@Test(expected = PrincipalException.MustHavePermission.class)
  public void testCreateRepositoryFromExistingFolderWithoutPermissions() throws Exception {

    DLFolder dlFolder = DLTestUtil.addDLFolder(_group.getGroupId());

    PermissionChecker originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();

    try {
      PermissionChecker permissionChecker =
          new SimplePermissionChecker() {

            @Override
            public boolean hasOwnerPermission(
                long companyId, String name, String primKey, long ownerId, String actionId) {

              return false;
            }

            @Override
            public boolean hasPermission(
                long groupId, String name, String primKey, String actionId) {

              return false;
            }
          };

      permissionChecker.init(originalPermissionChecker.getUser());

      PermissionThreadLocal.setPermissionChecker(permissionChecker);

      RepositoryProviderUtil.getFolderRepository(dlFolder.getFolderId());
    } finally {
      PermissionThreadLocal.setPermissionChecker(originalPermissionChecker);
    }
  }
  @Override
  public void removePortletId(long userId, String portletId, boolean cleanUp) {

    try {
      Portlet portlet = PortletLocalServiceUtil.getPortletById(getCompanyId(), portletId);

      if (portlet == null) {
        _log.error("Portlet " + portletId + " cannot be removed because it is not registered");

        return;
      }

      PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();

      if (!LayoutPermissionUtil.contains(permissionChecker, getLayout(), ActionKeys.UPDATE)
          && !isCustomizable()) {

        return;
      }
    } catch (Exception e) {
      _log.error(e, e);

      return;
    }

    List<String> columns = getColumns();

    for (int i = 0; i < columns.size(); i++) {
      String columnId = columns.get(i);

      if (isCustomizable() && isColumnDisabled(columnId)) {
        continue;
      }

      String columnValue = StringPool.BLANK;

      if (hasUserPreferences()) {
        columnValue = getUserPreference(columnId);
      } else {
        columnValue = getTypeSettingsProperty(columnId);
      }

      columnValue = StringUtil.removeFromList(columnValue, portletId);

      if (hasUserPreferences()) {
        setUserPreference(columnId, columnValue);
      } else {
        setTypeSettingsProperty(columnId, columnValue);
      }
    }

    if (cleanUp) {
      try {
        onRemoveFromLayout(new String[] {portletId});
      } catch (Exception e) {
        _log.error(e, e);
      }
    }
  }
Пример #3
0
  public void setUp() throws Exception {
    _permissionChecker = PermissionThreadLocal.getPermissionChecker();

    PermissionThreadLocal.setPermissionChecker(
        new DummyPermissionChecker() {

          @Override
          public boolean hasPermission(long groupId, String name, long primKey, String actionId) {

            return true;
          }
        });

    ;

    _principal = PrincipalThreadLocal.getName();

    PrincipalThreadLocal.setName(TestPropsValues.getUserId());
  }
  @Override
  public boolean isCheckLayoutViewPermission() {
    PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();

    if (!permissionChecker.isSignedIn()) {
      return true;
    }

    return false;
  }
  protected void setUpPermissionThreadLocal() throws Exception {
    _originalPermissionChecker = PermissionThreadLocal.getPermissionChecker();

    PermissionThreadLocal.setPermissionChecker(
        new SimplePermissionChecker() {

          {
            init(TestPropsValues.getUser());
          }

          @Override
          public boolean hasOwnerPermission(
              long companyId, String name, String primKey, long ownerId, String actionId) {

            return true;
          }

          @Override
          public boolean hasPermission(long groupId, String name, String primKey, String actionId) {

            return true;
          }
        });
  }
  @Before
  public void setUp() throws Exception {
    group = GroupTestUtil.addGroup();
    user = UserTestUtil.addUser();

    serviceContext = ServiceContextTestUtil.getServiceContext(group.getGroupId());

    doSetUp();

    ServiceTestUtil.setUser(user);

    permissionChecker = PermissionThreadLocal.getPermissionChecker();

    addPortletModelViewPermission();
  }
  protected String getRoleOwnerIdsSQL(long groupId, long userId) {
    StringBundler sb = new StringBundler(8);

    PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();

    long[] roleIds = permissionChecker.getRoleIds(userId, groupId);

    sb.append(StringPool.OPEN_PARENTHESIS);

    if (roleIds.length != 0) {
      sb.append("roleId IN (");
      sb.append(StringUtil.merge(roleIds));
      sb.append(StringPool.CLOSE_PARENTHESIS);
      sb.append(WHERE_OR);
    }

    sb.append("ownerId = ");
    sb.append(userId);
    sb.append(StringPool.CLOSE_PARENTHESIS);

    return sb.toString();
  }
 protected void tearDownPermissionThreadLocal() {
   PermissionThreadLocal.setPermissionChecker(_originalPermissionChecker);
 }
Пример #9
0
  public void tearDown() {
    PermissionThreadLocal.setPermissionChecker(_permissionChecker);

    PrincipalThreadLocal.setName(_principal);
  }
  protected String getUserPreference(String key) {
    String value = StringPool.BLANK;

    if (!hasUserPreferences()) {
      return value;
    }

    value =
        _portalPreferences.getValue(CustomizedPages.namespacePlid(getPlid()), key, StringPool.NULL);

    if (!value.equals(StringPool.NULL)) {
      return value;
    }

    value = getTypeSettingsProperty(key);

    if (Validator.isNull(value)) {
      return value;
    }

    List<String> newPortletIds = new ArrayList<>();

    PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();

    String[] portletIds = StringUtil.split(value);

    for (String portletId : portletIds) {
      try {
        if (!PortletPermissionUtil.contains(
            permissionChecker, getLayout(), portletId, ActionKeys.VIEW, true)) {

          continue;
        }

        String rootPortletId = PortletConstants.getRootPortletId(portletId);

        if (!PortletPermissionUtil.contains(
            permissionChecker, rootPortletId, ActionKeys.ADD_TO_PAGE)) {

          continue;
        }
      } catch (Exception e) {
        _log.error(e, e);
      }

      String newPortletId = null;

      boolean preferencesUniquePerLayout = false;

      try {
        Portlet portlet = PortletLocalServiceUtil.getPortletById(getCompanyId(), portletId);

        preferencesUniquePerLayout = portlet.isPreferencesUniquePerLayout();
      } catch (SystemException se) {
        _log.error(se, se);
      }

      if (PortletConstants.hasInstanceId(portletId) || preferencesUniquePerLayout) {

        String instanceId = null;

        if (PortletConstants.hasInstanceId(portletId)) {
          instanceId = PortletConstants.generateInstanceId();
        }

        newPortletId =
            PortletConstants.assemblePortletId(
                portletId, _portalPreferences.getUserId(), instanceId);

        copyPreferences(_portalPreferences.getUserId(), portletId, newPortletId);

        copyResourcePermissions(portletId, newPortletId);
      } else {
        newPortletId = portletId;
      }

      newPortletIds.add(newPortletId);
    }

    value = StringUtil.merge(newPortletIds);

    setUserPreference(key, value);

    return value;
  }
  protected String addPortletId(
      long userId,
      String portletId,
      String columnId,
      int columnPos,
      boolean checkPermission,
      boolean strictHasPortlet) {

    portletId = JS.getSafeName(portletId);

    Layout layout = getLayout();

    Portlet portlet = null;

    try {
      portlet = PortletLocalServiceUtil.getPortletById(layout.getCompanyId(), portletId);

      if (portlet == null) {
        if (_log.isWarnEnabled()) {
          _log.warn("Portlet " + portletId + " cannot be added because it is not registered");
        }

        return null;
      }

      PermissionChecker permissionChecker = PermissionThreadLocal.getPermissionChecker();

      if (checkPermission
          && !PortletPermissionUtil.contains(
              permissionChecker, layout, portlet, ActionKeys.ADD_TO_PAGE)) {

        return null;
      }
    } catch (Exception e) {
      _log.error(e, e);
    }

    if (portlet.isSystem()) {
      return null;
    }

    if (portlet.isInstanceable() && !PortletConstants.hasInstanceId(portletId)) {

      portletId =
          PortletConstants.assemblePortletId(portletId, PortletConstants.generateInstanceId());
    }

    if (hasPortletId(portletId, strictHasPortlet)) {
      return null;
    }

    if (columnId == null) {
      LayoutTemplate layoutTemplate = getLayoutTemplate();

