LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG/ccm-cms: AssetRepository queries now check permissions 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4733 8810af33-2d31-482b-a856-94f89814c4df
ccm-docs
jensp 2017-05-13 09:38:30 +00:00
parent b17295a0bd
commit 31277c9e29
5 changed files with 470 additions and 133 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

287
ccm-cms/src/main/java/org/librecms/contentsection/Asset.java
View File

@ -23,6 +23,7 @@ import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.l10n.LocalizedString;
import org.librecms.CmsConstants;
import org.librecms.contentsection.privileges.AssetPrivileges;
import java.util.ArrayList;
import java.util.Collections;
@ -56,124 +57,306 @@ import static org.librecms.CmsConstants.*;
@Inheritance(strategy = InheritanceType.JOINED)
@Audited
@NamedQueries({
@NamedQuery(name = "Asset.findByUuid",
query = "SELECT a FROM Asset a WHERE a.uuid = :uuid")
,
@NamedQuery(name = "Asset.findByType",
query = "SELECT a FROM Asset a "
+ "WHERE TYPE(a) = :type "
+ "AND a.categories IS NOT EMPTY")
,
@NamedQuery(name = "Asset.findByTypeAndContentSection",
query = "SELECT a FROM Asset a "
+ "JOIN a.categories c "
+ "WHERE TYPE(a) = :type "
+ "AND c.category.section = :section")
,
@NamedQuery(name = "Asset.findByUuidAndType",
query = "SELECT a FROM Asset a "
@NamedQuery(
name = "Asset.findByUuid",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "LEFT JOIN a.permissions p "
+ "WHERE a.uuid = :uuid "
+ "AND TYPE(a) = :type")
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(name = "Asset.findByContentSection",
query = "SELECT a FROM Asset a "
@NamedQuery(
name = "Asset.findByType",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "LEFT JOIN a.permissions p "
+ "WHERE TYPE(a) = :type "
+ "AND a.categories IS NOT EMPTY "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ") "
+ "ORDER BY a.displayName")
,
@NamedQuery(
name = "Asset.findByTypeAndContentSection",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "WHERE c.category.section = :section")
+ "LEFT JOIN a.permissions p "
+ "WHERE TYPE(a) = :type "
+ "AND c.category.section = :section "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(name = "Asset.findByTitle'",
query = "SELECT a FROM Asset a "
@NamedQuery(
name = "Asset.findByUuidAndType",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "LEFT JOIN a.permissions p "
+ "WHERE a.uuid = :uuid "
+ "AND TYPE(a) = :type "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.findByContentSection",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category.section = :section "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.findByTitle'",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.title.values t "
+ "LEFT JOIN a.permissions p "
+ "WHERE LOWER(t) LIKE CONCAT('%', :title, '%') "
+ "AND a.categories IS NOT EMPTY")
+ "AND a.categories IS NOT EMPTY "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(name = "Asset.findByTitleAndContentSection",
query = "SELECT a FROM Asset a "
@NamedQuery(
name = "Asset.findByTitleAndContentSection",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.title.values t "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE LOWER(t) LIKE CONCAT('%s', :title, '%s') "
+ "AND c.category.section = :section")
+ "AND c.category.section = :section "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(name = "Asset.findByTitleAndType",
query = "SELECT a FROM Asset a "
@NamedQuery(
name = "Asset.findByTitleAndType",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.title.values t "
+ "WHERE LOWER(t) LIKE CONCAT('%', :title, '%') "
+ "AND TYPE(a) = :type")
,
@NamedQuery(name = "Asset.findByTitleAndTypeAndContentSection",
query = "SELECT a FROM Asset a "
+ "JOIN a.title.values t "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE LOWER(t) LIKE CONCAT('%', :title, '%') "
+ "AND TYPE(a) = :type "
+ "AND c.category.section = :section")
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.findByTitleAndTypeAndContentSection",
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.title.values t "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE LOWER(t) LIKE CONCAT('%', :title, '%') "
+ "AND TYPE(a) = :type "
+ "AND c.category.section = :section "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.findByFolder",
