/** * Public constructor, will use the current time for time stamp.<p> * * @param dbc the current database context with the current user * @param structureId the structure id */ public CmsVisitEntry(CmsDbContext dbc, CmsUUID structureId) { m_userId = dbc.currentUser().getId(); m_date = System.currentTimeMillis(); m_structureId = structureId; }
/** * Public constructor, will use the current time for time stamp.<p> * * @param dbc the current database context with the current user * @param structureId the structure id * @param type the entry type * @param data the additional data to be parsed as a map */ public CmsLogEntry(CmsDbContext dbc, CmsUUID structureId, CmsLogEntryType type, String[] data) { m_userId = dbc.currentUser().getId(); m_date = System.currentTimeMillis(); m_structureId = structureId; m_data = (data == null ? new String[0] : data); m_type = type; }
/** * @see org.opencms.db.I_CmsCacheKey#getCacheKeyForUserPermissions(java.lang.String, org.opencms.db.CmsDbContext, org.opencms.file.CmsResource, org.opencms.security.CmsPermissionSet) */ public String getCacheKeyForUserPermissions( String prefix, CmsDbContext context, CmsResource resource, CmsPermissionSet requiredPermissions) { if (!context.getProjectId().isNullUUID()) { return ""; } StringBuffer cacheBuffer = new StringBuffer(64); cacheBuffer.append(prefix); cacheBuffer.append('_'); cacheBuffer.append(context.currentUser().getName()); cacheBuffer.append(context.currentProject().isOnlineProject() ? "_0_" : "_1_"); cacheBuffer.append(requiredPermissions.getPermissionString()); cacheBuffer.append('_'); cacheBuffer.append(resource.getStructureId().toString()); return cacheBuffer.toString(); } }
/** * @see org.opencms.db.I_CmsCacheKey#getCacheKeyForUserPermissions(java.lang.String, org.opencms.db.CmsDbContext, org.opencms.file.CmsResource, org.opencms.security.CmsPermissionSet) */ public String getCacheKeyForUserPermissions( String prefix, CmsDbContext context, CmsResource resource, CmsPermissionSet requiredPermissions) { if (!context.getProjectId().isNullUUID()) { return ""; } StringBuffer cacheBuffer = new StringBuffer(64); cacheBuffer.append(prefix); cacheBuffer.append('_'); cacheBuffer.append(context.currentUser().getName()); cacheBuffer.append(context.currentProject().isOnlineProject() ? "_0_" : "_1_"); cacheBuffer.append(requiredPermissions.getPermissionString()); cacheBuffer.append('_'); cacheBuffer.append(resource.getStructureId().toString()); return cacheBuffer.toString(); } }
/** * Checks if the user of the current database context has permissions to impersonate the given role * for the given resource.<p> * * @param dbc the current OpenCms users database context * @param role the role to check * @param resource the resource to check the role for * * @throws CmsRoleViolationException if the user does not have the required role permissions * * @see org.opencms.security.CmsRoleManager#checkRole(CmsObject, CmsRole) */ public void checkRoleForResource(CmsDbContext dbc, CmsRole role, CmsResource resource) throws CmsRoleViolationException { if (!hasRoleForResource(dbc, dbc.currentUser(), role, resource)) { throw role.createRoleViolationExceptionForResource(dbc.getRequestContext(), resource); } }
/** * Checks if the user of the current database context has permissions to impersonate the given role * for the given resource.<p> * * @param dbc the current OpenCms users database context * @param role the role to check * @param resource the resource to check the role for * * @throws CmsRoleViolationException if the user does not have the required role permissions * * @see org.opencms.security.CmsRoleManager#checkRole(CmsObject, CmsRole) */ public void checkRoleForResource(CmsDbContext dbc, CmsRole role, CmsResource resource) throws CmsRoleViolationException { if (!hasRoleForResource(dbc, dbc.currentUser(), role, resource)) { throw role.createRoleViolationExceptionForResource(dbc.getRequestContext(), resource); } }
