001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portlet.xslcontent.util;
016    
017    import com.liferay.portal.kernel.io.unsync.UnsyncByteArrayOutputStream;
018    import com.liferay.portal.kernel.util.HttpUtil;
019    import com.liferay.portal.kernel.util.StringUtil;
020    import com.liferay.portal.theme.ThemeDisplay;
021    import com.liferay.portal.util.PropsValues;
022    
023    import java.io.ByteArrayInputStream;
024    
025    import java.net.URL;
026    
027    import javax.xml.XMLConstants;
028    import javax.xml.parsers.DocumentBuilder;
029    import javax.xml.parsers.DocumentBuilderFactory;
030    import javax.xml.transform.Source;
031    import javax.xml.transform.Transformer;
032    import javax.xml.transform.TransformerConfigurationException;
033    import javax.xml.transform.TransformerFactory;
034    import javax.xml.transform.dom.DOMSource;
035    import javax.xml.transform.stream.StreamResult;
036    
037    import org.w3c.dom.Document;
038    
039    /**
040     * @author Brian Wing Shun Chan
041     * @author Samuel Kong
042     */
043    public class XSLContentUtil {
044    
045            public static final String DEFAULT_XML_URL =
046                    "@portlet_context_url@/example.xml";
047    
048            public static final String DEFAULT_XSL_URL =
049                    "@portlet_context_url@/example.xsl";
050    
051            public static String replaceUrlTokens(
052                    ThemeDisplay themeDisplay, String url) {
053    
054                    return StringUtil.replace(
055                            url, new String[] {"@portal_url@", "@portlet_context_url@"},
056                            new String[] {
057                                    themeDisplay.getPortalURL(),
058                                    themeDisplay.getPortalURL() + "/html/portlet/xsl_content"
059                            });
060            }
061    
062            public static String transform(URL xmlUrl, URL xslUrl) throws Exception {
063                    DocumentBuilderFactory documentBuilderFactory =
064                            DocumentBuilderFactory.newInstance();
065    
066                    documentBuilderFactory.setFeature(
067                            "http://apache.org/xml/features/disallow-doctype-decl",
068                            PropsValues.XSL_CONTENT_XML_DOCTYPE_DECLARATION_ALLOWED);
069                    documentBuilderFactory.setFeature(
070                            "http://xml.org/sax/features/external-general-entities",
071                            PropsValues.XSL_CONTENT_XML_EXTERNAL_GENERAL_ENTITIES_ALLOWED);
072                    documentBuilderFactory.setFeature(
073                            "http://xml.org/sax/features/external-parameter-entities",
074                            PropsValues.XSL_CONTENT_XML_EXTERNAL_PARAMETER_ENTITIES_ALLOWED);
075    
076                    documentBuilderFactory.setNamespaceAware(true);
077    
078                    DocumentBuilder documentBuilder =
079                            documentBuilderFactory.newDocumentBuilder();
080    
081                    TransformerFactory transformerFactory =
082                            TransformerFactory.newInstance();
083    
084                    try {
085                            transformerFactory.setFeature(
086                                    XMLConstants.FEATURE_SECURE_PROCESSING,
087                                    PropsValues.XSL_CONTENT_XSL_SECURE_PROCESSING_ENABLED);
088                    }
089                    catch (TransformerConfigurationException tce) {
090                    }
091    
092                    Transformer transformer = transformerFactory.newTransformer(
093                            getXslSource(documentBuilder, xslUrl));
094    
095                    UnsyncByteArrayOutputStream unsyncByteArrayOutputStream =
096                            new UnsyncByteArrayOutputStream();
097    
098                    transformer.transform(
099                            getXmlSource(documentBuilder, xmlUrl),
100                            new StreamResult(unsyncByteArrayOutputStream));
101    
102                    return unsyncByteArrayOutputStream.toString();
103            }
104    
105            protected static Source getXmlSource(
106                            DocumentBuilder documentBuilder, URL xmlUrl)
107                    throws Exception {
108    
109                    String xml = HttpUtil.URLtoString(xmlUrl);
110    
111                    Document xmlDocument = documentBuilder.parse(
112                            new ByteArrayInputStream(xml.getBytes()));
113    
114                    return new DOMSource(xmlDocument);
115            }
116    
117            protected static Source getXslSource(
118                            DocumentBuilder documentBuilder, URL xslUrl)
119                    throws Exception {
120    
121                    String xsl = HttpUtil.URLtoString(xslUrl);
122    
123                    Document xslDocument = documentBuilder.parse(
124                            new ByteArrayInputStream(xsl.getBytes()));
125    
126                    return new DOMSource(xslDocument);
127            }
128    
129    }