View Javadoc
1   /*
2    * Copyright (c) 2002-2022, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.web.admin;
35  
36  import java.sql.Timestamp;
37  import java.util.Collection;
38  import java.util.HashMap;
39  import java.util.List;
40  import java.util.Map;
41  
42  import javax.servlet.http.HttpServletRequest;
43  
44  import org.apache.commons.collections.CollectionUtils;
45  import org.apache.commons.fileupload.FileItem;
46  import org.apache.commons.lang3.StringUtils;
47  
48  import fr.paris.lutece.portal.business.page.Page;
49  import fr.paris.lutece.portal.business.page.PageHome;
50  import fr.paris.lutece.portal.business.portlet.PortletType;
51  import fr.paris.lutece.portal.business.portlet.PortletTypeHome;
52  import fr.paris.lutece.portal.business.role.RoleHome;
53  import fr.paris.lutece.portal.business.style.PageTemplate;
54  import fr.paris.lutece.portal.business.style.PageTemplateHome;
55  import fr.paris.lutece.portal.business.user.AdminUser;
56  import fr.paris.lutece.portal.service.admin.AccessDeniedException;
57  import fr.paris.lutece.portal.service.content.ContentPostProcessorService;
58  import fr.paris.lutece.portal.service.content.ContentService;
59  import fr.paris.lutece.portal.service.fileupload.FileUploadService;
60  import fr.paris.lutece.portal.service.i18n.I18nService;
61  import fr.paris.lutece.portal.service.message.AdminMessage;
62  import fr.paris.lutece.portal.service.message.AdminMessageService;
63  import fr.paris.lutece.portal.service.message.SiteMessageException;
64  import fr.paris.lutece.portal.service.page.IPageService;
65  import fr.paris.lutece.portal.service.page.PageResourceIdService;
66  import fr.paris.lutece.portal.service.page.PageService;
67  import fr.paris.lutece.portal.service.portal.PortalService;
68  import fr.paris.lutece.portal.service.portal.ThemesService;
69  import fr.paris.lutece.portal.service.portlet.PortletResourceIdService;
70  import fr.paris.lutece.portal.service.rbac.RBACService;
71  import fr.paris.lutece.portal.service.security.SecurityTokenService;
72  import fr.paris.lutece.portal.service.security.UserNotSignedException;
73  import fr.paris.lutece.portal.service.spring.SpringContextService;
74  import fr.paris.lutece.portal.service.template.AppTemplateService;
75  import fr.paris.lutece.portal.service.util.AppPropertiesService;
76  import fr.paris.lutece.portal.web.constants.Markers;
77  import fr.paris.lutece.portal.web.constants.Messages;
78  import fr.paris.lutece.portal.web.constants.Parameters;
79  import fr.paris.lutece.portal.web.resource.ExtendableResourcePluginActionManager;
80  import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest;
81  import fr.paris.lutece.util.ReferenceList;
82  import fr.paris.lutece.util.date.DateUtil;
83  import fr.paris.lutece.util.html.HtmlTemplate;
84  import fr.paris.lutece.util.string.StringUtil;
85  import fr.paris.lutece.util.url.UrlItem;
86  
87  /**
88   * This class provides the admin interface to manage administration of site
89   */
90  public class AdminPageJspBean extends AdminFeaturesPageJspBean
91  {
92      // //////////////////////////////////////////////////////////////////////////
93      // Constants
94  
95      private static final long serialVersionUID = -3560428244531532507L;
96  
97      // Right
98      public static final String RIGHT_MANAGE_ADMIN_SITE = "CORE_ADMIN_SITE";
99  
100     // Properties for page titles
101     public static final String PROPERTY_PAGE_TITLE_ADMIN_SITE = "portal.site.admin_page.pageTitle";
102 
103     // Markers
104     private static final String MARK_PAGE = "page";
105     private static final String MARK_PAGE_INIT_ID = "page_init_id";
106     private static final String MARK_PAGE_MESSAGE = "page_message";
107     private static final String MARK_PORTLET_TYPES_LIST = "portlet_types_list";
108     private static final String MARK_PAGE_ORDER_LIST = "page_order_list";
109     private static final String MARK_PAGE_ROLES_LIST = "page_roles_list";
110     private static final String MARK_PAGE_THEMES_LIST = "page_themes_list";
111     private static final String MARK_IMAGE_URL = "image_url";
112     private static final String MARK_PAGE_TEMPLATES_LIST = "page_templates_list";
113     private static final String MARK_PAGE_TEMPLATE = "page_template";
114     private static final String MARK_INDEX_ROW = "index_row";