/** * Returns all resources of organizational units for which the current user has * the given role role.<p> * * @param dbc the current database context * @param role the role to check * * @return a list of {@link org.opencms.file.CmsResource} objects * * @throws CmsException if something goes wrong */ protected List<CmsResource> getManageableResources(CmsDbContext dbc, CmsRole role) throws CmsException { CmsOrganizationalUnit ou = m_driverManager.readOrganizationalUnit(dbc, role.getOuFqn()); if (hasRole(dbc, dbc.currentUser(), role)) { return m_driverManager.getResourcesForOrganizationalUnit(dbc, ou); } List<CmsResource> resources = new ArrayList<CmsResource>(); Iterator<CmsOrganizationalUnit> it = m_driverManager.getOrganizationalUnits(dbc, ou, false).iterator(); while (it.hasNext()) { CmsOrganizationalUnit orgUnit = it.next(); resources.addAll(getManageableResources(dbc, role.forOrgUnit(orgUnit.getName()))); } return resources; }
/** * Returns all resources of organizational units for which the current user has * the given role role.<p> * * @param dbc the current database context * @param role the role to check * * @return a list of {@link org.opencms.file.CmsResource} objects * * @throws CmsException if something goes wrong */ protected List getManageableResources(CmsDbContext dbc, CmsRole role) throws CmsException { CmsOrganizationalUnit ou = m_driverManager.readOrganizationalUnit(dbc, role.getOuFqn()); if (hasRole(dbc, dbc.currentUser(), role)) { return m_driverManager.getResourcesForOrganizationalUnit(dbc, ou); } List resources = new ArrayList(); Iterator it = m_driverManager.getOrganizationalUnits(dbc, ou, false).iterator(); while (it.hasNext()) { CmsOrganizationalUnit orgUnit = (CmsOrganizationalUnit)it.next(); resources.addAll(getManageableResources(dbc, role.forOrgUnit(orgUnit.getName()))); } return resources; }
/** * Checks that the current user has enough permissions to modify the given user.<p> * * @param dbc the database context * @param username the name of the user to modify * @param role the needed role * * @throws CmsDataAccessException if something goes wrong accessing the database * @throws CmsRoleViolationException if the user has not the needed permissions */ protected void checkRoleForUserModification(CmsDbContext dbc, String username, CmsRole role) throws CmsDataAccessException, CmsRoleViolationException { CmsUser userToModify = m_driverManager.readUser(dbc, CmsOrganizationalUnit.removeLeadingSeparator(username)); if (dbc.currentUser().equals(userToModify)) { // a user is allowed to write his own data return; } if (hasRole(dbc, dbc.currentUser(), CmsRole.ROOT_ADMIN)) { // a user with the ROOT_ADMIN role may change any other user return; } if (hasRole(dbc, userToModify, CmsRole.ADMINISTRATOR)) { // check the user that is going to do the modification is administrator checkRole(dbc, CmsRole.ADMINISTRATOR); } else { // check the user that is going to do the modification has the given role checkRole(dbc, role); } }
/** * Checks if the user of the current database context has permissions to impersonate the given role * in the given organizational unit.<p> * * If the organizational unit is <code>null</code>, this method will check if the * given user has the given role for at least one organizational unit.<p> * * @param dbc the current OpenCms users database context * @param role the role to check * * @throws CmsRoleViolationException if the user does not have the required role permissions * * @see org.opencms.security.CmsRoleManager#checkRole(CmsObject, CmsRole) */ public void checkRole(CmsDbContext dbc, CmsRole role) throws CmsRoleViolationException { if (!hasRole(dbc, dbc.currentUser(), role)) { if (role.getOuFqn() != null) { throw role.createRoleViolationExceptionForOrgUnit(dbc.getRequestContext(), role.getOuFqn()); } else { throw role.createRoleViolationException(dbc.getRequestContext()); } } }
