diff --git a/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java b/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java
index a7e0c16b8..3ca5574b3 100644
--- a/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java
+++ b/ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java
@@ -54,6 +54,7 @@ import org.hibernate.search.annotations.IndexedEmbedded;
import javax.persistence.FetchType;
import org.hibernate.envers.NotAudited;
+import org.librecms.contentsection.privileges.ItemPrivileges;
import static org.librecms.CmsConstants.*;
@@ -69,42 +70,95 @@ import static org.librecms.CmsConstants.*;
@NamedQueries({
@NamedQuery(
name = "ContentItem.findById",
- query = "SELECT DISTINCT i "
- + "FROM ContentItem i "
- + "JOIN i.permissions p "
- + "WHERE i.objectId = :objectId "
- + "AND ((p.grantee IN :roles "
- + "AND p.grantedPrivilege = (CASE WHEN i.version = 'DRAFT' THEN 'preview_items' ELSE 'view_published_items' END)) "
- + "OR true = :isSystemUser OR true = :isAdmin)")
+ query
+ = "SELECT DISTINCT i "
+ + "FROM ContentItem i "
+ + "JOIN i.permissions p "
+ + "WHERE i.objectId = :objectId "
+ + "AND ("
+ + " ("
+ + " p.grantee IN :roles "
+ + " AND p.grantedPrivilege = "
+ + " (CASE WHEN i.version = 'DRAFT' "
+ + " THEN '" + ItemPrivileges.PREVIEW + "' "
+ + " ELSE '" + ItemPrivileges.VIEW_PUBLISHED + "' "
+ + " END"
+ + " )"
+ + " ) "
+ + " OR true = :isSystemUser OR true = :isAdmin"
+ + " )")
,
@NamedQuery(
name = "ContentItem.findByType",
- query = "SELECT i FROM ContentItem i WHERE TYPE(i) = :type")
+ query
+ = "SELECT DISTINCT i "
+ + "FROM ContentItem i "
+ + "JOIN i.permissions p "
+ + "WHERE TYPE(i) = :type "
+ + "AND ("
+ + " ("
+ + " p.grantee IN :roles "
+ + " AND p.grantedPrivilege = "
+ + " (CASE WHEN i.version = 'DRAFT' "
+ + " THEN '" + ItemPrivileges.PREVIEW + "' "
+ + " ELSE '" + ItemPrivileges.VIEW_PUBLISHED + "' "
+ + " END"
+ + " )"
+ + " ) "
+ + " OR true = :isSystemUser OR true = :isAdmin"
+ + " )")
,
@NamedQuery(
name = "ContentItem.findByFolder",
- query = "SELECT i FROM ContentItem i "
- + "JOIN i.categories c "
- + "WHERE c.category = :folder "
- + "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER
- + "'")
+ query
+ = "SELECT DISTINCT i "
+ + "FROM ContentItem i "
+ + "JOIN i.categories c "
+ + "JOIN i.permissions p "
+ + "WHERE c.category = :folder "
+ + "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ + "AND ("
+ + " ("
+ + " p.grantee IN :roles "
+ + " AND p.grantedPrivilege = "
+ + " (CASE WHEN i.version = 'DRAFT' "
+ + " THEN '" + ItemPrivileges.PREVIEW + "' "
+ + " ELSE '" + ItemPrivileges.VIEW_PUBLISHED + "' "
+ + " END"
+ + " )"
+ + " )"
+ + " OR true = :isSystemUser OR true = :isAdmin"
+ + " )")
,
@NamedQuery(
name = "ContentItem.countItemsInFolder",
- query = "SELECT count(i) FROM ContentItem i "
+ query = "SELECT COUNT(i) FROM ContentItem i "
+ "JOIN i.categories c "
+ "WHERE c.category = :folder "
- + "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER
- + "'")
+ + "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "'")
,
@NamedQuery(
name = "ContentItem.findByNameInFolder",
- query = "SELECT i FROM ContentItem i "
- + "JOIN i.categories c "
- + "WHERE c.category = :folder "
- + "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER
- + "' "
- + "AND i.displayName = :name")
+ query
+ = "SELECT DISTINCT i "
+ + "FROM ContentItem i "
+ + "JOIN i.categories c "
