cmsdrivermanager.java
来自「找了很久才找到到源代码」· Java 代码 · 共 1,525 行 · 第 1/5 页
JAVA
1,525 行
return;
}
// and now we need to remove all possible child-roles
List children = role.getChildren(true);
Iterator itUserGroups = getGroupsOfUser(
dbc,
username,
group.getOuFqn(),
true,
true,
true,
dbc.getRequestContext().getRemoteAddress()).iterator();
while (itUserGroups.hasNext()) {
CmsGroup roleGroup = (CmsGroup)itUserGroups.next();
if (children.contains(CmsRole.valueOf(roleGroup))) {
// remove only child roles
removeUserFromGroup(dbc, username, roleGroup.getName(), true);
}
}
// update virtual groups
Iterator it = getVirtualGroupsForRole(dbc, role).iterator();
while (it.hasNext()) {
CmsGroup virtualGroup = (CmsGroup)it.next();
// here we say readroles = true, to prevent an unlimited recursive calls
addUserToGroup(dbc, username, virtualGroup.getName(), true);
}
// if setting a role that is not the workplace user role ensure the user is also wp user
CmsRole wpUser = CmsRole.WORKPLACE_USER.forOrgUnit(group.getOuFqn());
if (!role.equals(wpUser)
&& !role.getChildren(true).contains(wpUser)
&& !userInGroup(dbc, username, wpUser.getGroupName(), true)) {
addUserToGroup(dbc, username, wpUser.getGroupName(), true);
}
}
//add this user to the group
m_userDriver.createUserInGroup(dbc, user.getId(), group.getId());
// flush the cache
if (readRoles) {
OpenCms.getMemoryMonitor().flushRoles();
OpenCms.getMemoryMonitor().flushRoleLists();
}
OpenCms.getMemoryMonitor().flushUserGroups();
}
/**
* Changes the lock of a resource to the current user,
* that is "steals" the lock from another user.<p>
*
* @param dbc the current database context
* @param resource the resource to change the lock for
* @param lockType the new lock type to set
*
* @throws CmsException if something goes wrong
* @throws CmsSecurityException if something goes wrong
*
*
* @see CmsObject#changeLock(String)
* @see I_CmsResourceType#changeLock(CmsObject, CmsSecurityManager, CmsResource)
*
* @see CmsSecurityManager#hasPermissions(CmsRequestContext, CmsResource, CmsPermissionSet, boolean, CmsResourceFilter)
*/
public void changeLock(CmsDbContext dbc, CmsResource resource, CmsLockType lockType)
throws CmsException, CmsSecurityException {
// get the current lock
CmsLock currentLock = getLock(dbc, resource);
// check if the resource is locked at all
if (currentLock.getEditionLock().isUnlocked() && currentLock.getSystemLock().isUnlocked()) {
throw new CmsLockException(Messages.get().container(
Messages.ERR_CHANGE_LOCK_UNLOCKED_RESOURCE_1,
dbc.getRequestContext().getSitePath(resource)));
} else if ((lockType == CmsLockType.EXCLUSIVE)
&& currentLock.isExclusiveOwnedInProjectBy(dbc.currentUser(), dbc.currentProject())) {
// the current lock requires no change
return;
}
// duplicate logic from CmsSecurityManager#hasPermissions() because lock state can't be ignored
// if another user has locked the file, the current user can never get WRITE permissions with the default check
int denied = 0;
// check if the current user is vfs manager
boolean canIgnorePermissions = m_securityManager.hasRoleForResource(
dbc,
dbc.currentUser(),
CmsRole.VFS_MANAGER,
resource);
// if the resource type is jsp
// write is only allowed for developers
if (!canIgnorePermissions && (resource.getTypeId() == CmsResourceTypeJsp.getStaticTypeId())) {
if (!m_securityManager.hasRoleForResource(dbc, dbc.currentUser(), CmsRole.DEVELOPER, resource)) {
denied |= CmsPermissionSet.PERMISSION_WRITE;
}
}
CmsPermissionSetCustom permissions;
if (canIgnorePermissions) {
// if the current user is administrator, anything is allowed
permissions = new CmsPermissionSetCustom(~0);
} else {
// otherwise, get the permissions from the access control list
permissions = getPermissions(dbc, resource, dbc.currentUser());
}
// revoke the denied permissions
permissions.denyPermissions(denied);
// now check if write permission is granted
if ((CmsPermissionSet.ACCESS_WRITE.getPermissions() & permissions.getPermissions()) != CmsPermissionSet.ACCESS_WRITE.getPermissions()) {
// check failed, throw exception
m_securityManager.checkPermissions(
dbc.getRequestContext(),
resource,
CmsPermissionSet.ACCESS_WRITE,
I_CmsPermissionHandler.PERM_DENIED);
}
// if we got here write permission is granted on the target
// remove the old lock
m_lockManager.removeResource(dbc, resource, true, lockType.isSystem());
// apply the new lock
lockResource(dbc, resource, lockType);
}
/**
* Returns a list with all sub resources of a given folder that have set the given property,
* matching the current property's value with the given old value and replacing it by a given new value.<p>
*
* @param dbc the current database context
* @param resource the resource on which property definition values are changed
* @param propertyDefinition the name of the propertydefinition to change the value
* @param oldValue the old value of the propertydefinition
* @param newValue the new value of the propertydefinition
* @param recursive if true, change recursively all property values on sub-resources (only for folders)
*
* @return a list with the <code>{@link CmsResource}</code>'s where the property value has been changed
*
* @throws CmsVfsException for now only when the search for the oldvalue failed.
