View Javadoc
1   /*
2    * Copyright (c) 2002-2022, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.web.admin;
35  
36  import java.sql.Timestamp;
37  import java.util.Collection;
38  import java.util.HashMap;
39  import java.util.List;
40  import java.util.Map;
41  
42  import javax.servlet.http.HttpServletRequest;
43  
44  import org.apache.commons.collections.CollectionUtils;
45  import org.apache.commons.fileupload.FileItem;
46  import org.apache.commons.lang3.StringUtils;
47  
48  import fr.paris.lutece.portal.business.page.Page;
49  import fr.paris.lutece.portal.business.page.PageHome;
50  import fr.paris.lutece.portal.business.portlet.PortletType;
51  import fr.paris.lutece.portal.business.portlet.PortletTypeHome;
52  import fr.paris.lutece.portal.business.role.RoleHome;
53  import fr.paris.lutece.portal.business.style.PageTemplate;
54  import fr.paris.lutece.portal.business.style.PageTemplateHome;
55  import fr.paris.lutece.portal.business.user.AdminUser;
56  import fr.paris.lutece.portal.service.admin.AccessDeniedException;
57  import fr.paris.lutece.portal.service.content.ContentPostProcessorService;
58  import fr.paris.lutece.portal.service.content.ContentService;
59  import fr.paris.lutece.portal.service.fileupload.FileUploadService;
60  import fr.paris.lutece.portal.service.i18n.I18nService;
61  import fr.paris.lutece.portal.service.message.AdminMessage;
62  import fr.paris.lutece.portal.service.message.AdminMessageService;
63  import fr.paris.lutece.portal.service.message.SiteMessageException;
64  import fr.paris.lutece.portal.service.page.IPageService;
65  import fr.paris.lutece.portal.service.page.PageResourceIdService;
66  import fr.paris.lutece.portal.service.page.PageService;
67  import fr.paris.lutece.portal.service.portal.PortalService;
68  import fr.paris.lutece.portal.service.portal.ThemesService;
69  import fr.paris.lutece.portal.service.portlet.PortletResourceIdService;
70  import fr.paris.lutece.portal.service.rbac.RBACService;
71  import fr.paris.lutece.portal.service.security.SecurityTokenService;
72  import fr.paris.lutece.portal.service.security.UserNotSignedException;
73  import fr.paris.lutece.portal.service.spring.SpringContextService;
74  import fr.paris.lutece.portal.service.template.AppTemplateService;
75  import fr.paris.lutece.portal.service.util.AppPropertiesService;
76  import fr.paris.lutece.portal.web.constants.Markers;
77  import fr.paris.lutece.portal.web.constants.Messages;
78  import fr.paris.lutece.portal.web.constants.Parameters;
79  import fr.paris.lutece.portal.web.resource.ExtendableResourcePluginActionManager;
80  import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest;
81  import fr.paris.lutece.util.ReferenceList;
82  import fr.paris.lutece.util.date.DateUtil;
83  import fr.paris.lutece.util.html.HtmlTemplate;
84  import fr.paris.lutece.util.string.StringUtil;
85  import fr.paris.lutece.util.url.UrlItem;
86  
87  /**
88   * This class provides the admin interface to manage administration of site
89   */
90  public class AdminPageJspBean extends AdminFeaturesPageJspBean
91  {
92      // //////////////////////////////////////////////////////////////////////////
93      // Constants
94  
95      private static final long serialVersionUID = -3560428244531532507L;
96  
97      // Right
98      public static final String RIGHT_MANAGE_ADMIN_SITE = "CORE_ADMIN_SITE";
99  
100     // Properties for page titles
101     public static final String PROPERTY_PAGE_TITLE_ADMIN_SITE = "portal.site.admin_page.pageTitle";
102 
103     // Markers
104     private static final String MARK_PAGE = "page";
105     private static final String MARK_PAGE_INIT_ID = "page_init_id";
106     private static final String MARK_PAGE_MESSAGE = "page_message";
107     private static final String MARK_PORTLET_TYPES_LIST = "portlet_types_list";
108     private static final String MARK_PAGE_ORDER_LIST = "page_order_list";
109     private static final String MARK_PAGE_ROLES_LIST = "page_roles_list";
110     private static final String MARK_PAGE_THEMES_LIST = "page_themes_list";
111     private static final String MARK_IMAGE_URL = "image_url";
112     private static final String MARK_PAGE_TEMPLATES_LIST = "page_templates_list";
113     private static final String MARK_PAGE_TEMPLATE = "page_template";
