001
014
015 package com.liferay.portlet.xslcontent.action;
016
017 import com.liferay.portal.kernel.portlet.DefaultConfigurationAction;
018 import com.liferay.portal.kernel.servlet.SessionErrors;
019 import com.liferay.portal.kernel.util.PropsKeys;
020 import com.liferay.portal.kernel.util.StringUtil;
021 import com.liferay.portal.kernel.util.WebKeys;
022 import com.liferay.portal.theme.ThemeDisplay;
023 import com.liferay.portal.util.PropsUtil;
024 import com.liferay.portlet.xslcontent.util.XSLContentUtil;
025
026 import javax.portlet.ActionRequest;
027 import javax.portlet.ActionResponse;
028 import javax.portlet.PortletConfig;
029
030
035 public class ConfigurationActionImpl extends DefaultConfigurationAction {
036
037 @Override
038 public void processAction(
039 PortletConfig portletConfig, ActionRequest actionRequest,
040 ActionResponse actionResponse)
041 throws Exception {
042
043 validateUrls(actionRequest);
044
045 super.processAction(portletConfig, actionRequest, actionResponse);
046 }
047
048 protected String[] getValidUrlPrefixes(ThemeDisplay themeDisplay) {
049 String validUrlPrefixes = PropsUtil.get(
050 PropsKeys.XSL_CONTENT_VALID_URL_PREFIXES);
051
052 validUrlPrefixes = XSLContentUtil.replaceUrlTokens(
053 themeDisplay, validUrlPrefixes);
054
055 return StringUtil.split(validUrlPrefixes);
056 }
057
058 protected boolean hasValidUrlPrefix(String[] validUrlPrefixes, String url) {
059 if (validUrlPrefixes.length == 0) {
060 return true;
061 }
062
063 for (String validUrlPrefix : validUrlPrefixes) {
064 if (StringUtil.startsWith(url, validUrlPrefix)) {
065 return true;
066 }
067 }
068
069 return false;
070 }
071
072 protected void validateUrls(ActionRequest actionRequest) {
073 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
074 WebKeys.THEME_DISPLAY);
075
076 String[] validUrlPrefixes = getValidUrlPrefixes(themeDisplay);
077
078 String xmlUrl = getParameter(actionRequest, "xmlUrl");
079
080 xmlUrl = XSLContentUtil.replaceUrlTokens(themeDisplay, xmlUrl);
081
082 if (!hasValidUrlPrefix(validUrlPrefixes, xmlUrl)) {
083 SessionErrors.add(actionRequest, "xmlUrl");
084 }
085
086 String xslUrl = getParameter(actionRequest, "xslUrl");
087
088 xslUrl = XSLContentUtil.replaceUrlTokens(themeDisplay, xslUrl);
089
090 if (!hasValidUrlPrefix(validUrlPrefixes, xslUrl)) {
091 SessionErrors.add(actionRequest, "xslUrl");
092 }
093 }
094
095 }