query = "SELECT a FROM Asset a "
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "'")
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.countInFolder",
query = "SELECT COUNT(a) FROM Asset a "
query = "SELECT COUNT(DISTINCT a) "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "'")
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.filterByFolderAndTitle",
query = "SELECT a FROM Asset a "
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "JOIN a.title.values t "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND LOWER(t) LIKE CONCAT('%', LOWER(:title), '%')")
+ "AND LOWER(t) LIKE CONCAT('%', LOWER(:title), '%') "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.countFilterByFolderAndTitle",
query = "SELECT COUNT(a) FROM Asset a "
query = "SELECT COUNT(DISTINCT a) "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "JOIN a.title.values t "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND LOWER(t) LIKE CONCAT('%', LOWER(:title), '%')")
+ "AND LOWER(t) LIKE CONCAT('%', LOWER(:title), '%') "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.filterByFolderAndType",
query = "SELECT a FROM Asset a "
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND TYPE(a) = :type")
+ "AND TYPE(a) = :type "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ") "
+ "ORDER BY a.displayName")
,
@NamedQuery(
name = "Asset.countFilterByFolderAndType",
query = "SELECT COUNT(a) FROM Asset a "
query = "SELECT COUNT(DISTINCT a) "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND TYPE(a) = :type")
+ "AND TYPE(a) = :type "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.filterByFolderAndTitleAndType",
query = "SELECT a FROM Asset a "
query = "SELECT DISTINCT a "
+ "FROM Asset a "
+ "JOIN a.title.values t "
+ "JOIN a.categories c "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND LOWER(t) LIKE CONCAT('%', LOWER(:title), '%') "
+ "AND TYPE(a) = :type")
+ "AND TYPE(a) = :type "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
,
@NamedQuery(
name = "Asset.countFilterByFolderAndTitleAndType",
query = "SELECT COUNT(a) FROM Asset a "
query = "SELECT COUNT(DISTINCT a) "
+ "FROM Asset a "
+ "JOIN a.categories c "
+ "JOIN a.title.values t "
+ "LEFT JOIN a.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND LOWER(t) LIKE CONCAT('%', LOWER(:title), '%') "
+ "AND TYPE(a) = :type")
+ "AND TYPE(a) = :type "
+ "AND ("
+ " ("
+ " p.grantee IN :roles "
+ " AND p.grantedPrivilege = "
+ " '" + AssetPrivileges.VIEW + "' "
+ " ) "
+ " OR true = :isSystemUser OR true = :isAdmin"
+ ")")
})
public class Asset extends CcmObject {

57
ccm-cms/src/main/java/org/librecms/contentsection/AssetRepository.java
View File

@ -25,9 +25,14 @@ import org.libreccm.categorization.ObjectNotAssignedToCategoryException;
import org.libreccm.core.CcmObjectRepository;
import org.libreccm.core.UnexpectedErrorException;
import org.libreccm.security.AuthorizationRequired;
import org.libreccm.security.PermissionChecker;
import org.libreccm.security.RequiresPrivilege;
import org.libreccm.security.Role;
import org.libreccm.security.Shiro;
import org.libreccm.security.User;
import org.librecms.contentsection.privileges.AssetPrivileges;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
@ -49,6 +54,12 @@ import javax.transaction.Transactional;
public class AssetRepository
extends AbstractAuditedEntityRepository<Long, Asset> {
@Inject
private Shiro shiro;
@Inject
private PermissionChecker permissionChecker;
@Inject
private EntityManager entityManager;
@ -150,9 +161,11 @@ public class AssetRepository
*/
@Transactional(Transactional.TxType.REQUIRED)
public Optional<Asset> findByUuid(final String uuid) {
final TypedQuery<Asset> query = entityManager.createNamedQuery(
"Asset.findByUuid", Asset.class);
final TypedQuery<Asset> query = entityManager
.createNamedQuery("Asset.findByUuid", Asset.class);
query.setParameter("uuid", uuid);
setAuthorizationParameters(query);
try {
return Optional.of(query.getSingleResult());
@ -181,6 +194,7 @@ public class AssetRepository
"Asset.findByUuidAndType", Asset.class);
query.setParameter("uuid", uuid);
query.setParameter("type", type);
setAuthorizationParameters(query);
try {
return Optional.of(query.getSingleResult());
