001
014
015 package com.liferay.portlet.dynamicdatamapping.util;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.sanitizer.Sanitizer;
019 import com.liferay.portal.kernel.sanitizer.SanitizerUtil;
020 import com.liferay.portal.kernel.util.ContentTypes;
021 import com.liferay.portlet.dynamicdatamapping.model.Value;
022 import com.liferay.portlet.dynamicdatamapping.storage.DDMFormFieldValue;
023
024 import java.util.Locale;
025
026
029 public class HTMLSanitizerDDMFormFieldValueTransformer
030 implements DDMFormFieldValueTransformer {
031
032 public HTMLSanitizerDDMFormFieldValueTransformer(
033 long companyId, long groupId, long userId) {
034
035 _companyId = companyId;
036 _groupId = groupId;
037 _userId = userId;
038 }
039
040 @Override
041 public String getFieldType() {
042 return "ddm-text-html";
043 }
044
045 @Override
046 public void transform(DDMFormFieldValue ddmFormFieldValue)
047 throws PortalException {
048
049 Value value = ddmFormFieldValue.getValue();
050
051 for (Locale locale : value.getAvailableLocales()) {
052 String sanitizedValue = sanitize(value.getString(locale));
053
054 value.addString(locale, sanitizedValue);
055 }
056 }
057
058 protected String sanitize(String value) throws PortalException {
059 return SanitizerUtil.sanitize(
060 _companyId, _groupId, _userId, Value.class.getName(), 0,
061 ContentTypes.TEXT_HTML, Sanitizer.MODE_ALL, value, null);
062 }
063
064 private final long _companyId;
065 private final long _groupId;
066 private final long _userId;
067
068 }