Package org.opencms.db

Class CmsSecurityManager

java.lang.Object

org.opencms.db.CmsSecurityManager

public final class CmsSecurityManager
extends Object

The OpenCms security manager.

The security manager checks the permissions required for a user action invoke by the Cms object. If permissions are granted, the security manager invokes a method on the OpenCms driver manager to access the database.

Since:

6.0.0

Field Summary

Fields

Modifier and Type	Field	Description
protected I_CmsDbContextFactory	m_dbContextFactory	The factory to create runtime info objects.
protected CmsDriverManager	m_driverManager	The initialized OpenCms driver manager to access the database.

Method Summary

Modifier and Type	Method	Description
void	addAlias(CmsRequestContext context, CmsAlias alias)	Adds an alias.
void	addRelationToResource(CmsRequestContext context, CmsResource resource, CmsResource target, CmsRelationType type, boolean importCase)	Adds a new relation to a given resource.
void	addResourceToOrgUnit(CmsRequestContext context, CmsOrganizationalUnit orgUnit, CmsResource resource)	Adds a resource to the given organizational unit.
void	addUserToGroup(CmsRequestContext context, String username, String groupname, boolean readRoles)	Adds a user to a group.
void	changeLock(CmsRequestContext context, CmsResource resource)	Changes the lock of a resource to the current user, that is "steals" the lock from another user.
List<CmsResource>	changeResourcesInFolderWithProperty(CmsRequestContext context, CmsResource resource, String propertyDefinition, String oldValue, String newValue, boolean recursive)	Returns a list with all sub resources of a given folder that have set the given property, matching the current property's value with the given old value and replacing it by a given new value.
void	checkLogin(CmsRequestContext context, String username, String password, String remoteAddress)	Checks user name / password and other things which would prevent the user from logging in, but does not check the second factor for 2FA.
void	checkManagerOfProjectRole(CmsDbContext dbc, CmsProject project)	Checks if the current user has management access to the given project.
void	checkOfflineProject(CmsDbContext dbc)	Checks if the project in the given database context is not the "Online" project, and throws an Exception if this is the case.
protected void	checkPermissions(CmsDbContext dbc, CmsResource resource, CmsPermissionSet requiredPermissions, boolean checkLock, CmsResourceFilter filter)	Performs a blocking permission check on a resource.
protected void	checkPermissions(CmsDbContext dbc, CmsResource resource, CmsPermissionSet requiredPermissions, I_CmsPermissionHandler.LockCheck checkLock, CmsResourceFilter filter)	Performs a blocking permission check on a resource.
void	checkPermissions(CmsRequestContext context, CmsResource resource, CmsPermissionSet requiredPermissions, boolean checkLock, CmsResourceFilter filter)	Performs a blocking permission check on a resource.
protected void	checkPermissions(CmsRequestContext context, CmsResource resource, CmsPermissionSet requiredPermissions, I_CmsPermissionHandler.CmsPermissionCheckResult permissions)	Applies the permission check result of a previous call to hasPermissions(CmsRequestContext, CmsResource, CmsPermissionSet, boolean, CmsResourceFilter).
void	checkPublishPermissions(CmsDbContext dbc, CmsPublishList publishList)	Checks if the current user has the permissions to publish the given publish list (which contains the information about the resources / project to publish).
void	checkRole(CmsDbContext dbc, CmsRole role)	Checks if the user of the current database context has permissions to impersonate the given role in the given organizational unit.
void	checkRole(CmsRequestContext context, CmsRole role)	Checks if the user of the current context has permissions to impersonate the given role.
void	checkRoleForResource(CmsDbContext dbc, CmsRole role, CmsResource resource)	Checks if the user of the current database context has permissions to impersonate the given role for the given resource.
void	checkRoleForResource(CmsRequestContext context, CmsRole role, CmsResource resource)	Checks if the user of the current context has permissions to impersonate the given role for the given resource.
protected void	checkRoleForUserModification(CmsDbContext dbc, String username, CmsRole role)	Checks that the current user has enough permissions to modify the given user.
protected void	checkSystemLocks(CmsDbContext dbc, CmsResource resource)	Checks if the given resource contains a resource that has a system lock.
void	chflags(CmsRequestContext context, CmsResource resource, int flags)	Changes the resource flags of a resource.
void	chtype(CmsRequestContext context, CmsResource resource, int type)	Changes the resource type of a resource.
int	cleanupPublishHistory(CmsRequestContext context, CmsPublishHistoryCleanupFilter filter)	Cleans up publish history entries according to the given filter object.
void	copyAccessControlEntries(CmsRequestContext context, CmsResource source, CmsResource destination)	Copies the access control entries of a given resource to a destination resource.
void	copyResource(CmsRequestContext context, CmsResource source, String destination, CmsResource.CmsResourceCopyMode siblingMode)	Copies a resource.
void	copyResourceToProject(CmsRequestContext context, CmsResource resource)	Copies a resource to the current project of the user.
int	countLockedResources(CmsRequestContext context, CmsUUID id)	Counts the locked resources in this project.
long	countUsers(CmsRequestContext requestContext, CmsUserSearchParameters searchParams)	Counts the total number of users which match the given search criteria.
CmsGroup	createGroup(CmsRequestContext context, String name, String description, int flags, String parent)	Creates a new user group.
CmsOrganizationalUnit	createOrganizationalUnit(CmsRequestContext context, String ouFqn, String description, int flags, CmsResource resource)	Creates a new organizational unit.
CmsProject	createProject(CmsRequestContext context, String name, String description, String groupname, String managergroupname, CmsProject.CmsProjectType projecttype)	Creates a project.
CmsPropertyDefinition	createPropertyDefinition(CmsRequestContext context, String name)	Creates a property definition.
CmsResource	createResource(CmsRequestContext context, String resourcename, int type, byte[] content, List<CmsProperty> properties)	Creates a new resource of the given resource type with the provided content and properties.
CmsResource	createResource(CmsRequestContext context, String resourcePath, CmsResource resource, byte[] content, List<CmsProperty> properties)	Creates a new resource with the provided content and properties.
CmsResource	createSibling(CmsRequestContext context, CmsResource source, String destination, List<CmsProperty> properties)	Creates a new sibling of the source resource.
CmsProject	createTempfileProject(CmsRequestContext context)	Creates the project for the temporary workplace files.
CmsUser	createUser(CmsRequestContext context, String name, String password, String description, Map<String,Object> additionalInfos)	Creates a new user.
void	deleteAliases(CmsRequestContext context, CmsAliasFilter filter)	Deletes alias entries matching a filter.
void	deleteAllStaticExportPublishedResources(CmsRequestContext context, int linkType)	Deletes all entries in the published resource table.
void	deleteGroup(CmsRequestContext context, String name)	Delete a user group.
void	deleteGroup(CmsRequestContext context, CmsUUID groupId, CmsUUID replacementId)	Deletes a group, where all permissions, users and children of the group are transfered to a replacement group.
void	deleteHistoricalVersions(CmsRequestContext context, int versionsToKeep, int versionsDeleted, long timeDeleted, I_CmsReport report)	Deletes the versions from the history tables, keeping the given number of versions per resource.
void	deleteLogEntries(CmsRequestContext context, CmsLogFilter filter)	Deletes all log entries matching the given filter.
void	deleteOrganizationalUnit(CmsRequestContext context, CmsOrganizationalUnit organizationalUnit)	Deletes an organizational unit.
void	deleteProject(CmsRequestContext context, CmsUUID projectId)	Deletes a project.
void	deletePropertyDefinition(CmsRequestContext context, String name)	Deletes a property definition.
void	deleteRelationsForResource(CmsRequestContext context, CmsResource resource, CmsRelationFilter filter)	Deletes all relations for the given resource matching the given filter.
protected void	deleteResource(CmsDbContext dbc, CmsResource resource, CmsResource.CmsResourceDeleteMode siblingMode)	Internal recursive method for deleting a resource.
void	deleteResource(CmsRequestContext context, CmsResource resource, CmsResource.CmsResourceDeleteMode siblingMode)	Deletes a resource given its name.
void	deleteStaticExportPublishedResource(CmsRequestContext context, String resourceName, int linkType, String linkParameter)	Deletes an entry in the published resource table.
void	deleteUser(CmsRequestContext context, String username)	Deletes a user.
protected void	deleteUser(CmsRequestContext context, CmsUser user, CmsUser replacement)	Deletes a user, where all permissions and resources attributes of the user were transfered to a replacement user, if given.
void	deleteUser(CmsRequestContext context, CmsUUID userId)	Deletes a user.
void	deleteUser(CmsRequestContext context, CmsUUID userId, CmsUUID replacementId)	Deletes a user, where all permissions and resources attributes of the user were transfered to a replacement user.
void	destroy()	Destroys this security manager.
boolean	existsResource(CmsRequestContext context, String resourcePath, CmsResourceFilter filter)	Checks the availability of a resource in the VFS, using the CmsResourceFilter.DEFAULT filter.
boolean	existsResource(CmsRequestContext context, CmsUUID structureId, CmsResourceFilter filter)	Checks the availability of a resource in the VFS, using the CmsResourceFilter.DEFAULT filter.
CmsPublishList	fillPublishList(CmsRequestContext context, CmsPublishList publishList)	Fills the given publish list with the the VFS resources that actually get published.
List<CmsAccessControlEntry>	getAccessControlEntries(CmsRequestContext context, CmsResource resource, boolean getInherited)	Returns the list of access control entries of a resource given its name.
CmsAccessControlList	getAccessControlList(CmsRequestContext context, CmsResource resource, boolean inheritedOnly)	Returns the access control list (summarized access control entries) of a given resource.
List<CmsAlias>	getAliasesForSite(CmsRequestContext requestContext, String siteRoot)	Gets the aliases for a given site.
List<CmsAccessControlEntry>	getAllAccessControlEntries(CmsRequestContext context)	Gets all access control entries.
List<CmsProject>	getAllAccessibleProjects(CmsRequestContext context, CmsOrganizationalUnit orgUnit, boolean includeSubOus)	Returns all projects which are owned by the current user or which are accessible for the group of the user.
List<CmsHistoryProject>	getAllHistoricalProjects(CmsRequestContext context)	Returns a list with all projects from history.
List<CmsProject>	getAllManageableProjects(CmsRequestContext context, CmsOrganizationalUnit orgUnit, boolean includeSubOus)	Returns all projects which are owned by the current user or which are manageable for the group of the user.
List<CmsGroup>	getChildren(CmsRequestContext context, String groupname, boolean includeSubChildren)	Returns all child groups of a group.
Connection	getConnection(String poolUrl)	Gets a connection from a connection pool.
long	getDateLastVisitedBy(CmsRequestContext context, String poolName, CmsUser user, CmsResource resource)	Returns the date when the resource was last visited by the user.
List<CmsGroup>	getGroups(CmsRequestContext context, CmsOrganizationalUnit orgUnit, boolean includeSubOus, boolean readRoles)	Returns all groups of the given organizational unit.
List<CmsGroup>	getGroupsOfUser(CmsRequestContext context, String username, String ouFqn, boolean includeChildOus, boolean readRoles, boolean directGroupsOnly, String remoteAddress)	Returns the list of groups to which the user directly belongs to.
CmsLock	getLock(CmsRequestContext context, CmsResource resource)	Returns the lock state of a resource.
List<String>	getLockedResources(CmsRequestContext context, CmsResource resource, CmsLockFilter filter)	Returns all locked resources in a given folder.
List<CmsResource>	getLockedResourcesObjects(CmsRequestContext context, CmsResource resource, CmsLockFilter filter)	Returns all locked resources in a given folder.
List<CmsResource>	getLockedResourcesObjectsWithCache(CmsRequestContext context, CmsResource resource, CmsLockFilter filter, Map<String,CmsResource> cache)	Returns all locked resources in a given folder, but uses a cache for resource lookups.
CmsLockManager	getLockManager()	Returns the lock manger.
List<CmsLogEntry>	getLogEntries(CmsRequestContext context, CmsLogFilter filter)	Returns all log entries matching the given filter.
protected List<CmsResource>	getManageableResources(CmsDbContext dbc, CmsRole role)	Returns all resources of organizational units for which the current user has the given role role.
List<CmsResource>	getManageableResources(CmsRequestContext context, CmsRole role)	Returns all resources of organizational units for which the current user has the given role role.
List<CmsOrganizationalUnit>	getOrganizationalUnits(CmsRequestContext context, CmsOrganizationalUnit parent, boolean includeChildren)	Returns all child organizational units of the given parent organizational unit including hierarchical deeper organization units if needed.
List<CmsOrganizationalUnit>	getOrgUnitsForRole(CmsRequestContext requestContext, CmsRole role, boolean includeSubOus)	Returns all the organizational units for which the current user has the given role.
CmsGroup	getParent(CmsRequestContext context, String groupname)	Returns the parent group of a group.
protected String	getParentOrganizationalUnit(String fqn)	Returns the organizational unit for the parent of the given fully qualified name.
CmsPermissionSetCustom	getPermissions(CmsRequestContext context, CmsResource resource, CmsUser user)	Returns the set of permissions of the current user for a given resource.
CmsUUID	getProjectId(CmsRequestContext context, int id)	Returns the uuid id for the given id, remove this method as soon as possible.
CmsPublishList	getRelatedResourcesToPublish(CmsRequestContext context, CmsPublishList publishList, CmsRelationFilter filter)	Returns a new publish list that contains the unpublished resources related to all resources in the given publish list, the related resources exclude all resources in the given publish list and also locked (by other users) resources.
List<CmsRelation>	getRelationsForResource(CmsRequestContext context, CmsResource resource, CmsRelationFilter filter)	Returns all relations for the given resource matching the given filter.
List<CmsResource>	getResourcesForOrganizationalUnit(CmsRequestContext context, CmsOrganizationalUnit orgUnit)	Returns all resources of the given organizational unit.
Set<CmsResource>	getResourcesForPrincipal(CmsRequestContext context, CmsUUID principalId, CmsPermissionSet permissions, boolean includeAttr)	Returns all resources associated to a given principal via an ACE with the given permissions.
List<CmsRewriteAlias>	getRewriteAliases(CmsRequestContext requestContext, CmsRewriteAliasFilter filter)	Gets the rewrite aliases matching a given filter.
Set<CmsGroup>	getRoleGroups(CmsRequestContext context, CmsRole role, boolean directUsersOnly)	Gets the groups which constitute a given role.
List<CmsRole>	getRolesForResource(CmsRequestContext context, CmsUser user, CmsResource resource)	Returns all roles the given user has for the given resource.
CmsSqlManager	getSqlManager()	Returns an instance of the common sql manager.
List<CmsUser>	getUsers(CmsRequestContext context, CmsOrganizationalUnit orgUnit, boolean recursive)	Returns all users of the given organizational unit.
List<CmsUser>	getUsersOfGroup(CmsRequestContext context, String groupname, boolean includeOtherOuUsers, boolean directUsersOnly, boolean readRoles)	Returns a list of users in a group.
List<CmsResource>	getUsersPubList(CmsRequestContext context)	Returns the current user's publish list.
List<CmsUser>	getUsersWithoutAdditionalInfo(CmsRequestContext context, CmsOrganizationalUnit orgUnit, boolean recursive)	Returns all users of the given organizational unit.
protected I_CmsPermissionHandler.CmsPermissionCheckResult	hasPermissions(CmsDbContext dbc, CmsResource resource, CmsPermissionSet requiredPermissions, I_CmsPermissionHandler.LockCheck checkLock, CmsResourceFilter filter)	Performs a non-blocking permission check on a resource.
I_CmsPermissionHandler.CmsPermissionCheckResult	hasPermissions(CmsRequestContext context, CmsResource resource, CmsPermissionSet requiredPermissions, boolean checkLock, CmsResourceFilter filter)	Performs a non-blocking permission check on a resource.
I_CmsPermissionHandler.CmsPermissionCheckResult	hasPermissions(CmsRequestContext context, CmsResource resource, CmsPermissionSet requiredPermissions, I_CmsPermissionHandler.LockCheck checkLock, CmsResourceFilter filter)	Performs a non-blocking permission check on a resource.
boolean	hasRole(CmsDbContext dbc, CmsUser user, CmsRole role)	Checks if the given user has the given role in the given organizational unit.
boolean	hasRole(CmsRequestContext context, CmsUser user, CmsRole role)	Checks if the given user has the given role in the given organizational unit.
protected boolean	hasRole(CmsRole role, List<CmsGroup> roles)	Returns true if at least one of the given group names is equal to a group name of the given role in the given organizational unit.
boolean	hasRoleForResource(CmsDbContext dbc, CmsUser user, CmsRole role, CmsResource resource)	Checks if the given user has the given role for the given resource.
boolean	hasRoleForResource(CmsRequestContext context, CmsUser user, CmsRole role, CmsResource resource)	Checks if the given user has the given role for the given resource.
void	importAccessControlEntries(CmsRequestContext context, CmsResource resource, List<CmsAccessControlEntry> acEntries)	Writes a list of access control entries as new access control entries of a given resource.
CmsResource	importResource(CmsRequestContext context, String resourcePath, CmsResource resource, byte[] content, List<CmsProperty> properties, boolean importCase)	Creates a new resource with the provided content and properties.
CmsAliasImportResult	importRewriteAlias(CmsRequestContext requestContext, String siteRoot, String source, String target, CmsAliasMode mode)	Imports a rewrite alias.
CmsUser	importUser(CmsRequestContext context, String id, String name, String password, String firstname, String lastname, String email, int flags, long dateCreated, Map<String,Object> additionalInfos)	Creates a new user by import.