115     private static final String MARK_AUTORIZATION = "authorization";
116     private static final String MARK_PAGE_BLOCK = "page_block";
117     private static final String MARK_PAGE_UPDATE_DATE = "page_update_date";
118     private static final String MARK_ADMIN_USER_LANGUAGE = "admin_user_language";
119 
120     // Parameters
121     private static final String PARAMETER_IMAGE_CONTENT = "image_content";
122     private static final String PARAMETER_NODE_STATUS = "node_status";
123     private static final String PARAMETER_BLOCK = "param_block";
124     private static final String PARAMETER_PAGE_TEMPLATE_UPDATE_IMAGE = "update_image";
125     private static final int BLOCK_SEARCH = 1;
126     private static final int BLOCK_PROPERTY = 2;
127     private static final int BLOCK_CHILDPAGE = 5;
128 
129     // Templates
130     private static final String TEMPLATE_PAGE_TEMPLATE_ROW = "admin/site/page_template_list_row.html";
131     private static final String TEMPLATE_ADMIN_PAGE = "admin/site/admin_page.html";
132     private static final String TEMPLATE_ADMIN_PAGE_BLOCK_SEARCH = "admin/site/admin_page_block_search.html";
133     private static final String TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY = "admin/site/admin_page_block_property.html";
134     private static final String TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE = "admin/site/admin_page_block_childpage.html";
135 
136     // Properties definition
137     private static final String PROPERTY_MESSAGE_PAGE_INEXISTENT = "portal.site.admin_page.messagePageInexistent";
138     private static final String PROPERTY_MESSAGE_PAGE_FORMAT = "portal.site.admin_page.messagePageFormat";
139     private static final String PROPERTY_MESSAGE_CONFIRM_REMOVE_PAGE = "portal.site.message.confirmRemovePage";
140     private static final String PROPERTY_LIST_ORDER_MAX = "list.order.max";
141 
142     // Jsp
143     private static final String JSP_ADMIN_SITE = "AdminSite.jsp";
144     private static final String JSP_PATH = "jsp/admin/site/";
145     private static final String JSP_REMOVE_PAGE = JSP_PATH + "DoRemovePage.jsp";
146 
147     // Messages
148     private static final String MESSAGE_TITLE_INVALID_CHARACTERS = "portal.site.message.invalidCharactersInTitleName";
149     private static final String MESSAGE_DESCRIPTION_INVALID_CHARACTERS = "portal.site.message.invalidCharactersInDescription";
150     private static final String MESSAGE_CANNOT_REMOVE_CHILDPAGE_EXISTS = "portal.site.message.cannotRemoveChildPageExists";
151     private static final String MESSAGE_LENGTH_DESCRIPTION = "portal.site.message.pageLengthDescription";
152     private static final String MESSAGE_ROOT_PAGE_FORBIDDEN = "portal.site.message.rootPageForbidden";
153     private static final String MESSAGE_INVALID_PAGE_ID = "portal.site.message.pageIdInvalid";
154     private static final String MESSAGE_PAGE_ID_CHILDPAGE = "portal.site.message.pageIdChildPage";
155     private static final String MESSAGE_SAME_PAGE_ID = "portal.site.message.pageSameId";
156     private static final String MESSAGE_MISSING_MANUAL_UPDATE_DATE = "portal.site.message.missingManualUpdateDate";
157     private static final String MESSAGE_LENGTH_TITLE = "portal.site.message.pageLengthTitle";
158     private static IPageService _pageService = SpringContextService.getBean( "pageService" );
159 
160     // Constants
161     private static final int MAX_TITLE_LENGTH = 50;
162 
163     /**
164      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter
165      *
166      * @param request
167      *            The identifier of the page
168      * @return The html code of the management forms of a page
169      */
170     public String getAdminPage( HttpServletRequest request )
171     {
172         String strPageId = request.getParameter( Parameters.PAGE_ID );
173 
174         if ( ( strPageId == null ) || strPageId.equals( "" ) )
175         {
176             strPageId = String.valueOf( PortalService.getRootPageId( ) );
177         }
178 
179         String strParamBlock = request.getParameter( PARAMETER_BLOCK );
180 
181         return getAdminPageBlock( strPageId, strParamBlock, request );
182     }
183 
184     /**
185      * Returns the html code for displaying the page whose identifier is specified in parameter from the administration unit. <br>
186      * That is useful to make a preview of the page.
