Source code

001/*
002 *  Copyright 2021 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.plugins.forms.actions;
017
018import java.util.ArrayList;
019import java.util.HashMap;
020import java.util.List;
021import java.util.Map;
022
023import org.apache.avalon.framework.parameters.Parameters;
024import org.apache.avalon.framework.service.ServiceException;
025import org.apache.avalon.framework.service.ServiceManager;
026import org.apache.cocoon.acting.ServiceableAction;
027import org.apache.cocoon.environment.ObjectModelHelper;
028import org.apache.cocoon.environment.Redirector;
029import org.apache.cocoon.environment.Request;
030import org.apache.cocoon.environment.SourceResolver;
031
032import org.ametys.core.cocoon.JSonReader;
033import org.ametys.core.user.CurrentUserProvider;
034import org.ametys.core.user.UserIdentity;
035import org.ametys.plugins.forms.dao.FormDAO;
036import org.ametys.plugins.forms.dao.FormPageDAO;
037import org.ametys.plugins.forms.dao.FormQuestionDAO;
038import org.ametys.plugins.forms.repository.Form;
039import org.ametys.plugins.forms.repository.FormPage;
040import org.ametys.plugins.forms.repository.FormQuestion;
041import org.ametys.plugins.repository.AmetysObject;
042import org.ametys.plugins.repository.AmetysObjectResolver;
043import org.ametys.runtime.authentication.AccessDeniedException;
044
045/**
046 * Get the form structure to built tree
047 */
048public class GetFormStructureAction extends ServiceableAction
049{
050    /** The Ametys object resolver */
051    protected AmetysObjectResolver _resolver;
052    
053    /** The form DAO */
054    protected FormDAO _formDAO;
055    
056    /** DAO for manipulating form pages */
057    protected FormPageDAO _formPageDAO;
058    
059    /** DAO for manipulating form pages */
060    protected FormQuestionDAO _formQuestionDAO;
061    
062    /** The current user provider */
063    protected CurrentUserProvider _currentUserProvider;
064    
065    @Override
066    public void service(ServiceManager serviceManager) throws ServiceException
067    {
068        super.service(serviceManager);
069        _resolver = (AmetysObjectResolver) serviceManager.lookup(AmetysObjectResolver.ROLE);
070        _formDAO = (FormDAO) serviceManager.lookup(FormDAO.ROLE);
071        _formPageDAO = (FormPageDAO) serviceManager.lookup(FormPageDAO.ROLE);
072        _formQuestionDAO = (FormQuestionDAO) serviceManager.lookup(FormQuestionDAO.ROLE);
073        _currentUserProvider = (CurrentUserProvider) serviceManager.lookup(CurrentUserProvider.ROLE);
074    }
075    
076    public Map act(Redirector redirector, SourceResolver resolver, Map objectModel, String source, Parameters parameters) throws Exception
077    {
078        @SuppressWarnings("unchecked")
079        Map<String, Object> jsParameters = (Map<String, Object>) objectModel.get(ObjectModelHelper.PARENT_CONTEXT);
080        
081        AmetysObject currentNode = _resolver.resolveById((String) jsParameters.get("node"));
082        
083        List<Map<String, Object>> nodes = new ArrayList<>();
084        if (currentNode instanceof Form form)
085        {
086            _checkReadAccess(form);
087            for (FormPage page : form.getPages())
088            {
089                nodes.add(_formPageDAO.getPageProperties(page, false));
090            }
091        }
092        else if (currentNode instanceof FormPage page) 
093        {
094            _checkReadAccess(page.getForm());
095            for (FormQuestion question : page.getQuestions())
096            {
097                nodes.add(_formQuestionDAO.getQuestionProperties(question, false));
098            }
099        }
100        
101        Map<String, Object> result = new HashMap<>();
102        result.put("pages", nodes);
103        
104        Request request = ObjectModelHelper.getRequest(objectModel);
105        request.setAttribute(JSonReader.OBJECT_TO_READ, result);
106        
107        return EMPTY_MAP;
108    }
109    
110    private void _checkReadAccess(Form form)
111    {
112        UserIdentity user = _currentUserProvider.getUser();
113        if (!_formDAO.hasReadRightOnForm(user, form))
114        {
115            throw new AccessDeniedException("User '" + user + "' is not allowed to access the form with id '" + form.getId() + "'");
116        }
117    }
118}