001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.gwt;
029
030import org.opencms.file.CmsObject;
031import org.opencms.file.CmsProperty;
032import org.opencms.file.CmsResource;
033import org.opencms.file.CmsResourceFilter;
034import org.opencms.file.CmsUser;
035import org.opencms.lock.CmsLockActionRecord;
036import org.opencms.lock.CmsLockUtil;
037import org.opencms.main.CmsException;
038import org.opencms.main.CmsLog;
039import org.opencms.main.I_CmsThrowable;
040import org.opencms.main.OpenCms;
041import org.opencms.security.CmsRole;
042import org.opencms.security.CmsRoleViolationException;
043import org.opencms.util.CmsUUID;
044
045import java.io.IOException;
046import java.util.HashMap;
047import java.util.List;
048import java.util.Locale;
049import java.util.Map;
050
051import javax.servlet.ServletException;
052import javax.servlet.ServletRequest;
053import javax.servlet.ServletResponse;
054import javax.servlet.http.HttpServletRequest;
055import javax.servlet.http.HttpServletResponse;
056
057import org.apache.commons.logging.Log;
058
059import com.google.gwt.user.server.rpc.RemoteServiceServlet;
060import com.google.gwt.user.server.rpc.SerializationPolicy;
061
062/**
063 * Wrapper for GWT services served through OpenCms.<p>
064 *
065 * @since 8.0.0
066 */
067public class CmsGwtService extends RemoteServiceServlet {
068
069    /** The static log object for this class. */
070    private static final Log LOG = CmsLog.getLog(CmsGwtService.class);
071
072    /** Serialization id. */
073    private static final long serialVersionUID = 8119684308154724518L;
074
075    /** The service class context. */
076    private CmsGwtServiceContext m_context;
077
078    /** The current CMS context. */
079    private ThreadLocal<CmsObject> m_perThreadCmsObject;
080
081    /** Stores whether the current request is a broadcast poll. */
082    private ThreadLocal<Boolean> m_perThreadBroadcastPoll;
083
084    /**
085     * Constructor.<p>
086     */
087    public CmsGwtService() {
088
089        super();
090    }
091
092    /**
093     * Checks the permissions of the current user to match the required security level.<p>
094     *
095     * Note that the current request and response are not available yet.<p>
096     *
097     * Override if needed.<p>
098     *
099     * @param cms the current cms object
100     *
101     * @throws CmsRoleViolationException if the security level can not be satisfied
102     */
103    public void checkPermissions(CmsObject cms) throws CmsRoleViolationException {
104
105        OpenCms.getRoleManager().checkRole(cms, CmsRole.ELEMENT_AUTHOR);
106    }
107
108    /**
109     * Logs and re-throws the given exception for RPC responses.<p>
110     *
111     * @param t the exception
112     *
113     * @throws CmsRpcException the converted exception
114     */
115    public void error(Throwable t) throws CmsRpcException {
116
117        logError(t);
118        CmsRpcException e = new CmsRpcException(t);
119        // The CmsRpcException constructor can't do the localization, because it's a shared class
120        CmsObject cms = getCmsObject();
121        if (cms != null) {
122            Locale locale = OpenCms.getWorkplaceManager().getWorkplaceLocale(getCmsObject());
123            if (t instanceof I_CmsThrowable) {
124                String message = ((I_CmsThrowable)t).getLocalizedMessage(locale);
125                e.setOriginalMessage(message);
126            }
127            if (t.getCause() instanceof I_CmsThrowable) {
128                String message = ((I_CmsThrowable)t.getCause()).getLocalizedMessage(locale);
129                e.setOriginalCauseMessage(message);
130            }
131        }
132        throw e;
133    }
134
135    /**
136     * Returns the current cms context.<p>
137     *
138     * @return the current cms context
139     */
140    public CmsObject getCmsObject() {
141
142        return m_perThreadCmsObject.get();
143    }
144
145    /**
146     * Returns the current request.<p>
147     *
148     * @return the current request
149     *
150     * @see #getThreadLocalRequest()
151     */
152    public HttpServletRequest getRequest() {
153
154        return getThreadLocalRequest();
155    }
156
157    /**
158     * Returns the current response.<p>
159     *
160     * @return the current response
161     *
162     * @see #getThreadLocalResponse()
163     */
164    public HttpServletResponse getResponse() {
165
166        return getThreadLocalResponse();
167    }
168
169    /**
170     * Returns whether the current request is a broadcast call.<p>
171     *
172     * @return <code>true</code> if the current request is a broadcast call
173     */
174    public boolean isBroadcastCall() {
175
176        return (m_perThreadBroadcastPoll != null)
