CCM NG/ccm-cms: Query for retrieving ContentItems by ID which takes the permissions into account.

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@4726 8810af33-2d31-482b-a856-94f89814c4df

Former-commit-id: 12fed67308

ccm-cms/src/main/java/org/librecms/contentsection/ContentItem.java

@@ -21,11 +21,9 @@ package org.librecms.contentsection;
 import org.hibernate.envers.Audited;
 import org.hibernate.envers.RelationTargetAuditMode;
 import org.hibernate.search.annotations.Field;
-import org.libreccm.categorization.Categorization;
 import org.libreccm.core.CcmObject;
 import org.libreccm.l10n.LocalizedString;
 import org.libreccm.workflow.Workflow;
-import org.librecms.CmsConstants;
 import org.librecms.lifecycle.Lifecycle;
 
 import java.io.Serializable;
@@ -34,8 +32,6 @@ import java.util.Collections;
 import java.util.Date;
 import java.util.List;
 import java.util.Objects;
-import java.util.Optional;
-import java.util.stream.Collectors;
 
 import javax.persistence.AssociationOverride;
 import javax.persistence.Column;
@@ -56,6 +52,7 @@ import javax.persistence.TemporalType;
 import org.hibernate.search.annotations.IndexedEmbedded;
 
 import javax.persistence.FetchType;
+
 import org.hibernate.envers.NotAudited;
 
 import static org.librecms.CmsConstants.*;
@@ -72,13 +69,13 @@ import static org.librecms.CmsConstants.*;
 @NamedQueries({
     @NamedQuery(
         name = "ContentItem.findById",
-        query = "SELECT i FROM ContentItem i "
+        query = "SELECT DISTINCT i "
+                    + "FROM ContentItem i "
+                    + "JOIN i.permissions p "
                     + "WHERE i.objectId = :objectId "
-                    + "AND (EXISTS(SELECT p FROM Permission p "
+                    + "AND ((p.grantee IN :roles "
-                    + "WHERE p.grantedPrivilege = 'read' "
+                    + "AND p.grantedPrivilege = (CASE WHEN i.version = 'DRAFT' THEN 'preview_items' ELSE 'view_published_items' END)) "
-                    + "AND p.grantee IN :roles "
+                + "OR true = :isSystemUser OR true = :isAdmin)")
-                    + "AND p.object = i)"
-                    + "OR true = :admin)")
     ,
     @NamedQuery(
         name = "ContentItem.findByType",

ccm-cms/src/main/java/org/librecms/contentsection/ContentItemRepository.java

@@ -401,9 +401,6 @@ public class ContentItemRepository
 
         final ContentItem draft = itemManager.getDraftVersion(item,
                                                               ContentItem.class);
-//        draft.getCategories().stream()
-//            .map(categorization -> categorization.getCategory())
-//            .forEach(category -> removeCategoryFromItem(item, category));
         for (final Categorization categorization : draft.getCategories()) {
             final Category category = categorization.getCategory();
 

ccm-cms/src/main/java/org/librecms/contentsection/FolderManager.java

@@ -23,16 +23,13 @@ import com.arsdigita.kernel.KernelConfig;
 import org.libreccm.categorization.Category;
 import org.libreccm.categorization.CategoryManager;
 import org.libreccm.configuration.ConfigurationManager;
-import org.libreccm.core.UnexpectedErrorException;
 
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
 import java.util.Optional;
-import java.util.stream.Collectors;
 
-import javax.batch.api.chunk.ItemReader;
 import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
 import javax.persistence.EntityManager;