114     private static final String MARK_INDEX_ROW = "index_row";
115     private static final String MARK_AUTORIZATION = "authorization";
116     private static final String MARK_PAGE_BLOCK = "page_block";
117     private static final String MARK_PAGE_UPDATE_DATE = "page_update_date";
118     private static final String MARK_ADMIN_USER_LANGUAGE = "admin_user_language";
119 
120     // Parameters
121     private static final String PARAMETER_IMAGE_CONTENT = "image_content";
122     private static final String PARAMETER_NODE_STATUS = "node_status";
123     private static final String PARAMETER_BLOCK = "param_block";
124     private static final String PARAMETER_PAGE_TEMPLATE_UPDATE_IMAGE = "update_image";
125     private static final int BLOCK_SEARCH = 1;
126     private static final int BLOCK_PROPERTY = 2;
127     private static final int BLOCK_CHILDPAGE = 5;
128 
129     // Templates
130     private static final String TEMPLATE_PAGE_TEMPLATE_ROW = "admin/site/page_template_list_row.html";
131     private static final String TEMPLATE_ADMIN_PAGE = "admin/site/admin_page.html";
132     private static final String TEMPLATE_ADMIN_PAGE_BLOCK_SEARCH = "admin/site/admin_page_block_search.html";
133     private static final String TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY = "admin/site/admin_page_block_property.html";
134     private static final String TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE = "admin/site/admin_page_block_childpage.html";
135 
136     // Properties definition
137     private static final String PROPERTY_MESSAGE_PAGE_INEXISTENT = "portal.site.admin_page.messagePageInexistent";
138     private static final String PROPERTY_MESSAGE_PAGE_FORMAT = "portal.site.admin_page.messagePageFormat";
139     private static final String PROPERTY_MESSAGE_CONFIRM_REMOVE_PAGE = "portal.site.message.confirmRemovePage";
140     private static final String PROPERTY_LIST_ORDER_MAX = "list.order.max";
141 
142     // Jsp
143     private static final String JSP_ADMIN_SITE = "AdminSite.jsp";
144     private static final String JSP_PATH = "jsp/admin/site/";
145     private static final String JSP_REMOVE_PAGE = JSP_PATH + "DoRemovePage.jsp";
146 
147     // Messages
148     private static final String MESSAGE_TITLE_INVALID_CHARACTERS = "portal.site.message.invalidCharactersInTitleName";
149     private static final String MESSAGE_DESCRIPTION_INVALID_CHARACTERS = "portal.site.message.invalidCharactersInDescription";
150     private static final String MESSAGE_CANNOT_REMOVE_CHILDPAGE_EXISTS = "portal.site.message.cannotRemoveChildPageExists";
151     private static final String MESSAGE_LENGTH_DESCRIPTION = "portal.site.message.pageLengthDescription";
152     private static final String MESSAGE_ROOT_PAGE_FORBIDDEN = "portal.site.message.rootPageForbidden";
153     private static final String MESSAGE_INVALID_PAGE_ID = "portal.site.message.pageIdInvalid";
154     private static final String MESSAGE_PAGE_ID_CHILDPAGE = "portal.site.message.pageIdChildPage";
155     private static final String MESSAGE_SAME_PAGE_ID = "portal.site.message.pageSameId";
156     private static final String MESSAGE_MISSING_MANUAL_UPDATE_DATE = "portal.site.message.missingManualUpdateDate";
157     private static IPageService _pageService = SpringContextService.getBean( "pageService" );
158 
159     /**
160      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter
161      *
162      * @param request
163      *            The identifier of the page
164      * @return The html code of the management forms of a page
165      */
166     public String getAdminPage( HttpServletRequest request )
167     {
168         String strPageId = request.getParameter( Parameters.PAGE_ID );
169 
170         if ( ( strPageId == null ) || strPageId.equals( "" ) )
171         {
172             strPageId = String.valueOf( PortalService.getRootPageId( ) );
173         }
174 
175         String strParamBlock = request.getParameter( PARAMETER_BLOCK );
176 
177         return getAdminPageBlock( strPageId, strParamBlock, request );
178     }
179 
180     /**
181      * Returns the html code for displaying the page whose identifier is specified in parameter from the administration unit. <br>
182      * That is useful to make a preview of the page.