187      *
188      * @param request
189      *            The http request
190      * @return The html code of the page
191      * @throws UserNotSignedException
192      *             The UserNotSignedException
193      * @throws SiteMessageException
194      *             occurs when a site message need to be displayed
195      */
196     public String getAdminPagePreview( HttpServletRequest request ) throws UserNotSignedException, SiteMessageException
197     {
198         ContentService cs = PortalService.getInvokedContentService( request );
199         int nMode = 1;
200 
201         String strContent;
202 
203         if ( cs != null )
204         {
205             strContent = cs.getPage( request, nMode );
206         }
207         else
208         {
209             strContent = PortalService.getDefaultPage( request, nMode );
210         }
211 
212         if ( ContentPostProcessorService.hasProcessor( ) )
213         {
214             strContent = ContentPostProcessorService.process( request, strContent );
215         }
216 
217         return strContent;
218     }
219 
220     /**
221      * Processes of the modification of the page informations
222      *
223      * @param request
224      *            The http request
225      * @return The jsp url result of the process
226      * @throws AccessDeniedException
227      *             if the security token is invalid
228      */
229     public String doModifyPage( HttpServletRequest request ) throws AccessDeniedException
230     {
231         MultipartHttpServletRequestris/lutece/portal/web/upload/MultipartHttpServletRequest.html#MultipartHttpServletRequest">MultipartHttpServletRequest mRequest = (MultipartHttpServletRequest) request;
232         int nPageId = Integer.parseInt( mRequest.getParameter( Parameters.PAGE_ID ) );
233 
234         Page page = PageHome.getPage( nPageId );
235 
236         String strErrorUrl = getPageData( mRequest, page );
237 
238         if ( strErrorUrl != null )
239         {
240             return strErrorUrl;
241         }
242 
243         strErrorUrl = setParentPageId( mRequest, page );
244 
245         if ( strErrorUrl != null )
246         {
247             return strErrorUrl;
248         }
249 
250         strErrorUrl = updatePicture( mRequest, page );
251 
252         if ( strErrorUrl != null )
253         {
254             return strErrorUrl;
255         }
256 
257         if ( !SecurityTokenService.getInstance( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY ) )
258         {
259             throw new AccessDeniedException( ERROR_INVALID_TOKEN );
260         }
261 
262         setAuthorizationNode( page );
263 
264         // Updates the page
265         _pageService.updatePage( page );
266 
267         // Displays again the current page with the modifications
268         return getUrlPage( nPageId );
269     }
270 
271     /**
272      * Update the page's picture
273      * 
274      * @param mRequest
275      *            the request
276      * @param page
277      *            the page
278      * @return an error URL, or <code>null</code>
279      */
280     private String updatePicture( MultipartHttpServletRequest mRequest, Page page )
281     {
282         String strUpdatePicture = mRequest.getParameter( PARAMETER_PAGE_TEMPLATE_UPDATE_IMAGE );
283         if ( strUpdatePicture == null )
284         {
285             return null;
286         }
287 
288         FileItem item = mRequest.getFile( PARAMETER_IMAGE_CONTENT );
289         String strPictureName = FileUploadService.getFileNameOnly( item );
290 
291         if ( strPictureName.equals( "" ) )
292         {
293             return AdminMessageService.getMessageUrl( mRequest, Messages.MANDATORY_FILE, AdminMessage.TYPE_STOP );
294         }
295         byte [ ] bytes = item.get( );
296         String strMimeType = item.getContentType( );
297         page.setImageContent( bytes );
298         page.setMimeType( strMimeType );
299         return null;
300     }
301 
302     /**
303      * Sets the authorization node
304      * 
305      * @param page
306      *            the page
307      */
308     private void setAuthorizationNode( Page page )
309     {
310         Integer nOldAutorisationNode = page.getIdAuthorizationNode( );
311 
312         if ( page.getNodeStatus( ) != 0 )
313         {
314             Page parentPage = PageHome.getPage( page.getParentPageId( ) );
315             page.setIdAuthorizationNode( parentPage.getIdAuthorizationNode( ) );
316         }
317         else
318         {
319             page.setIdAuthorizationNode( page.getId( ) );
320         }
321         if ( ( page.getIdAuthorizationNode( ) == null ) || !page.getIdAuthorizationNode( ).equals( nOldAutorisationNode ) )
322         {