@ -195,6 +209,7 @@ public class AssetRepository
final TypedQuery<Asset> query = entityManager
.createNamedQuery("Asset.findByContentSection", Asset.class);
query.setParameter("section", section);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -217,6 +232,7 @@ public class AssetRepository
final TypedQuery<Asset> query = entityManager
.createNamedQuery("Asset.findByTitle", Asset.class);
query.setParameter("title", title);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -228,6 +244,7 @@ public class AssetRepository
"Asset.findByTitleAndContentSection", Asset.class);
query.setParameter("title", title);
query.setParameter("section", section);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -247,6 +264,7 @@ public class AssetRepository
final TypedQuery<Asset> query = entityManager.createNamedQuery(
"Asset.findByType", Asset.class);
query.setParameter("type", type);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -270,6 +288,7 @@ public class AssetRepository
"Asset.findByTypeAndContentSection", Asset.class);
query.setParameter("type", type);
query.setParameter("section", section);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -292,6 +311,7 @@ public class AssetRepository
.createNamedQuery("Asset.findByTitle", Asset.class);
query.setParameter("title", title);
query.setParameter("type", type);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -307,6 +327,7 @@ public class AssetRepository
query.setParameter("title", title);
query.setParameter("type", type);
query.setParameter("section", section);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -323,6 +344,7 @@ public class AssetRepository
final TypedQuery<Asset> query = entityManager.createNamedQuery(
"Asset.findByFolder", Asset.class);
query.setParameter("folder", folder);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -339,6 +361,7 @@ public class AssetRepository
final TypedQuery<Long> query = entityManager.createNamedQuery(
"Asset.countInFolder", Long.class);
query.setParameter("folder", folder);
setAuthorizationParameters(query);
return query.getSingleResult();
}
@ -362,6 +385,7 @@ public class AssetRepository
"Asset.filterByFolderAndTitle", Asset.class);
query.setParameter("folder", folder);
query.setParameter("title", title);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -385,6 +409,7 @@ public class AssetRepository
"Asset.countFilterByFolderAndTitle", Long.class);
query.setParameter("folder", folder);
query.setParameter("title", title);
setAuthorizationParameters(query);
return query.getSingleResult();
}
@ -407,6 +432,7 @@ public class AssetRepository
"Asset.filterByFolderAndType", Asset.class);
query.setParameter("folder", folder);
query.setParameter("type", type);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -427,6 +453,7 @@ public class AssetRepository
"Asset.countFilterByFolderAndType", Long.class);
query.setParameter("folder", folder);
query.setParameter("type", type);
setAuthorizationParameters(query);
return query.getSingleResult();
}
@ -453,6 +480,7 @@ public class AssetRepository
query.setParameter("folder", folder);
query.setParameter("type", type);
query.setParameter("title", title);
setAuthorizationParameters(query);
return query.getResultList();
}
@ -479,8 +507,33 @@ public class AssetRepository
query.setParameter("folder", folder);
query.setParameter("type", type);
query.setParameter("title", title);
setAuthorizationParameters(query);
return query.getSingleResult();
}
private void setAuthorizationParameters(final TypedQuery<?> query) {
final Optional<User> user = shiro.getUser();
final List<Role> roles;
if (user.isPresent()) {
roles = user
.get()
.getRoleMemberships()
.stream()
.map(membership -> membership.getRole())
.collect(Collectors.toList());
} else {
roles = Collections.emptyList();
}
final boolean isSystemUser = shiro.isSystemUser();
final boolean isAdmin = permissionChecker.isPermitted("*");
query.setParameter("roles", roles);
query.setParameter("isSystemUser", isSystemUser);
query.setParameter("isAdmin", isAdmin);
}
}

28
ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java
View File

@ -73,7 +73,7 @@ import static org.librecms.CmsConstants.*;
query
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE i.objectId = :objectId "
+ "AND ("
+ " ("
