From 12fed67308ffec8793898a7b2d5f7c891ce8bc4e Mon Sep 17 00:00:00 2001 From: jensp Date: Wed, 10 May 2017 17:38:24 +0000 Subject: [PATCH] CCM NG/ccm-cms: Query for retrieving ContentItems by ID which takes the permissions into account. git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4726 8810af33-2d31-482b-a856-94f89814c4df --- .../librecms/contentsection/ContentItem.java | 17 +++++++---------- .../contentsection/ContentItemRepository.java | 3 --- .../librecms/contentsection/FolderManager.java | 3 --- 3 files changed, 7 insertions(+), 16 deletions(-) diff --git a/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java b/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java index 91af59c78..a7e0c16b8 100644 --- a/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java +++ b/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java @@ -21,11 +21,9 @@ package org.librecms.contentsection; import org.hibernate.envers.Audited; import org.hibernate.envers.RelationTargetAuditMode; import org.hibernate.search.annotations.Field; -import org.libreccm.categorization.Categorization; import org.libreccm.core.CcmObject; import org.libreccm.l10n.LocalizedString; import org.libreccm.workflow.Workflow; -import org.librecms.CmsConstants; import org.librecms.lifecycle.Lifecycle; import java.io.Serializable; @@ -34,8 +32,6 @@ import java.util.Collections; import java.util.Date; import java.util.List; import java.util.Objects; -import java.util.Optional; -import java.util.stream.Collectors; import javax.persistence.AssociationOverride; import javax.persistence.Column; @@ -56,6 +52,7 @@ import javax.persistence.TemporalType; import org.hibernate.search.annotations.IndexedEmbedded; import javax.persistence.FetchType; + import org.hibernate.envers.NotAudited; import static org.librecms.CmsConstants.*; @@ -72,13 +69,13 @@ import static org.librecms.CmsConstants.*; @NamedQueries({ @NamedQuery( name = "ContentItem.findById", - query = "SELECT i FROM ContentItem i " + query = "SELECT DISTINCT i " + + "FROM ContentItem i " + + "JOIN i.permissions p " + "WHERE i.objectId = :objectId " - + "AND (EXISTS(SELECT p FROM Permission p " - + "WHERE p.grantedPrivilege = 'read' " - + "AND p.grantee IN :roles " - + "AND p.object = i)" - + "OR true = :admin)") + + "AND ((p.grantee IN :roles " + + "AND p.grantedPrivilege = (CASE WHEN i.version = 'DRAFT' THEN 'preview_items' ELSE 'view_published_items' END)) " + + "OR true = :isSystemUser OR true = :isAdmin)") , @NamedQuery( name = "ContentItem.findByType", diff --git a/ccm-cms/src/main/java/org/librecms/contentsection/ContentItemRepository.java b/ccm-cms/src/main/java/org/librecms/contentsection/ContentItemRepository.java index c0c069efa..6881d0aa7 100644 --- a/ccm-cms/src/main/java/org/librecms/contentsection/ContentItemRepository.java +++ b/ccm-cms/src/main/java/org/librecms/contentsection/ContentItemRepository.java @@ -401,9 +401,6 @@ public class ContentItemRepository final ContentItem draft = itemManager.getDraftVersion(item, ContentItem.class); -// draft.getCategories().stream() -// .map(categorization -> categorization.getCategory()) -// .forEach(category -> removeCategoryFromItem(item, category)); for (final Categorization categorization : draft.getCategories()) { final Category category = categorization.getCategory(); diff --git a/ccm-cms/src/main/java/org/librecms/contentsection/FolderManager.java b/ccm-cms/src/main/java/org/librecms/contentsection/FolderManager.java index d334162e2..aea8e3b3d 100644 --- a/ccm-cms/src/main/java/org/librecms/contentsection/FolderManager.java +++ b/ccm-cms/src/main/java/org/librecms/contentsection/FolderManager.java @@ -23,16 +23,13 @@ import com.arsdigita.kernel.KernelConfig; import org.libreccm.categorization.Category; import org.libreccm.categorization.CategoryManager; import org.libreccm.configuration.ConfigurationManager; -import org.libreccm.core.UnexpectedErrorException; import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Objects; import java.util.Optional; -import java.util.stream.Collectors; -import javax.batch.api.chunk.ItemReader; import javax.enterprise.context.RequestScoped; import javax.inject.Inject; import javax.persistence.EntityManager;