001/* 002 * Copyright 2017 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.ametys.plugins.calendar.events; 017 018import java.io.IOException; 019 020import org.apache.avalon.framework.service.ServiceException; 021import org.apache.avalon.framework.service.ServiceManager; 022import org.apache.cocoon.ProcessingException; 023import org.apache.cocoon.xml.XMLUtils; 024import org.apache.commons.lang.StringUtils; 025import org.xml.sax.SAXException; 026 027import org.ametys.cms.repository.Content; 028import org.ametys.core.right.RightManager; 029import org.ametys.core.user.CurrentUserProvider; 030import org.ametys.core.user.UserIdentity; 031import org.ametys.core.util.URIUtils; 032import org.ametys.plugins.repository.AmetysObjectResolver; 033import org.ametys.runtime.authentication.AccessDeniedException; 034import org.ametys.runtime.authentication.AuthorizationRequiredException; 035 036/** 037 * Sax an event 038 */ 039public class EventGenerator extends AbstractEventGenerator 040{ 041 /** The ametys object resolver. */ 042 protected AmetysObjectResolver _ametysResolver; 043 /** The right manager */ 044 protected RightManager _rightManager; 045 /** The current user provider */ 046 protected CurrentUserProvider _currentUserProvider; 047 048 @Override 049 public void service(ServiceManager serviceManager) throws ServiceException 050 { 051 super.service(serviceManager); 052 _ametysResolver = (AmetysObjectResolver) serviceManager.lookup(AmetysObjectResolver.ROLE); 053 _currentUserProvider = (CurrentUserProvider) serviceManager.lookup(CurrentUserProvider.ROLE); 054 _rightManager = (RightManager) serviceManager.lookup(RightManager.ROLE); 055 } 056 057 @Override 058 public void generate() throws IOException, SAXException, ProcessingException 059 { 060 String contentId = parameters.getParameter("contentId", ""); 061 if (StringUtils.isNotEmpty(contentId)) 062 { 063 contentId = URIUtils.decode(contentId); 064 } 065 Content content = _ametysResolver.resolveById(contentId); 066 067 // Check 'start-date' attribute exists 068 if (!content.hasValue("start-date")) 069 { 070 throw new IllegalArgumentException("The content must have a metadata named 'start-date' to be imported as an event"); 071 } 072 // Check user access 073 _checkUserAccess(content); 074 075 contentHandler.startDocument(); 076 XMLUtils.startElement(contentHandler, "events"); 077 XMLUtils.startElement(contentHandler, "contents"); 078 079 saxContent(contentHandler, content, false, null, false); 080 081 XMLUtils.endElement(contentHandler, "contents"); 082 083 XMLUtils.endElement(contentHandler, "events"); 084 contentHandler.endDocument(); 085 } 086 087 private void _checkUserAccess(Content content) 088 { 089 UserIdentity user = _currentUserProvider.getUser(); 090 boolean readAccess = _rightManager.hasReadAccess(user, content); 091 092 if (!readAccess && user == null) 093 { 094 throw new AuthorizationRequiredException(); 095 } 096 else if (!readAccess) 097 { 098 throw new AccessDeniedException("Access to event '" + content.getId() + "' is not allowed for user " + user); 099 } 100 } 101}