001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.dynamicdatamapping.util;
016    
017    import com.liferay.portal.kernel.exception.PortalException;
018    import com.liferay.portal.kernel.sanitizer.Sanitizer;
019    import com.liferay.portal.kernel.sanitizer.SanitizerUtil;
020    import com.liferay.portal.kernel.util.ContentTypes;
021    import com.liferay.portlet.dynamicdatamapping.model.Value;
022    import com.liferay.portlet.dynamicdatamapping.storage.DDMFormFieldValue;
023    
024    import java.util.Locale;
025    
026    /**
027     * @author Marcellus Tavares
028     */
029    public class HTMLSanitizerDDMFormFieldValueTransformer
030            implements DDMFormFieldValueTransformer {
031    
032            public HTMLSanitizerDDMFormFieldValueTransformer(
033                    long companyId, long groupId, long userId) {
034    
035                    _companyId = companyId;
036                    _groupId = groupId;
037                    _userId = userId;
038            }
039    
040            @Override
041            public String getFieldType() {
042                    return "ddm-text-html";
043            }
044    
045            @Override
046            public void transform(DDMFormFieldValue ddmFormFieldValue)
047                    throws PortalException {
048    
049                    Value value = ddmFormFieldValue.getValue();
050    
051                    for (Locale locale : value.getAvailableLocales()) {
052                            String sanitizedValue = sanitize(value.getString(locale));
053    
054                            value.addString(locale, sanitizedValue);
055                    }
056            }
057    
058            protected String sanitize(String value) throws PortalException {
059                    return SanitizerUtil.sanitize(
060                            _companyId, _groupId, _userId, Value.class.getName(), 0,
061                            ContentTypes.TEXT_HTML, Sanitizer.MODE_ALL, value, null);
062            }
063    
064            private final long _companyId;
065            private final long _groupId;
066            private final long _userId;
067    
068    }