@Test(expected = PrincipalException.MustHavePermission.class)
public void testCreateRepositoryFromExistingFolderWithoutPermissions() throws Exception {
DLFolder dlFolder = DLTestUtil.addDLFolder(_group.getGroupId());
PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();
try {
PermissionChecker permissionChecker =
new SimplePermissionChecker() {
@Override
public boolean hasOwnerPermission(
long companyId, String name, String primKey, long ownerId, String actionId) {
return false;
}
@Override
public boolean hasPermission(
long groupId, String name, String primKey, String actionId) {
return false;
}
};
permissionChecker.init(originalPermissionChecker.getUser());
PermissionThreadLocal.setPermissionChecker(permissionChecker);
RepositoryProviderUtil.getFolderRepository(dlFolder.getFolderId());
} finally {
PermissionThreadLocal.setPermissionChecker(originalPermissionChecker);
}
}
@Override
public void removePortletId(long userId, String portletId, boolean cleanUp) {
try {
Portlet portlet = PortletLocalServiceUtil.getPortletById(getCompanyId(), portletId);
if (portlet == null) {
_log.error("Portlet " + portletId + " cannot be removed because it is not registered");
return;
}
PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
if (!LayoutPermissionUtil.contains(permissionChecker, getLayout(), ActionKeys.UPDATE)
&& !isCustomizable()) {
return;
}
} catch (Exception e) {
_log.error(e, e);
return;
}
List<String> columns = getColumns();
for (int i = 0; i < columns.size(); i++) {
String columnId = columns.get(i);
if (isCustomizable() && isColumnDisabled(columnId)) {
continue;
}
String columnValue = StringPool.BLANK;
if (hasUserPreferences()) {
columnValue = getUserPreference(columnId);
} else {
columnValue = getTypeSettingsProperty(columnId);
}
columnValue = StringUtil.removeFromList(columnValue, portletId);
if (hasUserPreferences()) {
setUserPreference(columnId, columnValue);
} else {
setTypeSettingsProperty(columnId, columnValue);
}
}
if (cleanUp) {
try {
onRemoveFromLayout(new String[] {portletId});
} catch (Exception e) {
_log.error(e, e);
}
}
}
public void setUp() throws Exception {
_permissionChecker = PermissionThreadLocal.getPermissionChecker();
PermissionThreadLocal.setPermissionChecker(
new DummyPermissionChecker() {
@Override
public boolean hasPermission(long groupId, String name, long primKey, String actionId) {
return true;
}
});
;
_principal = PrincipalThreadLocal.getName();
PrincipalThreadLocal.setName(TestPropsValues.getUserId());
}
@Override
public boolean isCheckLayoutViewPermission() {
PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
if (!permissionChecker.isSignedIn()) {
return true;
}
return false;
}
protected void setUpPermissionThreadLocal() throws Exception {
_originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();
PermissionThreadLocal.setPermissionChecker(
new SimplePermissionChecker() {
{
init(TestPropsValues.getUser());
}
@Override
public boolean hasOwnerPermission(
long companyId, String name, String primKey, long ownerId, String actionId) {
return true;
}
@Override
public boolean hasPermission(long groupId, String name, String primKey, String actionId) {
return true;
}
});
}
@Before
public void setUp() throws Exception {
group = GroupTestUtil.addGroup();
user = UserTestUtil.addUser();
serviceContext = ServiceContextTestUtil.getServiceContext(group.getGroupId());
doSetUp();
ServiceTestUtil.setUser(user);
permissionChecker = PermissionThreadLocal.getPermissionChecker();
addPortletModelViewPermission();
}
protected String getRoleOwnerIdsSQL(long groupId, long userId) {