int	incrementCounter(CmsRequestContext context, String name)	Increments a counter and returns its old value.
void	init(CmsConfigurationManager configurationManager, I_CmsDbContextFactory dbContextFactory, CmsPublishEngine publishEngine)	Initializes this security manager with a given runtime info factory.
void	initializeOrgUnit(CmsRequestContext context, CmsOrganizationalUnit ou)	Initializes the default groups for an organizational unit.
boolean	isInsideCurrentProject(CmsRequestContext context, String resourcename)	Checks if the specified resource is inside the current project.
boolean	isManagerOfProject(CmsRequestContext context)	Checks if the current user has management access to the current project.
boolean	isSubscriptionDriverAvailable()	Checks whether the subscription driver is available.
void	lockResource(CmsRequestContext context, CmsResource resource, CmsLockType type)	Locks a resource.
CmsUser	loginUser(CmsRequestContext context, String username, String password, CmsSecondFactorInfo code, String remoteAddress)	Attempts to authenticate a user into OpenCms with the given password.
I_CmsPrincipal	lookupPrincipal(CmsRequestContext context, String principalName)	Lookup and read the user or group with the given name.
I_CmsPrincipal	lookupPrincipal(CmsRequestContext context, CmsUUID principalId)	Lookup and read the user or group with the given UUID.
void	markResourceAsVisitedBy(CmsRequestContext context, String poolName, CmsResource resource, CmsUser user)	Mark the given resource as visited by the user.
CmsPublishList	mergePublishLists(CmsRequestContext context, CmsPublishList pubList1, CmsPublishList pubList2)	Returns a new publish list that contains all resources of both given publish lists.
protected void	moveResource(CmsDbContext dbc, CmsResource source, String destination, Set<CmsResource> allMovedResources)	Internal recursive method to move a resource.
void	moveResource(CmsRequestContext context, CmsResource source, String destination)	Moves a resource.
String	moveToLostAndFound(CmsRequestContext context, CmsResource resource, boolean returnNameOnly)	Moves a resource to the "lost and found" folder.
static CmsSecurityManager	newInstance(CmsConfigurationManager configurationManager, I_CmsDbContextFactory runtimeInfoFactory, CmsPublishEngine publishEngine)	Creates a new instance of the OpenCms security manager.
CmsUUID	publishProject(CmsObject cms, CmsPublishList publishList, I_CmsReport report)	Publishes the resources of a specified publish list.
CmsAlias	readAliasByPath(CmsRequestContext context, String siteRoot, String path)	Reads the alias with a given path in a given site.
List<CmsAlias>	readAliasesById(CmsRequestContext context, CmsUUID structureId)	Reads the aliases for a resource with a given structure id.
List<I_CmsHistoryResource>	readAllAvailableVersions(CmsRequestContext context, CmsResource resource)	Reads all historical versions of a resource.
List<CmsPropertyDefinition>	readAllPropertyDefinitions(CmsRequestContext context)	Reads all property definitions for the given mapping type.
List<CmsResource>	readAllSubscribedResources(CmsRequestContext context, String poolName, CmsPrincipal principal)	Returns all resources subscribed by the given user or group.
List<String>	readAllUrlNameMappingEntries(CmsRequestContext context, CmsUUID id)	Reads all URL name mapping entries for a given structure id.
CmsFolder	readAncestor(CmsRequestContext context, CmsResource resource, CmsResourceFilter filter)	Returns the first ancestor folder matching the filter criteria.
String	readBestUrlName(CmsRequestContext context, CmsUUID id, Locale locale, List<Locale> defaultLocales)	Reads the newest URL name which is mapped to the given structure id.
List<CmsResource>	readChildResources(CmsRequestContext context, CmsResource resource, CmsResourceFilter filter, boolean getFolders, boolean getFiles)	Returns the child resources of a resource, that is the resources contained in a folder.
CmsResource	readDefaultFile(CmsRequestContext context, CmsResource resource, CmsResourceFilter resourceFilter)	Returns the default file for the given folder.
List<I_CmsHistoryResource>	readDeletedResources(CmsRequestContext context, CmsResource resource, boolean readTree)	Reads all deleted (historical) resources below the given path, including the full tree below the path, if required.
CmsFile	readFile(CmsRequestContext context, CmsResource resource)	Reads a file resource (including it's binary content) from the VFS.
protected CmsFolder	readFolder(CmsDbContext dbc, String resourcename, CmsResourceFilter filter)	Reads a folder from the VFS, using the specified resource filter.
CmsFolder	readFolder(CmsRequestContext context, String resourcename, CmsResourceFilter filter)	Reads a folder resource from the VFS, using the specified resource filter.
CmsGroup	readGroup(CmsRequestContext context, String groupname)	Reads a group based on its name.
CmsGroup	readGroup(CmsRequestContext context, CmsProject project)	Reads the group of a project.
CmsGroup	readGroup(CmsRequestContext context, CmsUUID groupId)	Reads a group based on its id.
CmsHistoryPrincipal	readHistoricalPrincipal(CmsRequestContext context, CmsUUID principalId)	Reads a principal (an user or group) from the historical archive based on its ID.
CmsHistoryProject	readHistoryProject(CmsRequestContext context, int publishTag)	Returns a historical project entry.
CmsHistoryProject	readHistoryProject(CmsRequestContext context, CmsUUID projectId)	Returns the latest historical project entry with the given id.
List<CmsProperty>	readHistoryPropertyObjects(CmsRequestContext context, I_CmsHistoryResource resource)	Reads the list of all CmsProperty objects that belong to the given historical resource.
CmsUUID	readIdForUrlName(CmsRequestContext context, String name)	Reads the structure id which is mapped to the given URL name, or null if the name is not mapped to any structure IDs.
void	readLocks()	Reads the locks that were saved to the database in the previous run of OpenCms.
CmsGroup	readManagerGroup(CmsRequestContext context, CmsProject project)	Reads the manager group of a project.
CmsOrganizationalUnit	readOrganizationalUnit(CmsRequestContext context, String ouFqn)	Reads an organizational Unit based on its fully qualified name.
CmsUser	readOwner(CmsRequestContext context, CmsProject project)	Reads the owner of a project from the OpenCms.
CmsResource	readParentFolder(CmsRequestContext context, CmsUUID structureId)	Returns the parent folder to the given structure id.
List<CmsResource>	readPath(CmsRequestContext context, String path, CmsResourceFilter filter)	Builds a list of resources for a given path.
CmsProject	readProject(String name)	Reads a project.
CmsProject	readProject(CmsUUID id)	Reads a project given the projects id.
List<String>	readProjectResources(CmsRequestContext context, CmsProject project)	Returns the list of all resource names that define the "view" of the given project.
List<CmsResource>	readProjectView(CmsRequestContext context, CmsUUID projectId, CmsResourceState state)	Reads all resources of a project that match a given state from the VFS.
CmsPropertyDefinition	readPropertyDefinition(CmsRequestContext context, String name)	Reads a property definition.
CmsProperty	readPropertyObject(CmsRequestContext context, CmsResource resource, String key, boolean search)	Reads a property object from a resource specified by a property name.
CmsProperty	readPropertyObject(CmsRequestContext context, CmsResource resource, String key, boolean search, Locale locale)	Reads a property object from a resource specified by a property name.
List<CmsProperty>	readPropertyObjects(CmsRequestContext context, CmsResource resource, boolean search)	Reads all property objects from a resource.
List<CmsPublishedResource>	readPublishedResources(CmsRequestContext context, CmsUUID publishHistoryId)	Reads the resources that were published in a publish task for a given publish history ID.
protected CmsResource	readResource(CmsDbContext dbc, String resourcePath, CmsResourceFilter filter)	Reads a resource from the OpenCms VFS, using the specified resource filter.
protected CmsResource	readResource(CmsDbContext dbc, CmsUUID structureID, CmsResourceFilter filter)	Reads a resource from the OpenCms VFS, using the specified resource filter.
CmsResource	readResource(CmsRequestContext context, String resourcePath, CmsResourceFilter filter)	Reads a resource from the VFS, using the specified resource filter.
I_CmsHistoryResource	readResource(CmsRequestContext context, CmsResource resource, int version)	Reads the historical resource entry for the given resource with the given version number.
CmsResource	readResource(CmsRequestContext context, CmsUUID structureID, CmsResourceFilter filter)	Reads a resource from the VFS, using the specified resource filter.
List<CmsResource>	readResources(CmsRequestContext context, CmsResource parent, CmsResourceFilter filter, boolean readTree)	Reads all resources below the given path matching the filter criteria, including the full tree below the path only in case the readTree parameter is true.
List<CmsResource>	readResourcesVisitedBy(CmsRequestContext context, String poolName, CmsVisitedByFilter filter)	Returns the resources that were visited by a user set in the filter.
List<CmsResource>	readResourcesWithProperty(CmsRequestContext context, CmsResource folder, String propertyDefinition, String value, CmsResourceFilter filter)	Reads all resources that have a value (containing the specified value) set for the specified property (definition) in the given path.
Set<I_CmsPrincipal>	readResponsiblePrincipals(CmsRequestContext context, CmsResource resource)	Returns a set of users that are responsible for a specific resource.
Set<CmsUser>	readResponsibleUsers(CmsRequestContext context, CmsResource resource)	Returns a set of users that are responsible for a specific resource.
List<CmsResource>	readSiblings(CmsRequestContext context, CmsResource resource, CmsResourceFilter filter)	Returns a List of all siblings of the specified resource, the specified resource being always part of the result set.
String	readStaticExportPublishedResourceParameters(CmsRequestContext context, String rfsName)	Returns the parameters of a resource in the table of all published template resources.
List<String>	readStaticExportResources(CmsRequestContext context, int parameterResources, long timestamp)	Returns a list of all template resources which must be processed during a static export.
List<I_CmsHistoryResource>	readSubscribedDeletedResources(CmsRequestContext context, String poolName, CmsUser user, List<CmsGroup> groups, CmsResource parent, boolean includeSubFolders, long deletedFrom)	Returns the subscribed history resources that were deleted.
List<CmsResource>	readSubscribedResources(CmsRequestContext context, String poolName, CmsSubscriptionFilter filter)	Returns the resources that were subscribed by a user or group set in the filter.
List<CmsUrlNameMappingEntry>	readUrlNameMappings(CmsRequestContext context, CmsUrlNameMappingFilter filter)	Reads the URL name mappings matching a given filter.
List<String>	readUrlNamesForAllLocales(CmsRequestContext context, CmsUUID id)	Reads the newest URL names of a structure id for all locales.
CmsUser	readUser(CmsRequestContext context, String username)	Returns a user object.
CmsUser	readUser(CmsRequestContext context, String username, String password)	Returns a user object if the password for the user is correct.
CmsUser	readUser(CmsRequestContext context, CmsUUID id)	Returns a user object based on the id of a user.
void	removeAccessControlEntry(CmsRequestContext context, CmsResource resource, CmsUUID principal)	Removes an access control entry for a given resource and principal.
void	removeResourceFromOrgUnit(CmsRequestContext context, CmsOrganizationalUnit orgUnit, CmsResource resource)	Removes a resource from the given organizational unit.
void	removeResourceFromProject(CmsRequestContext context, CmsResource resource)	Removes a resource from the current project of the user.
void	removeResourceFromUsersPubList(CmsRequestContext context, Collection<CmsUUID> structureIds)	Removes the given resource to the given user's publish list.
void	removeUserFromGroup(CmsRequestContext context, String username, String groupname, boolean readRoles)	Removes a user from a group.
void	replaceResource(CmsRequestContext context, CmsResource resource, int type, byte[] content, List<CmsProperty> properties)	Replaces the content, type and properties of a resource.
void	resetPassword(CmsRequestContext context, String username, String oldPassword, CmsSecondFactorInfo secondFactor, String newPassword)	Resets the password for a specified user.
String	resourceOriginalPath(CmsRequestContext context, CmsResource resource)	Returns the original path of given resource, that is the online path for the resource.
void	restoreDeletedResource(CmsRequestContext context, CmsUUID structureId)	Restores a deleted resource identified by its structure id from the historical archive.
void	restoreResource(CmsRequestContext context, CmsResource resource, int version)	Restores a resource in the current project with the given version from the historical archive.
void	saveAliases(CmsRequestContext context, CmsResource resource, List<CmsAlias> aliases)	Saves the aliases for a given resource.
void	saveRewriteAliases(CmsRequestContext requestContext, String siteRoot, List<CmsRewriteAlias> newAliases)	Replaces the rewrite aliases for a given site root.
List<CmsUser>	searchUsers(CmsRequestContext requestContext, CmsUserSearchParameters searchParams)	Searches users by search criteria.
void	setDateExpired(CmsRequestContext context, CmsResource resource, long dateExpired)	Changes the "expire" date of a resource.
void	setDateLastModified(CmsRequestContext context, CmsResource resource, long dateLastModified)	Changes the "last modified" time stamp of a resource.
void	setDateReleased(CmsRequestContext context, CmsResource resource, long dateReleased)	Changes the "release" date of a resource.
void	setParentGroup(CmsRequestContext context, String groupName, String parentGroupName)	Sets a new parent-group for an already existing group.
void	setPassword(CmsRequestContext context, String username, String newPassword)	Sets the password for a user.
void	setRestricted(CmsRequestContext context, CmsResource resource, CmsGroup group, boolean restricted)	Sets/clears the 'restricted' status for the given resource and group.
void	setSubscribedResourceAsDeleted(CmsRequestContext context, String poolName, CmsResource resource)	Marks a subscribed resource as deleted.
void	setUsersOrganizationalUnit(CmsRequestContext context, CmsOrganizationalUnit orgUnit, CmsUser user)	Moves an user to the given organizational unit.
void	subscribeResourceFor(CmsRequestContext context, String poolName, CmsPrincipal principal, CmsResource resource)	Subscribes the user or group to the resource.
void	undelete(CmsRequestContext context, CmsResource resource)	Undelete the resource by resetting it's state.
void	undoChanges(CmsRequestContext context, CmsResource resource, CmsResource.CmsResourceUndoMode mode)	Undos all changes in the resource by restoring the version from the online project to the current offline project.
void	unlockProject(CmsRequestContext context, CmsUUID projectId)	Unlocks all resources in this project.
void	unlockResource(CmsRequestContext context, CmsResource resource)	Unlocks a resource.
void	unsubscribeAllDeletedResources(CmsRequestContext context, String poolName, long deletedTo)	Unsubscribes all deleted resources that were deleted before the specified time stamp.
void	unsubscribeAllResourcesFor(CmsRequestContext context, String poolName, CmsPrincipal principal)	Unsubscribes the user or group from all resources.
void	unsubscribeResourceFor(CmsRequestContext context, String poolName, CmsPrincipal principal, CmsResource resource)	Unsubscribes the principal from the resource.
void	unsubscribeResourceForAll(CmsRequestContext context, String poolName, CmsResource resource)	Unsubscribes all groups and users from the resource.
void	updateLastLoginDate(CmsRequestContext context, CmsUser user)	Updates the last login date on the given user to the current time.
void	updateLog()	Logs everything that has not been written to DB jet.
void	updateRelationsForResource(CmsRequestContext context, CmsResource resource, List<CmsLink> relations, boolean updateSiblingState)	Updates/Creates the relations for the given resource.
boolean	userInGroup(CmsRequestContext context, String username, String groupname)	Tests if a user is member of the given group.
void	validatePassword(String password)	Checks if a new password follows the rules for new passwords, which are defined by a Class implementing the I_CmsPasswordHandler interface and configured in the opencms.properties file.
Map<String,List<CmsRelation>>	validateRelations(CmsRequestContext context, CmsPublishList publishList, I_CmsReport report)	Validates the relations for the given resources.
void	writeAccessControlEntry(CmsRequestContext context, CmsResource resource, CmsAccessControlEntry ace)	Writes an access control entries to a given resource.
CmsFile	writeFile(CmsRequestContext context, CmsFile resource)	Writes a resource to the OpenCms VFS, including it's content.
void	writeGroup(CmsRequestContext context, CmsGroup group)	Writes an already existing group.
void	writeHistoryProject(CmsRequestContext context, int publishTag, long publishDate)	Creates a historical entry of the current project.
void	writeLocks()	Writes the locks that are currently stored in-memory to the database to allow restoring them in later startups.
void	writeOrganizationalUnit(CmsRequestContext context, CmsOrganizationalUnit organizationalUnit)	Writes an already existing organizational unit.
void	writeProject(CmsRequestContext context, CmsProject project)	Writes an already existing project.
void	writePropertyObject(CmsRequestContext context, CmsResource resource, CmsProperty property)	Writes a property for a specified resource.
void	writePropertyObjects(CmsRequestContext context, CmsResource resource, List<CmsProperty> properties)	Writes a list of properties for a specified resource.
void	writeResource(CmsRequestContext context, CmsResource resource)	Writes a resource to the OpenCms VFS.
void	writeResourceProjectLastModified(CmsRequestContext context, CmsResource resource, CmsProject project)	Writes the 'projectlastmodified' field of a resource record.
void	writeStaticExportPublishedResource(CmsRequestContext context, String resourceName, int linkType, String linkParameter, long timestamp)	Inserts an entry in the published resource table.
String	writeUrlNameMapping(CmsRequestContext context, Iterator<String> nameSeq, CmsUUID structureId, String locale, boolean replaceOnPublish)	Writes a new URL name mapping for a given resource.
void	writeUser(CmsRequestContext context, CmsUser user)	Updates the user information.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