323             PageService.updateChildrenAuthorizationNode( page.getId( ), page.getIdAuthorizationNode( ) );
324         }
325     }
326 
327     /**
328      * Sets the parent page ID
329      * 
330      * @param mRequest
331      *            the requset
332      * @param page
333      *            the page
334      * @return an error URL, or <code>null</code>
335      */
336     private String setParentPageId( MultipartHttpServletRequest mRequest, Page page )
337     {
338         int nParentPageId = Integer.parseInt( mRequest.getParameter( Parameters.PARENT_ID ) );
339 
340         if ( nParentPageId != page.getParentPageId( ) )
341         {
342             String strErrorUrl = getNewParentPageId( mRequest, page, nParentPageId );
343 
344             if ( strErrorUrl != null )
345             {
346                 return strErrorUrl;
347             }
348         }
349         return null;
350     }
351 
352     /**
353      * Display the confirm page for the delete of a page
354      *
355      * @param request
356      *            The http request
357      * @return The url of the confirm page
358      */
359     public String getRemovePage( HttpServletRequest request )
360     {
361         String strPageId = request.getParameter( Parameters.PAGE_ID );
362         if ( !StringUtils.isNumeric( strPageId ) )
363         {
364             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
365         }
366         int nPageId = Integer.parseInt( strPageId );
367         Page page = PageHome.getPage( nPageId );
368         if ( page == null || page.getId( ) == 0 || page.getId( ) != nPageId )
369         {
370             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
371         }
372         Map<String, Object> parameters = new HashMap<>( );
373         parameters.put( Parameters.PAGE_ID, strPageId );
374         parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_REMOVE_PAGE ) );
375 
376         return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_PAGE, new Object [ ] {
377                 page.getName( )
378         }, null, JSP_REMOVE_PAGE, null, AdminMessage.TYPE_CONFIRMATION, parameters );
379     }
380 
381     /**
382      * Processes the deletion of a page
383      *
384      * @param request
385      *            The http request
386      * @return The jsp url result of the process
387      * @throws AccessDeniedException
388      *             if the security token is invalid
389      */
390     public String doRemovePage( HttpServletRequest request ) throws AccessDeniedException
391     {
392         String strPageId = request.getParameter( Parameters.PAGE_ID );
393         if ( !StringUtils.isNumeric( strPageId ) )
394         {
395             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
396         }
397         int nPageId = Integer.parseInt( strPageId );
398         Page page = PageHome.getPage( nPageId );
399         if ( page == null || page.getId( ) == 0 || page.getId( ) != nPageId )
400         {
401             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
402         }
403         // Checks that the page has no child
404         Collection<Page> list = PageHome.getChildPagesMinimalData( nPageId );
405 
406         if ( CollectionUtils.isNotEmpty( list ) )
407         {
408             return AdminMessageService.getMessageUrl( request, MESSAGE_CANNOT_REMOVE_CHILDPAGE_EXISTS, new Object [ ] {
409                     page.getName( ), list.size( )
410             }, JSP_PATH + getUrlPage( nPageId ), AdminMessage.TYPE_STOP );
411         }
412         if ( !SecurityTokenService.getInstance( ).validate( request, JSP_REMOVE_PAGE ) )
413         {
414             throw new AccessDeniedException( "Invalid CSRF token" );
415         }
416 
417         int nParentPageId = page.getParentPageId( );
418 
419         // Delete the page
420         _pageService.removePage( nPageId );
421 
422         return getUrlPage( nParentPageId );
423     }
424 
425     /**
426      * Processes the creation of a child page to the page whose identifier is stored in the http request
427      *
428      * @param request
429      *            The http request
430      * @return The jsp url result of the process
431      * @throws AccessDeniedException
432      *             If the security token is invalid
433      */
434     public String doCreateChildPage( HttpServletRequest request ) throws AccessDeniedException
435     {
436         MultipartHttpServletRequestris/lutece/portal/web/upload/MultipartHttpServletRequest.html#MultipartHttpServletRequest">MultipartHttpServletRequest mRequest = (MultipartHttpServletRequest) request;
437 
438         String strParentPageId = mRequest.getParameter( Parameters.PAGE_ID );
439         int nParentPageId = Integer.parseInt( strParentPageId );
440 
