001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.template;
016    
017    import com.liferay.portal.kernel.template.Template;
018    import com.liferay.portal.kernel.template.TemplateException;
019    
020    import java.io.Writer;
021    
022    import java.security.AccessControlContext;
023    import java.security.AccessController;
024    import java.security.PrivilegedActionException;
025    import java.security.PrivilegedExceptionAction;
026    
027    import java.util.Collection;
028    import java.util.Map;
029    import java.util.Set;
030    
031    import javax.servlet.http.HttpServletRequest;
032    
033    /**
034     * @author Tina Tian
035     * @author Shuyang Zhou
036     */
037    public class PrivilegedTemplateWrapper implements Template {
038    
039            public PrivilegedTemplateWrapper(
040                    AccessControlContext accessControlContext, Template template) {
041    
042                    _accessControlContext = accessControlContext;
043                    _template = template;
044            }
045    
046            @Override
047            public void clear() {
048                    _template.clear();
049            }
050    
051            @Override
052            public boolean containsKey(Object key) {
053                    return _template.containsKey(key);
054            }
055    
056            @Override
057            public boolean containsValue(Object value) {
058                    return _template.containsValue(value);
059            }
060    
061            @Override
062            public void doProcessTemplate(Writer writer) throws Exception {
063                    AccessController.doPrivileged(
064                            new ProcessTemplatePrivilegedExceptionAction(_template, writer),
065                            _accessControlContext);
066            }
067    
068            @Override
069            public Set<Entry<String, Object>> entrySet() {
070                    return _template.entrySet();
071            }
072    
073            @Override
074            public Object get(Object key) {
075                    return _template.get(key);
076            }
077    
078            @Override
079            public Object get(String key) {
080                    return _template.get(key);
081            }
082    
083            @Override
084            public String[] getKeys() {
085                    return _template.getKeys();
086            }
087    
088            @Override
089            public boolean isEmpty() {
090                    return _template.isEmpty();
091            }
092    
093            @Override
094            public Set<String> keySet() {
095                    return _template.keySet();
096            }
097    
098            @Override
099            public void prepare(HttpServletRequest request) {
100                    _template.prepare(request);
101            }
102    
103            @Override
104            public void processTemplate(Writer writer) throws TemplateException {
105                    try {
106                            doProcessTemplate(writer);
107                    }
108                    catch (PrivilegedActionException pae) {
109                            throw (TemplateException)pae.getException();
110                    }
111                    catch (Exception e) {
112                            throw new TemplateException();
113                    }
114            }
115    
116            @Override
117            public Object put(String key, Object value) {
118                    return _template.put(key, value);
119            }
120    
121            @Override
122            public void putAll(Map<? extends String, ? extends Object> map) {
123                    _template.putAll(map);
124            }
125    
126            @Override
127            public Object remove(Object key) {
128                    return _template.remove(key);
129            }
130    
131            @Override
132            public int size() {
133                    return _template.size();
134            }
135    
136            @Override
137            public Collection<Object> values() {
138                    return _template.values();
139            }
140    
141            private final AccessControlContext _accessControlContext;
142            private Template _template;
143    
144            private static class ProcessTemplatePrivilegedExceptionAction
145                    implements PrivilegedExceptionAction<Void> {
146    
147                    public ProcessTemplatePrivilegedExceptionAction(
148                            Template template, Writer writer) {
149    
150                            _template = template;
151                            _writer = writer;
152                    }
153    
154                    @Override
155                    public Void run() throws Exception {
156                            _template.processTemplate(_writer);
157    
158                            return null;
159                    }
160    
161                    private Template _template;
162                    private final Writer _writer;
163    
164            }
165    
166    }