/** * Returns a list with all projects from history.<p> * * @param context the current request context * * @return list of <code>{@link CmsHistoryProject}</code> objects * with all projects from history. * * @throws CmsException if operation was not successful */ public List getAllHistoricalProjects(CmsRequestContext context) throws CmsException { CmsDbContext dbc = m_dbContextFactory.getDbContext(context); List result = null; try { result = m_driverManager.getAllHistoricalProjects(dbc); } catch (Exception e) { dbc.report(null, Messages.get().container( Messages.ERR_GET_ALL_ACCESSIBLE_PROJECTS_1, dbc.currentUser().getName()), e); } finally { dbc.clear(); } return result; }
/** * Checks if the user of the current database context has permissions to impersonate the given role * in the given organizational unit.<p> * * If the organizational unit is <code>null</code>, this method will check if the * given user has the given role for at least one organizational unit.<p> * * @param dbc the current OpenCms users database context * @param role the role to check * * @throws CmsRoleViolationException if the user does not have the required role permissions * * @see org.opencms.security.CmsRoleManager#checkRole(CmsObject, CmsRole) */ public void checkRole(CmsDbContext dbc, CmsRole role) throws CmsRoleViolationException { if (!hasRole(dbc, dbc.currentUser(), role)) { if (role.getOuFqn() != null) { throw role.createRoleViolationExceptionForOrgUnit(dbc.getRequestContext(), role.getOuFqn()); } else { throw role.createRoleViolationException(dbc.getRequestContext()); } } }
/** * Enumeration class for the mode parameter in the * {@link CmsDriverManager#readChangedResourcesInsideProject(CmsDbContext, CmsUUID, CmsReadChangedProjectResourceMode)} * method.<p> */ private static class CmsReadChangedProjectResourceMode { /** * Default constructor.<p> */ protected CmsReadChangedProjectResourceMode() { // noop } }
/** * Returns a list with all projects from history.<p> * * @param context the current request context * * @return list of <code>{@link CmsHistoryProject}</code> objects * with all projects from history. * * @throws CmsException if operation was not successful */ public List<CmsHistoryProject> getAllHistoricalProjects(CmsRequestContext context) throws CmsException { CmsDbContext dbc = m_dbContextFactory.getDbContext(context); List<CmsHistoryProject> result = null; try { result = m_driverManager.getAllHistoricalProjects(dbc); } catch (Exception e) { dbc.report( null, Messages.get().container(Messages.ERR_GET_ALL_ACCESSIBLE_PROJECTS_1, dbc.currentUser().getName()), e); } finally { dbc.clear(); } return result; }
/** * Returns all projects which are owned by the current user or which are * accessible for the group of the user.<p> * * @param context the current request context * @param orgUnit the organizational unit to search project in * @param includeSubOus if to include sub organizational units * * @return a list of objects of type <code>{@link CmsProject}</code> * * @throws CmsException if something goes wrong */ public List getAllAccessibleProjects(CmsRequestContext context, CmsOrganizationalUnit orgUnit, boolean includeSubOus) throws CmsException { CmsDbContext dbc = m_dbContextFactory.getDbContext(context); List result = null; try { result = m_driverManager.getAllAccessibleProjects(dbc, orgUnit, includeSubOus); } catch (Exception e) { dbc.report(null, Messages.get().container( Messages.ERR_GET_ALL_ACCESSIBLE_PROJECTS_1, dbc.currentUser().getName()), e); } finally { dbc.clear(); } return result; }
/** * Updates the state of a resource, depending on the <code>resourceState</code> parameter.<p> * * @param dbc the db context * @param resource the resource * @param resourceState if <code>true</code> the resource state will be updated, if not just the structure state. * * @throws CmsDataAccessException if something goes wrong */ private void updateState(CmsDbContext dbc, CmsResource resource, boolean resourceState) throws CmsDataAccessException { resource.setUserLastModified(dbc.currentUser().getId()); if (resourceState) { // update the whole resource state m_vfsDriver.writeResource(dbc, dbc.currentProject().getUuid(), resource, UPDATE_RESOURCE_STATE); } else { // update the structure state m_vfsDriver.writeResource(dbc, dbc.currentProject().getUuid(), resource, UPDATE_STRUCTURE_STATE); } } }