      List<String> columns = layoutTemplate.getColumns();

      if (!columns.isEmpty()) {
        columnId = columns.get(0);
      }
    }

    if (columnId == null) {
      return null;
    }

    if (isCustomizable()) {
      if (isColumnDisabled(columnId)) {
        return null;
      }

      if ((PortletConstants.hasInstanceId(portletId) || portlet.isPreferencesUniquePerLayout())
          && hasUserPreferences()) {

        portletId = PortletConstants.assemblePortletId(portletId, userId);
      }
    }

    String columnValue = StringPool.BLANK;

    if (hasUserPreferences()) {
      columnValue = getUserPreference(columnId);
    } else {
      columnValue = getTypeSettingsProperty(columnId);
    }

    if ((columnValue == null) && columnId.startsWith(_NESTED_PORTLETS_NAMESPACE)) {

      addNestedColumn(columnId);
    }

    if (columnPos >= 0) {
      List<String> portletIds = ListUtil.fromArray(StringUtil.split(columnValue));

      if (columnPos <= portletIds.size()) {
        portletIds.add(columnPos, portletId);
      } else {
        portletIds.add(portletId);
      }

      columnValue = StringUtil.merge(portletIds);
    } else {
      columnValue = StringUtil.add(columnValue, portletId);
    }

    if (hasUserPreferences()) {
      setUserPreference(columnId, columnValue);
    } else {
      setTypeSettingsProperty(columnId, columnValue);
    }

    try {
      if (_enablePortletLayoutListener && !portlet.isUndeployedPortlet()) {

        PortletLayoutListener portletLayoutListener = portlet.getPortletLayoutListenerInstance();

        if (portletLayoutListener != null) {
          portletLayoutListener.onAddToLayout(portletId, layout.getPlid());
        }
      }
    } catch (Exception e) {
      _log.error("Unable to fire portlet layout listener event", e);
    }

    return portletId;
  }
Пример #12
0
  protected String doTransform(
      ThemeDisplay themeDisplay,
      Map<String, Object> contextObjects,
      Map<String, String> tokens,
      String viewMode,
      String languageId,
      Document document,
      PortletRequestModel portletRequestModel,
      String script,
      String langType,
      boolean propagateException)
      throws Exception {

    // Setup listeners

    if (_log.isDebugEnabled()) {
      _log.debug("Language " + languageId);
    }

    if (Validator.isNull(viewMode)) {
      viewMode = Constants.VIEW;
    }

    if (_logTokens.isDebugEnabled()) {
      String tokensString = PropertiesUtil.list(tokens);

      _logTokens.debug(tokensString);
    }

    if (_logTransformBefore.isDebugEnabled()) {
      _logTransformBefore.debug(document);
    }

    List<TransformerListener> transformerListeners =
        JournalTransformerListenerRegistryUtil.getTransformerListeners();

    for (TransformerListener transformerListener : transformerListeners) {

      // Modify XML

      if (_logXmlBeforeListener.isDebugEnabled()) {
        _logXmlBeforeListener.debug(document);
      }

      if (transformerListener != null) {
        document = transformerListener.onXml(document, languageId, tokens);

        if (_logXmlAfterListener.isDebugEnabled()) {
          _logXmlAfterListener.debug(document);
        }
      }

      // Modify script

      if (_logScriptBeforeListener.isDebugEnabled()) {
        _logScriptBeforeListener.debug(script);
      }

      if (transformerListener != null) {
        script = transformerListener.onScript(script, document, languageId, tokens);

        if (_logScriptAfterListener.isDebugEnabled()) {
          _logScriptAfterListener.debug(script);
        }
      }
    }

    // Transform

    String output = null;

    if (Validator.isNull(langType)) {
      output = LocalizationUtil.getLocalization(document.asXML(), languageId);
    } else {
      long companyId = 0;
      long companyGroupId = 0;
      long articleGroupId = 0;
      long classNameId = 0;

      if (tokens != null) {
        companyId = GetterUtil.getLong(tokens.get("company_id"));
        companyGroupId = GetterUtil.getLong(tokens.get("company_group_id"));
        articleGroupId = GetterUtil.getLong(tokens.get("article_group_id"));
        classNameId = GetterUtil.getLong(tokens.get(TemplateConstants.CLASS_NAME_ID));
      }

      long scopeGroupId = 0;
      long siteGroupId = 0;

      if (themeDisplay != null) {
        companyId = themeDisplay.getCompanyId();
        companyGroupId = themeDisplay.getCompanyGroupId();
        scopeGroupId = themeDisplay.getScopeGroupId();
        siteGroupId = themeDisplay.getSiteGroupId();
      }