StringBundler sb = new StringBundler(8);
PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
long[] roleIds = permissionChecker.getRoleIds(userId, groupId);
sb.append(StringPool.OPEN_PARENTHESIS);
if (roleIds.length != 0) {
sb.append("roleId IN (");
sb.append(StringUtil.merge(roleIds));
sb.append(StringPool.CLOSE_PARENTHESIS);
sb.append(WHERE_OR);
}
sb.append("ownerId = ");
sb.append(userId);
sb.append(StringPool.CLOSE_PARENTHESIS);
return sb.toString();
}
protected void tearDownPermissionThreadLocal() {
PermissionThreadLocal.setPermissionChecker(_originalPermissionChecker);
}
public void tearDown() {
PermissionThreadLocal.setPermissionChecker(_permissionChecker);
PrincipalThreadLocal.setName(_principal);
}
protected String getUserPreference(String key) {
String value = StringPool.BLANK;
if (!hasUserPreferences()) {
return value;
}
value =
_portalPreferences.getValue(CustomizedPages.namespacePlid(getPlid()), key, StringPool.NULL);
if (!value.equals(StringPool.NULL)) {
return value;
}
value = getTypeSettingsProperty(key);
if (Validator.isNull(value)) {
return value;
}
List<String> newPortletIds = new ArrayList<>();
PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
String[] portletIds = StringUtil.split(value);
for (String portletId : portletIds) {
try {
if (!PortletPermissionUtil.contains(
permissionChecker, getLayout(), portletId, ActionKeys.VIEW, true)) {
continue;
}
String rootPortletId = PortletConstants.getRootPortletId(portletId);
if (!PortletPermissionUtil.contains(
permissionChecker, rootPortletId, ActionKeys.ADD_TO_PAGE)) {
continue;
}
} catch (Exception e) {
_log.error(e, e);
}
String newPortletId = null;
boolean preferencesUniquePerLayout = false;
try {
Portlet portlet = PortletLocalServiceUtil.getPortletById(getCompanyId(), portletId);
preferencesUniquePerLayout = portlet.isPreferencesUniquePerLayout();
} catch (SystemException se) {
_log.error(se, se);
}
if (PortletConstants.hasInstanceId(portletId) || preferencesUniquePerLayout) {
String instanceId = null;
if (PortletConstants.hasInstanceId(portletId)) {
instanceId = PortletConstants.generateInstanceId();
}
newPortletId =
PortletConstants.assemblePortletId(
portletId, _portalPreferences.getUserId(), instanceId);
copyPreferences(_portalPreferences.getUserId(), portletId, newPortletId);
copyResourcePermissions(portletId, newPortletId);
} else {
newPortletId = portletId;
}
newPortletIds.add(newPortletId);
}
value = StringUtil.merge(newPortletIds);
setUserPreference(key, value);
return value;
}
protected String addPortletId(
long userId,
String portletId,
String columnId,
int columnPos,
boolean checkPermission,
boolean strictHasPortlet) {
portletId = JS.getSafeName(portletId);
Layout layout = getLayout();
Portlet portlet = null;
try {
portlet = PortletLocalServiceUtil.getPortletById(layout.getCompanyId(), portletId);
if (portlet == null) {
if (_log.isWarnEnabled()) {
_log.warn("Portlet " + portletId + " cannot be added because it is not registered");
}
return null;
}
PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();
if (checkPermission
&& !PortletPermissionUtil.contains(
permissionChecker, layout, portlet, ActionKeys.ADD_TO_PAGE)) {
return null;
}
} catch (Exception e) {
_log.error(e, e);
}
if (portlet.isSystem()) {
return null;
}
if (portlet.isInstanceable() && !PortletConstants.hasInstanceId(portletId)) {
portletId =
PortletConstants.assemblePortletId(portletId, PortletConstants.generateInstanceId());
}
if (hasPortletId(portletId, strictHasPortlet)) {
return null;
}
if (columnId == null) {
LayoutTemplate layoutTemplate = getLayoutTemplate();