* @throws CmsException if operation was not successful
*/
public List changeResourcesInFolderWithProperty(
CmsDbContext dbc,
CmsResource resource,
String propertyDefinition,
String oldValue,
String newValue,
boolean recursive) throws CmsVfsException, CmsException {
// collect the resources to look up
List resources = new ArrayList();
if (recursive) {
resources = readResourcesWithProperty(dbc, resource, propertyDefinition, null);
} else {
resources.add(resource);
}
Pattern oldPattern;
try {
// compile regular expression pattern
oldPattern = Pattern.compile(oldValue);
} catch (PatternSyntaxException e) {
throw new CmsVfsException(Messages.get().container(
Messages.ERR_CHANGE_RESOURCES_IN_FOLDER_WITH_PROP_4,
new Object[] {propertyDefinition, oldValue, newValue, resource.getRootPath()}), e);
}
List changedResources = new ArrayList(resources.size());
// create permission set and filter to check each resource
CmsPermissionSet perm = CmsPermissionSet.ACCESS_WRITE;
CmsResourceFilter filter = CmsResourceFilter.IGNORE_EXPIRATION;
for (int i = 0; i < resources.size(); i++) {
// loop through found resources and check property values
CmsResource res = (CmsResource)resources.get(i);
// check resource state and permissions
try {
m_securityManager.checkPermissions(dbc, res, perm, true, filter);
} catch (Exception e) {
// resource is deleted or not writable for current user
continue;
}
CmsProperty property = readPropertyObject(dbc, res, propertyDefinition, false);
String structureValue = property.getStructureValue();
String resourceValue = property.getResourceValue();
boolean changed = false;
if ((structureValue != null) && oldPattern.matcher(structureValue).matches()) {
// change structure value
property.setStructureValue(newValue);
changed = true;
}
if ((resourceValue != null) && oldPattern.matcher(resourceValue).matches()) {
// change resource value
property.setResourceValue(newValue);
changed = true;
}
if (changed) {
// write property object if something has changed
writePropertyObject(dbc, res, property);
changedResources.add(res);
}
}
return changedResources;
}
/**
* Changes the resource flags of a resource.<p>
*
* The resource flags are used to indicate various "special" conditions
* for a resource. Most notably, the "internal only" setting which signals
* that a resource can not be directly requested with it's URL.<p>
*
* @param dbc the current database context
* @param resource the resource to change the flags for
* @param flags the new resource flags for this resource
*
* @throws CmsException if something goes wrong
*
* @see CmsObject#chflags(String, int)
* @see I_CmsResourceType#chflags(CmsObject, CmsSecurityManager, CmsResource, int)
*/
public void chflags(CmsDbContext dbc, CmsResource resource, int flags) throws CmsException {
// must operate on a clone to ensure resource is not modified in case permissions are not granted
CmsResource clone = (CmsResource)resource.clone();
clone.setFlags(flags);
writeResource(dbc, clone);
}
/**
* Changes the resource type of a resource.<p>
*
* OpenCms handles resources according to the resource type,
* not the file suffix. This is e.g. why a JSP in OpenCms can have the
* suffix ".html" instead of ".jsp" only. Changing the resource type
* makes sense e.g. if you want to make a plain text file a JSP resource,
* or a binary file an image, etc.<p>
*
* @param dbc the current database context
* @param resource the resource to change the type for
* @param type the new resource type for this resource
*
* @throws CmsException if something goes wrong
*
* @see CmsObject#chtype(String, int)
* @see I_CmsResourceType#chtype(CmsObject, CmsSecurityManager, CmsResource, int)
*/
public void chtype(CmsDbContext dbc, CmsResource resource, int type) throws CmsException {
// must operate on a clone to ensure resource is not modified in case permissions are not granted
CmsResource clone = (CmsResource)resource.clone();
I_CmsResourceType newType = OpenCms.getResourceManager().getResourceType(type);
clone.setType(newType.getTypeId());
writeResource(dbc, clone);
}
/**
* Clears the access control list cache when access control entries are changed.<p>
*/
public void clearAccessControlListCache() {
OpenCms.getMemoryMonitor().flushACLs();
OpenCms.getMemoryMonitor().flushPermissions();
clearResourceCache();
}
/**
* @see org.opencms.main.I_CmsEventListener#cmsEvent(org.opencms.main.CmsEvent)
*/
public void cmsEvent(CmsEvent event) {
if (LOG.isDebugEnabled()) {
LOG.debug(Messages.get().getBundle().key(Messages.LOG_CMS_EVENT_1, new Integer(event.getType())));
}
I_CmsReport report;
CmsDbContext dbc;
switch (event.getType()) {
case I_CmsEventListener.EVENT_UPDATE_EXPORTS:
dbc = (CmsDbContext)event.getData().get(I_CmsEventListener.KEY_DBCONTEXT);
updateExportPoints(dbc);
break;
case I_CmsEventListener.EVENT_PUBLISH_PROJECT:
CmsUUID publishHistoryId = new CmsUUID((String)event.getData().get(I_CmsEventListener.KEY_PUBLISHID));
report = (I_CmsReport)event.getData().get(I_CmsEventListener.KEY_REPORT);
dbc = (CmsDbContext)event.getData().get(I_CmsEventListener.KEY_DBCONTEXT);
writeExportPoints(dbc, report, publishHistoryId);
break;
case I_CmsEventListener.EVENT_CLEAR_CACHES:
clearcache(false);
break;
case I_CmsEventListener.EVENT_CLEAR_PRINCIPAL_CACHES:
clearcache(true);
break;
default:
// noop
}
}
/**
* Copies the access control entries of a given resource to a destination resorce.<p>
*
* Already existing access control entries of the destination resource are removed.<p>
* @param dbc the current database context
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?