@ -93,7 +93,7 @@ import static org.librecms.CmsConstants.*;
query
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE i.uuid = :uuid "
+ "AND ("
+ " ("
@ -113,7 +113,7 @@ import static org.librecms.CmsConstants.*;
query
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE TYPE(i) = :type "
+ "AND ("
+ " ("
@ -133,7 +133,7 @@ import static org.librecms.CmsConstants.*;
query
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE i.objectId = :objectId "
+ "AND TYPE(i) = :type "
+ "AND ("
@ -154,7 +154,7 @@ import static org.librecms.CmsConstants.*;
query
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE i.uuid = :uuid "
+ "AND TYPE(i) = :type "
+ "AND ("
@ -176,7 +176,7 @@ import static org.librecms.CmsConstants.*;
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.categories c "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND ("
@ -198,7 +198,7 @@ import static org.librecms.CmsConstants.*;
= "SELECT COUNT(DISTINCT i) "
+ "FROM ContentItem i "
+ "JOIN i.categories c "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND ("
@ -220,7 +220,7 @@ import static org.librecms.CmsConstants.*;
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.categories c "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND i.displayName = :name "
@ -242,7 +242,7 @@ import static org.librecms.CmsConstants.*;
query = "SELECT COUNT(DISTINCT i)"
+ " FROM ContentItem i "
+ "JOIN i.categories c "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND i.displayName = :name "
@ -264,7 +264,7 @@ import static org.librecms.CmsConstants.*;
query = "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.categories c "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND LOWER(i.displayName) LIKE CONCAT(LOWER(:name), '%') "
@ -286,7 +286,7 @@ import static org.librecms.CmsConstants.*;
name = "ContentItem.countFilterByFolderAndName",
query = "SELECT COUNT(DISTINCT i) FROM ContentItem i "
+ "JOIN i.categories c "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE c.category = :folder "
+ "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ "AND LOWER(i.displayName) LIKE CONCAT(LOWER(:name), '%') "
@ -316,7 +316,7 @@ import static org.librecms.CmsConstants.*;
query
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE i.itemUuid = :uuid "
+ "AND i.version = 'DRAFT' "
+ "AND "
@ -329,7 +329,7 @@ import static org.librecms.CmsConstants.*;
query
= "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE i.itemUuid = :uuid "
+ "AND i.version = 'LIVE' "
+ "AND "
@ -344,7 +344,7 @@ import static org.librecms.CmsConstants.*;
name = "ContentItem.findItemWithWorkflow",
query = "SELECT DISTINCT i "
+ "FROM ContentItem i "
+ "JOIN i.permissions p "
+ "LEFT JOIN i.permissions p "
+ "WHERE i.workflow = :workflow "
+ "AND ("
+ " ("

195
ccm-cms/src/test/java/org/librecms/contentsection/AssetRepositoryTest.java
View File

@ -20,6 +20,7 @@ package org.librecms.contentsection;
import static org.libreccm.testutils.DependenciesHelpers.*;
import org.apache.shiro.subject.Subject;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.ShouldThrowException;
import org.jboss.arquillian.junit.Arquillian;
@ -47,11 +48,13 @@ import java.util.List;
import java.util.Optional;
import javax.inject.Inject;
import org.jboss.arquillian.persistence.CleanupUsingScript;
import org.librecms.assets.FileAsset;
import org.librecms.assets.Image;
import org.librecms.assets.VideoAsset;
import org.librecms.contentsection.rs.Assets;
import static org.hamcrest.CoreMatchers.*;
import static org.junit.Assert.*;
@ -232,14 +235,31 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void findAssetByUuid() {
final Optional<Asset> header = assetRepo.findByUuid(
"4635589f-b87a-46d9-979e-6af14af063e5");
final Optional<Asset> phb = assetRepo.findByUuid(
"0a192e98-3b28-49d0-833f-bc9ff5f9d1d4");
final Optional<Asset> datasheet = assetRepo.findByUuid(
"0393840f-06a6-4ec3-aeb3-a612f845ad60");
final Optional<Asset> none = assetRepo.findByUuid(
"5211bf56-c20b-40b3-8ef8-0c7d35325fda");
final Optional<Asset> header = shiro
.getSystemUser()
.execute(() -> {
return assetRepo
.findByUuid("4635589f-b87a-46d9-979e-6af14af063e5");
});
final Optional<Asset> phb = shiro
.getSystemUser()
.execute(() -> {
return assetRepo
.findByUuid("0a192e98-3b28-49d0-833f-bc9ff5f9d1d4");
});