/** * Writes a resource to the OpenCms VFS.<p> * * @param dbc the current database context * @param resource the resource to write * * @throws CmsException if something goes wrong */ public void writeResource(CmsDbContext dbc, CmsResource resource) throws CmsException { // access was granted - write the resource resource.setUserLastModified(dbc.currentUser().getId()); CmsUUID projectId = ((dbc.getProjectId() == null) || dbc.getProjectId().isNullUUID()) ? dbc.currentProject().getUuid() : dbc.getProjectId(); getVfsDriver(dbc).writeResource(dbc, projectId, resource, UPDATE_RESOURCE_STATE); // make sure the written resource has the state correctly set if (resource.getState().isUnchanged()) { resource.setState(CmsResource.STATE_CHANGED); } // delete in content relations if the new type is not parseable if (!(OpenCms.getResourceManager().getResourceType(resource.getTypeId()) instanceof I_CmsLinkParseable)) { deleteRelationsWithSiblings(dbc, resource); } // update the cache m_monitor.clearResourceCache(); Map<String, Object> data = new HashMap<String, Object>(2); data.put(I_CmsEventListener.KEY_RESOURCE, resource); data.put(I_CmsEventListener.KEY_CHANGE, new Integer(CHANGED_RESOURCE)); OpenCms.fireCmsEvent(new CmsEvent(I_CmsEventListener.EVENT_RESOURCE_MODIFIED, data)); }
/** * Unlocks all resources in this project.<p> * * @param context the current request context * @param projectId the id of the project to be published * * @throws CmsException if something goes wrong * @throws CmsRoleViolationException if the current user does not own the required permissions */ public void unlockProject(CmsRequestContext context, CmsUUID projectId) throws CmsException, CmsRoleViolationException { CmsDbContext dbc = m_dbContextFactory.getDbContext(context); CmsProject project = m_driverManager.readProject(dbc, projectId); try { checkManagerOfProjectRole(dbc, project); m_driverManager.unlockProject(project); } catch (Exception e) { dbc.report(null, Messages.get().container( Messages.ERR_UNLOCK_PROJECT_2, projectId, dbc.currentUser().getName()), e); } finally { dbc.clear(); } }
/** * Unlocks all resources in this project.<p> * * @param context the current request context * @param projectId the id of the project to be published * * @throws CmsException if something goes wrong * @throws CmsRoleViolationException if the current user does not own the required permissions */ public void unlockProject(CmsRequestContext context, CmsUUID projectId) throws CmsException, CmsRoleViolationException { CmsDbContext dbc = m_dbContextFactory.getDbContext(context); CmsProject project = m_driverManager.readProject(dbc, projectId); try { checkManagerOfProjectRole(dbc, project); m_driverManager.unlockProject(project); } catch (Exception e) { dbc.report( null, Messages.get().container(Messages.ERR_UNLOCK_PROJECT_2, projectId, dbc.currentUser().getName()), e); } finally { dbc.clear(); } }
/** * Updates the state of a resource, depending on the <code>resourceState</code> parameter.<p> * * @param dbc the db context * @param resource the resource * @param resourceState if <code>true</code> the resource state will be updated, if not just the structure state. * * @throws CmsDataAccessException if something goes wrong */ private void updateState(CmsDbContext dbc, CmsResource resource, boolean resourceState) throws CmsDataAccessException { CmsUUID projectId = ((dbc.getProjectId() == null) || dbc.getProjectId().isNullUUID()) ? dbc.currentProject().getUuid() : dbc.getProjectId(); resource.setUserLastModified(dbc.currentUser().getId()); if (resourceState) { // update the whole resource state getVfsDriver(dbc).writeResource(dbc, projectId, resource, UPDATE_RESOURCE_STATE); } else { // update the structure state getVfsDriver(dbc).writeResource(dbc, projectId, resource, UPDATE_STRUCTURE_STATE); } }