m_dbContextFactory

protected I_CmsDbContextFactory m_dbContextFactory

The factory to create runtime info objects.

m_driverManager

protected CmsDriverManager m_driverManager

The initialized OpenCms driver manager to access the database.

Method Details

newInstance

public static CmsSecurityManager newInstance(CmsConfigurationManager configurationManager,
 I_CmsDbContextFactory runtimeInfoFactory,
 CmsPublishEngine publishEngine)
                                      throws CmsInitException

Creates a new instance of the OpenCms security manager.

Parameters:

configurationManager - the configuration manager

runtimeInfoFactory - the initialized OpenCms runtime info factory

publishEngine - the publish engine

Returns:

a new instance of the OpenCms security manager

Throws:

CmsInitException - if the security manager could not be initialized

addAlias

public void addAlias(CmsRequestContext context,
 CmsAlias alias)
              throws CmsException

Adds an alias.

Parameters:

context - the current request context

alias - the alias to add

Throws:

CmsException - if something goes wrong

addRelationToResource

public void addRelationToResource(CmsRequestContext context,
 CmsResource resource,
 CmsResource target,
 CmsRelationType type,
 boolean importCase)
                           throws CmsException

Adds a new relation to a given resource.

Parameters:

context - the request context

resource - the resource to add the relation to

target - the target of the relation

type - the type of the relation

importCase - if importing relations

Throws:

CmsException - if something goes wrong

See Also:

• deleteRelationsForResource(CmsRequestContext, CmsResource, CmsRelationFilter)
• CmsObject.addRelationToResource(String, String, String)

addResourceToOrgUnit

public void addResourceToOrgUnit(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 CmsResource resource)
                          throws CmsException

Adds a resource to the given organizational unit.

Parameters:

context - the current request context

orgUnit - the organizational unit to add the resource to

resource - the resource that is to be added to the organizational unit

Throws:

CmsException - if something goes wrong

See Also:

• CmsOrgUnitManager.addResourceToOrgUnit(CmsObject, String, String)
• CmsOrgUnitManager.removeResourceFromOrgUnit(CmsObject, String, String)

addUserToGroup

public void addUserToGroup(CmsRequestContext context,
 String username,
 String groupname,
 boolean readRoles)
                    throws CmsException

Adds a user to a group.

Parameters:

context - the current request context

username - the name of the user that is to be added to the group

groupname - the name of the group

readRoles - if reading roles or groups

Throws:

CmsException - if operation was not successful

changeLock

public void changeLock(CmsRequestContext context,
 CmsResource resource)
                throws CmsException

Changes the lock of a resource to the current user, that is "steals" the lock from another user.

Parameters:

context - the current request context

resource - the resource to change the lock for

Throws:

CmsException - if something goes wrong

See Also:

• I_CmsResourceType.changeLock(CmsObject, CmsSecurityManager, CmsResource)

changeResourcesInFolderWithProperty

public List<CmsResource> changeResourcesInFolderWithProperty(CmsRequestContext context,
 CmsResource resource,
 String propertyDefinition,
 String oldValue,
 String newValue,
 boolean recursive)
                                                      throws CmsException,
CmsVfsException

Returns a list with all sub resources of a given folder that have set the given property, matching the current property's value with the given old value and replacing it by a given new value.

Parameters:

context - the current request context

resource - the resource on which property definition values are changed

propertyDefinition - the name of the property definition to change the value

oldValue - the old value of the property definition

newValue - the new value of the property definition

recursive - if true, change recursively all property values on sub-resources (only for folders)

Returns:

a list with the CmsResource's where the property value has been changed

Throws:

CmsVfsException - for now only when the search for the old value fails

CmsException - if operation was not successful

checkLogin

public void checkLogin(CmsRequestContext context,
 String username,
 String password,
 String remoteAddress)
                throws CmsException

Checks user name / password and other things which would prevent the user from logging in, but does not check the second factor for 2FA.

Throws an exception like the normal login method if these checks fail. If it succeeds, nothing actually happens.

Parameters:

context - the request context

username - the user name

password - the password

remoteAddress - the remote address

Throws:

CmsException - if the login check fails

checkManagerOfProjectRole

public void checkManagerOfProjectRole(CmsDbContext dbc,
 CmsProject project)
                               throws CmsRoleViolationException

Checks if the current user has management access to the given project.

Parameters:

dbc - the current database context

project - the project to check

Throws:

CmsRoleViolationException - if the user does not have the required role permissions

checkOfflineProject

public void checkOfflineProject(CmsDbContext dbc)
                         throws CmsVfsException

Checks if the project in the given database context is not the "Online" project, and throws an Exception if this is the case.

This is used to ensure a user is in an "Offline" project before write access to VFS resources is granted.

Parameters:

dbc - the current OpenCms users database context

Throws:

CmsVfsException - if the project in the given database context is the "Online" project

checkPermissions

public void checkPermissions(CmsRequestContext context,
 CmsResource resource,
 CmsPermissionSet requiredPermissions,
 boolean checkLock,
 CmsResourceFilter filter)
                      throws CmsException,
CmsSecurityException

Performs a blocking permission check on a resource.

If the required permissions are not satisfied by the permissions the user has on the resource, an exception is thrown.

Parameters:

context - the current request context

resource - the resource on which permissions are required

requiredPermissions - the set of permissions required to access the resource

checkLock - if true, the lock status of the resource is also checked

filter - the filter for the resource

Throws:

CmsException - in case of any i/o error

CmsSecurityException - if the required permissions are not satisfied

See Also:

• checkPermissions(CmsRequestContext, CmsResource, CmsPermissionSet, I_CmsPermissionHandler.CmsPermissionCheckResult)

checkPublishPermissions

public void checkPublishPermissions(CmsDbContext dbc,
 CmsPublishList publishList)
                             throws CmsException,
CmsMultiException

Checks if the current user has the permissions to publish the given publish list (which contains the information about the resources / project to publish).

Parameters:

dbc - the current OpenCms users database context

publishList - the publish list to check (contains the information about the resources / project to publish)

Throws:

CmsException - if the user does not have the required permissions because of project lock state

CmsMultiException - if issues occur like a direct publish is attempted on a resource whose parent folder is new or deleted in the offline project, or if the current user has no management access to the current project

checkRole

public void checkRole(CmsDbContext dbc,
 CmsRole role)
               throws CmsRoleViolationException

Checks if the user of the current database context has permissions to impersonate the given role in the given organizational unit.

If the organizational unit is null, this method will check if the given user has the given role for at least one organizational unit.

Parameters:

dbc - the current OpenCms users database context

role - the role to check

Throws:

CmsRoleViolationException - if the user does not have the required role permissions

See Also:

• CmsRoleManager.checkRole(CmsObject, CmsRole)

checkRole

public void checkRole(CmsRequestContext context,
 CmsRole role)
               throws CmsRoleViolationException

Checks if the user of the current context has permissions to impersonate the given role.

If the organizational unit is null, this method will check if the given user has the given role for at least one organizational unit.

Parameters:

context - the current request context

role - the role to check

Throws:

CmsRoleViolationException - if the user does not have the required role permissions

checkRoleForResource

public void checkRoleForResource(CmsDbContext dbc,
 CmsRole role,
 CmsResource resource)
                          throws CmsRoleViolationException

Checks if the user of the current database context has permissions to impersonate the given role for the given resource.

Parameters:

dbc - the current OpenCms users database context

role - the role to check

resource - the resource to check the role for

Throws:

CmsRoleViolationException - if the user does not have the required role permissions

See Also:

• CmsRoleManager.checkRole(CmsObject, CmsRole)

checkRoleForResource

public void checkRoleForResource(CmsRequestContext context,
 CmsRole role,
 CmsResource resource)
                          throws CmsRoleViolationException

Checks if the user of the current context has permissions to impersonate the given role for the given resource.

Parameters:

context - the current request context

role - the role to check

resource - the resource to check the role for

Throws:

CmsRoleViolationException - if the user does not have the required role permissions

chflags

public void chflags(CmsRequestContext context,
 CmsResource resource,
 int flags)
             throws CmsException,
CmsSecurityException

Changes the resource flags of a resource.

The resource flags are used to indicate various "special" conditions for a resource. Most notably, the "internal only" setting which signals that a resource can not be directly requested with it's URL.

Parameters:

context - the current request context

resource - the resource to change the flags for

flags - the new resource flags for this resource

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource ((CmsPermissionSet.ACCESS_WRITE required)

See Also:

• I_CmsResourceType.chflags(CmsObject, CmsSecurityManager, CmsResource, int)

chtype

public void chtype(CmsRequestContext context,
 CmsResource resource,
 int type)
            throws CmsException,
CmsSecurityException

Changes the resource type of a resource.

OpenCms handles resources according to the resource type, not the file suffix. This is e.g. why a JSP in OpenCms can have the suffix ".html" instead of ".jsp" only. Changing the resource type makes sense e.g. if you want to make a plain text file a JSP resource, or a binary file an image, etc.

Parameters:

context - the current request context

resource - the resource to change the type for

type - the new resource type for this resource

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource ((CmsPermissionSet.ACCESS_WRITE required))

See Also:

• I_CmsResourceType.chtype(CmsObject, CmsSecurityManager, CmsResource, int)
• CmsObject.chtype(String, int)

cleanupPublishHistory

public int cleanupPublishHistory(CmsRequestContext context,
 CmsPublishHistoryCleanupFilter filter)
                          throws CmsException

Cleans up publish history entries according to the given filter object.

Parameters:

context - the request context

filter - the filter describing what to clean up

Returns:

the number of cleaned up rows

Throws:

CmsException - if something goes wrong

copyAccessControlEntries

public void copyAccessControlEntries(CmsRequestContext context,
 CmsResource source,
 CmsResource destination)
                              throws CmsException,
CmsSecurityException

Copies the access control entries of a given resource to a destination resource.

Already existing access control entries of the destination resource are removed.

Parameters:

context - the current request context

source - the resource to copy the access control entries from

destination - the resource to which the access control entries are copied

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (CmsPermissionSet.ACCESS_CONTROL required)

copyResource

public void copyResource(CmsRequestContext context,
 CmsResource source,
 String destination,
 CmsResource.CmsResourceCopyMode siblingMode)
                  throws CmsException,
CmsSecurityException

Copies a resource.

You must ensure that the destination path is an absolute, valid and existing VFS path. Relative paths from the source are currently not supported.

The copied resource will always be locked to the current user after the copy operation.

In case the target resource already exists, it is overwritten with the source resource.

The siblingMode parameter controls how to handle siblings during the copy operation.
Possible values for this parameter are:

• CmsResource.COPY_AS_NEW
• CmsResource.COPY_AS_SIBLING
• CmsResource.COPY_PRESERVE_SIBLING

Parameters:

context - the current request context

source - the resource to copy

destination - the name of the copy destination with complete path

siblingMode - indicates how to handle siblings during copy

Throws:

CmsException - if something goes wrong

CmsSecurityException - if resource could not be copied

See Also:

• CmsObject.copyResource(String, String, CmsResource.CmsResourceCopyMode)
• I_CmsResourceType.copyResource(CmsObject, CmsSecurityManager, CmsResource, String, CmsResource.CmsResourceCopyMode)

copyResourceToProject

public void copyResourceToProject(CmsRequestContext context,
 CmsResource resource)
                           throws CmsException,
CmsRoleViolationException

Copies a resource to the current project of the user.

Parameters:

context - the current request context

resource - the resource to apply this operation to

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the current user does not have management access to the project

See Also:

• I_CmsResourceType.copyResourceToProject(CmsObject, CmsSecurityManager, CmsResource)

countLockedResources

public int countLockedResources(CmsRequestContext context,
 CmsUUID id)
                         throws CmsException,
CmsRoleViolationException

Counts the locked resources in this project.

Parameters:

context - the current request context

id - the id of the project

Returns:

the amount of locked resources in this project

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the current user does not have management access to the project

countUsers

public long countUsers(CmsRequestContext requestContext,
 CmsUserSearchParameters searchParams)
                throws CmsException

Counts the total number of users which match the given search criteria.

Parameters:

requestContext - the request context

searchParams - the search criteria object

Returns:

the number of users which match the search criteria

Throws:

CmsException - if something goes wrong

createGroup

public CmsGroup createGroup(CmsRequestContext context,
 String name,
 String description,
 int flags,
 String parent)
                     throws CmsException,
CmsRoleViolationException

Creates a new user group.

Parameters:

context - the current request context

name - the name of the new group

description - the description for the new group

flags - the flags for the new group

parent - the name of the parent group (or null)

Returns:

a CmsGroup object representing the newly created group

Throws:

CmsException - if operation was not successful.

CmsRoleViolationException - if the role CmsRole.ACCOUNT_MANAGER is not owned by the current user

createOrganizationalUnit

public CmsOrganizationalUnit createOrganizationalUnit(CmsRequestContext context,
 String ouFqn,
 String description,
 int flags,
 CmsResource resource)
                                               throws CmsException

Creates a new organizational unit.

Parameters:

context - the current request context

ouFqn - the fully qualified name of the new organizational unit

description - the description of the new organizational unit

flags - the flags for the new organizational unit

resource - the first associated resource

Returns:

a CmsOrganizationalUnit object representing the newly created organizational unit

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.createOrganizationalUnit(CmsObject, String, String, int, String)

createProject

public CmsProject createProject(CmsRequestContext context,
 String name,
 String description,
 String groupname,
 String managergroupname,
 CmsProject.CmsProjectType projecttype)
                         throws CmsException,
CmsRoleViolationException

Creates a project.

Parameters:

context - the current request context

name - the name of the project to create

description - the description of the project

groupname - the project user group to be set

managergroupname - the project manager group to be set

projecttype - the type of the project

Returns:

the created project

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the current user does not own the role CmsRole.PROJECT_MANAGER

createPropertyDefinition

public CmsPropertyDefinition createPropertyDefinition(CmsRequestContext context,
 String name)
                                               throws CmsException,
CmsSecurityException,
CmsRoleViolationException

Creates a property definition.

Property definitions are valid for all resource types.

Parameters:

context - the current request context

name - the name of the property definition to create

Returns:

the created property definition

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the current project is online.

CmsRoleViolationException - if the current user does not own the role CmsRole.WORKPLACE_MANAGER

createResource

public CmsResource createResource(CmsRequestContext context,
 String resourcePath,
 CmsResource resource,
 byte[] content,
 List<CmsProperty> properties)
                           throws CmsVfsResourceAlreadyExistsException,
CmsVfsException,
CmsException

Creates a new resource with the provided content and properties.

An exception is thrown if a resource with the given name already exists.

Parameters:

context - the current request context

resourcePath - the name of the resource to create (full path)

resource - the new resource to create

content - the content for the new resource

properties - the properties for the new resource

Returns:

the created resource

Throws:

CmsVfsResourceAlreadyExistsException - if a resource with the given name already exists

CmsVfsException - if the project in the given database context is the "Online" project

CmsException - if something goes wrong

createResource

public CmsResource createResource(CmsRequestContext context,
 String resourcename,
 int type,
 byte[] content,
 List<CmsProperty> properties)
                           throws CmsException

Creates a new resource of the given resource type with the provided content and properties.

If the provided content is null and the resource is not a folder, the content will be set to an empty byte array.

Parameters:

context - the current request context

resourcename - the name of the resource to create (full path)

type - the type of the resource to create

content - the content for the new resource

properties - the properties for the new resource

Returns:

the created resource

Throws:

CmsException - if something goes wrong

See Also:

• I_CmsResourceType.createResource(CmsObject, CmsSecurityManager, String, byte[], List)

createSibling

public CmsResource createSibling(CmsRequestContext context,
 CmsResource source,
 String destination,
 List<CmsProperty> properties)
                          throws CmsException

Creates a new sibling of the source resource.

Parameters:

context - the current request context

source - the resource to create a sibling for

destination - the name of the sibling to create with complete path

properties - the individual properties for the new sibling

Returns:

the new created sibling

Throws:

CmsException - if something goes wrong

See Also:

• I_CmsResourceType.createSibling(CmsObject, CmsSecurityManager, CmsResource, String, List)

createTempfileProject

public CmsProject createTempfileProject(CmsRequestContext context)
                                 throws CmsException

Creates the project for the temporary workplace files.

Parameters:

context - the current request context

Returns:

the created project for the temporary workplace files

Throws:

CmsException - if something goes wrong

createUser

public CmsUser createUser(CmsRequestContext context,
 String name,
 String password,
 String description,
 Map<String,Object> additionalInfos)
                   throws CmsException,
CmsRoleViolationException

Creates a new user.

Parameters:

context - the current request context

name - the name for the new user

password - the password for the new user

description - the description for the new user

additionalInfos - the additional infos for the user

Returns:

the created user

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER

See Also:

• CmsObject.createUser(String, String, String, Map)

deleteAliases

public void deleteAliases(CmsRequestContext context,
 CmsAliasFilter filter)
                   throws CmsException

Deletes alias entries matching a filter.

Parameters:

context - the request context

filter - the alias filter

Throws:

CmsException - if something goes wrong

deleteAllStaticExportPublishedResources

public void deleteAllStaticExportPublishedResources(CmsRequestContext context,
 int linkType)
                                             throws CmsException

Deletes all entries in the published resource table.

Parameters:

context - the current request context

linkType - the type of resource deleted (0= non-parameter, 1=parameter)

Throws:

CmsException - if something goes wrong

deleteGroup

public void deleteGroup(CmsRequestContext context,
 CmsUUID groupId,
 CmsUUID replacementId)
                 throws CmsException,
CmsRoleViolationException,
CmsSecurityException

Deletes a group, where all permissions, users and children of the group are transfered to a replacement group.

Parameters:

context - the current request context

groupId - the id of the group to be deleted

replacementId - the id of the group to be transfered, can be null

Throws:

CmsException - if operation was not successful

CmsSecurityException - if the group is a default group.

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER

deleteGroup

public void deleteGroup(CmsRequestContext context,
 String name)
                 throws CmsException,
CmsRoleViolationException,
CmsSecurityException

Delete a user group.

Only groups that contain no subgroups can be deleted.

Parameters:

context - the current request context

name - the name of the group that is to be deleted

Throws:

CmsException - if operation was not successful

CmsSecurityException - if the group is a default group.

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER

deleteHistoricalVersions

public void deleteHistoricalVersions(CmsRequestContext context,
 int versionsToKeep,
 int versionsDeleted,
 long timeDeleted,
 I_CmsReport report)
                              throws CmsException,
CmsRoleViolationException

Deletes the versions from the history tables, keeping the given number of versions per resource.