List<String> columns = layoutTemplate.getColumns();
if (!columns.isEmpty()) {
columnId = columns.get(0);
}
}
if (columnId == null) {
return null;
}
if (isCustomizable()) {
if (isColumnDisabled(columnId)) {
return null;
}
if ((PortletConstants.hasInstanceId(portletId) || portlet.isPreferencesUniquePerLayout())
&& hasUserPreferences()) {
portletId = PortletConstants.assemblePortletId(portletId, userId);
}
}
String columnValue = StringPool.BLANK;
if (hasUserPreferences()) {
columnValue = getUserPreference(columnId);
} else {
columnValue = getTypeSettingsProperty(columnId);
}
if ((columnValue == null) && columnId.startsWith(_NESTED_PORTLETS_NAMESPACE)) {
addNestedColumn(columnId);
}
if (columnPos >= 0) {
List<String> portletIds = ListUtil.fromArray(StringUtil.split(columnValue));
if (columnPos <= portletIds.size()) {
portletIds.add(columnPos, portletId);
} else {
portletIds.add(portletId);
}
columnValue = StringUtil.merge(portletIds);
} else {
columnValue = StringUtil.add(columnValue, portletId);
}
if (hasUserPreferences()) {
setUserPreference(columnId, columnValue);
} else {
setTypeSettingsProperty(columnId, columnValue);
}
try {
if (_enablePortletLayoutListener && !portlet.isUndeployedPortlet()) {
PortletLayoutListener portletLayoutListener = portlet.getPortletLayoutListenerInstance();
if (portletLayoutListener != null) {
portletLayoutListener.onAddToLayout(portletId, layout.getPlid());
}
}
} catch (Exception e) {
_log.error("Unable to fire portlet layout listener event", e);
}
return portletId;
}
protected String doTransform(
ThemeDisplay themeDisplay,
Map<String, Object> contextObjects,
Map<String, String> tokens,
String viewMode,
String languageId,
Document document,
PortletRequestModel portletRequestModel,
String script,
String langType,
boolean propagateException)
throws Exception {
// Setup listeners
if (_log.isDebugEnabled()) {
_log.debug("Language " + languageId);
}
if (Validator.isNull(viewMode)) {
viewMode = Constants.VIEW;
}
if (_logTokens.isDebugEnabled()) {
String tokensString = PropertiesUtil.list(tokens);
_logTokens.debug(tokensString);
}
if (_logTransformBefore.isDebugEnabled()) {
_logTransformBefore.debug(document);
}
List<TransformerListener> transformerListeners =
JournalTransformerListenerRegistryUtil.getTransformerListeners();
for (TransformerListener transformerListener : transformerListeners) {
// Modify XML
if (_logXmlBeforeListener.isDebugEnabled()) {
_logXmlBeforeListener.debug(document);
}
if (transformerListener != null) {
document = transformerListener.onXml(document, languageId, tokens);
if (_logXmlAfterListener.isDebugEnabled()) {
_logXmlAfterListener.debug(document);
}
}
// Modify script
if (_logScriptBeforeListener.isDebugEnabled()) {
_logScriptBeforeListener.debug(script);
}
if (transformerListener != null) {
script = transformerListener.onScript(script, document, languageId, tokens);
if (_logScriptAfterListener.isDebugEnabled()) {
_logScriptAfterListener.debug(script);
}
}
}
// Transform
String output = null;
if (Validator.isNull(langType)) {
output = LocalizationUtil.getLocalization(document.asXML(), languageId);
} else {
long companyId = 0;
long companyGroupId = 0;
long articleGroupId = 0;
long classNameId = 0;
if (tokens != null) {
companyId = GetterUtil.getLong(tokens.get("company_id"));
companyGroupId = GetterUtil.getLong(tokens.get("company_group_id"));
articleGroupId = GetterUtil.getLong(tokens.get("article_group_id"));
classNameId = GetterUtil.getLong(tokens.get(TemplateConstants.CLASS_NAME_ID));
}
long scopeGroupId = 0;
long siteGroupId = 0;
if (themeDisplay != null) {