183      *
184      * @param request
185      *            The http request
186      * @return The html code of the page
187      * @throws UserNotSignedException
188      *             The UserNotSignedException
189      * @throws SiteMessageException
190      *             occurs when a site message need to be displayed
191      */
192     public String getAdminPagePreview( HttpServletRequest request ) throws UserNotSignedException, SiteMessageException
193     {
194         ContentService cs = PortalService.getInvokedContentService( request );
195         int nMode = 1;
196 
197         String strContent;
198 
199         if ( cs != null )
200         {
201             strContent = cs.getPage( request, nMode );
202         }
203         else
204         {
205             strContent = PortalService.getDefaultPage( request, nMode );
206         }
207 
208         if ( ContentPostProcessorService.hasProcessor( ) )
209         {
210             strContent = ContentPostProcessorService.process( request, strContent );
211         }
212 
213         return strContent;
214     }
215 
216     /**
217      * Processes of the modification of the page informations
218      *
219      * @param request
220      *            The http request
221      * @return The jsp url result of the process
222      * @throws AccessDeniedException
223      *             if the security token is invalid
224      */
225     public String doModifyPage( HttpServletRequest request ) throws AccessDeniedException
226     {
227         MultipartHttpServletRequestris/lutece/portal/web/upload/MultipartHttpServletRequest.html#MultipartHttpServletRequest">MultipartHttpServletRequest mRequest = (MultipartHttpServletRequest) request;
228         int nPageId = Integer.parseInt( mRequest.getParameter( Parameters.PAGE_ID ) );
229 
230         Page page = PageHome.getPage( nPageId );
231 
232         String strErrorUrl = getPageData( mRequest, page );
233 
234         if ( strErrorUrl != null )
235         {
236             return strErrorUrl;
237         }
238 
239         strErrorUrl = setParentPageId( mRequest, page );
240 
241         if ( strErrorUrl != null )
242         {
243             return strErrorUrl;
244         }
245 
246         strErrorUrl = updatePicture( mRequest, page );
247 
248         if ( strErrorUrl != null )
249         {
250             return strErrorUrl;
251         }
252 
253         if ( !SecurityTokenService.getInstance( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY ) )
254         {
255             throw new AccessDeniedException( ERROR_INVALID_TOKEN );
256         }
257 
258         setAuthorizationNode( page );
259 
260         // Updates the page
261         _pageService.updatePage( page );
262 
263         // Displays again the current page with the modifications
264         return getUrlPage( nPageId );
265     }
266 
267     /**
268      * Update the page's picture
269      * 
270      * @param mRequest
271      *            the request
272      * @param page
273      *            the page
274      * @return an error URL, or <code>null</code>
275      */
276     private String updatePicture( MultipartHttpServletRequest mRequest, Page page )
277     {
278         String strUpdatePicture = mRequest.getParameter( PARAMETER_PAGE_TEMPLATE_UPDATE_IMAGE );
279         if ( strUpdatePicture == null )
280         {
281             return null;
282         }
283 
284         FileItem item = mRequest.getFile( PARAMETER_IMAGE_CONTENT );
285         String strPictureName = FileUploadService.getFileNameOnly( item );
286 
287         if ( strPictureName.equals( "" ) )
288         {
289             return AdminMessageService.getMessageUrl( mRequest, Messages.MANDATORY_FILE, AdminMessage.TYPE_STOP );
290         }
291         byte [ ] bytes = item.get( );
292         String strMimeType = item.getContentType( );
293         page.setImageContent( bytes );
294         page.setMimeType( strMimeType );
295         return null;
296     }
297 
298     /**
299      * Sets the authorization node
300      * 
301      * @param page
302      *            the page
303      */
304     private void setAuthorizationNode( Page page )
305     {
306         Integer nOldAutorisationNode = page.getIdAuthorizationNode( );
307 
308         if ( page.getNodeStatus( ) != 0 )
309         {
310             Page parentPage = PageHome.getPage( page.getParentPageId( ) );
311             page.setIdAuthorizationNode( parentPage.getIdAuthorizationNode( ) );
312         }
313         else
314         {
315             page.setIdAuthorizationNode( page.getId( ) );
316         }
317         if ( ( page.getIdAuthorizationNode( ) == null ) || !page.getIdAuthorizationNode( ).equals( nOldAutorisationNode ) )
318         {