177            && (m_perThreadBroadcastPoll.get() != null)
178            && m_perThreadBroadcastPoll.get().booleanValue();
179    }
180
181    /**
182     * @see javax.servlet.GenericServlet#log(java.lang.String)
183     */
184    @Override
185    public void log(String msg) {
186
187        if (getResponse() != null) {
188            super.log(msg);
189        }
190        // also log to opencms.log
191        LOG.info(msg);
192    }
193
194    /**
195     * @see javax.servlet.GenericServlet#log(java.lang.String, java.lang.Throwable)
196     */
197    @Override
198    public void log(String message, Throwable t) {
199
200        if (getResponse() != null) {
201            super.log(message, t);
202        }
203        // also log to opencms.log
204        LOG.info(message, t);
205    }
206
207    /**
208     * Logs the given exception.<p>
209     *
210     * @param t the exception to log
211     */
212    public void logError(Throwable t) {
213
214        LOG.error(t.getLocalizedMessage(), t);
215    }
216
217    /**
218     * @see javax.servlet.http.HttpServlet#service(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
219     */
220    @Override
221    public void service(ServletRequest request, ServletResponse response) throws ServletException, IOException {
222
223        try {
224            response.setCharacterEncoding(request.getCharacterEncoding());
225            super.service(request, response);
226        } finally {
227            clearThreadStorage();
228        }
229    }
230
231    /**
232     * Sets that the current request is a broadcast call.<p>
233     */
234    public void setBroadcastPoll() {
235
236        if (m_perThreadBroadcastPoll == null) {
237            m_perThreadBroadcastPoll = new ThreadLocal<>();
238        }
239        m_perThreadBroadcastPoll.set(Boolean.TRUE);
240    }
241
242    /**
243     * Sets the current cms context.<p>
244     *
245     * @param cms the current cms context to set
246     */
247    public synchronized void setCms(CmsObject cms) {
248
249        if (m_perThreadCmsObject == null) {
250            m_perThreadCmsObject = new ThreadLocal<CmsObject>();
251        }
252        m_perThreadCmsObject.set(cms);
253    }
254
255    /**
256     * Sets the service context.<p>
257     *
258     * @param context the new service context
259     */
260    public synchronized void setContext(CmsGwtServiceContext context) {
261
262        m_context = context;
263    }
264
265    /**
266     * Sets the current request.<p>
267     *
268     * @param request the request to set
269     */
270    public synchronized void setRequest(HttpServletRequest request) {
271
272        if (perThreadRequest == null) {
273            perThreadRequest = new ThreadLocal<HttpServletRequest>();
274        }
275        perThreadRequest.set(request);
276    }
277
278    /**
279     * Sets the current response.<p>
280     *
281     * @param response the response to set
282     */
283    public synchronized void setResponse(HttpServletResponse response) {
284
285        if (perThreadResponse == null) {
286            perThreadResponse = new ThreadLocal<HttpServletResponse>();
287        }
288        perThreadResponse.set(response);
289    }
290
291    /**
292     * Clears the objects stored in thread local.<p>
293     */
294    protected void clearThreadStorage() {
295
296        if (m_perThreadCmsObject != null) {
297            m_perThreadCmsObject.remove();
298        }
299        if (perThreadRequest != null) {
300            perThreadRequest.remove();
301        }
302        if (perThreadResponse != null) {
303            perThreadResponse.remove();
304        }
305        if (m_perThreadBroadcastPoll != null) {
306            m_perThreadBroadcastPoll.remove();
307        }
308    }
309
310    /**
311     * We do not want that the server goes to fetch files from the servlet context.<p>
312     *
313     * @see com.google.gwt.user.server.rpc.RemoteServiceServlet#doGetSerializationPolicy(javax.servlet.http.HttpServletRequest, java.lang.String, java.lang.String)
314     */
315    @Override
316    protected SerializationPolicy doGetSerializationPolicy(
317        HttpServletRequest request,
318        String moduleBaseURL,
319        String strongName) {
320
321        return m_context.getSerializationPolicy(getCmsObject(), moduleBaseURL, strongName);
322    }
323
324    /**
325     * @see com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet#doUnexpectedFailure(java.lang.Throwable)
326     */
327    @Override
328    protected void doUnexpectedFailure(Throwable e) {
329
330        LOG.error(String.valueOf(System.currentTimeMillis()), e);
331        super.doUnexpectedFailure(e);
332    }
333
334    /**
335     * Locks the given resource with a temporary, if not already locked by the current user.