companyId = themeDisplay.getCompanyId();
companyGroupId = themeDisplay.getCompanyGroupId();
scopeGroupId = themeDisplay.getScopeGroupId();
siteGroupId = themeDisplay.getSiteGroupId();
}
String templateId = tokens.get("template_id");
templateId = getTemplateId(templateId, companyId, companyGroupId, articleGroupId);
Template template = getTemplate(templateId, tokens, languageId, document, script, langType);
if (contextObjects != null) {
template.putAll(contextObjects);
}
UnsyncStringWriter unsyncStringWriter = new UnsyncStringWriter();
try {
if (document != null) {
Element rootElement = document.getRootElement();
List<TemplateNode> templateNodes =
getTemplateNodes(
themeDisplay, rootElement, Long.valueOf(tokens.get("ddm_structure_id")));
if (templateNodes != null) {
for (TemplateNode templateNode : templateNodes) {
template.put(templateNode.getName(), templateNode);
}
}
if (portletRequestModel != null) {
template.put("request", portletRequestModel.toMap());
if (langType.equals(TemplateConstants.LANG_TYPE_XSL)) {
Document requestDocument = SAXReaderUtil.read(portletRequestModel.toXML());
Element requestElement = requestDocument.getRootElement();
template.put("xmlRequest", requestElement.asXML());
}
} else {
Element requestElement = rootElement.element("request");
template.put("request", insertRequestVariables(requestElement));
if (langType.equals(TemplateConstants.LANG_TYPE_XSL)) {
template.put("xmlRequest", requestElement.asXML());
}
}
}
template.put("articleGroupId", articleGroupId);
template.put("company", getCompany(themeDisplay, companyId));
template.put("companyId", companyId);
template.put("device", getDevice(themeDisplay));
String templatesPath = getTemplatesPath(companyId, articleGroupId, classNameId);
Locale locale = LocaleUtil.fromLanguageId(languageId);
template.put("locale", locale);
template.put("permissionChecker", PermissionThreadLocal.getPermissionChecker());
template.put("randomNamespace", StringUtil.randomId() + StringPool.UNDERLINE);
template.put("scopeGroupId", scopeGroupId);
template.put("siteGroupId", siteGroupId);
template.put("templatesPath", templatesPath);
template.put("viewMode", viewMode);
if (themeDisplay != null) {
TemplateManager templateManager = TemplateManagerUtil.getTemplateManager(langType);
HttpServletRequest request = themeDisplay.getRequest();
templateManager.addTaglibSupport(template, request, themeDisplay.getResponse());
templateManager.addTaglibTheme(
template,
"taglibLiferay",
request,
new PipingServletResponse(themeDisplay.getResponse(), unsyncStringWriter));
}
// Deprecated variables
template.put("groupId", articleGroupId);
template.put("journalTemplatesPath", templatesPath);
mergeTemplate(template, unsyncStringWriter, propagateException);
} catch (Exception e) {
if (e instanceof DocumentException) {
throw new TransformException("Unable to read XML document", e);
} else if (e instanceof IOException) {
throw new TransformException("Error reading template", e);
} else if (e instanceof TransformException) {
throw (TransformException) e;
} else {
throw new TransformException("Unhandled exception", e);
}
}
output = unsyncStringWriter.toString();
}
// Postprocess output
for (TransformerListener transformerListener : transformerListeners) {
// Modify output
if (_logOutputBeforeListener.isDebugEnabled()) {
_logOutputBeforeListener.debug(output);
}
output = transformerListener.onOutput(output, languageId, tokens);
if (_logOutputAfterListener.isDebugEnabled()) {
_logOutputAfterListener.debug(output);
}
}
if (_logTransfromAfter.isDebugEnabled()) {
_logTransfromAfter.debug(output);
}
return output;
}