001
014
015 package com.liferay.portal.template;
016
017 import com.liferay.portal.kernel.security.pacl.NotPrivileged;
018 import com.liferay.portal.kernel.template.Template;
019 import com.liferay.portal.kernel.template.TemplateManager;
020 import com.liferay.portal.kernel.template.TemplateResource;
021 import com.liferay.portal.kernel.template.TemplateResourceLoader;
022
023 import java.security.AccessControlContext;
024 import java.security.AccessController;
025 import java.security.PrivilegedAction;
026
027 import java.util.Map;
028
029 import javax.servlet.ServletContext;
030 import javax.servlet.http.HttpServletRequest;
031 import javax.servlet.http.HttpServletResponse;
032
033
036 public abstract class BaseTemplateManager implements TemplateManager {
037
038 @Override
039 public void addContextObjects(
040 Map<String, Object> contextObjects,
041 Map<String, Object> newContextObjects) {
042
043 for (String variableName : newContextObjects.keySet()) {
044 if (contextObjects.containsKey(variableName)) {
045 continue;
046 }
047
048 Object object = newContextObjects.get(variableName);
049
050 if (object instanceof Class) {
051 addStaticClassSupport(
052 contextObjects, variableName, (Class<?>)object);
053 }
054 else {
055 contextObjects.put(variableName, object);
056 }
057 }
058 }
059
060 @Override
061 public void addStaticClassSupport(
062 Map<String, Object> contextObjects, String variableName,
063 Class<?> variableClass) {
064 }
065
066 @Override
067 public void addTaglibApplication(
068 Map<String, Object> contextObjects, String applicationName,
069 ServletContext servletContext) {
070 }
071
072 @Override
073 public void addTaglibFactory(
074 Map<String, Object> contextObjects, String taglibLiferayHash,
075 ServletContext servletContext) {
076 }
077
078 @Override
079 public void addTaglibRequest(
080 Map<String, Object> contextObjects, String applicationName,
081 HttpServletRequest request, HttpServletResponse response) {
082 }
083
084 @Override
085 public void addTaglibTheme(
086 Map<String, Object> contextObjects, String themeName,
087 HttpServletRequest request, HttpServletResponse response) {
088 }
089
090 @Override
091 public String[] getRestrictedVariables() {
092 return new String[0];
093 }
094
095 @NotPrivileged
096 @Override
097 public Template getTemplate(
098 TemplateResource templateResource, boolean restricted) {
099
100 return getTemplate(templateResource, null, restricted);
101 }
102
103 @NotPrivileged
104 @Override
105 public Template getTemplate(
106 TemplateResource templateResource,
107 TemplateResource errorTemplateResource, boolean restricted) {
108
109 TemplateControlContext templateControlContext =
110 templateContextHelper.getTemplateControlContext();
111
112 AccessControlContext accessControlContext =
113 templateControlContext.getAccessControlContext();
114
115 ClassLoader classLoader = templateControlContext.getClassLoader();
116
117 if (accessControlContext == null) {
118 Map<String, Object> helperUtilities =
119 templateContextHelper.getHelperUtilities(
120 classLoader, restricted);
121
122 return doGetTemplate(
123 templateResource, errorTemplateResource, restricted,
124 helperUtilities, false);
125 }
126
127 Map<String, Object> helperUtilities = AccessController.doPrivileged(
128 new DoGetHelperUtilitiesPrivilegedAction(
129 templateContextHelper, classLoader, restricted),
130 accessControlContext);
131
132 Template template = AccessController.doPrivileged(
133 new DoGetTemplatePrivilegedAction(
134 templateResource, errorTemplateResource, restricted,
135 helperUtilities));
136
137 return new PrivilegedTemplateWrapper(accessControlContext, template);
138 }
139
140 public void setTemplateContextHelper(
141 TemplateContextHelper templateContextHelper) {
142
143 this.templateContextHelper = templateContextHelper;
144 }
145
146 public void setTemplateResourceLoader(
147 TemplateResourceLoader templateResourceLoader) {
148
149 this.templateResourceLoader = templateResourceLoader;
150 }
151
152 protected abstract Template doGetTemplate(
153 TemplateResource templateResource,
154 TemplateResource errorTemplateResource, boolean restricted,
155 Map<String, Object> helperUtilities, boolean privileged);
156
157 protected TemplateContextHelper templateContextHelper;
158 protected TemplateResourceLoader templateResourceLoader;
159
160 private class DoGetHelperUtilitiesPrivilegedAction
161 implements PrivilegedAction<Map<String, Object>> {
162
163 public DoGetHelperUtilitiesPrivilegedAction(
164 TemplateContextHelper templateContextHelper,
165 ClassLoader classLoader, boolean restricted) {
166
167 _templateContextHelper = templateContextHelper;
168 _classLoader = classLoader;
169 _restricted = restricted;
170 }
171
172 @Override
173 public Map<String, Object> run() {
174 return _templateContextHelper.getHelperUtilities(
175 _classLoader, _restricted);
176 }
177
178 private final ClassLoader _classLoader;
179 private boolean _restricted;
180 private final TemplateContextHelper _templateContextHelper;
181
182 }
183
184 private class DoGetTemplatePrivilegedAction
185 implements PrivilegedAction<Template> {
186
187 public DoGetTemplatePrivilegedAction(
188 TemplateResource templateResource,
189 TemplateResource errorTemplateResource, boolean restricted,
190 Map<String, Object> helperUtilities) {
191
192 _templateResource = templateResource;
193 _errorTemplateResource = errorTemplateResource;
194 _restricted = restricted;
195 _helperUtilities = helperUtilities;
196 }
197
198 @Override
199 public Template run() {
200 return doGetTemplate(
201 _templateResource, _errorTemplateResource, _restricted,
202 _helperUtilities, true);
203 }
204
205 private final TemplateResource _errorTemplateResource;
206 private final Map<String, Object> _helperUtilities;
207 private boolean _restricted;
208 private final TemplateResource _templateResource;
209
210 }
211
212 }