441         Pagertal/business/page/Page.html#Page">Page page = new Page( );
442         page.setParentPageId( nParentPageId );
443 
444         String strErrorUrl = getPageData( mRequest, page );
445 
446         if ( strErrorUrl != null )
447         {
448             return strErrorUrl;
449         }
450         if ( !SecurityTokenService.getInstance( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE ) )
451         {
452             throw new AccessDeniedException( ERROR_INVALID_TOKEN );
453         }
454 
455         // Create the page
456         _pageService.createPage( page );
457 
458         // set the authorization node
459         if ( page.getNodeStatus( ) != 0 )
460         {
461             Page parentPage = PageHome.getPage( page.getParentPageId( ) );
462             page.setIdAuthorizationNode( parentPage.getIdAuthorizationNode( ) );
463         }
464         else
465         {
466             page.setIdAuthorizationNode( page.getId( ) );
467         }
468 
469         FileItem item = mRequest.getFile( PARAMETER_IMAGE_CONTENT );
470 
471         byte [ ] bytes = item.get( );
472         String strMimeType = item.getContentType( );
473 
474         page.setImageContent( bytes );
475         page.setMimeType( strMimeType );
476 
477         _pageService.updatePage( page );
478 
479         // Displays again the current page with the modifications
480         return getUrlPage( page.getId( ) );
481     }
482 
483     /**
484      * Management of the image associated to the page
485      * 
486      * @param page
487      *            The Page Object
488      * @param strPageId
489      *            The page identifier
490      * @return The url
491      */
492     public String getResourceImagePage( Page page, String strPageId )
493     {
494         String strResourceType = _pageService.getResourceTypeId( );
495         UrlItem/url/UrlItem.html#UrlItem">UrlItem url = new UrlItem( Parameters.IMAGE_SERVLET );
496         url.addParameter( Parameters.RESOURCE_TYPE, strResourceType );
497         url.addParameter( Parameters.RESOURCE_ID, strPageId );
498 
499         return url.getUrlWithEntity( );
500     }
501 
502     // ////////////////////////////////////////////////////////////////////////////////
503     // Private implementation
504 
505     /**
506      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter.
507      *
508      * @param strPageId
509      *            The identifier of the page
510      * @param strParamBlock
511      *            The block parameter to display
512      * @param request
513      *            The request
514      * @return The management page of a page
515      */
516     private String getAdminPageBlock( String strPageId, String strParamBlock, HttpServletRequest request )
517     {
518         Map<String, Object> model = new HashMap<>( );
519 
520         Page page = null;
521         int nPageId = 1;
522         int nPageIdInit = 1;
523         int nParamBlock = 0;
524 
525         try
526         {
527             nPageId = Integer.parseInt( strPageId );
528             nPageIdInit = nPageId;
529             nParamBlock = ( strParamBlock != null ) ? Integer.parseInt( strParamBlock ) : 0;
530 
531             boolean bPageExist = PageHome.checkPageExist( nPageId );
532 
533             if ( bPageExist )
534             {
535                 page = PageHome.getPage( nPageId );
536                 model.put( MARK_PAGE_MESSAGE, "" );
537             }
538             else
539             {
540                 nPageId = PortalService.getRootPageId( );
541                 page = PageHome.getPage( nPageId );
542                 model.put( MARK_PAGE_MESSAGE, I18nService.getLocalizedString( PROPERTY_MESSAGE_PAGE_INEXISTENT, getLocale( ) ) );
543             }
544         }
545         catch( NumberFormatException nfe )
546         {
547             nPageId = PortalService.getRootPageId( );
548             page = PageHome.getPage( nPageId );
549             model.put( MARK_PAGE_MESSAGE, I18nService.getLocalizedString( PROPERTY_MESSAGE_PAGE_FORMAT, getLocale( ) ) );
550         }
551 
552         switch( nParamBlock )
553         {
554             case BLOCK_SEARCH:
555                 model.put( MARK_PAGE_BLOCK, getAdminPageBlockSearch( nPageIdInit, model ) );
556 
557                 break;
558 
559             case BLOCK_PROPERTY:
560             case BLOCK_CHILDPAGE:
561                 model.put( MARK_PAGE_BLOCK, getAdminPageBlockProperty( page, nParamBlock, model, request ) );
562 
563                 break;
564 
565             default:
566                 model.put( MARK_PAGE_BLOCK, "" );
567 
568                 break;
569         }
570 
571         model.put( MARK_PORTLET_TYPES_LIST, getPortletTypeList( getUser( ) ) );
572         model.put( MARK_PAGE, page );