319             PageService.updateChildrenAuthorizationNode( page.getId( ), page.getIdAuthorizationNode( ) );
320         }
321     }
322 
323     /**
324      * Sets the parent page ID
325      * 
326      * @param mRequest
327      *            the requset
328      * @param page
329      *            the page
330      * @return an error URL, or <code>null</code>
331      */
332     private String setParentPageId( MultipartHttpServletRequest mRequest, Page page )
333     {
334         int nParentPageId = Integer.parseInt( mRequest.getParameter( Parameters.PARENT_ID ) );
335 
336         if ( nParentPageId != page.getParentPageId( ) )
337         {
338             String strErrorUrl = getNewParentPageId( mRequest, page, nParentPageId );
339 
340             if ( strErrorUrl != null )
341             {
342                 return strErrorUrl;
343             }
344         }
345         return null;
346     }
347 
348     /**
349      * Display the confirm page for the delete of a page
350      *
351      * @param request
352      *            The http request
353      * @return The url of the confirm page
354      */
355     public String getRemovePage( HttpServletRequest request )
356     {
357         String strPageId = request.getParameter( Parameters.PAGE_ID );
358         if ( !StringUtils.isNumeric( strPageId ) )
359         {
360             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
361         }
362         int nPageId = Integer.parseInt( strPageId );
363         Page page = PageHome.getPage( nPageId );
364         if ( page == null || page.getId( ) == 0 || page.getId( ) != nPageId )
365         {
366             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
367         }
368         Map<String, Object> parameters = new HashMap<>( );
369         parameters.put( Parameters.PAGE_ID, strPageId );
370         parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_REMOVE_PAGE ) );
371 
372         return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_PAGE, new Object [ ] {
373                 page.getName( )
374         }, null, JSP_REMOVE_PAGE, null, AdminMessage.TYPE_CONFIRMATION, parameters );
375     }
376 
377     /**
378      * Processes the deletion of a page
379      *
380      * @param request
381      *            The http request
382      * @return The jsp url result of the process
383      * @throws AccessDeniedException
384      *             if the security token is invalid
385      */
386     public String doRemovePage( HttpServletRequest request ) throws AccessDeniedException
387     {
388         String strPageId = request.getParameter( Parameters.PAGE_ID );
389         if ( !StringUtils.isNumeric( strPageId ) )
390         {
391             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
392         }
393         int nPageId = Integer.parseInt( strPageId );
394         Page page = PageHome.getPage( nPageId );
395         if ( page == null || page.getId( ) == 0 || page.getId( ) != nPageId )
396         {
397             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_ERROR );
398         }
399         // Checks that the page has no child
400         Collection<Page> list = PageHome.getChildPagesMinimalData( nPageId );
401 
402         if ( CollectionUtils.isNotEmpty( list ) )
403         {
404             return AdminMessageService.getMessageUrl( request, MESSAGE_CANNOT_REMOVE_CHILDPAGE_EXISTS, new Object [ ] {
405                     page.getName( ), list.size( )
406             }, JSP_PATH + getUrlPage( nPageId ), AdminMessage.TYPE_STOP );
407         }
408         if ( !SecurityTokenService.getInstance( ).validate( request, JSP_REMOVE_PAGE ) )
409         {
410             throw new AccessDeniedException( "Invalid CSRF token" );
411         }
412 
413         int nParentPageId = page.getParentPageId( );
414 
415         // Delete the page
416         _pageService.removePage( nPageId );
417 
418         return getUrlPage( nParentPageId );
419     }
420 
421     /**
422      * Processes the creation of a child page to the page whose identifier is stored in the http request
423      *
424      * @param request
425      *            The http request
426      * @return The jsp url result of the process
427      * @throws AccessDeniedException
428      *             If the security token is invalid
429      */
430     public String doCreateChildPage( HttpServletRequest request ) throws AccessDeniedException
431     {
432         MultipartHttpServletRequestris/lutece/portal/web/upload/MultipartHttpServletRequest.html#MultipartHttpServletRequest">MultipartHttpServletRequest mRequest = (MultipartHttpServletRequest) request;
433 
434         String strParentPageId = mRequest.getParameter( Parameters.PAGE_ID );