Parameters:

context - the current request context

versionsToKeep - number of versions to keep, is ignored if negative

versionsDeleted - number of versions to keep for deleted resources, is ignored if negative

timeDeleted - deleted resources older than this will also be deleted, is ignored if negative

report - the report for output logging

Throws:

CmsException - if operation was not successful

CmsRoleViolationException - if the current user does not own the role CmsRole.WORKPLACE_MANAGER

deleteLogEntries

public void deleteLogEntries(CmsRequestContext context,
 CmsLogFilter filter)
                      throws CmsException

Deletes all log entries matching the given filter.

Parameters:

context - the current user context

filter - the filter to use for deletion

Throws:

CmsException - if something goes wrong

See Also:

• getLogEntries(CmsRequestContext, CmsLogFilter)
• CmsObject.deleteLogEntries(CmsLogFilter)

deleteOrganizationalUnit

public void deleteOrganizationalUnit(CmsRequestContext context,
 CmsOrganizationalUnit organizationalUnit)
                              throws CmsException

Deletes an organizational unit.

Only organizational units that contain no sub organizational unit can be deleted.

The organizational unit can not be delete if it is used in the request context, or if the current user belongs to it.

All users and groups in the given organizational unit will be deleted.

Parameters:

context - the current request context

organizationalUnit - the organizational unit to delete

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.deleteOrganizationalUnit(CmsObject, String)

deleteProject

public void deleteProject(CmsRequestContext context,
 CmsUUID projectId)
                   throws CmsException,
CmsRoleViolationException

Deletes a project.

All modified resources currently inside this project will be reset to their online state.

Parameters:

context - the current request context

projectId - the ID of the project to be deleted

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the current user does not own management access to the project

deletePropertyDefinition

public void deletePropertyDefinition(CmsRequestContext context,
 String name)
                              throws CmsException,
CmsSecurityException,
CmsRoleViolationException

Deletes a property definition.

Parameters:

context - the current request context

name - the name of the property definition to delete

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the project to delete is the "Online" project

CmsRoleViolationException - if the current user does not own the role CmsRole.WORKPLACE_MANAGER

deleteRelationsForResource

public void deleteRelationsForResource(CmsRequestContext context,
 CmsResource resource,
 CmsRelationFilter filter)
                                throws CmsException

Deletes all relations for the given resource matching the given filter.

Parameters:

context - the current user context

resource - the resource to delete the relations for

filter - the filter to use for deletion

Throws:

CmsException - if something goes wrong

See Also:

• addRelationToResource(CmsRequestContext, CmsResource, CmsResource, CmsRelationType, boolean)
• CmsObject.deleteRelationsFromResource(String, CmsRelationFilter)

deleteResource

public void deleteResource(CmsRequestContext context,
 CmsResource resource,
 CmsResource.CmsResourceDeleteMode siblingMode)
                    throws CmsException,
CmsSecurityException

Deletes a resource given its name.

The siblingMode parameter controls how to handle siblings during the delete operation.
Possible values for this parameter are:

• CmsResource.DELETE_REMOVE_SIBLINGS
• CmsResource.DELETE_PRESERVE_SIBLINGS

Parameters:

context - the current request context

resource - the name of the resource to delete (full path)

siblingMode - indicates how to handle siblings of the deleted resource

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user does not have CmsPermissionSet.ACCESS_WRITE on the given resource

See Also:

• I_CmsResourceType.deleteResource(CmsObject, CmsSecurityManager, CmsResource, CmsResource.CmsResourceDeleteMode)

deleteStaticExportPublishedResource

public void deleteStaticExportPublishedResource(CmsRequestContext context,
 String resourceName,
 int linkType,
 String linkParameter)
                                         throws CmsException

Deletes an entry in the published resource table.

Parameters:

context - the current request context

resourceName - The name of the resource to be deleted in the static export

linkType - the type of resource deleted (0= non-parameter, 1=parameter)

linkParameter - the parameters of the resource

Throws:

CmsException - if something goes wrong

deleteUser

public void deleteUser(CmsRequestContext context,
 CmsUUID userId)
                throws CmsException

Deletes a user.

Parameters:

context - the current request context

userId - the Id of the user to be deleted

Throws:

CmsException - if something goes wrong

deleteUser

public void deleteUser(CmsRequestContext context,
 CmsUUID userId,
 CmsUUID replacementId)
                throws CmsException

Deletes a user, where all permissions and resources attributes of the user were transfered to a replacement user.

Parameters:

context - the current request context

userId - the id of the user to be deleted

replacementId - the id of the user to be transfered

Throws:

CmsException - if operation was not successful

deleteUser

public void deleteUser(CmsRequestContext context,
 String username)
                throws CmsException

Deletes a user.

Parameters:

context - the current request context

username - the name of the user to be deleted

Throws:

CmsException - if something goes wrong

destroy

public void destroy()
             throws Throwable

Destroys this security manager.

Throws:

Throwable - if something goes wrong

existsResource

public boolean existsResource(CmsRequestContext context,
 CmsUUID structureId,
 CmsResourceFilter filter)

Checks the availability of a resource in the VFS, using the CmsResourceFilter.DEFAULT filter.

A resource may be of type CmsFile or CmsFolder.

The specified filter controls what kind of resources should be "found" during the read operation. This will depend on the application. For example, using CmsResourceFilter.DEFAULT will only return currently "valid" resources, while using CmsResourceFilter.IGNORE_EXPIRATION will ignore the date release / date expired information of the resource.

This method also takes into account the user permissions, so if the given resource exists, but the current user has not the required permissions, then this method will return false.

Parameters:

context - the current request context

structureId - the structure id of the resource to check

filter - the resource filter to use while reading

Returns:

true if the resource is available

See Also:

• CmsObject.existsResource(CmsUUID, CmsResourceFilter)
• CmsObject.existsResource(CmsUUID)

existsResource

public boolean existsResource(CmsRequestContext context,
 String resourcePath,
 CmsResourceFilter filter)

Checks the availability of a resource in the VFS, using the CmsResourceFilter.DEFAULT filter.

A resource may be of type CmsFile or CmsFolder.

The specified filter controls what kind of resources should be "found" during the read operation. This will depend on the application. For example, using CmsResourceFilter.DEFAULT will only return currently "valid" resources, while using CmsResourceFilter.IGNORE_EXPIRATION will ignore the date release / date expired information of the resource.

This method also takes into account the user permissions, so if the given resource exists, but the current user has not the required permissions, then this method will return false.

Parameters:

context - the current request context

resourcePath - the name of the resource to read (full path)

filter - the resource filter to use while reading

Returns:

true if the resource is available

See Also:

• CmsObject.existsResource(String, CmsResourceFilter)
• CmsObject.existsResource(String)

fillPublishList

public CmsPublishList fillPublishList(CmsRequestContext context,
 CmsPublishList publishList)
                               throws CmsException

Fills the given publish list with the the VFS resources that actually get published.

Please refer to the source code of this method for the rules on how to decide whether a new/changed/deleted CmsResource object can be published or not.

Parameters:

context - the current request context

publishList - must be initialized with basic publish information (Project or direct publish operation)

Returns:

the given publish list filled with all new/changed/deleted files from the current (offline) project that will be published actually

Throws:

CmsException - if something goes wrong

See Also:

• CmsPublishList

getAccessControlEntries

public List<CmsAccessControlEntry> getAccessControlEntries(CmsRequestContext context,
 CmsResource resource,
 boolean getInherited)
                                                    throws CmsException

Returns the list of access control entries of a resource given its name.

Parameters:

context - the current request context

resource - the resource to read the access control entries for

getInherited - true if the result should include all access control entries inherited by parent folders

Returns:

a list of CmsAccessControlEntry objects defining all permissions for the given resource

Throws:

CmsException - if something goes wrong

getAccessControlList

public CmsAccessControlList getAccessControlList(CmsRequestContext context,
 CmsResource resource,
 boolean inheritedOnly)
                                          throws CmsException

Returns the access control list (summarized access control entries) of a given resource.

If inheritedOnly is set, only inherited access control entries are returned.

Parameters:

context - the current request context

resource - the resource

inheritedOnly - skip non-inherited entries if set

Returns:

the access control list of the resource

Throws:

CmsException - if something goes wrong

getAliasesForSite

public List<CmsAlias> getAliasesForSite(CmsRequestContext requestContext,
 String siteRoot)
                                 throws CmsException

Gets the aliases for a given site.

Parameters:

requestContext - the current request context

siteRoot - the site root

Returns:

the list of aliases for the given site root

Throws:

CmsException - if something goes wrong

getAllAccessControlEntries

public List<CmsAccessControlEntry> getAllAccessControlEntries(CmsRequestContext context)
                                                       throws CmsException

Gets all access control entries.

Parameters:

context - the current request context

Returns:

the list of all access control entries

Throws:

CmsException - if something goes wrong

getAllAccessibleProjects

public List<CmsProject> getAllAccessibleProjects(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 boolean includeSubOus)
                                          throws CmsException

Returns all projects which are owned by the current user or which are accessible for the group of the user.

Parameters:

context - the current request context

orgUnit - the organizational unit to search project in

includeSubOus - if to include sub organizational units

Returns:

a list of objects of type CmsProject

Throws:

CmsException - if something goes wrong

getAllHistoricalProjects

public List<CmsHistoryProject> getAllHistoricalProjects(CmsRequestContext context)
                                                 throws CmsException

Returns a list with all projects from history.

Parameters:

context - the current request context

Returns:

list of CmsHistoryProject objects with all projects from history.

Throws:

CmsException - if operation was not successful

getAllManageableProjects

public List<CmsProject> getAllManageableProjects(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 boolean includeSubOus)
                                          throws CmsException

Returns all projects which are owned by the current user or which are manageable for the group of the user.

Parameters:

context - the current request context

orgUnit - the organizational unit to search project in

includeSubOus - if to include sub organizational units

Returns:

a list of objects of type CmsProject

Throws:

CmsException - if operation was not successful

getChildren

public List<CmsGroup> getChildren(CmsRequestContext context,
 String groupname,
 boolean includeSubChildren)
                           throws CmsException

Returns all child groups of a group.

This method also returns all sub-child groups of the current group.

Parameters:

context - the current request context

groupname - the name of the group

includeSubChildren - if set also returns all sub-child groups of the given group

Returns:

a list of all child CmsGroup objects or null

Throws:

CmsException - if operation was not successful

getConnection

public Connection getConnection(String poolUrl)
                         throws SQLException

Gets a connection from a connection pool.

Parameters:

poolUrl - the connection pool url

Returns:

a new connection from the pool

Throws:

SQLException - if getting the connection fails

getDateLastVisitedBy

public long getDateLastVisitedBy(CmsRequestContext context,
 String poolName,
 CmsUser user,
 CmsResource resource)
                          throws CmsException

Returns the date when the resource was last visited by the user.

Parameters:

context - the request context

poolName - the name of the database pool to use

user - the user to check the date

resource - the resource to check the date

Returns:

the date when the resource was last visited by the user

Throws:

CmsException - if something goes wrong

getGroups

public List<CmsGroup> getGroups(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 boolean includeSubOus,
 boolean readRoles)
                         throws CmsException

Returns all groups of the given organizational unit.

Parameters:

context - the current request context

orgUnit - the organizational unit to get the groups for

includeSubOus - if all groups of sub-organizational units should be retrieved too

readRoles - if to read roles or groups

Returns:

all CmsGroup objects in the organizational unit

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.getResourcesForOrganizationalUnit(CmsObject, String)
• CmsOrgUnitManager.getGroups(CmsObject, String, boolean)
• CmsOrgUnitManager.getUsers(CmsObject, String, boolean)

getGroupsOfUser

public List<CmsGroup> getGroupsOfUser(CmsRequestContext context,
 String username,
 String ouFqn,
 boolean includeChildOus,
 boolean readRoles,
 boolean directGroupsOnly,
 String remoteAddress)
                               throws CmsException

Returns the list of groups to which the user directly belongs to.

Parameters:

context - the current request context

username - The name of the user

ouFqn - the fully qualified name of the organizational unit to restrict the result set for

includeChildOus - include groups of child organizational units

readRoles - if to read roles or groups

directGroupsOnly - if set only the direct assigned groups will be returned, if not also indirect roles

remoteAddress - the IP address to filter the groups in the result list

Returns:

a list of CmsGroup objects filtered by the given IP address

Throws:

CmsException - if operation was not successful

getLock

public CmsLock getLock(CmsRequestContext context,
 CmsResource resource)
                throws CmsException

Returns the lock state of a resource.

Parameters:

context - the current request context

resource - the resource to return the lock state for

Returns:

the lock state of the resource

Throws:

CmsException - if something goes wrong

getLockedResources

public List<String> getLockedResources(CmsRequestContext context,
 CmsResource resource,
 CmsLockFilter filter)
                                throws CmsException

Returns all locked resources in a given folder.

Parameters:

context - the current request context

resource - the folder to search in

filter - the lock filter

Returns:

a list of locked resource paths (relative to current site)

Throws:

CmsException - if something goes wrong

getLockedResourcesObjects

public List<CmsResource> getLockedResourcesObjects(CmsRequestContext context,
 CmsResource resource,
 CmsLockFilter filter)
                                            throws CmsException

Returns all locked resources in a given folder.

Parameters:

context - the current request context

resource - the folder to search in

filter - the lock filter

Returns:

a list of locked resource paths (relative to current site)

Throws:

CmsException - if something goes wrong

getLockedResourcesObjectsWithCache

public List<CmsResource> getLockedResourcesObjectsWithCache(CmsRequestContext context,
 CmsResource resource,
 CmsLockFilter filter,
 Map<String,CmsResource> cache)
                                                     throws CmsException

Returns all locked resources in a given folder, but uses a cache for resource lookups.

Parameters:

context - the current request context

resource - the folder to search in

filter - the lock filter

cache - the cache to use

Returns:

a list of locked resource paths (relative to current site)

Throws:

CmsException - if something goes wrong

getLockManager

public CmsLockManager getLockManager()

Returns the lock manger.

Returns:

the lock manager

getLogEntries

public List<CmsLogEntry> getLogEntries(CmsRequestContext context,
 CmsLogFilter filter)
                                throws CmsException

Returns all log entries matching the given filter.

Parameters:

context - the current user context

filter - the filter to match the log entries

Returns:

all log entries matching the given filter

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.getLogEntries(CmsLogFilter)

getManageableResources

public List<CmsResource> getManageableResources(CmsRequestContext context,
 CmsRole role)
                                         throws CmsException

Returns all resources of organizational units for which the current user has the given role role.

Parameters:

context - the current request context

role - the role to check

Returns:

a list of CmsResource objects

Throws:

CmsException - if something goes wrong

getOrganizationalUnits

public List<CmsOrganizationalUnit> getOrganizationalUnits(CmsRequestContext context,
 CmsOrganizationalUnit parent,
 boolean includeChildren)
                                                   throws CmsException

Returns all child organizational units of the given parent organizational unit including hierarchical deeper organization units if needed.

Parameters:

context - the current request context

parent - the parent organizational unit

includeChildren - if hierarchical deeper organization units should also be returned

Returns:

a list of CmsOrganizationalUnit objects

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.getOrganizationalUnits(CmsObject, String, boolean)

getOrgUnitsForRole

public List<CmsOrganizationalUnit> getOrgUnitsForRole(CmsRequestContext requestContext,
 CmsRole role,
 boolean includeSubOus)
                                               throws CmsException

Returns all the organizational units for which the current user has the given role.

Parameters:

requestContext - the current request context

role - the role to check

includeSubOus - if sub organizational units should be included in the search

Returns:

a list of CmsOrganizationalUnit objects

Throws:

CmsException - if something goes wrong

getParent

public CmsGroup getParent(CmsRequestContext context,
 String groupname)
                   throws CmsException

Returns the parent group of a group.

Parameters:

context - the current request context

groupname - the name of the group

Returns:

group the parent group or null

Throws:

CmsException - if operation was not successful

getPermissions

public CmsPermissionSetCustom getPermissions(CmsRequestContext context,
 CmsResource resource,
 CmsUser user)
                                      throws CmsException

Returns the set of permissions of the current user for a given resource.

Parameters:

context - the current request context

resource - the resource

user - the user

Returns:

bit set with allowed permissions

Throws:

CmsException - if something goes wrong

getProjectId

public CmsUUID getProjectId(CmsRequestContext context,
 int id)
                     throws CmsException

Returns the uuid id for the given id, remove this method as soon as possible.

Parameters:

context - the current cms context

id - the old project id

Returns:

the new uuid for the given id

Throws:

CmsException - if something goes wrong

getRelatedResourcesToPublish

public CmsPublishList getRelatedResourcesToPublish(CmsRequestContext context,
 CmsPublishList publishList,
 CmsRelationFilter filter)
                                            throws CmsException

Returns a new publish list that contains the unpublished resources related to all resources in the given publish list, the related resources exclude all resources in the given publish list and also locked (by other users) resources.

Parameters:

context - the current cms context

publishList - the publish list to exclude from result

filter - the relation filter to use to get the related resources

Returns:

a new publish list that contains the related resources

Throws:

CmsException - if something goes wrong

See Also:

• CmsPublishManager.getRelatedResourcesToPublish(CmsObject, CmsPublishList)

getRelationsForResource

public List<CmsRelation> getRelationsForResource(CmsRequestContext context,
 CmsResource resource,
 CmsRelationFilter filter)
                                          throws CmsException

Returns all relations for the given resource matching the given filter.

Parameters:

context - the current user context

resource - the resource to retrieve the relations for

filter - the filter to match the relation

Returns:

all CmsRelation objects for the given resource matching the given filter

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.getRelationsForResource(String, CmsRelationFilter)

getResourcesForOrganizationalUnit

public List<CmsResource> getResourcesForOrganizationalUnit(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit)
                                                    throws CmsException

Returns all resources of the given organizational unit.