573         ExtendableResourcePluginActionManager.fillModel( request, getUser( ), model, strPageId, Page.RESOURCE_TYPE );
574 
575         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_PAGE, getLocale( ), model );
576 
577         return getAdminPage( template.getHtml( ) );
578     }
579 
580     /**
581      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter
582      *
583      * @param page
584      *            The page object
585      * @param nParamBlock
586      *            The id parameter to display
587      * @param model
588      *            The model
589      * @param request
590      *            The request
591      * @return The management page of a page
592      */
593     private String getAdminPageBlockProperty( Page page, int nParamBlock, Map<String, Object> model, HttpServletRequest request )
594     {
595         model.put( MARK_PAGE, page );
596         model.put( MARK_PAGE_INIT_ID, page.getId( ) );
597         model.put( MARK_PAGE_ORDER_LIST, getOrdersList( ) );
598         model.put( MARK_PAGE_ROLES_LIST, RoleHome.getRolesList( getUser( ) ) );
599         model.put( MARK_PAGE_THEMES_LIST, ThemesService.getPageThemes( getLocale( ) ) );
600         model.put( MARK_IMAGE_URL, getResourceImagePage( page, Integer.toString( page.getId( ) ) ) );
601         model.put( MARK_PAGE_UPDATE_DATE, DateUtil.getDateString( page.getDateUpdate( ), request.getLocale( ) ) );
602         model.put( MARK_ADMIN_USER_LANGUAGE, getUser( ).getLocale( ).getLanguage( ) );
603 
604         int nIndexRow = 1;
605         StringBuilder strPageTemplatesRow = new StringBuilder( );
606 
607         // Scan of the list
608         for ( PageTemplate pageTemplate : PageTemplateHome.getPageTemplatesList( ) )
609         {
610             strPageTemplatesRow.append( getTemplatesPageList( pageTemplate.getId( ), page.getPageTemplateId( ), Integer.toString( nIndexRow ) ) );
611             nIndexRow++;
612         }
613 
614         model.put( MARK_PAGE_TEMPLATES_LIST, strPageTemplatesRow );
615 
616         // Add in v2.0
617         int nManageAuthorization = 1;
618 
619         if ( _pageService.isAuthorizedAdminPage( page.getId( ), PageResourceIdService.PERMISSION_MANAGE, getUser( ) ) )
620         {
621             nManageAuthorization = 0;
622         }
623 
624         model.put( MARK_AUTORIZATION, Integer.toString( nManageAuthorization ) );
625 
626         String strTemplate = TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY;
627 
628         if ( nParamBlock == BLOCK_CHILDPAGE )
629         {
630             strTemplate = TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE;
631         }
632         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, strTemplate ) );
633 
634         HtmlTemplate template = AppTemplateService.getTemplate( strTemplate, getLocale( ), model );
635 
636         return template.getHtml( );
637     }
638 
639     /**
640      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter
641      *
642      * @param nPageIdInit
643      *            The identifier of the init page
644      * @param model
645      *            The HashMap
646      * @return The management page of a page
647      */
648     private String getAdminPageBlockSearch( int nPageIdInit, Map<String, Object> model )
649     {
650         model.put( MARK_PAGE_INIT_ID, Integer.toString( nPageIdInit ) );
651 
652         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_PAGE_BLOCK_SEARCH, getLocale( ), model );
653 
654         return template.getHtml( );
655     }
656 
657     /**
658      * Provide page data
659      * 
660      * @param request
661      *            The HttpServletRequest
662      * @param page
663      *            the Page Object
664      * @return strErrorUrl
665      */
666     private String getPageData( HttpServletRequest request, Page page )
667     {
668         String strErrorUrl = null;
669 
670         String strPageId = request.getParameter( Parameters.PAGE_ID );
671         int nPageId = Integer.parseInt( strPageId );
672         String strName = request.getParameter( Parameters.PAGE_NAME );
673         String strDescription = request.getParameter( Parameters.PAGE_DESCRIPTION );
674         String strTemplatePageId = request.getParameter( Parameters.PAGE_TEMPLATE_ID );
675         int nTemplatePageId = Integer.parseInt( strTemplatePageId );
676         String strOrder = request.getParameter( Parameters.ORDER );
677         String strRole = request.getParameter( Parameters.ROLE );
678         String strTheme = request.getParameter( Parameters.THEME );
679         String strMetaKeywords = request.getParameter( Parameters.META_KEYWORDS ).trim( );
680         String strMetaDescription = request.getParameter( Parameters.META_DESCRIPTION ).trim( );