435         int nParentPageId = Integer.parseInt( strParentPageId );
436 
437         Pagertal/business/page/Page.html#Page">Page page = new Page( );
438         page.setParentPageId( nParentPageId );
439 
440         String strErrorUrl = getPageData( mRequest, page );
441 
442         if ( strErrorUrl != null )
443         {
444             return strErrorUrl;
445         }
446         if ( !SecurityTokenService.getInstance( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE ) )
447         {
448             throw new AccessDeniedException( ERROR_INVALID_TOKEN );
449         }
450 
451         // Create the page
452         _pageService.createPage( page );
453 
454         // set the authorization node
455         if ( page.getNodeStatus( ) != 0 )
456         {
457             Page parentPage = PageHome.getPage( page.getParentPageId( ) );
458             page.setIdAuthorizationNode( parentPage.getIdAuthorizationNode( ) );
459         }
460         else
461         {
462             page.setIdAuthorizationNode( page.getId( ) );
463         }
464 
465         FileItem item = mRequest.getFile( PARAMETER_IMAGE_CONTENT );
466 
467         byte [ ] bytes = item.get( );
468         String strMimeType = item.getContentType( );
469 
470         page.setImageContent( bytes );
471         page.setMimeType( strMimeType );
472 
473         _pageService.updatePage( page );
474 
475         // Displays again the current page with the modifications
476         return getUrlPage( page.getId( ) );
477     }
478 
479     /**
480      * Management of the image associated to the page
481      * 
482      * @param page
483      *            The Page Object
484      * @param strPageId
485      *            The page identifier
486      * @return The url
487      */
488     public String getResourceImagePage( Page page, String strPageId )
489     {
490         String strResourceType = _pageService.getResourceTypeId( );
491         UrlItem/url/UrlItem.html#UrlItem">UrlItem url = new UrlItem( Parameters.IMAGE_SERVLET );
492         url.addParameter( Parameters.RESOURCE_TYPE, strResourceType );
493         url.addParameter( Parameters.RESOURCE_ID, strPageId );
494 
495         return url.getUrlWithEntity( );
496     }
497 
498     // ////////////////////////////////////////////////////////////////////////////////
499     // Private implementation
500 
501     /**
502      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter.
503      *
504      * @param strPageId
505      *            The identifier of the page
506      * @param strParamBlock
507      *            The block parameter to display
508      * @param request
509      *            The request
510      * @return The management page of a page
511      */
512     private String getAdminPageBlock( String strPageId, String strParamBlock, HttpServletRequest request )
513     {
514         Map<String, Object> model = new HashMap<>( );
515 
516         Page page = null;
517         int nPageId = 1;
518         int nPageIdInit = 1;
519         int nParamBlock = 0;
520 
521         try
522         {
523             nPageId = Integer.parseInt( strPageId );
524             nPageIdInit = nPageId;
525             nParamBlock = ( strParamBlock != null ) ? Integer.parseInt( strParamBlock ) : 0;
526 
527             boolean bPageExist = PageHome.checkPageExist( nPageId );
528 
529             if ( bPageExist )
530             {
531                 page = PageHome.getPage( nPageId );
532                 model.put( MARK_PAGE_MESSAGE, "" );
533             }
534             else
535             {
536                 nPageId = PortalService.getRootPageId( );
537                 page = PageHome.getPage( nPageId );
538                 model.put( MARK_PAGE_MESSAGE, I18nService.getLocalizedString( PROPERTY_MESSAGE_PAGE_INEXISTENT, getLocale( ) ) );
539             }
540         }
541         catch( NumberFormatException nfe )
542         {
543             nPageId = PortalService.getRootPageId( );
544             page = PageHome.getPage( nPageId );
545             model.put( MARK_PAGE_MESSAGE, I18nService.getLocalizedString( PROPERTY_MESSAGE_PAGE_FORMAT, getLocale( ) ) );
546         }
547 
548         switch( nParamBlock )
549         {
550             case BLOCK_SEARCH:
551                 model.put( MARK_PAGE_BLOCK, getAdminPageBlockSearch( nPageIdInit, model ) );
552 
553                 break;
554 
555             case BLOCK_PROPERTY:
556             case BLOCK_CHILDPAGE:
557                 model.put( MARK_PAGE_BLOCK, getAdminPageBlockProperty( page, nParamBlock, model, request ) );
558 
559                 break;
560 
561             default:
562                 model.put( MARK_PAGE_BLOCK, "" );
563 
564                 break;
565         }
566 