      String templateId = tokens.get("template_id");

      templateId = getTemplateId(templateId, companyId, companyGroupId, articleGroupId);

      Template template = getTemplate(templateId, tokens, languageId, document, script, langType);

      if (contextObjects != null) {
        template.putAll(contextObjects);
      }

      UnsyncStringWriter unsyncStringWriter = new UnsyncStringWriter();

      try {
        if (document != null) {
          Element rootElement = document.getRootElement();

          List<TemplateNode> templateNodes =
              getTemplateNodes(
                  themeDisplay, rootElement, Long.valueOf(tokens.get("ddm_structure_id")));

          if (templateNodes != null) {
            for (TemplateNode templateNode : templateNodes) {
              template.put(templateNode.getName(), templateNode);
            }
          }

          if (portletRequestModel != null) {
            template.put("request", portletRequestModel.toMap());

            if (langType.equals(TemplateConstants.LANG_TYPE_XSL)) {
              Document requestDocument = SAXReaderUtil.read(portletRequestModel.toXML());

              Element requestElement = requestDocument.getRootElement();

              template.put("xmlRequest", requestElement.asXML());
            }
          } else {
            Element requestElement = rootElement.element("request");

            template.put("request", insertRequestVariables(requestElement));

            if (langType.equals(TemplateConstants.LANG_TYPE_XSL)) {
              template.put("xmlRequest", requestElement.asXML());
            }
          }
        }

        template.put("articleGroupId", articleGroupId);
        template.put("company", getCompany(themeDisplay, companyId));
        template.put("companyId", companyId);
        template.put("device", getDevice(themeDisplay));

        String templatesPath = getTemplatesPath(companyId, articleGroupId, classNameId);

        Locale locale = LocaleUtil.fromLanguageId(languageId);

        template.put("locale", locale);

        template.put("permissionChecker", PermissionThreadLocal.getPermissionChecker());
        template.put("randomNamespace", StringUtil.randomId() + StringPool.UNDERLINE);
        template.put("scopeGroupId", scopeGroupId);
        template.put("siteGroupId", siteGroupId);
        template.put("templatesPath", templatesPath);
        template.put("viewMode", viewMode);

        if (themeDisplay != null) {
          TemplateManager templateManager = TemplateManagerUtil.getTemplateManager(langType);

          HttpServletRequest request = themeDisplay.getRequest();

          templateManager.addTaglibSupport(template, request, themeDisplay.getResponse());
          templateManager.addTaglibTheme(
              template,
              "taglibLiferay",
              request,
              new PipingServletResponse(themeDisplay.getResponse(), unsyncStringWriter));
        }

        // Deprecated variables

        template.put("groupId", articleGroupId);
        template.put("journalTemplatesPath", templatesPath);

        mergeTemplate(template, unsyncStringWriter, propagateException);
      } catch (Exception e) {
        if (e instanceof DocumentException) {
          throw new TransformException("Unable to read XML document", e);
        } else if (e instanceof IOException) {
          throw new TransformException("Error reading template", e);
        } else if (e instanceof TransformException) {
          throw (TransformException) e;
        } else {
          throw new TransformException("Unhandled exception", e);
        }
      }

      output = unsyncStringWriter.toString();
    }

    // Postprocess output

    for (TransformerListener transformerListener : transformerListeners) {

      // Modify output

      if (_logOutputBeforeListener.isDebugEnabled()) {
        _logOutputBeforeListener.debug(output);
      }

      output = transformerListener.onOutput(output, languageId, tokens);

      if (_logOutputAfterListener.isDebugEnabled()) {
        _logOutputAfterListener.debug(output);
      }
    }

    if (_logTransfromAfter.isDebugEnabled()) {
      _logTransfromAfter.debug(output);
    }

    return output;
  }