001
014
015 package com.liferay.portal.template;
016
017 import com.liferay.portal.kernel.template.Template;
018 import com.liferay.portal.kernel.template.TemplateException;
019
020 import java.io.Writer;
021
022 import java.security.AccessControlContext;
023 import java.security.AccessController;
024 import java.security.PrivilegedActionException;
025 import java.security.PrivilegedExceptionAction;
026
027 import javax.servlet.http.HttpServletRequest;
028
029
033 public class PrivilegedTemplateWrapper implements Template {
034
035 public PrivilegedTemplateWrapper(
036 AccessControlContext accessControlContext, Template template) {
037
038 _accessControlContext = accessControlContext;
039 _template = template;
040 }
041
042 @Override
043 public Object get(String key) {
044 return _template.get(key);
045 }
046
047 @Override
048 public String[] getKeys() {
049 return _template.getKeys();
050 }
051
052 @Override
053 public void prepare(HttpServletRequest request) {
054 _template.prepare(request);
055 }
056
057 @Override
058 public void processTemplate(Writer writer) throws TemplateException {
059 try {
060 AccessController.doPrivileged(
061 new ProcessTemplatePrivilegedExceptionAction(_template, writer),
062 _accessControlContext);
063 }
064 catch (PrivilegedActionException pae) {
065 throw (TemplateException)pae.getException();
066 }
067 }
068
069 @Override
070 public void put(String key, Object value) {
071 _template.put(key, value);
072 }
073
074 private AccessControlContext _accessControlContext;
075 private Template _template;
076
077 private static class ProcessTemplatePrivilegedExceptionAction
078 implements PrivilegedExceptionAction<Void> {
079
080 public ProcessTemplatePrivilegedExceptionAction(
081 Template template, Writer writer) {
082
083 _template = template;
084 _writer = writer;
085 }
086
087 @Override
088 public Void run() throws Exception {
089 _template.processTemplate(_writer);
090
091 return null;
092 }
093
094 private Template _template;
095 private Writer _writer;
096
097 }
098
099 }