Parameters:

context - the current request context

orgUnit - the organizational unit to get all resources for

Returns:

all CmsResource objects in the organizational unit

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.getResourcesForOrganizationalUnit(CmsObject, String)
• CmsOrgUnitManager.getGroups(CmsObject, String, boolean)
• CmsOrgUnitManager.getUsers(CmsObject, String, boolean)

getResourcesForPrincipal

public Set<CmsResource> getResourcesForPrincipal(CmsRequestContext context,
 CmsUUID principalId,
 CmsPermissionSet permissions,
 boolean includeAttr)
                                          throws CmsException

Returns all resources associated to a given principal via an ACE with the given permissions.

If the includeAttr flag is set it returns also all resources associated to a given principal through some of following attributes.

• User Created
• User Last Modified

Parameters:

context - the current request context

principalId - the id of the principal

permissions - a set of permissions to match, can be null for all ACEs

includeAttr - a flag to include resources associated by attributes

Returns:

a set of CmsResource objects

Throws:

CmsException - if something goes wrong

getRewriteAliases

public List<CmsRewriteAlias> getRewriteAliases(CmsRequestContext requestContext,
 CmsRewriteAliasFilter filter)
                                        throws CmsException

Gets the rewrite aliases matching a given filter.

Parameters:

requestContext - the current request context

filter - the filter used for selecting the rewrite aliases

Returns:

the rewrite aliases matching the given filter

Throws:

CmsException - if something goes wrong

getRoleGroups

public Set<CmsGroup> getRoleGroups(CmsRequestContext context,
 CmsRole role,
 boolean directUsersOnly)
                            throws CmsException

Gets the groups which constitute a given role.

Parameters:

context - the request context

role - the role

directUsersOnly - if true, only direct users of the role group will be returned

Returns:

the role's groups

Throws:

CmsException - if something goes wrong

getRolesForResource

public List<CmsRole> getRolesForResource(CmsRequestContext context,
 CmsUser user,
 CmsResource resource)
                                  throws CmsException

Returns all roles the given user has for the given resource.

Parameters:

context - the current request context

user - the user to check

resource - the resource to check the roles for

Returns:

a list of CmsRole objects

Throws:

CmsException - is something goes wrong

getSqlManager

public CmsSqlManager getSqlManager()

Returns an instance of the common sql manager.

Returns:

an instance of the common sql manager

getUsers

public List<CmsUser> getUsers(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 boolean recursive)
                       throws CmsException

Returns all users of the given organizational unit.

Parameters:

context - the current request context

orgUnit - the organizational unit to get the users for

recursive - if all users of sub-organizational units should be retrieved too

Returns:

all CmsUser objects in the organizational unit

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.getResourcesForOrganizationalUnit(CmsObject, String)
• CmsOrgUnitManager.getGroups(CmsObject, String, boolean)
• CmsOrgUnitManager.getUsers(CmsObject, String, boolean)

getUsersOfGroup

public List<CmsUser> getUsersOfGroup(CmsRequestContext context,
 String groupname,
 boolean includeOtherOuUsers,
 boolean directUsersOnly,
 boolean readRoles)
                              throws CmsException

Returns a list of users in a group.

Parameters:

context - the current request context

groupname - the name of the group to list users from

includeOtherOuUsers - include users of other organizational units

directUsersOnly - if set only the direct assigned users will be returned, if not also indirect users, ie. members of child groups

readRoles - if to read roles or groups

Returns:

all CmsUser objects in the group

Throws:

CmsException - if operation was not successful

getUsersPubList

public List<CmsResource> getUsersPubList(CmsRequestContext context)
                                  throws CmsException

Returns the current user's publish list.

Parameters:

context - the request context

Returns:

the current user's publish list

Throws:

CmsException - if something goes wrong

getUsersWithoutAdditionalInfo

public List<CmsUser> getUsersWithoutAdditionalInfo(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 boolean recursive)
                                            throws CmsException

Returns all users of the given organizational unit.

Parameters:

context - the current request context

orgUnit - the organizational unit to get the users for

recursive - if all users of sub-organizational units should be retrieved too

Returns:

all CmsUser objects in the organizational unit

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.getResourcesForOrganizationalUnit(CmsObject, String)
• CmsOrgUnitManager.getGroups(CmsObject, String, boolean)
• CmsOrgUnitManager.getUsers(CmsObject, String, boolean)

hasPermissions

public I_CmsPermissionHandler.CmsPermissionCheckResult hasPermissions(CmsRequestContext context,
 CmsResource resource,
 CmsPermissionSet requiredPermissions,
 boolean checkLock,
 CmsResourceFilter filter)
                                                               throws CmsException

Performs a non-blocking permission check on a resource.

This test will not throw an exception in case the required permissions are not available for the requested operation. Instead, it will return one of the following values:

• I_CmsPermissionHandler.PERM_ALLOWED
• I_CmsPermissionHandler.PERM_FILTERED
• I_CmsPermissionHandler.PERM_DENIED

Parameters:

context - the current request context

resource - the resource on which permissions are required

requiredPermissions - the set of permissions required for the operation

checkLock - if true, a lock for the current user is required for all write operations, if false it's ok to write as long as the resource is not locked by another user

filter - the resource filter to use

Returns:

I_CmsPermissionHandler.PERM_ALLOWED if the user has sufficient permissions on the resource for the requested operation

Throws:

CmsException - in case of i/o errors (NOT because of insufficient permissions)

See Also:

• #hasPermissions(CmsDbContext, CmsResource, CmsPermissionSet, boolean, CmsResourceFilter)

hasPermissions

public I_CmsPermissionHandler.CmsPermissionCheckResult hasPermissions(CmsRequestContext context,
 CmsResource resource,
 CmsPermissionSet requiredPermissions,
 I_CmsPermissionHandler.LockCheck checkLock,
 CmsResourceFilter filter)
                                                               throws CmsException

Performs a non-blocking permission check on a resource.

This test will not throw an exception in case the required permissions are not available for the requested operation. Instead, it will return one of the following values:

• I_CmsPermissionHandler.PERM_ALLOWED
• I_CmsPermissionHandler.PERM_FILTERED
• I_CmsPermissionHandler.PERM_DENIED

Parameters:

context - the current request context

resource - the resource on which permissions are required

requiredPermissions - the set of permissions required for the operation

checkLock - if true, a lock for the current user is required for all write operations, if false it's ok to write as long as the resource is not locked by another user

filter - the resource filter to use

Returns:

I_CmsPermissionHandler.PERM_ALLOWED if the user has sufficient permissions on the resource for the requested operation

Throws:

CmsException - in case of i/o errors (NOT because of insufficient permissions)

See Also:

• #hasPermissions(CmsDbContext, CmsResource, CmsPermissionSet, boolean, CmsResourceFilter)

hasRole

public boolean hasRole(CmsDbContext dbc,
 CmsUser user,
 CmsRole role)

Checks if the given user has the given role in the given organizational unit.

If the organizational unit is null, this method will check if the given user has the given role for at least one organizational unit.

Parameters:

dbc - the current OpenCms users database context

user - the user to check the role for

role - the role to check

Returns:

true if the given user has the given role in the given organizational unit

hasRole

public boolean hasRole(CmsRequestContext context,
 CmsUser user,
 CmsRole role)

Checks if the given user has the given role in the given organizational unit.

If the organizational unit is null, this method will check if the given user has the given role for at least one organizational unit.

Parameters:

context - the current request context

user - the user to check the role for

role - the role to check

Returns:

true if the given user has the given role in the given organizational unit

hasRoleForResource

public boolean hasRoleForResource(CmsDbContext dbc,
 CmsUser user,
 CmsRole role,
 CmsResource resource)

Checks if the given user has the given role for the given resource.

Parameters:

dbc - the current OpenCms users database context

user - the user to check the role for

role - the role to check

resource - the resource to check the role for

Returns:

true if the given user has the given role for the given resource

hasRoleForResource

public boolean hasRoleForResource(CmsRequestContext context,
 CmsUser user,
 CmsRole role,
 CmsResource resource)

Checks if the given user has the given role for the given resource.

Parameters:

context - the current request context

user - the user to check

role - the role to check

resource - the resource to check the role for

Returns:

true if the given user has the given role for the given resource

importAccessControlEntries

public void importAccessControlEntries(CmsRequestContext context,
 CmsResource resource,
 List<CmsAccessControlEntry> acEntries)
                                throws CmsException,
CmsSecurityException

Writes a list of access control entries as new access control entries of a given resource.

Already existing access control entries of this resource are removed before.

Access is granted, if:

• the current user has control permission on the resource

Parameters:

context - the current request context

resource - the resource

acEntries - a list of CmsAccessControlEntry objects

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the required permissions are not satisfied

importResource

public CmsResource importResource(CmsRequestContext context,
 String resourcePath,
 CmsResource resource,
 byte[] content,
 List<CmsProperty> properties,
 boolean importCase)
                           throws CmsException

Creates a new resource with the provided content and properties.

The content parameter may be null if the resource id already exists. If so, the created resource will be made a sibling of the existing resource, the existing content will remain unchanged. This is used during file import for import of siblings as the manifest.xml only contains one binary copy per file. If the resource id exists but the content is not null, the created resource will be made a sibling of the existing resource, and both will share the new content.

Parameters:

context - the current request context

resourcePath - the name of the resource to create (full path)

resource - the new resource to create

content - the content for the new resource

properties - the properties for the new resource

importCase - if true, signals that this operation is done while importing resource, causing different lock behavior and potential "lost and found" usage

Returns:

the created resource

Throws:

CmsException - if something goes wrong

importRewriteAlias

public CmsAliasImportResult importRewriteAlias(CmsRequestContext requestContext,
 String siteRoot,
 String source,
 String target,
 CmsAliasMode mode)
                                        throws CmsException

Imports a rewrite alias.

Parameters:

requestContext - the current request context

siteRoot - the site root

source - the rewrite alias source

target - the rewrite alias target

mode - the alias mode

Returns:

the import result

Throws:

CmsException - if something goes wrong

importUser

public CmsUser importUser(CmsRequestContext context,
 String id,
 String name,
 String password,
 String firstname,
 String lastname,
 String email,
 int flags,
 long dateCreated,
 Map<String,Object> additionalInfos)
                   throws CmsException,
CmsRoleViolationException

Creates a new user by import.

Parameters:

context - the current request context

id - the id of the user

name - the new name for the user

password - the new password for the user

firstname - the first name of the user

lastname - the last name of the user

email - the email of the user

flags - the flags for a user (for example I_CmsPrincipal.FLAG_ENABLED)

dateCreated - the creation date

additionalInfos - the additional user infos

Returns:

the imported user

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the role CmsRole.ACCOUNT_MANAGER is not owned by the current user.

incrementCounter

public int incrementCounter(CmsRequestContext context,
 String name)
                     throws CmsException

Increments a counter and returns its old value.

Parameters:

context - the request context

name - the name of the counter

Returns:

the value of the counter before incrementing

Throws:

CmsException - if something goes wrong

init

public void init(CmsConfigurationManager configurationManager,
 I_CmsDbContextFactory dbContextFactory,
 CmsPublishEngine publishEngine)
          throws CmsInitException

Initializes this security manager with a given runtime info factory.

Parameters:

configurationManager - the configurationManager

dbContextFactory - the initialized OpenCms runtime info factory

publishEngine - the publish engine

Throws:

CmsInitException - if the initialization fails

initializeOrgUnit

public void initializeOrgUnit(CmsRequestContext context,
 CmsOrganizationalUnit ou)

Initializes the default groups for an organizational unit.

Parameters:

context - the request context

ou - the organizational unit

isInsideCurrentProject

public boolean isInsideCurrentProject(CmsRequestContext context,
 String resourcename)

Checks if the specified resource is inside the current project.

The project "view" is determined by a set of path prefixes. If the resource starts with any one of this prefixes, it is considered to be "inside" the project.

Parameters:

context - the current request context

resourcename - the specified resource name (full path)

Returns:

true, if the specified resource is inside the current project

isManagerOfProject

public boolean isManagerOfProject(CmsRequestContext context)

Checks if the current user has management access to the current project.

Parameters:

context - the current request context

Returns:

true, if the user has management access to the current project

isSubscriptionDriverAvailable

public boolean isSubscriptionDriverAvailable()

Checks whether the subscription driver is available.

Returns:

true if the subscription driver is available

lockResource

public void lockResource(CmsRequestContext context,
 CmsResource resource,
 CmsLockType type)
                  throws CmsException

Locks a resource.

The type parameter controls what kind of lock is used.
Possible values for this parameter are:

• CmsLockType.EXCLUSIVE
• CmsLockType.TEMPORARY
• CmsLockType.PUBLISH

Parameters:

context - the current request context

resource - the resource to lock

type - type of the lock

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.lockResource(String)
• CmsObject.lockResourceTemporary(String)
• I_CmsResourceType.lockResource(CmsObject, CmsSecurityManager, CmsResource, CmsLockType)

loginUser

public CmsUser loginUser(CmsRequestContext context,
 String username,
 String password,
 CmsSecondFactorInfo code,
 String remoteAddress)
                  throws CmsException

Attempts to authenticate a user into OpenCms with the given password.

Parameters:

context - the current request context

username - the name of the user to be logged in

password - the password of the user

code - the additional login information for 2FA

remoteAddress - the ip address of the request

Returns:

the logged in user

Throws:

CmsException - if the login was not successful

lookupPrincipal

public I_CmsPrincipal lookupPrincipal(CmsRequestContext context,
 CmsUUID principalId)

Lookup and read the user or group with the given UUID.

Parameters:

context - the current request context

principalId - the UUID of the principal to lookup

Returns:

the principal (group or user) if found, otherwise null

lookupPrincipal

public I_CmsPrincipal lookupPrincipal(CmsRequestContext context,
 String principalName)

Lookup and read the user or group with the given name.

Parameters:

context - the current request context

principalName - the name of the principal to lookup

Returns:

the principal (group or user) if found, otherwise null

markResourceAsVisitedBy

public void markResourceAsVisitedBy(CmsRequestContext context,
 String poolName,
 CmsResource resource,
 CmsUser user)
                             throws CmsException

Mark the given resource as visited by the user.

Parameters:

context - the request context

poolName - the name of the database pool to use

resource - the resource to mark as visited

user - the user that visited the resource

Throws:

CmsException - if something goes wrong

mergePublishLists

public CmsPublishList mergePublishLists(CmsRequestContext context,
 CmsPublishList pubList1,
 CmsPublishList pubList2)
                                 throws CmsException

Returns a new publish list that contains all resources of both given publish lists.

Parameters:

context - the current request context

pubList1 - the first publish list

pubList2 - the second publish list

Returns:

a new publish list that contains all resources of both given publish lists

Throws:

CmsException - if something goes wrong

See Also:

• CmsPublishManager.mergePublishLists(CmsObject, CmsPublishList, CmsPublishList)

moveResource

public void moveResource(CmsRequestContext context,
 CmsResource source,
 String destination)
                  throws CmsException,
CmsSecurityException

Moves a resource.

You must ensure that the destination path is an absolute, valid and existing VFS path. Relative paths from the source are currently not supported.

The moved resource will always be locked to the current user after the move operation.

In case the target resource already exists, it is overwritten with the source resource.

Parameters:

context - the current request context

source - the resource to copy

destination - the name of the copy destination with complete path

Throws:

CmsException - if something goes wrong

CmsSecurityException - if resource could not be copied

See Also:

• CmsObject.moveResource(String, String)
• I_CmsResourceType.moveResource(CmsObject, CmsSecurityManager, CmsResource, String)

moveToLostAndFound

public String moveToLostAndFound(CmsRequestContext context,
 CmsResource resource,
 boolean returnNameOnly)
                          throws CmsException

Moves a resource to the "lost and found" folder.

The method can also be used to check get the name of a resource in the "lost and found" folder only without actually moving the the resource. To do this, the returnNameOnly flag must be set to true.

In general, it is the same name as the given resource has, the only exception is if a resource in the "lost and found" folder with the same name already exists. In such case, a counter is added to the resource name.

Parameters:

context - the current request context

resource - the resource to apply this operation to

returnNameOnly - if true, only the name of the resource in the "lost and found" folder is returned, the move operation is not really performed

Returns:

the name of the resource inside the "lost and found" folder

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.moveToLostAndFound(String)
• CmsObject.getLostAndFoundName(String)

publishProject

public CmsUUID publishProject(CmsObject cms,
 CmsPublishList publishList,
 I_CmsReport report)
                       throws CmsException

Publishes the resources of a specified publish list.

Parameters:

cms - the current request context

publishList - a publish list

report - an instance of I_CmsReport to print messages

Returns:

the publish history id of the published project

Throws:

CmsException - if something goes wrong

See Also:

• fillPublishList(CmsRequestContext, CmsPublishList)

readAliasByPath

public CmsAlias readAliasByPath(CmsRequestContext context,
 String siteRoot,
 String path)
                         throws CmsException

Reads the alias with a given path in a given site.

Parameters:

context - the current request context

siteRoot - the site root

path - the site relative alias path

Returns:

the alias for the path, or null if no such alias exists

Throws:

CmsException - if something goes wrong

readAliasesById

public List<CmsAlias> readAliasesById(CmsRequestContext context,
 CmsUUID structureId)
                               throws CmsException

Reads the aliases for a resource with a given structure id.

Parameters:

context - the current request context

structureId - the structure id for which the aliases should be read

Returns:

the aliases for the structure id

Throws:

CmsException - if something goes wrong

readAllAvailableVersions

public List<I_CmsHistoryResource> readAllAvailableVersions(CmsRequestContext context,
 CmsResource resource)
                                                    throws CmsException

Reads all historical versions of a resource.

The reading excludes the file content, if the resource is a file.

