1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.module.admininterface.dialogs;
35
36 import info.magnolia.cms.beans.config.ContentRepository;
37 import info.magnolia.cms.core.Content;
38 import info.magnolia.cms.core.ItemType;
39 import info.magnolia.cms.core.MgnlNodeType;
40 import info.magnolia.cms.core.Path;
41 import info.magnolia.cms.gui.dialog.Dialog;
42 import info.magnolia.cms.security.AccessDeniedException;
43 import info.magnolia.module.admininterface.SaveHandler;
44 import info.magnolia.module.admininterface.config.AclTypeConfiguration;
45 import info.magnolia.repository.RepositoryConstants;
46
47 import java.util.Iterator;
48
49 import javax.jcr.Node;
50 import javax.jcr.PathNotFoundException;
51 import javax.jcr.RepositoryException;
52 import javax.servlet.http.HttpServletRequest;
53 import javax.servlet.http.HttpServletResponse;
54
55 import org.apache.commons.lang.StringUtils;
56 import org.slf4j.Logger;
57 import org.slf4j.LoggerFactory;
58
59
60
61
62
63
64 public class RolesEditDialog extends ConfiguredDialog {
65
66 protected static Logger log = LoggerFactory.getLogger("roles dialog");
67
68
69
70
71 private static final long serialVersionUID = 222L;
72
73
74
75
76
77
78
79 public RolesEditDialog(String name, HttpServletRequest request, HttpServletResponse response, Content configNode) {
80 super(name, request, response, configNode);
81 }
82
83 @Override
84 public String getRepository() {
85 String repository = super.getRepository();
86 if (repository == null) {
87 repository = RepositoryConstants.USER_ROLES;
88 }
89 return repository;
90 }
91
92
93
94
95
96
97 @Override
98 protected Dialog createDialog(Content configNode, Content storageNode) throws RepositoryException {
99
100 Dialog dialog = super.createDialog(configNode, storageNode);
101
102 dialog.setJavascriptSources(request.getContextPath() + "/.resources/admin-js/dialogs/pages/rolesACLPage.js");
103 dialog.setCssSources(request.getContextPath() + "/.resources/admin-css/dialogs/pages/rolesEditPage.css");
104 return dialog;
105 }
106
107
108
109
110 @Override
111 protected void configureSaveHandler(SaveHandler save) {
112 super.configureSaveHandler(save);
113 save.setPath(path);
114 }
115
116 @Override
117 protected boolean onPostSave(SaveHandler saveControl) {
118 Content role = this.getStorageNode();
119 try {
120 saveACLs(role, "uri");
121
122
123 Iterator repositoryNames = ContentRepository.getAllRepositoryNames();
124 while (repositoryNames.hasNext()) {
125 saveACLs(role, (String) repositoryNames.next());
126 }
127
128 role.save();
129 return true;
130 } catch (RepositoryException re) {
131 log.error("Failed to update role, reverting all transient modifications made for this node", re);
132 try {
133 role.refresh(false);
134 } catch (RepositoryException e) {
135 log.error("Failed to revert transient modifications", e);
136 }
137 }
138 return false;
139 }
140
141 protected void saveACLs(Content role, String repository) throws RepositoryException {
142
143
144
145
146 try {
147 role.delete("acl_" + repository);
148 }
149 catch (PathNotFoundException re) {
150
151 }
152
153 Node aclNode = role.createContent("acl_" + repository, ItemType.CONTENTNODE).getJCRNode();
154
155 String aclValueStr = form.getParameter("acl" + repository + "List");
156 if (StringUtils.isNotEmpty(aclValueStr)) {
157 String[] aclEntries = aclValueStr.split(";");
158 for (int i = 0; i < aclEntries.length; i++) {
159 String path = StringUtils.EMPTY;
160 long accessRight = 0;
161 int accessType = 0;
162
163 String[] aclValuePairs = aclEntries[i].split(",");
164 for (int j = 0; j < aclValuePairs.length; j++) {
165 String[] aclValuePair = aclValuePairs[j].split(":");
166 String aclName = aclValuePair[0].trim();
167 String aclValue = StringUtils.EMPTY;
168 if (aclValuePair.length > 1) {
169 aclValue = aclValuePair[1].trim();
170 }
171
172 if (aclName.equals("path")) {
173 path = aclValue;
174 }
175 else if (aclName.equals("accessType")) {
176 accessType = Integer.valueOf(aclValue).intValue();
177 }
178 else if (aclName.equals("accessRight")) {
179 try {
180 accessRight = Long.parseLong(aclValue);
181 }
182 catch (NumberFormatException e) {
183 accessRight = 0;
184 }
185 }
186 }
187
188 if (StringUtils.isNotEmpty(path)) {
189 if (repository.equalsIgnoreCase("uri")) {
190
191 accessType = AclTypeConfiguration.TYPE_THIS;
192 } else if (path.equals("/")) {
193 accessType = AclTypeConfiguration.TYPE_SUBS;
194 path = StringUtils.EMPTY;
195 }
196
197 path = StringUtils.removeEnd(path, "/");
198
199 if ((accessType & AclTypeConfiguration.TYPE_THIS) != 0) {
200 try {
201 addPermissionNode(aclNode, accessRight, path, "");
202 }
203 catch (Exception e) {
204 log.error(e.getMessage(), e);
205 }
206 }
207
208 if ((accessType & AclTypeConfiguration.TYPE_SUBS) != 0) {
209 try {
210 addPermissionNode(aclNode, accessRight, path, "/*");
211 }
212 catch (Exception e) {
213 log.error(e.getMessage(), e);
214 }
215 }
216 }
217 }
218 }
219 }
220
221 private void addPermissionNode(Node acls, long accessRight, String path, String suffix) throws PathNotFoundException, RepositoryException, AccessDeniedException {
222 String newLabel = Path.getUniqueLabel(acls.getSession(), acls.getPath(), "0");
223 Node acl = acls.addNode(newLabel, MgnlNodeType.NT_CONTENTNODE);
224 acl.setProperty("path", path + suffix);
225 acl.setProperty("permissions", accessRight);
226 }
227 }