Source code

001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software GmbH & Co. KG, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.workplace.editors;
029
030import org.opencms.db.CmsUserSettings;
031import org.opencms.file.CmsResource;
032import org.opencms.file.CmsResourceFilter;
033import org.opencms.i18n.CmsMessageContainer;
034import org.opencms.jsp.CmsJspActionElement;
035import org.opencms.main.CmsException;
036import org.opencms.main.CmsLog;
037import org.opencms.main.OpenCms;
038import org.opencms.security.CmsPermissionSet;
039import org.opencms.security.CmsRole;
040import org.opencms.security.CmsRoleViolationException;
041import org.opencms.workplace.CmsDialog;
042
043import javax.servlet.http.HttpSession;
044
045import org.apache.commons.logging.Log;
046
047/**
048 * Base class for all editors that turns of time warp deletion inherited from
049 * <code>{@link org.opencms.workplace.CmsWorkplace}</code>.<p>
050 *
051 * @since 6.0.0
052 */
053public class CmsEditorBase extends CmsDialog {
054
055    /** The log object for this class. */
056    private static final Log LOG = CmsLog.getLog(CmsEditorBase.class);
057
058    /**
059     * Public constructor.<p>
060     *
061     * @param jsp an initialized JSP action element
062     */
063    public CmsEditorBase(CmsJspActionElement jsp) {
064
065        super(jsp);
066    }
067
068    /**
069     * In addition to the permission check, this will also check if the current user has at least the ELEMENT_AUTHOR role.<p>
070     *
071     * @see org.opencms.workplace.CmsDialog#checkResourcePermissions(org.opencms.security.CmsPermissionSet, boolean, org.opencms.i18n.CmsMessageContainer)
072     */
073    @Override
074    protected boolean checkResourcePermissions(
075        CmsPermissionSet required,
076        boolean neededForFolder,
077        CmsMessageContainer errorMessage) {
078
079        boolean hasPermissions = false;
080        try {
081            CmsResource res;
082            if (neededForFolder) {
083                // check permissions for the folder the resource is in
084                res = getCms().readResource(CmsResource.getParentFolder(getParamResource()), CmsResourceFilter.ALL);
085            } else {
086                res = getCms().readResource(getParamResource(), CmsResourceFilter.ALL);
087            }
088            hasPermissions = getCms().hasPermissions(res, required, false, CmsResourceFilter.ALL)
089                && (OpenCms.getRoleManager().hasRoleForResource(
090                    getCms(),
091                    CmsRole.ELEMENT_AUTHOR,
092                    getCms().getSitePath(res))
093                    || OpenCms.getRoleManager().hasRoleForResource(
094                        getCms(),
095                        CmsRole.PROJECT_MANAGER,
096                        getCms().getSitePath(res))
097                    || OpenCms.getRoleManager().hasRoleForResource(
098                        getCms(),
099                        CmsRole.ACCOUNT_MANAGER,
100                        getCms().getSitePath(res)));
101        } catch (CmsException e) {
102            // should usually never happen
103            if (LOG.isInfoEnabled()) {
104                LOG.info(e.getLocalizedMessage(), e);
105            }
106        }
107
108        if (!hasPermissions) {
109            // store the error message in the users session
110            getSettings().setErrorMessage(errorMessage);
111        }
112
113        return hasPermissions;
114    }
115
116    /**
117     * Checks that the current user is a workplace user.<p>
118     *
119     * @throws CmsRoleViolationException if the user does not have the required role
120     */
121    @Override
122    protected void checkRole() throws CmsRoleViolationException {
123
124        OpenCms.getRoleManager().checkRole(getCms(), CmsRole.EDITOR);
125    }
126
127    /**
128     * @see org.opencms.workplace.CmsWorkplace#initTimeWarp(org.opencms.db.CmsUserSettings, javax.servlet.http.HttpSession)
129     */
130    @Override
131    protected void initTimeWarp(CmsUserSettings settings, HttpSession session) {
132
133        // overridden to avoid deletion of the configured time warp:
134        // this is triggered by editors and in auto time warping a direct edit
135        // must not delete a potential auto warped request time
136    }
137}