Parameters:

context - the current request context

resource - the resource to be read

Returns:

a list of historical versions, as I_CmsHistoryResource objects

Throws:

CmsException - if something goes wrong

readAllPropertyDefinitions

public List<CmsPropertyDefinition> readAllPropertyDefinitions(CmsRequestContext context)
                                                       throws CmsException

Reads all property definitions for the given mapping type.

Parameters:

context - the current request context

Returns:

a list with the CmsPropertyDefinition objects (may be empty)

Throws:

CmsException - if something goes wrong

readAllSubscribedResources

public List<CmsResource> readAllSubscribedResources(CmsRequestContext context,
 String poolName,
 CmsPrincipal principal)
                                             throws CmsException

Returns all resources subscribed by the given user or group.

Parameters:

context - the request context

poolName - the name of the database pool to use

principal - the principal to read the subscribed resources

Returns:

all resources subscribed by the given user or group

Throws:

CmsException - if something goes wrong

readAllUrlNameMappingEntries

public List<String> readAllUrlNameMappingEntries(CmsRequestContext context,
 CmsUUID id)
                                          throws CmsException

Reads all URL name mapping entries for a given structure id.

Parameters:

context - the request context

id - the structure id

Returns:

the list of URL names for the given structure id

Throws:

CmsException - if something goes wrong

readAncestor

public CmsFolder readAncestor(CmsRequestContext context,
 CmsResource resource,
 CmsResourceFilter filter)
                       throws CmsException

Returns the first ancestor folder matching the filter criteria.

If no folder matching the filter criteria is found, null is returned.

Parameters:

context - the context of the current request

resource - the resource to start

filter - the resource filter to match while reading the ancestors

Returns:

the first ancestor folder matching the filter criteria or null if no folder was found

Throws:

CmsException - if something goes wrong

readBestUrlName

public String readBestUrlName(CmsRequestContext context,
 CmsUUID id,
 Locale locale,
 List<Locale> defaultLocales)
                       throws CmsException

Reads the newest URL name which is mapped to the given structure id.

If the structure id is not mapped to any name, null will be returned.

Parameters:

context - the request context

id - the structure id for which the newest mapped name should be returned

locale - the locale for the mapping

defaultLocales - the default locales to use if there is no URL name mapping for the requested locale

Returns:

an URL name or null

Throws:

CmsException - if something goes wrong

readChildResources

public List<CmsResource> readChildResources(CmsRequestContext context,
 CmsResource resource,
 CmsResourceFilter filter,
 boolean getFolders,
 boolean getFiles)
                                     throws CmsException,
CmsSecurityException

Returns the child resources of a resource, that is the resources contained in a folder.

With the parameters getFolders and getFiles you can control what type of resources you want in the result list: files, folders, or both.

This method is mainly used by the workplace explorer.

Parameters:

context - the current request context

resource - the resource to return the child resources for

filter - the resource filter to use

getFolders - if true the child folders are included in the result

getFiles - if true the child files are included in the result

Returns:

a list of all child resources

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (read is required)

readDefaultFile

public CmsResource readDefaultFile(CmsRequestContext context,
 CmsResource resource,
 CmsResourceFilter resourceFilter)
                            throws CmsSecurityException

Returns the default file for the given folder.

If the given resource is a file, then this file is returned.

Otherwise, in case of a folder:

1. the CmsPropertyDefinition.PROPERTY_DEFAULT_FILE is checked, and
2. if still no file could be found, the configured default files in the opencms-vfs.xml configuration are iterated until a match is found, and
3. if still no file could be found, null is returned

Parameters:

context - the request context

resource - the folder to get the default file for

resourceFilter - the resource filter

Returns:

the default file for the given folder

Throws:

CmsSecurityException - if the user has no permissions to read the resulting file

See Also:

• CmsObject.readDefaultFile(String)

readDeletedResources

public List<I_CmsHistoryResource> readDeletedResources(CmsRequestContext context,
 CmsResource resource,
 boolean readTree)
                                                throws CmsException

Reads all deleted (historical) resources below the given path, including the full tree below the path, if required.

Parameters:

context - the current request context

resource - the parent resource to read the resources from

readTree - true to read all subresources

Returns:

a list of I_CmsHistoryResource objects

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.readResource(CmsUUID, int)
• CmsObject.readResources(String, CmsResourceFilter, boolean)
• CmsObject.readDeletedResources(String, boolean)

readFile

public CmsFile readFile(CmsRequestContext context,
 CmsResource resource)
                 throws CmsException

Reads a file resource (including it's binary content) from the VFS.

In case you do not need the file content, use readResource(CmsRequestContext, String, CmsResourceFilter) instead.

Parameters:

context - the current request context

resource - the resource to be read

Returns:

the file read from the VFS

Throws:

CmsException - if something goes wrong

readFolder

public CmsFolder readFolder(CmsRequestContext context,
 String resourcename,
 CmsResourceFilter filter)
                     throws CmsException

Reads a folder resource from the VFS, using the specified resource filter.

The specified filter controls what kind of resources should be "found" during the read operation. This will depend on the application. For example, using CmsResourceFilter.DEFAULT will only return currently "valid" resources, while using CmsResourceFilter.IGNORE_EXPIRATION will ignore the date release / date expired information of the resource.

Parameters:

context - the current request context

resourcename - the name of the folder to read (full path)

filter - the resource filter to use while reading

Returns:

the folder that was read

Throws:

CmsException - if something goes wrong

readGroup

public CmsGroup readGroup(CmsRequestContext context,
 CmsProject project)

Reads the group of a project.

Parameters:

context - the current request context

project - the project to read from

Returns:

the group of a resource

readGroup

public CmsGroup readGroup(CmsRequestContext context,
 CmsUUID groupId)
                   throws CmsException

Reads a group based on its id.

Parameters:

context - the current request context

groupId - the id of the group that is to be read

Returns:

the requested group

Throws:

CmsException - if operation was not successful

readGroup

public CmsGroup readGroup(CmsRequestContext context,
 String groupname)
                   throws CmsException

Reads a group based on its name.

Parameters:

context - the current request context

groupname - the name of the group that is to be read

Returns:

the requested group

Throws:

CmsException - if operation was not successful

readHistoricalPrincipal

public CmsHistoryPrincipal readHistoricalPrincipal(CmsRequestContext context,
 CmsUUID principalId)
                                            throws CmsException

Reads a principal (an user or group) from the historical archive based on its ID.

Parameters:

context - the current request context

principalId - the id of the principal to read

Returns:

the historical principal entry with the given id

Throws:

CmsException - if something goes wrong, ie. CmsDbEntryNotFoundException

See Also:

• CmsObject.readUser(CmsUUID)
• CmsObject.readGroup(CmsUUID)
• CmsObject.readHistoryPrincipal(CmsUUID)

readHistoryProject

public CmsHistoryProject readHistoryProject(CmsRequestContext context,
 CmsUUID projectId)
                                     throws CmsException

Returns the latest historical project entry with the given id.

Parameters:

context - the current request context

projectId - the project id

Returns:

the requested historical project entry

Throws:

CmsException - if something goes wrong

readHistoryProject

public CmsHistoryProject readHistoryProject(CmsRequestContext context,
 int publishTag)
                                     throws CmsException

Returns a historical project entry.

Parameters:

context - the current request context

publishTag - the publish tag of the project

Returns:

the requested historical project entry

Throws:

CmsException - if something goes wrong

readHistoryPropertyObjects

public List<CmsProperty> readHistoryPropertyObjects(CmsRequestContext context,
 I_CmsHistoryResource resource)
                                             throws CmsException

Reads the list of all CmsProperty objects that belong to the given historical resource.

Parameters:

context - the current request context

resource - the historical resource entry to read the properties for

Returns:

the list of CmsProperty objects

Throws:

CmsException - if something goes wrong

readIdForUrlName

public CmsUUID readIdForUrlName(CmsRequestContext context,
 String name)
                         throws CmsException

Reads the structure id which is mapped to the given URL name, or null if the name is not mapped to any structure IDs.

Parameters:

context - the request context

name - an URL name

Returns:

the structure ID which is mapped to the given name

Throws:

CmsException - if something goes wrong

readLocks

public void readLocks()
               throws CmsException

Reads the locks that were saved to the database in the previous run of OpenCms.

Throws:

CmsException - if something goes wrong

readManagerGroup

public CmsGroup readManagerGroup(CmsRequestContext context,
 CmsProject project)

Reads the manager group of a project.

Parameters:

context - the current request context

project - the project to read from

Returns:

the group of a resource

readOrganizationalUnit

public CmsOrganizationalUnit readOrganizationalUnit(CmsRequestContext context,
 String ouFqn)
                                             throws CmsException

Reads an organizational Unit based on its fully qualified name.

Parameters:

context - the current request context

ouFqn - the fully qualified name of the organizational Unit to be read

Returns:

the organizational Unit that with the provided fully qualified name

Throws:

CmsException - if something goes wrong

readOwner

public CmsUser readOwner(CmsRequestContext context,
 CmsProject project)
                  throws CmsException

Reads the owner of a project from the OpenCms.

Parameters:

context - the current request context

project - the project to get the owner from

Returns:

the owner of a resource

Throws:

CmsException - if something goes wrong

readParentFolder

public CmsResource readParentFolder(CmsRequestContext context,
 CmsUUID structureId)
                             throws CmsException

Returns the parent folder to the given structure id.

Parameters:

context - the current request context

structureId - the child structure id

Returns:

the parent folder CmsResource

Throws:

CmsException - if something goes wrong

readPath

public List<CmsResource> readPath(CmsRequestContext context,
 String path,
 CmsResourceFilter filter)
                           throws CmsException

Builds a list of resources for a given path.

Parameters:

context - the current request context

path - the requested path

filter - a filter object (only "includeDeleted" information is used!)

Returns:

list of CmsResources

Throws:

CmsException - if something goes wrong

readProject

public CmsProject readProject(CmsUUID id)
                       throws CmsException

Reads a project given the projects id.

Parameters:

id - the id of the project

Returns:

the project read

Throws:

CmsException - if something goes wrong

readProject

public CmsProject readProject(String name)
                       throws CmsException

Reads a project.

Important: Since a project name can be used multiple times, this is NOT the most efficient way to read the project. This is only a convenience for front end developing. Reading a project by name will return the first project with that name. All core classes must use the id version readProject(CmsUUID) to ensure the right project is read.

Parameters:

name - the name of the project

Returns:

the project read

Throws:

CmsException - if something goes wrong

readProjectResources

public List<String> readProjectResources(CmsRequestContext context,
 CmsProject project)
                                  throws CmsException

Returns the list of all resource names that define the "view" of the given project.

Parameters:

context - the current request context

project - the project to get the project resources for

Returns:

the list of all resources, as String objects that define the "view" of the given project

Throws:

CmsException - if something goes wrong

readProjectView

public List<CmsResource> readProjectView(CmsRequestContext context,
 CmsUUID projectId,
 CmsResourceState state)
                                  throws CmsException

Reads all resources of a project that match a given state from the VFS.

Possible values for the state parameter are:

• CmsResource.STATE_CHANGED: Read all "changed" resources in the project
• CmsResource.STATE_NEW: Read all "new" resources in the project
• CmsResource.STATE_DELETED: Read all "deleted" resources in the project
• CmsResource.STATE_KEEP: Read all resources either "changed", "new" or "deleted" in the project

Parameters:

context - the current request context

projectId - the id of the project to read the file resources for

state - the resource state to match

Returns:

a list of CmsResource objects matching the filter criteria

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.readProjectView(CmsUUID, CmsResourceState)

readPropertyDefinition

public CmsPropertyDefinition readPropertyDefinition(CmsRequestContext context,
 String name)
                                             throws CmsException

Reads a property definition.

If no property definition with the given name is found, null is returned.

Parameters:

context - the current request context

name - the name of the property definition to read

Returns:

the property definition that was read

Throws:

CmsException - a CmsDbEntryNotFoundException is thrown if the property definition does not exist

readPropertyObject

public CmsProperty readPropertyObject(CmsRequestContext context,
 CmsResource resource,
 String key,
 boolean search)
                               throws CmsException

Reads a property object from a resource specified by a property name.

Returns CmsProperty.getNullProperty() if the property is not found.

Parameters:

context - the context of the current request

resource - the resource where the property is mapped to

key - the property key name

search - if true, the property is searched on all parent folders of the resource. if it's not found attached directly to the resource.

Returns:

the required property, or CmsProperty.getNullProperty() if the property was not found

Throws:

CmsException - if something goes wrong

readPropertyObject

public CmsProperty readPropertyObject(CmsRequestContext context,
 CmsResource resource,
 String key,
 boolean search,
 Locale locale)
                               throws CmsException

Reads a property object from a resource specified by a property name.

Returns CmsProperty.getNullProperty() if the property is not found.

Parameters:

context - the context of the current request

resource - the resource where the property is mapped to

key - the property key name

search - if true, the property is searched on all parent folders of the resource. if it's not found attached directly to the resource.

locale - the locale for which the property should be read.

Returns:

the required property, or CmsProperty.getNullProperty() if the property was not found

Throws:

CmsException - if something goes wrong

readPropertyObjects

public List<CmsProperty> readPropertyObjects(CmsRequestContext context,
 CmsResource resource,
 boolean search)
                                      throws CmsException

Reads all property objects from a resource.

Returns an empty list if no properties are found.

If the search parameter is true, the properties of all parent folders of the resource are also read. The results are merged with the properties directly attached to the resource. While merging, a property on a parent folder that has already been found will be ignored. So e.g. if a resource has a property "Title" attached, and it's parent folder has the same property attached but with a different value, the result list will contain only the property with the value from the resource, not form the parent folder(s).

Parameters:

context - the context of the current request

resource - the resource where the property is mapped to

search - true, if the properties should be searched on all parent folders if not found on the resource

Returns:

a list of CmsProperty objects

Throws:

CmsException - if something goes wrong

readPublishedResources

public List<CmsPublishedResource> readPublishedResources(CmsRequestContext context,
 CmsUUID publishHistoryId)
                                                  throws CmsException

Reads the resources that were published in a publish task for a given publish history ID.

Parameters:

context - the current request context

publishHistoryId - unique ID to identify each publish task in the publish history

Returns:

a list of CmsPublishedResource objects

Throws:

CmsException - if something goes wrong

readResource

public I_CmsHistoryResource readResource(CmsRequestContext context,
 CmsResource resource,
 int version)
                                  throws CmsException

Reads the historical resource entry for the given resource with the given version number.

Parameters:

context - the current request context

resource - the resource to be read the version for

version - the version number to retrieve

Returns:

the resource that was read

Throws:

CmsException - if the resource could not be read for any reason

See Also:

• CmsObject.readFile(CmsResource)
• CmsObject.restoreResourceVersion(CmsUUID, int)
• CmsObject.readResource(CmsUUID, int)

readResource

public CmsResource readResource(CmsRequestContext context,
 CmsUUID structureID,
 CmsResourceFilter filter)
                         throws CmsException

Reads a resource from the VFS, using the specified resource filter.

A resource may be of type CmsFile or CmsFolder. In case of a file, the resource will not contain the binary file content. Since reading the binary content is a cost-expensive database operation, it's recommended to work with resources if possible, and only read the file content when absolutely required. To "upgrade" a resource to a file, use CmsObject.readFile(CmsResource).

The specified filter controls what kind of resources should be "found" during the read operation. This will depend on the application. For example, using CmsResourceFilter.DEFAULT will only return currently "valid" resources, while using CmsResourceFilter.IGNORE_EXPIRATION will ignore the date release / date expired information of the resource.

Parameters:

context - the current request context

structureID - the ID of the structure which will be used)

filter - the resource filter to use while reading

Returns:

the resource that was read

Throws:

CmsException - if the resource could not be read for any reason

See Also:

• CmsObject.readResource(CmsUUID, CmsResourceFilter)
• CmsObject.readResource(CmsUUID)
• CmsObject.readFile(CmsResource)

readResource

public CmsResource readResource(CmsRequestContext context,
 String resourcePath,
 CmsResourceFilter filter)
                         throws CmsException

Reads a resource from the VFS, using the specified resource filter.

A resource may be of type CmsFile or CmsFolder. In case of a file, the resource will not contain the binary file content. Since reading the binary content is a cost-expensive database operation, it's recommended to work with resources if possible, and only read the file content when absolutely required. To "upgrade" a resource to a file, use CmsObject.readFile(CmsResource).

The specified filter controls what kind of resources should be "found" during the read operation. This will depend on the application. For example, using CmsResourceFilter.DEFAULT will only return currently "valid" resources, while using CmsResourceFilter.IGNORE_EXPIRATION will ignore the date release / date expired information of the resource.

Parameters:

context - the current request context

resourcePath - the name of the resource to read (full path)

filter - the resource filter to use while reading

Returns:

the resource that was read

Throws:

CmsException - if the resource could not be read for any reason

See Also:

• CmsObject.readResource(String, CmsResourceFilter)
• CmsObject.readResource(String)
• CmsObject.readFile(CmsResource)

readResources

public List<CmsResource> readResources(CmsRequestContext context,
 CmsResource parent,
 CmsResourceFilter filter,
 boolean readTree)
                                throws CmsException,
CmsSecurityException

Reads all resources below the given path matching the filter criteria, including the full tree below the path only in case the readTree parameter is true.

Parameters:

context - the current request context

parent - the parent path to read the resources from

filter - the filter

readTree - true to read all subresources

Returns:

a list of CmsResource objects matching the filter criteria

Throws:

CmsSecurityException - if the user has insufficient permission for the given resource (read is required)

CmsException - if something goes wrong

readResourcesVisitedBy

public List<CmsResource> readResourcesVisitedBy(CmsRequestContext context,
 String poolName,
 CmsVisitedByFilter filter)
                                         throws CmsException

Returns the resources that were visited by a user set in the filter.

