIER = \"")
        .append(String.valueOf(htmlPage.getIdentifier()))
        .append("\" )");
    sb.append("#set ($HTMLPAGE_TITLE = \"")
        .append(UtilMethods.espaceForVelocity(htmlPage.getTitle()))
        .append("\" )");
    sb.append(
            "#set ($HTMLPAGE_FRIENDLY_NAME = \""
                + UtilMethods.espaceForVelocity(htmlPage.getFriendlyName()))
        .append("\" )");
    sb.append("#set ($TEMPLATE_INODE = \"")
        .append(String.valueOf(cmsTemplate.getInode()))
        .append("\" )");
    sb.append("#set ($HTMLPAGE_META = \"")
        .append(UtilMethods.espaceForVelocity(htmlPage.getMetadata()))
        .append("\" )");
    sb.append("#set ($HTMLPAGE_META = \"#fixBreaks($HTMLPAGE_META)\")");

    sb.append("#set ($HTMLPAGE_DESCRIPTION = \"")
        .append(UtilMethods.espaceForVelocity(htmlPage.getSeoDescription()))
        .append("\" )");
    sb.append("#set ($HTMLPAGE_DESCRIPTION = \"#fixBreaks($HTMLPAGE_DESCRIPTION)\")");

    sb.append("#set ($HTMLPAGE_KEYWORDS = \"")
        .append(UtilMethods.espaceForVelocity(htmlPage.getSeoKeywords()))
        .append("\" )");
    sb.append("#set ($HTMLPAGE_KEYWORDS = \"#fixBreaks($HTMLPAGE_KEYWORDS)\")");

    sb.append("#set ($HTMLPAGE_SECURE = \"")
        .append(String.valueOf(htmlPage.isHttpsRequired()))
        .append("\" )");
    sb.append("#set ($VTLSERVLET_URI = \"")
        .append(UtilMethods.encodeURIComponent(identifier.getURI()))
        .append("\" )");
    sb.append("#set ($HTMLPAGE_REDIRECT = \"")
        .append(UtilMethods.espaceForVelocity(htmlPage.getRedirect()))
        .append("\" )");

    sb.append("#set ($pageTitle = \"")
        .append(UtilMethods.espaceForVelocity(htmlPage.getTitle()))
        .append("\" )");
    sb.append("#set ($pageChannel = \"").append(pageChannel).append("\" )");
    sb.append("#set ($friendlyName = \"")
        .append(UtilMethods.espaceForVelocity(htmlPage.getFriendlyName()))
        .append("\" )");

    Date moddate = null;
    if (UtilMethods.isSet(htmlPage.getModDate())) {
      moddate = htmlPage.getModDate();
    } else {
      moddate = htmlPage.getStartDate();
    }

    moddate = new Timestamp(moddate.getTime());

    sb.append("#set ($HTML_PAGE_LAST_MOD_DATE= $date.toDate(\"yyyy-MM-dd HH:mm:ss.SSS\", \"")
        .append(moddate)
        .append("\"))");
    sb.append("#set ($HTMLPAGE_MOD_DATE= $date.toDate(\"yyyy-MM-dd HH:mm:ss.SSS\", \"")
        .append(moddate)
        .append("\"))");
    sb.append(" #end ");

    // get the containers for the page and stick them in context
    // List identifiers = InodeFactory.getChildrenClass(cmsTemplate, Identifier.class);

    List<Container> containerList =
        APILocator.getTemplateAPI()
            .getContainersInTemplate(cmsTemplate, APILocator.getUserAPI().getSystemUser(), false);

    Iterator i = containerList.iterator();
    while (i.hasNext()) {
      Container ident = (Container) i.next();

      Container c = null;
      if (EDIT_MODE) {
        c =
            (Container)
                APILocator.getVersionableAPI()
                    .findWorkingVersion(
                        ident.getIdentifier(), APILocator.getUserAPI().getSystemUser(), false);
      } else {
        c =
            (Container)
                APILocator.getVersionableAPI()
                    .findLiveVersion(
                        ident.getIdentifier(), APILocator.getUserAPI().getSystemUser(), false);
      }
      // sets container to load the container file
      sb.append("#set ($container")
          .append(ident.getIdentifier())
          .append(" = \"")
          .append(folderPath)
          .append(ident.getIdentifier())
          .append(".")
          .append(Config.getStringProperty("VELOCITY_CONTAINER_EXTENSION"))
          .append("\" )");