567         model.put( MARK_PORTLET_TYPES_LIST, getPortletTypeList( getUser( ) ) );
568         model.put( MARK_PAGE, page );
569         ExtendableResourcePluginActionManager.fillModel( request, getUser( ), model, strPageId, Page.RESOURCE_TYPE );
570 
571         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_PAGE, getLocale( ), model );
572 
573         return getAdminPage( template.getHtml( ) );
574     }
575 
576     /**
577      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter
578      *
579      * @param page
580      *            The page object
581      * @param nParamBlock
582      *            The id parameter to display
583      * @param model
584      *            The model
585      * @param request
586      *            The request
587      * @return The management page of a page
588      */
589     private String getAdminPageBlockProperty( Page page, int nParamBlock, Map<String, Object> model, HttpServletRequest request )
590     {
591         model.put( MARK_PAGE, page );
592         model.put( MARK_PAGE_INIT_ID, page.getId( ) );
593         model.put( MARK_PAGE_ORDER_LIST, getOrdersList( ) );
594         model.put( MARK_PAGE_ROLES_LIST, RoleHome.getRolesList( getUser( ) ) );
595         model.put( MARK_PAGE_THEMES_LIST, ThemesService.getPageThemes( getLocale( ) ) );
596         model.put( MARK_IMAGE_URL, getResourceImagePage( page, Integer.toString( page.getId( ) ) ) );
597         model.put( MARK_PAGE_UPDATE_DATE, DateUtil.getDateString( page.getDateUpdate( ), request.getLocale( ) ) );
598         model.put( MARK_ADMIN_USER_LANGUAGE, getUser( ).getLocale( ).getLanguage( ) );
599 
600         int nIndexRow = 1;
601         StringBuilder strPageTemplatesRow = new StringBuilder( );
602 
603         // Scan of the list
604         for ( PageTemplate pageTemplate : PageTemplateHome.getPageTemplatesList( ) )
605         {
606             strPageTemplatesRow.append( getTemplatesPageList( pageTemplate.getId( ), page.getPageTemplateId( ), Integer.toString( nIndexRow ) ) );
607             nIndexRow++;
608         }
609 
610         model.put( MARK_PAGE_TEMPLATES_LIST, strPageTemplatesRow );
611 
612         // Add in v2.0
613         int nManageAuthorization = 1;
614 
615         if ( _pageService.isAuthorizedAdminPage( page.getId( ), PageResourceIdService.PERMISSION_MANAGE, getUser( ) ) )
616         {
617             nManageAuthorization = 0;
618         }
619 
620         model.put( MARK_AUTORIZATION, Integer.toString( nManageAuthorization ) );
621 
622         String strTemplate = TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY;
623 
624         if ( nParamBlock == BLOCK_CHILDPAGE )
625         {
626             strTemplate = TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE;
627         }
628         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, strTemplate ) );
629 
630         HtmlTemplate template = AppTemplateService.getTemplate( strTemplate, getLocale( ), model );
631 
632         return template.getHtml( );
633     }
634 
635     /**
636      * Displays the page which contains the management forms of a skin page whose identifier is specified in parameter
637      *
638      * @param nPageIdInit
639      *            The identifier of the init page
640      * @param model
641      *            The HashMap
642      * @return The management page of a page
643      */
644     private String getAdminPageBlockSearch( int nPageIdInit, Map<String, Object> model )
645     {
646         model.put( MARK_PAGE_INIT_ID, Integer.toString( nPageIdInit ) );
647 
648         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_PAGE_BLOCK_SEARCH, getLocale( ), model );
649 
650         return template.getHtml( );
651     }
652 
653     /**
654      * Provide page data
655      * 
656      * @param request
657      *            The HttpServletRequest
658      * @param page
659      *            the Page Object
660      * @return strErrorUrl
661      */
662     private String getPageData( HttpServletRequest request, Page page )
663     {
664         String strErrorUrl = null;
665 
666         String strPageId = request.getParameter( Parameters.PAGE_ID );
667         int nPageId = Integer.parseInt( strPageId );
668         String strName = request.getParameter( Parameters.PAGE_NAME );
669         String strDescription = request.getParameter( Parameters.PAGE_DESCRIPTION );
670         String strTemplatePageId = request.getParameter( Parameters.PAGE_TEMPLATE_ID );
671         int nTemplatePageId = Integer.parseInt( strTemplatePageId );
672         String strOrder = request.getParameter( Parameters.ORDER );
673         String strRole = request.getParameter( Parameters.ROLE );
674         String strTheme = request.getParameter( Parameters.THEME );