Parameters:

context - the request context

poolName - the name of the database pool to use

filter - the filter that is used to get the visited resources

Returns:

the resources that were visited by a user set in the filter

Throws:

CmsException - if something goes wrong

readResourcesWithProperty

public List<CmsResource> readResourcesWithProperty(CmsRequestContext context,
 CmsResource folder,
 String propertyDefinition,
 String value,
 CmsResourceFilter filter)
                                            throws CmsException

Reads all resources that have a value (containing the specified value) set for the specified property (definition) in the given path.

If the value parameter is null, all resources having the given property set are returned.

Both individual and shared properties of a resource are checked.

Parameters:

context - the current request context

folder - the folder to get the resources with the property from

propertyDefinition - the name of the property (definition) to check for

value - the string to search in the value of the property

filter - the resource filter to apply to the result set

Returns:

a list of all CmsResource objects that have a value set for the specified property.

Throws:

CmsException - if something goes wrong

readResponsiblePrincipals

public Set<I_CmsPrincipal> readResponsiblePrincipals(CmsRequestContext context,
 CmsResource resource)
                                              throws CmsException

Returns a set of users that are responsible for a specific resource.

Parameters:

context - the current request context

resource - the resource to get the responsible users from

Returns:

the set of users that are responsible for a specific resource

Throws:

CmsException - if something goes wrong

readResponsibleUsers

public Set<CmsUser> readResponsibleUsers(CmsRequestContext context,
 CmsResource resource)
                                  throws CmsException

Returns a set of users that are responsible for a specific resource.

Parameters:

context - the current request context

resource - the resource to get the responsible users from

Returns:

the set of users that are responsible for a specific resource

Throws:

CmsException - if something goes wrong

readSiblings

public List<CmsResource> readSiblings(CmsRequestContext context,
 CmsResource resource,
 CmsResourceFilter filter)
                               throws CmsException

Returns a List of all siblings of the specified resource, the specified resource being always part of the result set.

Parameters:

context - the request context

resource - the specified resource

filter - a filter object

Returns:

a list of CmsResources that are siblings to the specified resource, including the specified resource itself

Throws:

CmsException - if something goes wrong

readStaticExportPublishedResourceParameters

public String readStaticExportPublishedResourceParameters(CmsRequestContext context,
 String rfsName)
                                                   throws CmsException

Returns the parameters of a resource in the table of all published template resources.

Parameters:

context - the current request context

rfsName - the rfs name of the resource

Returns:

the parameter string of the requested resource

Throws:

CmsException - if something goes wrong

readStaticExportResources

public List<String> readStaticExportResources(CmsRequestContext context,
 int parameterResources,
 long timestamp)
                                       throws CmsException

Returns a list of all template resources which must be processed during a static export.

Parameters:

context - the current request context

parameterResources - flag for reading resources with parameters (1) or without (0)

timestamp - for reading the data from the db

Returns:

a list of template resources as String objects

Throws:

CmsException - if something goes wrong

readSubscribedDeletedResources

public List<I_CmsHistoryResource> readSubscribedDeletedResources(CmsRequestContext context,
 String poolName,
 CmsUser user,
 List<CmsGroup> groups,
 CmsResource parent,
 boolean includeSubFolders,
 long deletedFrom)
                                                          throws CmsException

Returns the subscribed history resources that were deleted.

Parameters:

context - the request context

poolName - the name of the database pool to use

user - the user that subscribed to the resource

groups - the groups to check subscribed resources for

parent - the parent resource (folder) of the deleted resources, if null all deleted resources will be returned

includeSubFolders - indicates if the sub folders of the specified folder path should be considered, too

deletedFrom - the time stamp from which the resources should have been deleted

Returns:

the subscribed history resources that were deleted

Throws:

CmsException - if something goes wrong

readSubscribedResources

public List<CmsResource> readSubscribedResources(CmsRequestContext context,
 String poolName,
 CmsSubscriptionFilter filter)
                                          throws CmsException

Returns the resources that were subscribed by a user or group set in the filter.

Parameters:

context - the request context

poolName - the name of the database pool to use

filter - the filter that is used to get the subscribed resources

Returns:

the resources that were subscribed by a user or group set in the filter

Throws:

CmsException - if something goes wrong

readUrlNameMappings

public List<CmsUrlNameMappingEntry> readUrlNameMappings(CmsRequestContext context,
 CmsUrlNameMappingFilter filter)
                                                 throws CmsException

Reads the URL name mappings matching a given filter.

Parameters:

context - the current request context

filter - the filter to match

Returns:

the matching URL name mappings

Throws:

CmsException - if something goes wrong

readUrlNamesForAllLocales

public List<String> readUrlNamesForAllLocales(CmsRequestContext context,
 CmsUUID id)
                                       throws CmsException

Reads the newest URL names of a structure id for all locales.

Parameters:

context - the current context

id - a structure id

Returns:

the list of URL names for all

Throws:

CmsException - if something goes wrong

readUser

public CmsUser readUser(CmsRequestContext context,
 CmsUUID id)
                 throws CmsException

Returns a user object based on the id of a user.

Parameters:

context - the current request context

id - the id of the user to read

Returns:

the user read

Throws:

CmsException - if something goes wrong

readUser

public CmsUser readUser(CmsRequestContext context,
 String username)
                 throws CmsException

Returns a user object.

Parameters:

context - the current request context

username - the name of the user that is to be read

Returns:

user read form the cms

Throws:

CmsException - if operation was not successful

readUser

public CmsUser readUser(CmsRequestContext context,
 String username,
 String password)
                 throws CmsException

Returns a user object if the password for the user is correct.

If the user/password pair is not valid a CmsException is thrown.

Parameters:

context - the current request context

username - the user name of the user that is to be read

password - the password of the user that is to be read

Returns:

user read

Throws:

CmsException - if operation was not successful

removeAccessControlEntry

public void removeAccessControlEntry(CmsRequestContext context,
 CmsResource resource,
 CmsUUID principal)
                              throws CmsException,
CmsSecurityException

Removes an access control entry for a given resource and principal.

Parameters:

context - the current request context

resource - the resource

principal - the id of the principal to remove the the access control entry for

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (control of access control is required).

removeResourceFromOrgUnit

public void removeResourceFromOrgUnit(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 CmsResource resource)
                               throws CmsException

Removes a resource from the given organizational unit.

Parameters:

context - the current request context

orgUnit - the organizational unit to remove the resource from

resource - the resource that is to be removed from the organizational unit

Throws:

CmsException - if something goes wrong

See Also:

• CmsOrgUnitManager.addResourceToOrgUnit(CmsObject, String, String)
• CmsOrgUnitManager.addResourceToOrgUnit(CmsObject, String, String)

removeResourceFromProject

public void removeResourceFromProject(CmsRequestContext context,
 CmsResource resource)
                               throws CmsException,
CmsRoleViolationException

Removes a resource from the current project of the user.

Parameters:

context - the current request context

resource - the resource to apply this operation to

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the current user does not have management access to the project

See Also:

• I_CmsResourceType.copyResourceToProject(CmsObject, CmsSecurityManager, CmsResource)

removeResourceFromUsersPubList

public void removeResourceFromUsersPubList(CmsRequestContext context,
 Collection<CmsUUID> structureIds)
                                    throws CmsException

Removes the given resource to the given user's publish list.

Parameters:

context - the request context

structureIds - the collection of structure IDs to remove

Throws:

CmsException - if something goes wrong

removeUserFromGroup

public void removeUserFromGroup(CmsRequestContext context,
 String username,
 String groupname,
 boolean readRoles)
                         throws CmsException,
CmsRoleViolationException

Removes a user from a group.

Parameters:

context - the current request context

username - the name of the user that is to be removed from the group

groupname - the name of the group

readRoles - if to read roles or groups

Throws:

CmsException - if operation was not successful

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER

replaceResource

public void replaceResource(CmsRequestContext context,
 CmsResource resource,
 int type,
 byte[] content,
 List<CmsProperty> properties)
                     throws CmsException,
CmsSecurityException

Replaces the content, type and properties of a resource.

Parameters:

context - the current request context

resource - the name of the resource to apply this operation to

type - the new type of the resource

content - the new content of the resource

properties - the new properties of the resource

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (write access permission is required)

See Also:

• CmsObject.replaceResource(String, int, byte[], List)
• I_CmsResourceType.replaceResource(CmsObject, CmsSecurityManager, CmsResource, int, byte[], List)

resetPassword

public void resetPassword(CmsRequestContext context,
 String username,
 String oldPassword,
 CmsSecondFactorInfo secondFactor,
 String newPassword)
                   throws CmsException,
CmsSecurityException

Resets the password for a specified user.

Parameters:

context - the current request context

username - the name of the user

oldPassword - the old password

secondFactor - the additional information for 2FA

newPassword - the new password

Throws:

CmsException - if the user data could not be read from the database

CmsSecurityException - if the specified user name and old password could not be verified

resourceOriginalPath

public String resourceOriginalPath(CmsRequestContext context,
 CmsResource resource)
                            throws CmsException

Returns the original path of given resource, that is the online path for the resource.

If it differs from the offline path, the resource has been moved.

Parameters:

context - the current request context

resource - the resource to get the path for

Returns:

the online path

Throws:

CmsException - if something goes wrong

See Also:

• CmsUndoChanges.resourceOriginalPath(CmsObject, String)

restoreDeletedResource

public void restoreDeletedResource(CmsRequestContext context,
 CmsUUID structureId)
                            throws CmsException

Restores a deleted resource identified by its structure id from the historical archive.

Parameters:

context - the current request context

structureId - the structure id of the resource to restore

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.restoreDeletedResource(CmsUUID)

restoreResource

public void restoreResource(CmsRequestContext context,
 CmsResource resource,
 int version)
                     throws CmsException,
CmsSecurityException

Restores a resource in the current project with the given version from the historical archive.

Parameters:

context - the current request context

resource - the resource to restore from the archive

version - the version number to restore

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (write access permission is required)

See Also:

• CmsObject.restoreResourceVersion(CmsUUID, int)
• I_CmsResourceType.restoreResource(CmsObject, CmsSecurityManager, CmsResource, int)

saveAliases

public void saveAliases(CmsRequestContext context,
 CmsResource resource,
 List<CmsAlias> aliases)
                 throws CmsException

Saves the aliases for a given resource.

This method completely replaces any existing aliases for the same structure id.

Parameters:

context - the request context

resource - the resource for which the aliases should be written

aliases - the list of aliases to write, where all aliases must have the same structure id as the resource

Throws:

CmsException - if something goes wrong

saveRewriteAliases

public void saveRewriteAliases(CmsRequestContext requestContext,
 String siteRoot,
 List<CmsRewriteAlias> newAliases)
                        throws CmsException

Replaces the rewrite aliases for a given site root.

Parameters:

requestContext - the current request context

siteRoot - the site root for which the rewrite aliases should be replaced

newAliases - the new list of aliases for the given site root

Throws:

CmsException - if something goes wrong

searchUsers

public List<CmsUser> searchUsers(CmsRequestContext requestContext,
 CmsUserSearchParameters searchParams)
                          throws CmsException

Searches users by search criteria.

Parameters:

requestContext - the request context

searchParams - the search criteria object

Returns:

a list of users

Throws:

CmsException - if something goes wrong

setDateExpired

public void setDateExpired(CmsRequestContext context,
 CmsResource resource,
 long dateExpired)
                    throws CmsException,
CmsSecurityException

Changes the "expire" date of a resource.

Parameters:

context - the current request context

resource - the resource to touch

dateExpired - the new expire date of the changed resource

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (write access permission is required)

See Also:

• CmsObject.setDateExpired(String, long, boolean)
• I_CmsResourceType.setDateExpired(CmsObject, CmsSecurityManager, CmsResource, long, boolean)

setDateLastModified

public void setDateLastModified(CmsRequestContext context,
 CmsResource resource,
 long dateLastModified)
                         throws CmsException,
CmsSecurityException

Changes the "last modified" time stamp of a resource.

Parameters:

context - the current request context

resource - the resource to touch

dateLastModified - the new time stamp of the changed resource

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (write access permission is required)

See Also:

• CmsObject.setDateLastModified(String, long, boolean)
• I_CmsResourceType.setDateLastModified(CmsObject, CmsSecurityManager, CmsResource, long, boolean)

setDateReleased

public void setDateReleased(CmsRequestContext context,
 CmsResource resource,
 long dateReleased)
                     throws CmsException,
CmsSecurityException

Changes the "release" date of a resource.

Parameters:

context - the current request context

resource - the resource to touch

dateReleased - the new release date of the changed resource

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (write access permission is required)

See Also:

• CmsObject.setDateReleased(String, long, boolean)
• I_CmsResourceType.setDateReleased(CmsObject, CmsSecurityManager, CmsResource, long, boolean)

setParentGroup

public void setParentGroup(CmsRequestContext context,
 String groupName,
 String parentGroupName)
                    throws CmsException,
CmsRoleViolationException

Sets a new parent-group for an already existing group.

Parameters:

context - the current request context

groupName - the name of the group that should be written

parentGroupName - the name of the parent group to set, or null if the parent group should be deleted.

Throws:

CmsException - if operation was not successful

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER

setPassword

public void setPassword(CmsRequestContext context,
 String username,
 String newPassword)
                 throws CmsException,
CmsRoleViolationException

Sets the password for a user.

Parameters:

context - the current request context

username - the name of the user

newPassword - the new password

Throws:

CmsException - if operation was not successful

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER

setRestricted

public void setRestricted(CmsRequestContext context,
 CmsResource resource,
 CmsGroup group,
 boolean restricted)
                   throws CmsException

Sets/clears the 'restricted' status for the given resource and group.

The 'restricted' status causes files to be inaccessible to users who are not in the group if the file is expired or unreleased.

It is implemented as an access control entry with the 'responsible' flag, but the permission check for this method is different from the chacc() methods: It doesn't require control permissions on the target resource, but the user has to be a member of the given group and have write access to the resource.

Parameters:

context - the current request context

resource - the target resource

group - a group (current user must be a member)

restricted - true if the restriction status should be set

Throws:

CmsException - if something goes wrong

setSubscribedResourceAsDeleted

public void setSubscribedResourceAsDeleted(CmsRequestContext context,
 String poolName,
 CmsResource resource)
                                    throws CmsException

Marks a subscribed resource as deleted.

Parameters:

context - the request context

poolName - the name of the database pool to use

resource - the subscribed resource to mark as deleted

Throws:

CmsException - if something goes wrong

setUsersOrganizationalUnit

public void setUsersOrganizationalUnit(CmsRequestContext context,
 CmsOrganizationalUnit orgUnit,
 CmsUser user)
                                throws CmsException

Moves an user to the given organizational unit.

Parameters:

context - the current request context

orgUnit - the organizational unit to add the principal to

user - the user that is to be move to the organizational unit

Throws:

CmsException - if something goes wrong

See Also:

• CmsOrgUnitManager.setUsersOrganizationalUnit(CmsObject, String, String)

subscribeResourceFor

public void subscribeResourceFor(CmsRequestContext context,
 String poolName,
 CmsPrincipal principal,
 CmsResource resource)
                          throws CmsException

Subscribes the user or group to the resource.

Parameters:

context - the request context

poolName - the name of the database pool to use

principal - the principal that subscribes to the resource

resource - the resource to subscribe to

Throws:

CmsException - if something goes wrong

undelete

public void undelete(CmsRequestContext context,
 CmsResource resource)
              throws CmsException

Undelete the resource by resetting it's state.

Parameters:

context - the current request context

resource - the name of the resource to apply this operation to

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.undeleteResource(String, boolean)
• I_CmsResourceType.undelete(CmsObject, CmsSecurityManager, CmsResource, boolean)

undoChanges

public void undoChanges(CmsRequestContext context,
 CmsResource resource,
 CmsResource.CmsResourceUndoMode mode)
                 throws CmsException,
CmsSecurityException

Undos all changes in the resource by restoring the version from the online project to the current offline project.

Parameters:

context - the current request context

resource - the name of the resource to apply this operation to

mode - the undo mode, one of the CmsResource#UNDO_XXX constants

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (write access permission is required)

See Also:

• CmsObject.undoChanges(String, CmsResource.CmsResourceUndoMode)
• I_CmsResourceType.undoChanges(CmsObject, CmsSecurityManager, CmsResource, CmsResource.CmsResourceUndoMode)

unlockProject

public void unlockProject(CmsRequestContext context,
 CmsUUID projectId)
                   throws CmsException,
CmsRoleViolationException

Unlocks all resources in this project.

Parameters:

context - the current request context

projectId - the id of the project to be published

Throws:

CmsException - if something goes wrong

CmsRoleViolationException - if the current user does not own the required permissions

unlockResource

public void unlockResource(CmsRequestContext context,
 CmsResource resource)
                    throws CmsException,
CmsSecurityException

Unlocks a resource.

Parameters:

context - the current request context

resource - the resource to unlock

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (write access permission is required)

See Also:

• CmsObject.unlockResource(String)
• I_CmsResourceType.unlockResource(CmsObject, CmsSecurityManager, CmsResource)

unsubscribeAllDeletedResources

public void unsubscribeAllDeletedResources(CmsRequestContext context,
 String poolName,
 long deletedTo)
                                    throws CmsException

Unsubscribes all deleted resources that were deleted before the specified time stamp.

Parameters:

context - the request context

poolName - the name of the database pool to use

deletedTo - the time stamp to which the resources have been deleted

Throws:

CmsException - if something goes wrong

unsubscribeAllResourcesFor

public void unsubscribeAllResourcesFor(CmsRequestContext context,
 String poolName,
 CmsPrincipal principal)
                                throws CmsException

Unsubscribes the user or group from all resources.