336     * Will throw an exception if the resource could not be locked for the current user.<p>
337     *
338     * @param resource the resource to lock
339     *
340     * @return the assigned lock
341     *
342     * @throws CmsException if the resource could not be locked
343     */
344    protected CmsLockActionRecord ensureLock(CmsResource resource) throws CmsException {
345
346        CmsObject cms = getCmsObject();
347        return CmsLockUtil.ensureLock(cms, resource, false);
348    }
349
350    /**
351     * Locks the given resource with a temporary, if not already locked by the current user.
352     * Will throw an exception if the resource could not be locked for the current user.<p>
353     *
354     * @param resource the resource to lock
355     * @param shallow true if we only want a shallow lock
356     *
357     * @return the assigned lock
358     *
359     * @throws CmsException if the resource could not be locked
360     */
361    protected CmsLockActionRecord ensureLock(CmsResource resource, boolean shallow) throws CmsException {
362
363        CmsObject cms = getCmsObject();
364        return CmsLockUtil.ensureLock(cms, resource, shallow);
365    }
366
367    /**
368     *
369     * Locks the given resource with a temporary, if not already locked by the current user.
370     * Will throw an exception if the resource could not be locked for the current user.<p>
371     *
372     * @param structureId the structure id of the resource
373     *
374     * @return the assigned lock
375     *
376     * @throws CmsException if something goes wrong
377     */
378    protected CmsLockActionRecord ensureLock(CmsUUID structureId) throws CmsException {
379
380        return ensureLock(getCmsObject().readResource(structureId, CmsResourceFilter.IGNORE_EXPIRATION));
381
382    }
383
384    /**
385     * Locks the given resource with a temporary, if not already locked by the current user.
386     * Will throw an exception if the resource could not be locked for the current user.<p>
387     *
388     * @param sitepath the site-path of the resource to lock
389     *
390     * @return the assigned lock
391     *
392     * @throws CmsException if the resource could not be locked
393     */
394    protected CmsLockActionRecord ensureLock(String sitepath) throws CmsException {
395
396        return ensureLock(getCmsObject().readResource(sitepath, CmsResourceFilter.IGNORE_EXPIRATION));
397    }
398
399    /**
400     * Ensures that the user session is still valid.<p>
401     *
402     * @throws CmsException if the current user is the guest user
403     */
404    protected void ensureSession() throws CmsException {
405
406        CmsUser user = getCmsObject().getRequestContext().getCurrentUser();
407        if (user.isGuestUser()) {
408            throw new CmsException(Messages.get().container(Messages.ERR_SESSION_EXPIRED_0));
409        }
410    }
411
412    /**
413     * Converts a list of properties to a map.<p>
414     *
415     * @param properties the list of properties
416     *
417     * @return a map from property names to properties
418     */
419    protected Map<String, CmsProperty> getPropertiesByName(List<CmsProperty> properties) {
420
421        Map<String, CmsProperty> result = new HashMap<String, CmsProperty>();
422        for (CmsProperty property : properties) {
423            String key = property.getName();
424            result.put(key, property.clone());
425        }
426        return result;
427    }
428
429    /**
430     * Tries to unlock a resource.<p>
431     *
432     * @param resource the resource to unlock
433     */
434    protected void tryUnlock(CmsResource resource) {
435
436        try {
437            getCmsObject().unlockResource(resource);
438        } catch (CmsException e) {
439            LOG.debug("Unable to unlock " + resource.getRootPath(), e);
440        }
441    }
442}