final Optional<Asset> datasheet = shiro
.getSystemUser()
.execute(() -> {
return assetRepo
.findByUuid("0393840f-06a6-4ec3-aeb3-a612f845ad60");
});
final Optional<Asset> none = shiro
.getSystemUser()
.execute(() -> {
return assetRepo
.findByUuid("5211bf56-c20b-40b3-8ef8-0c7d35325fda");
});
assertThat(header.isPresent(), is(true));
assertThat(header.get(), is(instanceOf(Asset.class)));
@ -272,9 +292,21 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void findAssetByUuidAndType() {
final Optional<Asset> asset = assetRepo.findByUuidAndType(
"4635589f-b87a-46d9-979e-6af14af063e5", Image.class);
final Optional<Asset> none = assetRepo.findByUuidAndType("4635589f-b87a-46d9-979e-6af14af063e5", FileAsset.class);
final Optional<Asset> asset = shiro
.getSystemUser()
.execute(() -> {
return assetRepo
.findByUuidAndType("4635589f-b87a-46d9-979e-6af14af063e5",
Image.class);
});
final Optional<Asset> none = shiro
.getSystemUser()
.execute(() -> {
return assetRepo
.findByUuidAndType("4635589f-b87a-46d9-979e-6af14af063e5",
FileAsset.class);
});
assertThat(asset.isPresent(), is(true));
assertThat(asset.get().getDisplayName(), is(equalTo("header.png")));
@ -291,8 +323,13 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void findAssetByType() {
final List<Asset> images = assetRepo.findByType(Image.class);
final List<Asset> files = assetRepo.findByType(FileAsset.class);
final List<Asset> images = shiro
.getSystemUser()
.execute(() -> assetRepo.findByType(Image.class));
final List<Asset> files = shiro
.getSystemUser()
.execute(() -> assetRepo.findByType(FileAsset.class));
assertThat(images.isEmpty(), is(false));
assertThat(files.isEmpty(), is(false));
@ -301,13 +338,14 @@ public class AssetRepositoryTest {
assertThat(files.size(), is(2));
assertThat(images.get(0).getDisplayName(), is(equalTo("header.png")));
assertThat(images.get(1).getDisplayName(), is(equalTo("the-phb.png")));
assertThat(images.get(2).getDisplayName(),
assertThat(images.get(1).getDisplayName(),
is(equalTo("services-header.png")));
assertThat(images.get(2).getDisplayName(), is(equalTo("the-phb.png")));
assertThat(files.get(0).getDisplayName(),
assertThat(files.get(0).getDisplayName(), is(equalTo("catalog.pdf")));
assertThat(files.get(1).getDisplayName(),
is(equalTo("product1-datasheet.pdf")));
assertThat(files.get(1).getDisplayName(), is(equalTo("catalog.pdf")));
}
/**
@ -319,11 +357,16 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void findAssetsByFolder() {
final Folder media = folderRepo.findById(-400L).get();
final Folder data = folderRepo.findById(-500L).get();
final List<Asset> mediaAssets = assetRepo.findByFolder(media);
final List<Asset> dataAssets = assetRepo.findByFolder(data);
final List<Asset> mediaAssets = shiro
.getSystemUser()
.execute(() -> assetRepo.findByFolder(media));
final List<Asset> dataAssets = shiro
.getSystemUser()
.execute(() -> assetRepo.findByFolder(data));
assertThat(mediaAssets.size(), is(5));
assertThat(dataAssets.size(), is(0));
@ -339,11 +382,18 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void countAssetsInFolder() {
final Folder media = folderRepo.findById(-400L).get();
final Folder data = folderRepo.findById(-500L).get();
assertThat(assetRepo.countAssetsInFolder(media), is(5L));
assertThat(assetRepo.countAssetsInFolder(data), is(0L));
final Subject systemUser = shiro.getSystemUser();
assertThat(
systemUser.execute(() -> assetRepo.countAssetsInFolder(media)),
is(5L));
assertThat(
systemUser.execute(() -> assetRepo.countAssetsInFolder(data)),
is(0L));
}
/**
@ -355,12 +405,17 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void filterAssetByFolderAndTitle() {
final Folder media = folderRepo.findById(-400L).get();
final List<Asset> result1 = assetRepo.filterByFolderAndTitle(media,
"hea");
final List<Asset> result2 = assetRepo.filterByFolderAndTitle(media,
"photo");
final Folder media = shiro
.getSystemUser()
.execute(() -> folderRepo.findById(-400L).get());
final List<Asset> result1 = shiro
.getSystemUser()
.execute(() -> assetRepo.filterByFolderAndTitle(media, "hea"));
final List<Asset> result2 = shiro
.getSystemUser()
.execute(() -> assetRepo.filterByFolderAndTitle(media, "photo"));
assertThat(result1.size(), is(2));
assertThat(result2.size(), is(0));