+ + "JOIN i.permissions p "
+ + "WHERE c.category = :folder "
+ + "AND c.type = '" + CATEGORIZATION_TYPE_FOLDER + "' "
+ + "AND i.displayName = :name "
+ + "AND ("
+ + " ("
+ + " p.grantee IN :roles "
+ + " AND p.grantedPrivilege = "
+ + " (CASE WHEN i.version = 'DRAFT' "
+ + " THEN '" + ItemPrivileges.PREVIEW + "' "
+ + " ELSE '" + ItemPrivileges.VIEW_PUBLISHED + "' "
+ + " END"
+ + " )"
+ + " )"
+ + " OR true = :isSystemUser OR true = :isAdmin"
+ + " )")
,
@NamedQuery(
name = "ContentItem.countByNameInFolder",
diff --git a/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/index.jsp b/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/index.jsp
index 530ca77bc..d9b4be13f 100644
--- a/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/index.jsp
+++ b/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/index.jsp
@@ -1,21 +1,21 @@
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
+
private ContentSectionPage sectionPage = new ContentSectionPage();
-
+
-
+
// Restore the wrapped request
HttpServletRequest myRequest = DispatcherHelper.getRequest();
DispatcherHelper.cacheDisable(response);
@@ -32,7 +32,7 @@
RequestContext context = DispatcherHelper.getRequestContext(myRequest);
sectionPage.init();
sectionPage.dispatch(myRequest, response, context);
-
+
diff --git a/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/item.jsp b/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/item.jsp
index b41a27d44..d5fa01414 100644
--- a/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/item.jsp
+++ b/ccm-cms/src/main/resources/templates/ccm-cms/content-section/admin/item.jsp
@@ -1,27 +1,22 @@
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
-
-
- private static final Logger s_log =
- LogManager.getLogger("content-section.www.admin.item.jsp");
+
private ContentItemPage itemPage = null;
private Date timestamp = new Date(0);
-
+
-
- s_log.debug("entered item.jsp's service method");
+
// Restore the wrapped request
HttpServletRequest myRequest = DispatcherHelper.getRequest();
DispatcherHelper.cacheDisable(response);
@@ -31,38 +26,26 @@
ContentSection section = ContentSectionServlet.getContentSection(myRequest);
-
- if (Web.getWebContext().getUser() == null) {
+ //if (Web.getWebContext().getUser() == null) {
+ if (!CdiUtil.createCdiUtil().findBean(Shiro.class).getSubject().isAuthenticated()) {
throw new LoginSignal(myRequest);
} else if (! ContentSectionServlet.checkAdminAccess(myRequest, section)) {
- throw new com.arsdigita.cms.dispatcher.AccessDeniedException();
+ throw new com.arsdigita.dispatcher.AccessDeniedException();
}
// page needs to be refreshed when content types or authoring kits
// in the section change
synchronized(this) {
if (Utilities.getLastSectionRefresh(section).after(timestamp)) {
- s_log.debug("refreshing itemPage");
- s_log.debug("Creating new ContentItemPage instance...");
itemPage = new ContentItemPage();
- s_log.debug("Calling init on new instance...");
itemPage.init();
- s_log.debug("Creating time stamp...");
timestamp = new Date();
}
}
- s_log.debug("Starting dispatch process...");
RequestContext context = DispatcherHelper.getRequestContext(myRequest);
- if(itemPage == null) {
- s_log.warn("WARNING: itemPage is NULL");
- }
- else {
- s_log.info("ALL OK: itemPage is not null");
- }
itemPage.dispatch(myRequest, response, context);
- s_log.debug("exited item.jsp's service method");
-
+