681 
682         /* Added in v2.0 */
683         String strNodeStatus = request.getParameter( PARAMETER_NODE_STATUS );
684         int nNodeStatus = Integer.parseInt( strNodeStatus );
685 
686         boolean bDisplayDateUpdate = StringUtils.isNotEmpty( request.getParameter( Parameters.PARAMETER_DISPLAY_UPDATE_DATE ) );
687 
688         boolean bIsManualDateUpdate = StringUtils.isNotEmpty( request.getParameter( Parameters.PARAMETER_ENABLE_MANUAL_UPDATE_DATE ) );
689 
690         String strManualDateUpdate = request.getParameter( Parameters.PARAMETER_MANUAL_UPDATE_DATE );
691 
692         page.setDateUpdate( new Timestamp( new java.util.Date( ).getTime( ) ) );
693 
694         if ( bDisplayDateUpdate && bIsManualDateUpdate )
695         {
696             if ( StringUtils.isNotBlank( strManualDateUpdate ) )
697             {
698                 Timestamp tsManualDate = DateUtil.formatTimestamp( strManualDateUpdate, request.getLocale( ) );
699                 page.setDateUpdate( tsManualDate );
700             }
701             else
702             {
703                 return AdminMessageService.getMessageUrl( request, MESSAGE_MISSING_MANUAL_UPDATE_DATE, AdminMessage.TYPE_STOP );
704             }
705         }
706 
707         // Checks the description length (150 car. maximum)
708         if ( strDescription.length( ) > 150 )
709         {
710             return AdminMessageService.getMessageUrl( request, MESSAGE_LENGTH_DESCRIPTION, AdminMessage.TYPE_STOP );
711         }
712 
713         // Checks if the mandatory field page name is found in the request
714         if ( strName.trim( ).equals( "" ) )
715         {
716             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
717         }
718         else if ( strName.trim( ).length( ) > MAX_TITLE_LENGTH )
719         {
720             return AdminMessageService.getMessageUrl( request, MESSAGE_LENGTH_TITLE, new Object [ ] { MAX_TITLE_LENGTH }, AdminMessage.TYPE_STOP );
721         }
722         // Checks if the page name contains HTML special characters
723         else
724             if ( StringUtil.containsHtmlSpecialCharacters( strName ) )
725             {
726                 return AdminMessageService.getMessageUrl( request, MESSAGE_TITLE_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
727             }
728 
729             // Checks if the page description contains HTML special characters
730             else
731                 if ( StringUtil.containsHtmlSpecialCharacters( strDescription ) )
732                 {
733                     return AdminMessageService.getMessageUrl( request, MESSAGE_DESCRIPTION_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
734                 }
735 
736                 // Checks if the META name of the page contains HTML special characters
737                 else
738                     if ( StringUtil.containsHtmlSpecialCharacters( strMetaKeywords ) )
739                     {
740                         return AdminMessageService.getMessageUrl( request, MESSAGE_DESCRIPTION_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
741                     }
742 
743                     // Checks if the META description of the page description contains HTML special
744                     // characters
745                     else
746                         if ( StringUtil.containsHtmlSpecialCharacters( strMetaDescription ) )
747                         {
748                             return AdminMessageService.getMessageUrl( request, MESSAGE_DESCRIPTION_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
749                         }
750                         else
751                         {
752                             page.setName( strName );
753                         }
754 
755         int nOrder = ( strOrder != null ) ? Integer.parseInt( strOrder ) : PageHome.getNewChildPageOrder( nPageId );
756 
757         page.setPageTemplateId( nTemplatePageId );
758         page.setDescription( strDescription );
759         page.setOrder( nOrder );
760         page.setRole( strRole );
761         page.setCodeTheme( strTheme );
762         page.setNodeStatus( nNodeStatus );
763         page.setMetaKeywords( strMetaKeywords );
764         page.setMetaDescription( strMetaDescription );
765         page.setDisplayDateUpdate( bDisplayDateUpdate );
766         page.setIsManualDateUpdate( bIsManualDateUpdate );
767 
768         return strErrorUrl;
769     }
770 
771     /**
772      * Returns the list of the orders
773      *
774      * @return The list of the orders in form of a ReferenceList object
775      */
776     private ReferenceList getOrdersList( )
777     {
778         ReferenceListnceList.html#ReferenceList">ReferenceList list = new ReferenceList( );