@ -378,11 +433,20 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void countFilterAssetByFolderAndTitle() {
final Folder media = folderRepo.findById(-400L).get();
assertThat(assetRepo.countFilterByFolderAndTitle(media, "hea"),
final Subject systemUser = shiro.getSystemUser();
assertThat(
systemUser.execute(() -> {
return assetRepo.countFilterByFolderAndTitle(media, "hea");
}),
is(2L));
assertThat(assetRepo.countFilterByFolderAndTitle(media, "photo"),
assertThat(
systemUser.execute(() -> {
return assetRepo.countFilterByFolderAndTitle(media, "photo");
}),
is(0L));
}
@ -396,27 +460,34 @@ public class AssetRepositoryTest {
@UsingDataSet(
"datasets/org/librecms/contentsection/AssetRepositoryTest/data.xml")
public void filterAssetsByFolderAndType() {
final Folder media = folderRepo.findById(-400L).get();
final List<Asset> images = assetRepo.filterByFolderAndType(media,
Image.class);
final List<Asset> files = assetRepo.filterByFolderAndType(media,
FileAsset.class);
final List<Asset> videos = assetRepo.filterByFolderAndType(
media, VideoAsset.class);
final Subject systemUser = shiro.getSystemUser();
final List<Asset> images = systemUser
.execute(() -> assetRepo.filterByFolderAndType(media,
Image.class));
final List<Asset> files = systemUser
.execute(() -> assetRepo.filterByFolderAndType(media,
FileAsset.class));
final List<Asset> videos = systemUser
.execute(() -> assetRepo.filterByFolderAndType(media,
VideoAsset.class));
assertThat(images.size(), is(3));
assertThat(files.size(), is(2));
assertThat(videos.size(), is(0));
assertThat(images.get(0).getDisplayName(), is(equalTo("header.png")));
assertThat(images.get(1).getDisplayName(), is(equalTo("the-phb.png")));
assertThat(images.get(2).getDisplayName(),
assertThat(images.get(1).getDisplayName(),
is(equalTo("services-header.png")));
assertThat(images.get(2).getDisplayName(), is(equalTo("the-phb.png")));
assertThat(files.get(0).getDisplayName(),
assertThat(files.get(0).getDisplayName(), is(equalTo("catalog.pdf")));
assertThat(files.get(1).getDisplayName(),
is(equalTo("product1-datasheet.pdf")));
assertThat(files.get(1).getDisplayName(), is(equalTo("catalog.pdf")));
}
/**
@ -431,11 +502,24 @@ public class AssetRepositoryTest {
public void countFilterAssetsByFolderAndType() {
final Folder media = folderRepo.findById(-400L).get();
assertThat(assetRepo.countFilterByFolderAndType(media, Image.class),
final Subject systemUser = shiro.getSystemUser();
assertThat(
systemUser.execute(() -> {
return assetRepo.countFilterByFolderAndType(media, Image.class);
}),
is(3L));
assertThat(assetRepo.countFilterByFolderAndType(media, FileAsset.class),
assertThat(
systemUser.execute(() -> {
return assetRepo.countFilterByFolderAndType(media,
FileAsset.class);
}),
is(2L));
assertThat(assetRepo.countFilterByFolderAndType(media, VideoAsset.class),
assertThat(
systemUser.execute(() -> {
return assetRepo.countFilterByFolderAndType(media,
VideoAsset.class);
}),
is(0L));
}
@ -451,9 +535,16 @@ public class AssetRepositoryTest {
public void filterAssetsByFolderAndTypeAndTitle() {
final Folder media = folderRepo.findById(-400L).get();
final List<Asset> result1 = assetRepo.filterByFolderAndTypeAndTitle(
media, Image.class, "hea");
final List<Asset> result2 = assetRepo.filterByFolderAndTypeAndTitle(media, FileAsset.class, "hea");
final List<Asset> result1 = shiro
.getSystemUser()
.execute(() -> assetRepo.filterByFolderAndTypeAndTitle(media,
Image.class,
"hea"));
final List<Asset> result2 = shiro
.getSystemUser()
.execute(() -> assetRepo.filterByFolderAndTypeAndTitle(media,
FileAsset.class,
"hea"));
assertThat(result1.size(), is(2));
assertThat(result2.size(), is(0));
@ -472,10 +563,20 @@ public class AssetRepositoryTest {
public void countFilterAssetsByFolderAndTypeAndTitle() {
final Folder media = folderRepo.findById(-400L).get();
assertThat(assetRepo.countFilterByFolderAndTypeAndTitle(
media, Image.class, "hea"),
final Subject systemUser = shiro.getSystemUser();
assertThat(
systemUser.execute(() -> {
return assetRepo.countFilterByFolderAndTypeAndTitle(
media, Image.class, "hea");
}),
is(2L));
assertThat(assetRepo.countFilterByFolderAndTypeAndTitle(media, FileAsset.class, "hea"),
assertThat(
systemUser.execute(() -> {
return assetRepo.countFilterByFolderAndTypeAndTitle(media,
FileAsset.class,
"hea");
}),
is(0L));
}