      String sort = (c.getSortContentletsBy() == null) ? "tree_order" : c.getSortContentletsBy();

      boolean dynamicContainer = UtilMethods.isSet(c.getLuceneQuery());

      int langCounter = 0;

      List<Contentlet> contentlets = new ArrayList<Contentlet>();
      List<Contentlet> contentletsFull = new ArrayList<Contentlet>();
      if (!dynamicContainer) {
        Identifier idenHtmlPage = APILocator.getIdentifierAPI().find(htmlPage);
        Identifier idenContainer = APILocator.getIdentifierAPI().find(c);
        // The container doesn't have categories
        try {
          contentlets =
              conAPI.findPageContentlets(
                  idenHtmlPage.getId(),
                  idenContainer.getId(),
                  sort,
                  EDIT_MODE,
                  -1,
                  APILocator.getUserAPI().getSystemUser(),
                  false);
          if (EDIT_MODE) contentletsFull = contentlets;
          else
            contentletsFull =
                conAPI.findPageContentlets(
                    idenHtmlPage.getId(),
                    idenContainer.getId(),
                    sort,
                    true,
                    -1,
                    APILocator.getUserAPI().getSystemUser(),
                    false);
        } catch (Exception e) {
          Logger.error(PageServices.class, "Unable to retrive contentlets on page", e);
        }
        Logger.debug(
            PageServices.class,
            "HTMLPage= "
                + htmlPage.getInode()
                + " Container="
                + c.getInode()
                + " Language=-1 Contentlets="
                + contentlets.size());
      }
      // this is to filter the contentlets list removing the repited identifiers
      if (contentlets.size() > 0) {
        Set<String> contentletIdentList = new HashSet<String>();
        List<Contentlet> contentletsFilter = new ArrayList<Contentlet>();
        for (Contentlet cont : contentlets) {
          if (!contentletIdentList.contains(cont.getIdentifier())) {
            contentletIdentList.add(cont.getIdentifier());
            contentletsFilter.add(cont);
          }
        }
        contentlets = contentletsFilter;
      }
      if (contentletsFull.size() > 0) {
        Set<String> contentletIdentList = new HashSet<String>();
        List<Contentlet> contentletsFilter = new ArrayList<Contentlet>();
        for (Contentlet cont : contentletsFull) {
          if (!contentletIdentList.contains(cont.getIdentifier())) {
            contentletIdentList.add(cont.getIdentifier());
            contentletsFilter.add(cont);
          }
        }
        contentletsFull = contentletsFilter;
      }

      StringBuilder widgetpree = new StringBuilder();
      StringBuilder widgetpreeFull = new StringBuilder();

      StringBuilder contentletList = new StringBuilder();
      int count = 0;
      for (Contentlet contentlet : contentlets) {
        contentletList
            .append(count == 0 ? "" : ",")
            .append('"')
            .append(contentlet.getIdentifier())
            .append('"');
        if (contentlet.getStructure().getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) {
          Field field = contentlet.getStructure().getFieldVar("widgetPreexecute");
          if (field != null && UtilMethods.isSet(field.getValues()))
            widgetpree.append(field.getValues().trim());
        }
        if (++count >= c.getMaxContentlets()) break;
      }

      StringBuilder contentletListFull = new StringBuilder();
      int countFull = 0;
      for (Contentlet contentlet : contentletsFull) {
        contentletListFull
            .append(countFull == 0 ? "" : ",")
            .append('"')
            .append(contentlet.getIdentifier())
            .append('"');
        if (contentlet.getStructure().getStructureType() == Structure.STRUCTURE_TYPE_WIDGET) {
          Field field = contentlet.getStructure().getFieldVar("widgetPreexecute");
          if (field != null && UtilMethods.isSet(field.getValues()))
            widgetpreeFull.append(field.getValues().trim());
        }
        if (++countFull >= c.getMaxContentlets()) break;
      }

