CCM NG/ccm-cms: Bugfixes

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4784 8810af33-2d31-482b-a856-94f89814c4df
2017-06-15 12:55:30 +00:00 · 2017-06-15 12:55:30 +00:00 · 40c375730d
parent f726dd43eb
commit 40c375730d
3 changed files with 82 additions and 11 deletions
--- a/ccm-cms/src/main/java/com/arsdigita/cms/dispatcher/CMSPage.java
+++ b/ccm-cms/src/main/java/com/arsdigita/cms/dispatcher/CMSPage.java
@ -293,11 +293,13 @@ public class CMSPage extends Page implements ResourceHandler {
        if (itemId != null) {
            final CdiUtil cdiUtil = CdiUtil.createCdiUtil();
            final ContentItemRepository itemRepo = cdiUtil.findBean(ContentItemRepository.class);
-            final ContentItem item = itemRepo.findById(Long.parseLong("item_id")).get();
+            final ContentItem item = itemRepo
+                .findById(Long.parseLong(itemId)).get();
            final PermissionChecker permissionChecker = cdiUtil.findBean(
                PermissionChecker.class);
            permissionChecker.checkPermission(ItemPrivileges.PREVIEW, 
                                              item);
+            CMS.getContext().setContentItem(item);
        }
        
        final Document document = buildDocument(request, response);
--- a/ccm-cms/src/main/java/org/librecms/contentsection/ContentItemRepository.java
+++ b/ccm-cms/src/main/java/org/librecms/contentsection/ContentItemRepository.java
@ -32,6 +32,7 @@ import org.libreccm.core.CcmObjectRepository;
 import org.libreccm.core.UnexpectedErrorException;
 import org.libreccm.security.PermissionChecker;
 import org.libreccm.security.Role;
+import org.libreccm.security.RoleManager;

 import java.util.List;
 import java.util.Optional;
@ -44,8 +45,11 @@ import javax.persistence.TypedQuery;

 import org.libreccm.security.Shiro;
 import org.libreccm.security.User;
+import org.libreccm.security.UserManager;
+import org.libreccm.security.UserRepository;
 import org.libreccm.workflow.Workflow;

+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.stream.Collectors;

@ -75,6 +79,15 @@ public class ContentItemRepository
    @Inject
    private Shiro shiro;

+    @Inject
+    private UserRepository userRepository;
+
+    @Inject
+    private UserManager userManager;
+
+    @Inject
+    private RoleManager roleManager;
+
    @Inject
    private PermissionChecker permissionChecker;

@ -110,6 +123,7 @@ public class ContentItemRepository
     * @return The content item identified by the provided {@code itemId} or
     *         nothing if there is such content item.
     */
+    @Transactional(Transactional.TxType.REQUIRED)
    public Optional<ContentItem> findById(final long itemId) {

        final TypedQuery<ContentItem> query = getEntityManager()
@ -166,6 +180,7 @@ public class ContentItemRepository
     * @return The content item identified by the provided {@code uuid} or
     *         nothing if there is such content item.
     */
+    @Transactional(Transactional.TxType.REQUIRED)
    public Optional<ContentItem> findByUuid(final String uuid) {

        final TypedQuery<ContentItem> query = getEntityManager()
@ -193,6 +208,7 @@ public class ContentItemRepository
     *         {@link Optional} if there is no such item or if it is not of the
     *         requested type.
     */
+    @Transactional(Transactional.TxType.REQUIRED)
    @SuppressWarnings("unchecked")
    public <T extends ContentItem> Optional<T> findByUuid(final String uuid,
                                                          final Class<T> type) {
@ -224,6 +240,7 @@ public class ContentItemRepository
     *
     * @return A list of all content items of the requested type.
     */
+    @Transactional(Transactional.TxType.REQUIRED)
    @SuppressWarnings("unchecked")
    public <T extends ContentItem> List<T> findByType(final Class<T> type) {

@ -242,6 +259,7 @@ public class ContentItemRepository
     *
     * @return A list of all items in the provided folder.
     */
+    @Transactional(Transactional.TxType.REQUIRED)
    public List<ContentItem> findByFolder(final Category folder) {

        final TypedQuery<ContentItem> query = getEntityManager()
@ -260,6 +278,7 @@ public class ContentItemRepository
     *
     * @return The number of content items in the category/folder.
     */
+    @Transactional(Transactional.TxType.REQUIRED)
    public long countItemsInFolder(final Category folder) {

        final TypedQuery<Long> query = getEntityManager()
@ -499,20 +518,29 @@ public class ContentItemRepository
        final Optional<User> user = shiro.getUser();
        final List<Role> roles;
        if (user.isPresent()) {
-            roles = user
-                .get()
-                .getRoleMemberships()
-                .stream()
-                .map(membership -> membership.getRole())
-                .collect(Collectors.toList());
+            final User theUser = userRepository
+                .findById(user.get().getPartyId())
+                .orElseThrow(() -> new IllegalArgumentException(String
+                .format(
+                    "No user with id %d in the database. "
+                        + "Where did that ID come from?",
+                    user.get().getPartyId())));
+            roles = roleManager.findAllRolesForUser(theUser);
        } else {
+
            roles = Collections.emptyList();
        }

        final boolean isSystemUser = shiro.isSystemUser();
        final boolean isAdmin = permissionChecker.isPermitted("*");

-        query.setParameter("roles", roles);
+        // The roles collection is passed to an IN JPQL query. JPQL/SQL
+        // does not allow empty collections as paramete of IN. But null works...
+        if (roles.isEmpty()) {
+            query.setParameter("roles", null);
+        } else {
+            query.setParameter("roles", roles);
+        }
        query.setParameter("isSystemUser", isSystemUser);
        query.setParameter("isAdmin", isAdmin);
    }
--- a/ccm-core/src/main/java/org/libreccm/security/RoleManager.java
+++ b/ccm-core/src/main/java/org/libreccm/security/RoleManager.java
@ -20,7 +20,11 @@ package org.libreccm.security;

 import org.libreccm.core.CoreConstants;

+import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;

 import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
@ -125,11 +129,12 @@ public class RoleManager {

    /**
     * Determines if a role is assigned to a party.
-     *  
+     *
     * @param party The party to check.
-     * @param role The role to check.
+     * @param role  The role to check.
+     *
     * @return {@code true} if the provided {@code role} is assigned to the
-     * provided {@code party}.
+     *         provided {@code party}.
     */
    public boolean hasRole(final Party party, final Role role) {
        final TypedQuery<RoleMembership> query = entityManager
@ -142,4 +147,40 @@ public class RoleManager {
        return !result.isEmpty();
    }

+    /**
+     * Finds all roles directly or indirectly assigned to a user.
+     *
+     * @param user The user
+     *
+     * @return A list of all roles assigned to the user or to a group the user
+     *         is a member of, sorted by name.
+     */
+    @Transactional(Transactional.TxType.REQUIRED)
+    public List<Role> findAllRolesForUser(final User user) {
+
+        final List<Role> directlyAssigned = user
+            .getRoleMemberships()
+            .stream()
+            .map(membership -> membership.getRole())
+            .collect(Collectors.toList());
+
+        final Set<Role> roles = new HashSet<>();
+
+        final List<Group> groups = user
+            .getGroupMemberships()
+            .stream()
+            .map(membership -> membership.getGroup())
+            .collect(Collectors.toList());
+
+        for (final Group group : groups) {
+            roles.addAll(group
+                .getRoleMemberships()
+                .stream()
+                .map(membership -> membership.getRole())
+                .collect(Collectors.toList()));
+        }
+        
+        return new ArrayList<>(roles);
+    }
+
 }