779         int nOrderMax = AppPropertiesService.getPropertyInt( PROPERTY_LIST_ORDER_MAX, 15 );
780 
781         for ( int i = 1; i <= nOrderMax; i++ )
782         {
783             list.addItem( i, String.valueOf( i ) );
784         }
785 
786         return list;
787     }
788 
789     /**
790      * Returns an html template containing the list of the portlet types
791      * 
792      * @param user
793      *            The AdminUser
794      * @return The html code
795      */
796     private Collection<PortletType> getPortletTypeList( AdminUser user )
797     {
798         List<PortletType> listPortletType = PortletTypeHome.getPortletTypesList( getLocale( ) );
799 
800         return RBACService.getAuthorizedCollection( listPortletType, PortletResourceIdService.PERMISSION_CREATE, user );
801     }
802 
803     /**
804      * Gets an html template displaying the patterns list available in the portal for the layout
805      *
806      * @param nTemplatePageId
807      *            The identifier of the layout to select in the list
808      * @param nPageTemplatePageId
809      *            The pafa templatepage id
810      * @param nIndexRow
811      *            the index row
812      * @return The html code of the list
813      */
814     private String getTemplatesPageList( int nTemplatePageId, int nPageTemplatePageId, String nIndexRow )
815     {
816         Map<String, Object> model = new HashMap<>( );
817 
818         PageTemplate pageTemplate = PageTemplateHome.findByPrimaryKey( nTemplatePageId );
819         model.put( MARK_PAGE_TEMPLATE, pageTemplate );
820         model.put( MARK_INDEX_ROW, nIndexRow );
821 
822         String strChecked = ( pageTemplate.getId( ) == nPageTemplatePageId ) ? "checked=\"checked\"" : "";
823         model.put( Markers.PAGE_TEMPLATE_CHECKED, strChecked );
824 
825         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_PAGE_TEMPLATE_ROW, getLocale( ), model );
826 
827         return template.getHtml( );
828     }
829 
830     /**
831      * Return AdminSite Url
832      * 
833      * @param nId
834      *            The PageId
835      * @return url
836      */
837     private String getUrlPage( int nId )
838     {
839         UrlItem/url/UrlItem.html#UrlItem">UrlItem url = new UrlItem( JSP_ADMIN_SITE );
840         url.addParameter( Parameters.PAGE_ID, nId );
841 
842         return url.getUrl( );
843     }
844 
845     /**
846      *
847      * @param request
848      *            The HttpServletRequest
849      * @param page
850      *            The Page
851      * @param nParentPageId
852      *            The page parent Id
853      * @return strParentPageId the new parent id
854      */
855     private String getNewParentPageId( HttpServletRequest request, Page page, int nParentPageId )
856     {
857         String strErrorUrl = null;
858 
859         if ( nParentPageId == 0 )
860         {
861             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_STOP );
862         }
863 
864         int nChildPagePageId = nParentPageId;
865         boolean bPageExist = PageHome.checkPageExist( nChildPagePageId );
866 
867         if ( !bPageExist )
868         {
869             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_STOP );
870         }
871 
872         if ( nChildPagePageId >= PortalService.getRootPageId( ) )
873         {
874             Page childPage = PageHome.getPage( nChildPagePageId );
875             int nParentChildPageId = childPage.getParentPageId( );
876 
877             while ( ( nChildPagePageId != page.getId( ) ) && ( nChildPagePageId != 0 ) )
878             {
879                 if ( nParentChildPageId != page.getId( ) )
880                 {
881                     childPage = PageHome.getPage( nParentChildPageId );
882                     nChildPagePageId = childPage.getId( );
883                     nParentChildPageId = childPage.getParentPageId( );
884                 }
885                 else
886                 {
887                     return AdminMessageService.getMessageUrl( request, MESSAGE_PAGE_ID_CHILDPAGE, AdminMessage.TYPE_STOP );
888                 }
889             }
890 
891             if ( nParentPageId != page.getId( ) )
892             {
893                 String strParentPageId = Integer.toString( nParentPageId );
894                 page.setParentPageId( Integer.parseInt( strParentPageId ) );
895             }
896             else
897             {
898                 return AdminMessageService.getMessageUrl( request, MESSAGE_SAME_PAGE_ID, AdminMessage.TYPE_STOP );
899             }
900         }
901         else
902         {
903             return AdminMessageService.getMessageUrl( request, MESSAGE_ROOT_PAGE_FORBIDDEN, AdminMessage.TYPE_STOP );
904         }
905         return strErrorUrl;
906     }
907 }