      sb.append("#if($request.session.getAttribute(\"tm_date\"))");
      sb.append(widgetpreeFull);
      sb.append("#set ($contentletList")
          .append(ident.getIdentifier())
          .append(" = [")
          .append(contentletListFull.toString())
          .append("] )");
      sb.append("#set ($totalSize")
          .append(ident.getIdentifier())
          .append("=")
          .append(countFull)
          .append(")");
      sb.append("#else ");
      sb.append(widgetpree);
      sb.append("#set ($contentletList")
          .append(ident.getIdentifier())
          .append(" = [")
          .append(contentletList.toString())
          .append("] )");
      sb.append("#set ($totalSize")
          .append(ident.getIdentifier())
          .append("=")
          .append(count)
          .append(")");
      sb.append("#end ");
      langCounter++;
    }

    if (htmlPage.isHttpsRequired()) {
      sb.append(" #if(!$ADMIN_MODE  && !$request.isSecure())");
      sb.append("    #if($request.getQueryString())");
      sb.append(
          "        #set ($REDIRECT_URL = \"https://${request.getServerName()}$request.getAttribute('javax.servlet.forward.request_uri')?$request.getQueryString()\")");
      sb.append("    #else ");
      sb.append(
          "        #set ($REDIRECT_URL = \"https://${request.getServerName()}$request.getAttribute('javax.servlet.forward.request_uri')\")");
      sb.append("    #end ");
      sb.append("    $response.sendRedirect(\"$REDIRECT_URL\")");
      sb.append(" #end ");
    }

    sb.append("#if($HTMLPAGE_REDIRECT != \"\")");
    sb.append("    $response.sendRedirect(\"$HTMLPAGE_REDIRECT\")");
    sb.append("#end");

    Identifier iden = APILocator.getIdentifierAPI().find(cmsTemplate);

    sb.append("#if(!$doNotParseTemplate)");
    if (cmsTemplate.isDrawed()) { // We have a designed template
      // Setting some theme variables
      sb.append("#set ($dotTheme = $templatetool.theme(\"")
          .append(cmsTemplate.getTheme())
          .append("\",\"")
          .append(host.getIdentifier())
          .append("\"))");
      sb.append("#set ($dotThemeLayout = $templatetool.themeLayout(\"")
          .append(cmsTemplate.getInode())
          .append("\" ))");
      // Merging our template
      sb.append("$velutil.mergeTemplate(\"$dotTheme.templatePath\")");
    } else {
      sb.append("$velutil.mergeTemplate('")
          .append(folderPath)
          .append(iden.getInode())
          .append(".")
          .append(Config.getStringProperty("VELOCITY_TEMPLATE_EXTENSION"))
          .append("')");
    }
    sb.append("#end");

    try {

      if (Config.getBooleanProperty("SHOW_VELOCITYFILES", false)) {
        String realFolderPath =
            (!EDIT_MODE) ? "live" + java.io.File.separator : "working" + java.io.File.separator;
        String velocityRootPath = Config.getStringProperty("VELOCITY_ROOT");
        String filePath =
            realFolderPath
                + identifier.getInode()
                + "."
                + Config.getStringProperty("VELOCITY_HTMLPAGE_EXTENSION");
        if (velocityRootPath.startsWith("/WEB-INF")) {
          velocityRootPath = com.liferay.util.FileUtil.getRealPath(velocityRootPath);
        }
        velocityRootPath += java.io.File.separator;

        java.io.BufferedOutputStream tmpOut =
            new java.io.BufferedOutputStream(
                new java.io.FileOutputStream(
                    new java.io.File(
                        ConfigUtils.getDynamicVelocityPath() + java.io.File.separator + filePath)));
        // Specify a proper character encoding
        OutputStreamWriter out =
            new OutputStreamWriter(tmpOut, UtilMethods.getCharsetConfiguration());

        out.write(sb.toString());

        out.flush();
        out.close();
        tmpOut.close();
      }
    } catch (Exception e) {
      Logger.error(PageServices.class, e.toString(), e);
    }
    try {
      result = new ByteArrayInputStream(sb.toString().getBytes("UTF-8"));
    } catch (UnsupportedEncodingException e1) {
      result = new ByteArrayInputStream(sb.toString().getBytes());
      Logger.error(ContainerServices.class, e1.getMessage(), e1);
    }
    return result;
  }