675         String strMetaKeywords = request.getParameter( Parameters.META_KEYWORDS ).trim( );
676         String strMetaDescription = request.getParameter( Parameters.META_DESCRIPTION ).trim( );
677 
678         /* Added in v2.0 */
679         String strNodeStatus = request.getParameter( PARAMETER_NODE_STATUS );
680         int nNodeStatus = Integer.parseInt( strNodeStatus );
681 
682         boolean bDisplayDateUpdate = StringUtils.isNotEmpty( request.getParameter( Parameters.PARAMETER_DISPLAY_UPDATE_DATE ) );
683 
684         boolean bIsManualDateUpdate = StringUtils.isNotEmpty( request.getParameter( Parameters.PARAMETER_ENABLE_MANUAL_UPDATE_DATE ) );
685 
686         String strManualDateUpdate = request.getParameter( Parameters.PARAMETER_MANUAL_UPDATE_DATE );
687 
688         page.setDateUpdate( new Timestamp( new java.util.Date( ).getTime( ) ) );
689 
690         if ( bDisplayDateUpdate && bIsManualDateUpdate )
691         {
692             if ( StringUtils.isNotBlank( strManualDateUpdate ) )
693             {
694                 Timestamp tsManualDate = DateUtil.formatTimestamp( strManualDateUpdate, request.getLocale( ) );
695                 page.setDateUpdate( tsManualDate );
696             }
697             else
698             {
699                 return AdminMessageService.getMessageUrl( request, MESSAGE_MISSING_MANUAL_UPDATE_DATE, AdminMessage.TYPE_STOP );
700             }
701         }
702 
703         // Checks the description length (150 car. maximum)
704         if ( strDescription.length( ) > 150 )
705         {
706             return AdminMessageService.getMessageUrl( request, MESSAGE_LENGTH_DESCRIPTION, AdminMessage.TYPE_STOP );
707         }
708 
709         // Checks if the mandatory field page name is found in the request
710         if ( strName.trim( ).equals( "" ) )
711         {
712             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
713         }
714 
715         // Checks if the page name contains HTML special characters
716         else
717             if ( StringUtil.containsHtmlSpecialCharacters( strName ) )
718             {
719                 return AdminMessageService.getMessageUrl( request, MESSAGE_TITLE_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
720             }
721 
722             // Checks if the page description contains HTML special characters
723             else
724                 if ( StringUtil.containsHtmlSpecialCharacters( strDescription ) )
725                 {
726                     return AdminMessageService.getMessageUrl( request, MESSAGE_DESCRIPTION_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
727                 }
728 
729                 // Checks if the META name of the page contains HTML special characters
730                 else
731                     if ( StringUtil.containsHtmlSpecialCharacters( strMetaKeywords ) )
732                     {
733                         return AdminMessageService.getMessageUrl( request, MESSAGE_DESCRIPTION_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
734                     }
735 
736                     // Checks if the META description of the page description contains HTML special
737                     // characters
738                     else
739                         if ( StringUtil.containsHtmlSpecialCharacters( strMetaDescription ) )
740                         {
741                             return AdminMessageService.getMessageUrl( request, MESSAGE_DESCRIPTION_INVALID_CHARACTERS, AdminMessage.TYPE_STOP );
742                         }
743                         else
744                         {
745                             page.setName( strName );
746                         }
747 
748         int nOrder = ( strOrder != null ) ? Integer.parseInt( strOrder ) : PageHome.getNewChildPageOrder( nPageId );
749 
750         page.setPageTemplateId( nTemplatePageId );
751         page.setDescription( strDescription );
752         page.setOrder( nOrder );
753         page.setRole( strRole );
754         page.setCodeTheme( strTheme );
755         page.setNodeStatus( nNodeStatus );
756         page.setMetaKeywords( strMetaKeywords );
757         page.setMetaDescription( strMetaDescription );
758         page.setDisplayDateUpdate( bDisplayDateUpdate );
759         page.setIsManualDateUpdate( bIsManualDateUpdate );
760 
761         return strErrorUrl;
762     }
763 
764     /**
765      * Returns the list of the orders
766      *
767      * @return The list of the orders in form of a ReferenceList object
768      */
769     private ReferenceList getOrdersList( )
770     {
771         ReferenceListnceList.html#ReferenceList">ReferenceList list = new ReferenceList( );
772         int nOrderMax = AppPropertiesService.getPropertyInt( PROPERTY_LIST_ORDER_MAX, 15 );