Parameters:

context - the request context

poolName - the name of the database pool to use

principal - the principal that unsubscribes from all resources

Throws:

CmsException - if something goes wrong

unsubscribeResourceFor

public void unsubscribeResourceFor(CmsRequestContext context,
 String poolName,
 CmsPrincipal principal,
 CmsResource resource)
                            throws CmsException

Unsubscribes the principal from the resource.

Parameters:

context - the request context

poolName - the name of the database pool to use

principal - the principal that unsubscribes from the resource

resource - the resource to unsubscribe from

Throws:

CmsException - if something goes wrong

unsubscribeResourceForAll

public void unsubscribeResourceForAll(CmsRequestContext context,
 String poolName,
 CmsResource resource)
                               throws CmsException

Unsubscribes all groups and users from the resource.

Parameters:

context - the request context

poolName - the name of the database pool to use

resource - the resource to unsubscribe all groups and users from

Throws:

CmsException - if something goes wrong

updateLastLoginDate

public void updateLastLoginDate(CmsRequestContext context,
 CmsUser user)
                         throws CmsException,
CmsRoleViolationException

Updates the last login date on the given user to the current time.

Parameters:

context - the current request context

user - the user to be updated

Throws:

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER for the current project

CmsException - if operation was not successful

updateLog

public void updateLog()
               throws CmsException

Logs everything that has not been written to DB jet.

Throws:

CmsException - if something goes wrong

updateRelationsForResource

public void updateRelationsForResource(CmsRequestContext context,
 CmsResource resource,
 List<CmsLink> relations,
 boolean updateSiblingState)
                                throws CmsException

Updates/Creates the relations for the given resource.

Parameters:

context - the current user context

resource - the resource to update the relations for

relations - the relations to update

updateSiblingState - if true, sets the state of siblings with changed relations to 'changed' (unless they are new or deleted)

Throws:

CmsException - if something goes wrong

See Also:

• CmsDriverManager#updateRelationsForResource(CmsDbContext, CmsResource, List)

userInGroup

public boolean userInGroup(CmsRequestContext context,
 String username,
 String groupname)
                    throws CmsException

Tests if a user is member of the given group.

Parameters:

context - the current request context

username - the name of the user to check

groupname - the name of the group to check

Returns:

true, if the user is in the group; or false otherwise

Throws:

CmsException - if operation was not successful

validatePassword

public void validatePassword(String password)
                      throws CmsSecurityException

Checks if a new password follows the rules for new passwords, which are defined by a Class implementing the I_CmsPasswordHandler interface and configured in the opencms.properties file.

If this method throws no exception the password is valid.

Parameters:

password - the new password that has to be checked

Throws:

CmsSecurityException - if the password is not valid

validateRelations

public Map<String,List<CmsRelation>> validateRelations(CmsRequestContext context,
 CmsPublishList publishList,
 I_CmsReport report)
                                                throws Exception

Validates the relations for the given resources.

Parameters:

context - the current request context

publishList - the resources to validate during publishing

report - a report to write the messages to

Returns:

a map with lists of invalid links (CmsRelation} objects) keyed by root paths

Throws:

Exception - if something goes wrong

writeAccessControlEntry

public void writeAccessControlEntry(CmsRequestContext context,
 CmsResource resource,
 CmsAccessControlEntry ace)
                             throws CmsException,
CmsSecurityException

Writes an access control entries to a given resource.

Parameters:

context - the current request context

resource - the resource

ace - the entry to write

Throws:

CmsSecurityException - if the user has insufficient permission for the given resource (CmsPermissionSet.ACCESS_CONTROL required)

CmsException - if something goes wrong

writeFile

public CmsFile writeFile(CmsRequestContext context,
 CmsFile resource)
                  throws CmsException,
CmsSecurityException

Writes a resource to the OpenCms VFS, including it's content.

Applies only to resources of type CmsFile i.e. resources that have a binary content attached.

Certain resource types might apply content validation or transformation rules before the resource is actually written to the VFS. The returned result might therefore be a modified version from the provided original.

Parameters:

context - the current request context

resource - the resource to apply this operation to

Returns:

the written resource (may have been modified)

Throws:

CmsSecurityException - if the user has insufficient permission for the given resource (CmsPermissionSet.ACCESS_WRITE required)

CmsException - if something goes wrong

See Also:

• CmsObject.writeFile(CmsFile)
• I_CmsResourceType.writeFile(CmsObject, CmsSecurityManager, CmsFile)

writeGroup

public void writeGroup(CmsRequestContext context,
 CmsGroup group)
                throws CmsException,
CmsRoleViolationException

Writes an already existing group.

The group id has to be a valid OpenCms group id.
The group with the given id will be completely overridden by the given data.

Parameters:

context - the current request context

group - the group that should be written

Throws:

CmsRoleViolationException - if the current user does not own the role CmsRole.ACCOUNT_MANAGER for the current project

CmsException - if operation was not successful

writeHistoryProject

public void writeHistoryProject(CmsRequestContext context,
 int publishTag,
 long publishDate)
                         throws CmsException

Creates a historical entry of the current project.

Parameters:

context - the current request context

publishTag - the correlative publish tag

publishDate - the date of publishing

Throws:

CmsException - if operation was not successful

writeLocks

public void writeLocks()
                throws CmsException

Writes the locks that are currently stored in-memory to the database to allow restoring them in later startups.

This overwrites the locks previously stored in the underlying database table.

Throws:

CmsException - if something goes wrong

writeOrganizationalUnit

public void writeOrganizationalUnit(CmsRequestContext context,
 CmsOrganizationalUnit organizationalUnit)
                             throws CmsException

Writes an already existing organizational unit.

The organizational unit id has to be a valid OpenCms organizational unit id.

The organizational unit with the given id will be completely overridden by the given data.

Parameters:

context - the current request context

organizationalUnit - the organizational unit that should be written

Throws:

CmsException - if operation was not successful

See Also:

• CmsOrgUnitManager.writeOrganizationalUnit(CmsObject, CmsOrganizationalUnit)

writeProject

public void writeProject(CmsRequestContext context,
 CmsProject project)
                  throws CmsRoleViolationException,
CmsException

Writes an already existing project.

The project id has to be a valid OpenCms project id.
The project with the given id will be completely overridden by the given data.

Parameters:

project - the project that should be written

context - the current request context

Throws:

CmsRoleViolationException - if the current user does not own the required permissions

CmsException - if operation was not successful

writePropertyObject

public void writePropertyObject(CmsRequestContext context,
 CmsResource resource,
 CmsProperty property)
                         throws CmsException,
CmsSecurityException

Writes a property for a specified resource.

Parameters:

context - the current request context

resource - the resource to write the property for

property - the property to write

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (CmsPermissionSet.ACCESS_WRITE required)

See Also:

• CmsObject.writePropertyObject(String, CmsProperty)
• I_CmsResourceType.writePropertyObject(CmsObject, CmsSecurityManager, CmsResource, CmsProperty)

writePropertyObjects

public void writePropertyObjects(CmsRequestContext context,
 CmsResource resource,
 List<CmsProperty> properties)
                          throws CmsException,
CmsSecurityException

Writes a list of properties for a specified resource.

Code calling this method has to ensure that the no properties a, b are contained in the specified list so that a.equals(b), otherwise an exception is thrown.

Parameters:

context - the current request context

resource - the resource to write the properties for

properties - the list of properties to write

Throws:

CmsException - if something goes wrong

CmsSecurityException - if the user has insufficient permission for the given resource (CmsPermissionSet.ACCESS_WRITE required)

See Also:

• CmsObject.writePropertyObjects(String, List)
• I_CmsResourceType.writePropertyObjects(CmsObject, CmsSecurityManager, CmsResource, List)

writeResource

public void writeResource(CmsRequestContext context,
 CmsResource resource)
                   throws CmsException,
CmsSecurityException

Writes a resource to the OpenCms VFS.

Parameters:

context - the current request context

resource - the resource to write

Throws:

CmsSecurityException - if the user has insufficient permission for the given resource (CmsPermissionSet.ACCESS_WRITE required)

CmsException - if something goes wrong

writeResourceProjectLastModified

public void writeResourceProjectLastModified(CmsRequestContext context,
 CmsResource resource,
 CmsProject project)
                                      throws CmsException

Writes the 'projectlastmodified' field of a resource record.

Parameters:

context - the current database context

resource - the resource which should be modified

project - the project whose project id should be written into the resource record

Throws:

CmsException - if something goes wrong

writeStaticExportPublishedResource

public void writeStaticExportPublishedResource(CmsRequestContext context,
 String resourceName,
 int linkType,
 String linkParameter,
 long timestamp)
                                        throws CmsException

Inserts an entry in the published resource table.

This is done during static export.

Parameters:

context - the current request context

resourceName - The name of the resource to be added to the static export

linkType - the type of resource exported (0= non-parameter, 1=parameter)

linkParameter - the parameters added to the resource

timestamp - a time stamp for writing the data into the db

Throws:

CmsException - if something goes wrong

writeUrlNameMapping

public String writeUrlNameMapping(CmsRequestContext context,
 Iterator<String> nameSeq,
 CmsUUID structureId,
 String locale,
 boolean replaceOnPublish)
                           throws CmsException

Writes a new URL name mapping for a given resource.

The first name from the given sequence which is not already mapped to another resource will be used for the URL name mapping.

Parameters:

context - the request context

nameSeq - the sequence of URL name candidates

structureId - the structure id which should be mapped to the name

locale - the locale for the mapping

replaceOnPublish - mappings for which this is set will replace all other mappings for the same resource on publishing

Returns:

the name which was actually mapped to the structure id

Throws:

CmsException - if something goes wrong

writeUser

public void writeUser(CmsRequestContext context,
 CmsUser user)
               throws CmsException,
CmsRoleViolationException

Updates the user information.

The user id has to be a valid OpenCms user id.
The user with the given id will be completely overridden by the given data.

Parameters:

context - the current request context

user - the user to be updated

Throws:

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER for the current project

CmsException - if operation was not successful

checkPermissions

protected void checkPermissions(CmsDbContext dbc,
 CmsResource resource,
 CmsPermissionSet requiredPermissions,
 boolean checkLock,
 CmsResourceFilter filter)
                         throws CmsException,
CmsSecurityException

Performs a blocking permission check on a resource.

If the required permissions are not satisfied by the permissions the user has on the resource, an exception is thrown.

Parameters:

dbc - the current database context

resource - the resource on which permissions are required

requiredPermissions - the set of permissions required to access the resource

checkLock - if true, the lock status of the resource is also checked

filter - the filter for the resource

Throws:

CmsException - in case of any i/o error

CmsSecurityException - if the required permissions are not satisfied

See Also:

• hasPermissions(CmsRequestContext, CmsResource, CmsPermissionSet, boolean, CmsResourceFilter)

checkPermissions

protected void checkPermissions(CmsDbContext dbc,
 CmsResource resource,
 CmsPermissionSet requiredPermissions,
 I_CmsPermissionHandler.LockCheck checkLock,
 CmsResourceFilter filter)
                         throws CmsException,
CmsSecurityException

Performs a blocking permission check on a resource.

If the required permissions are not satisfied by the permissions the user has on the resource, an exception is thrown.

Parameters:

dbc - the current database context

resource - the resource on which permissions are required

requiredPermissions - the set of permissions required to access the resource

checkLock - if true, the lock status of the resource is also checked

filter - the filter for the resource

Throws:

CmsException - in case of any i/o error

CmsSecurityException - if the required permissions are not satisfied

See Also:

• hasPermissions(CmsRequestContext, CmsResource, CmsPermissionSet, boolean, CmsResourceFilter)

checkPermissions

protected void checkPermissions(CmsRequestContext context,
 CmsResource resource,
 CmsPermissionSet requiredPermissions,
 I_CmsPermissionHandler.CmsPermissionCheckResult permissions)
                         throws CmsSecurityException,
CmsLockException,
CmsVfsResourceNotFoundException

Applies the permission check result of a previous call to hasPermissions(CmsRequestContext, CmsResource, CmsPermissionSet, boolean, CmsResourceFilter).

Parameters:

context - the current request context

resource - the resource on which permissions are required

requiredPermissions - the set of permissions required to access the resource

permissions - the permissions to check

Throws:

CmsSecurityException - if the required permissions are not satisfied

CmsLockException - if the lock status is not as required

CmsVfsResourceNotFoundException - if the required resource has been filtered

checkRoleForUserModification

protected void checkRoleForUserModification(CmsDbContext dbc,
 String username,
 CmsRole role)
                                     throws CmsDataAccessException,
CmsRoleViolationException

Checks that the current user has enough permissions to modify the given user.

Parameters:

dbc - the database context

username - the name of the user to modify

role - the needed role

Throws:

CmsDataAccessException - if something goes wrong accessing the database

CmsRoleViolationException - if the user has not the needed permissions

checkSystemLocks

protected void checkSystemLocks(CmsDbContext dbc,
 CmsResource resource)
                         throws CmsException

Checks if the given resource contains a resource that has a system lock.

Parameters:

dbc - the current database context

resource - the resource to check

Throws:

CmsException - in case there is a system lock contained in the given resource

deleteResource

protected void deleteResource(CmsDbContext dbc,
 CmsResource resource,
 CmsResource.CmsResourceDeleteMode siblingMode)
                       throws CmsException

Internal recursive method for deleting a resource.

Parameters:

dbc - the db context

resource - the name of the resource to delete (full path)

siblingMode - indicates how to handle siblings of the deleted resource

Throws:

CmsException - if something goes wrong

deleteUser

protected void deleteUser(CmsRequestContext context,
 CmsUser user,
 CmsUser replacement)
                   throws CmsException,
CmsSecurityException,
CmsRoleViolationException

Deletes a user, where all permissions and resources attributes of the user were transfered to a replacement user, if given.

Parameters:

context - the current request context

user - the user to be deleted

replacement - the user to be transfered, can be null

Throws:

CmsRoleViolationException - if the current user does not own the rule CmsRole.ACCOUNT_MANAGER

CmsSecurityException - in case the user is a default user

CmsException - if something goes wrong

getManageableResources

protected List<CmsResource> getManageableResources(CmsDbContext dbc,
 CmsRole role)
                                            throws CmsException

Returns all resources of organizational units for which the current user has the given role role.

Parameters:

dbc - the current database context

role - the role to check

Returns:

a list of CmsResource objects

Throws:

CmsException - if something goes wrong

getParentOrganizationalUnit

protected String getParentOrganizationalUnit(String fqn)

Returns the organizational unit for the parent of the given fully qualified name.

Parameters:

fqn - the fully qualified name to get the parent organizational unit for

Returns:

the parent organizational unit for the fully qualified name

hasPermissions

protected I_CmsPermissionHandler.CmsPermissionCheckResult hasPermissions(CmsDbContext dbc,
 CmsResource resource,
 CmsPermissionSet requiredPermissions,
 I_CmsPermissionHandler.LockCheck checkLock,
 CmsResourceFilter filter)
                                                                  throws CmsException

Performs a non-blocking permission check on a resource.

This test will not throw an exception in case the required permissions are not available for the requested operation. Instead, it will return one of the following values:

• I_CmsPermissionHandler.PERM_ALLOWED
• I_CmsPermissionHandler.PERM_FILTERED
• I_CmsPermissionHandler.PERM_DENIED

Parameters:

dbc - the current database context

resource - the resource on which permissions are required

requiredPermissions - the set of permissions required for the operation

checkLock - if true, a lock for the current user is required for all write operations, if false it's ok to write as long as the resource is not locked by another user

filter - the resource filter to use

Returns:

I_CmsPermissionHandler.PERM_ALLOWED if the user has sufficient permissions on the resource for the requested operation

Throws:

CmsException - in case of i/o errors (NOT because of insufficient permissions)

hasRole

protected boolean hasRole(CmsRole role,
 List<CmsGroup> roles)

Returns true if at least one of the given group names is equal to a group name of the given role in the given organizational unit.

This checks the given list against the group of the given role as well as against the role group of all parent roles.

If the organizational unit is null, this method will check if the given user has the given role for at least one organizational unit.

Parameters:

role - the role to check

roles - the groups to match the role groups against

Returns:

true if at last one of the given group names is equal to a group name of this role

moveResource

protected void moveResource(CmsDbContext dbc,
 CmsResource source,
 String destination,
 Set<CmsResource> allMovedResources)
                     throws CmsException

Internal recursive method to move a resource.

Parameters:

dbc - the db context

source - the source resource

destination - the destination path

allMovedResources - a set used to collect all moved resources

Throws:

CmsException - if something goes wrong

readFolder

protected CmsFolder readFolder(CmsDbContext dbc,
 String resourcename,
 CmsResourceFilter filter)
                        throws CmsException

Reads a folder from the VFS, using the specified resource filter.

Parameters:

dbc - the current database context

resourcename - the name of the folder to read (full path)

filter - the resource filter to use while reading

Returns:

the folder that was read

Throws:

CmsException - if something goes wrong

readResource

protected CmsResource readResource(CmsDbContext dbc,
 CmsUUID structureID,
 CmsResourceFilter filter)
                            throws CmsException

Reads a resource from the OpenCms VFS, using the specified resource filter.

Parameters:

dbc - the current database context

structureID - the ID of the structure to read

filter - the resource filter to use while reading

Returns:

the resource that was read

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.readResource(CmsUUID, CmsResourceFilter)
• CmsObject.readResource(CmsUUID)
• CmsObject.readFile(CmsResource)

readResource

protected CmsResource readResource(CmsDbContext dbc,
 String resourcePath,
 CmsResourceFilter filter)
                            throws CmsException

Reads a resource from the OpenCms VFS, using the specified resource filter.

Parameters:

dbc - the current database context

resourcePath - the name of the resource to read (full path)

filter - the resource filter to use while reading

Returns:

the resource that was read

Throws:

CmsException - if something goes wrong

See Also:

• CmsObject.readResource(String, CmsResourceFilter)
• CmsObject.readResource(String)
• CmsObject.readFile(CmsResource)