001/* 002 * This library is part of OpenCms - 003 * the Open Source Content Management System 004 * 005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com) 006 * 007 * This library is free software; you can redistribute it and/or 008 * modify it under the terms of the GNU Lesser General Public 009 * License as published by the Free Software Foundation; either 010 * version 2.1 of the License, or (at your option) any later version. 011 * 012 * This library is distributed in the hope that it will be useful, 013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 015 * Lesser General Public License for more details. 016 * 017 * For further information about Alkacon Software GmbH & Co. KG, please see the 018 * company website: http://www.alkacon.com 019 * 020 * For further information about OpenCms, please see the 021 * project website: http://www.opencms.org 022 * 023 * You should have received a copy of the GNU Lesser General Public 024 * License along with this library; if not, write to the Free Software 025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 026 */ 027 028package org.opencms.workplace.editors; 029 030import org.opencms.db.CmsUserSettings; 031import org.opencms.file.CmsResource; 032import org.opencms.file.CmsResourceFilter; 033import org.opencms.i18n.CmsMessageContainer; 034import org.opencms.jsp.CmsJspActionElement; 035import org.opencms.main.CmsException; 036import org.opencms.main.CmsLog; 037import org.opencms.main.OpenCms; 038import org.opencms.security.CmsPermissionSet; 039import org.opencms.security.CmsRole; 040import org.opencms.security.CmsRoleViolationException; 041import org.opencms.workplace.CmsDialog; 042 043import javax.servlet.http.HttpSession; 044 045import org.apache.commons.logging.Log; 046 047/** 048 * Base class for all editors that turns of time warp deletion inherited from 049 * <code>{@link org.opencms.workplace.CmsWorkplace}</code>.<p> 050 * 051 * @since 6.0.0 052 */ 053public class CmsEditorBase extends CmsDialog { 054 055 /** The log object for this class. */ 056 private static final Log LOG = CmsLog.getLog(CmsEditorBase.class); 057 058 /** 059 * Public constructor.<p> 060 * 061 * @param jsp an initialized JSP action element 062 */ 063 public CmsEditorBase(CmsJspActionElement jsp) { 064 065 super(jsp); 066 } 067 068 /** 069 * In addition to the permission check, this will also check if the current user has at least the ELEMENT_AUTHOR role.<p> 070 * 071 * @see org.opencms.workplace.CmsDialog#checkResourcePermissions(org.opencms.security.CmsPermissionSet, boolean, org.opencms.i18n.CmsMessageContainer) 072 */ 073 @Override 074 protected boolean checkResourcePermissions( 075 CmsPermissionSet required, 076 boolean neededForFolder, 077 CmsMessageContainer errorMessage) { 078 079 boolean hasPermissions = false; 080 try { 081 CmsResource res; 082 if (neededForFolder) { 083 // check permissions for the folder the resource is in 084 res = getCms().readResource(CmsResource.getParentFolder(getParamResource()), CmsResourceFilter.ALL); 085 } else { 086 res = getCms().readResource(getParamResource(), CmsResourceFilter.ALL); 087 } 088 hasPermissions = getCms().hasPermissions(res, required, false, CmsResourceFilter.ALL) 089 && (OpenCms.getRoleManager().hasRoleForResource( 090 getCms(), 091 CmsRole.ELEMENT_AUTHOR, 092 getCms().getSitePath(res)) 093 || OpenCms.getRoleManager().hasRoleForResource( 094 getCms(), 095 CmsRole.PROJECT_MANAGER, 096 getCms().getSitePath(res)) 097 || OpenCms.getRoleManager().hasRoleForResource( 098 getCms(), 099 CmsRole.ACCOUNT_MANAGER, 100 getCms().getSitePath(res))); 101 } catch (CmsException e) { 102 // should usually never happen 103 if (LOG.isInfoEnabled()) { 104 LOG.info(e.getLocalizedMessage(), e); 105 } 106 } 107 108 if (!hasPermissions) { 109 // store the error message in the users session 110 getSettings().setErrorMessage(errorMessage); 111 } 112 113 return hasPermissions; 114 } 115 116 /** 117 * Checks that the current user is a workplace user.<p> 118 * 119 * @throws CmsRoleViolationException if the user does not have the required role 120 */ 121 @Override 122 protected void checkRole() throws CmsRoleViolationException { 123 124 OpenCms.getRoleManager().checkRole(getCms(), CmsRole.EDITOR); 125 } 126 127 /** 128 * @see org.opencms.workplace.CmsWorkplace#initTimeWarp(org.opencms.db.CmsUserSettings, javax.servlet.http.HttpSession) 129 */ 130 @Override 131 protected void initTimeWarp(CmsUserSettings settings, HttpSession session) { 132 133 // overridden to avoid deletion of the configured time warp: 134 // this is triggered by editors and in auto time warping a direct edit 135 // must not delete a potential auto warped request time 136 } 137}