773 
774         for ( int i = 1; i <= nOrderMax; i++ )
775         {
776             list.addItem( i, String.valueOf( i ) );
777         }
778 
779         return list;
780     }
781 
782     /**
783      * Returns an html template containing the list of the portlet types
784      * 
785      * @param user
786      *            The AdminUser
787      * @return The html code
788      */
789     private Collection<PortletType> getPortletTypeList( AdminUser user )
790     {
791         List<PortletType> listPortletType = PortletTypeHome.getPortletTypesList( getLocale( ) );
792 
793         return RBACService.getAuthorizedCollection( listPortletType, PortletResourceIdService.PERMISSION_CREATE, user );
794     }
795 
796     /**
797      * Gets an html template displaying the patterns list available in the portal for the layout
798      *
799      * @param nTemplatePageId
800      *            The identifier of the layout to select in the list
801      * @param nPageTemplatePageId
802      *            The pafa templatepage id
803      * @param nIndexRow
804      *            the index row
805      * @return The html code of the list
806      */
807     private String getTemplatesPageList( int nTemplatePageId, int nPageTemplatePageId, String nIndexRow )
808     {
809         Map<String, Object> model = new HashMap<>( );
810 
811         PageTemplate pageTemplate = PageTemplateHome.findByPrimaryKey( nTemplatePageId );
812         model.put( MARK_PAGE_TEMPLATE, pageTemplate );
813         model.put( MARK_INDEX_ROW, nIndexRow );
814 
815         String strChecked = ( pageTemplate.getId( ) == nPageTemplatePageId ) ? "checked=\"checked\"" : "";
816         model.put( Markers.PAGE_TEMPLATE_CHECKED, strChecked );
817 
818         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_PAGE_TEMPLATE_ROW, getLocale( ), model );
819 
820         return template.getHtml( );
821     }
822 
823     /**
824      * Return AdminSite Url
825      * 
826      * @param nId
827      *            The PageId
828      * @return url
829      */
830     private String getUrlPage( int nId )
831     {
832         UrlItem/url/UrlItem.html#UrlItem">UrlItem url = new UrlItem( JSP_ADMIN_SITE );
833         url.addParameter( Parameters.PAGE_ID, nId );
834 
835         return url.getUrl( );
836     }
837 
838     /**
839      *
840      * @param request
841      *            The HttpServletRequest
842      * @param page
843      *            The Page
844      * @param nParentPageId
845      *            The page parent Id
846      * @return strParentPageId the new parent id
847      */
848     private String getNewParentPageId( HttpServletRequest request, Page page, int nParentPageId )
849     {
850         String strErrorUrl = null;
851 
852         if ( nParentPageId == 0 )
853         {
854             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_STOP );
855         }
856 
857         int nChildPagePageId = nParentPageId;
858         boolean bPageExist = PageHome.checkPageExist( nChildPagePageId );
859 
860         if ( !bPageExist )
861         {
862             return AdminMessageService.getMessageUrl( request, MESSAGE_INVALID_PAGE_ID, AdminMessage.TYPE_STOP );
863         }
864 
865         if ( nChildPagePageId >= PortalService.getRootPageId( ) )
866         {
867             Page childPage = PageHome.getPage( nChildPagePageId );
868             int nParentChildPageId = childPage.getParentPageId( );
869 
870             while ( ( nChildPagePageId != page.getId( ) ) && ( nChildPagePageId != 0 ) )
871             {
872                 if ( nParentChildPageId != page.getId( ) )
873                 {
874                     childPage = PageHome.getPage( nParentChildPageId );
875                     nChildPagePageId = childPage.getId( );
876                     nParentChildPageId = childPage.getParentPageId( );
877                 }
878                 else
879                 {
880                     return AdminMessageService.getMessageUrl( request, MESSAGE_PAGE_ID_CHILDPAGE, AdminMessage.TYPE_STOP );
881                 }
882             }
883 
884             if ( nParentPageId != page.getId( ) )
885             {
886                 String strParentPageId = Integer.toString( nParentPageId );
887                 page.setParentPageId( Integer.parseInt( strParentPageId ) );
888             }
889             else
890             {
891                 return AdminMessageService.getMessageUrl( request, MESSAGE_SAME_PAGE_ID, AdminMessage.TYPE_STOP );
892             }
893         }
894         else
895         {
896             return AdminMessageService.getMessageUrl( request, MESSAGE_ROOT_PAGE_FORBIDDEN, AdminMessage.TYPE_STOP );
897         }
898         return strErrorUrl;
899     }
900 }