dotCMS · fmontes · May 13, 2022 · May 12, 2022
diff --git a/dotCMS/src/main/java/com/dotmarketing/factories/WebAssetFactory.java b/dotCMS/src/main/java/com/dotmarketing/factories/WebAssetFactory.java
@@ -1,7 +1,5 @@
 package com.dotmarketing.factories;
 
-import static com.dotmarketing.business.PermissionAPI.PERMISSION_WRITE;
-
 import com.dotcms.api.system.event.Payload;
 import com.dotcms.api.system.event.SystemEventType;
 import com.dotcms.api.system.event.SystemEventsAPI;
@@ -13,28 +11,10 @@
 import com.dotcms.repackage.com.google.common.base.Strings;
 import com.dotcms.util.transform.DBTransformer;
 import com.dotcms.util.transform.TransformerLocator;
-
-import com.dotmarketing.beans.Host;
-import com.dotmarketing.beans.Identifier;
-import com.dotmarketing.beans.Inode;
-import com.dotmarketing.beans.MultiTree;
-import com.dotmarketing.beans.PermissionAsset;
-import com.dotmarketing.beans.Tree;
-import com.dotmarketing.beans.WebAsset;
-import com.dotmarketing.business.APILocator;
-import com.dotmarketing.business.CacheLocator;
-import com.dotmarketing.business.DotIdentifierStateException;
-import com.dotmarketing.business.DotStateException;
-import com.dotmarketing.business.FactoryLocator;
-import com.dotmarketing.business.NoSuchUserException;
-import com.dotmarketing.business.PermissionAPI;
-import com.dotmarketing.business.Permissionable;
-import com.dotmarketing.business.Role;
-import com.dotmarketing.business.Treeable;
-import com.dotmarketing.business.Versionable;
+import com.dotmarketing.beans.*;
+import com.dotmarketing.business.*;
 import com.dotmarketing.common.db.DotConnect;
 import com.dotmarketing.common.util.SQLUtil;
-import com.dotmarketing.db.DbConnectionFactory;
 import com.dotmarketing.db.HibernateUtil;
 import com.dotmarketing.exception.DotDataException;
 import com.dotmarketing.exception.DotHibernateException;
@@ -52,25 +32,15 @@
 import com.dotmarketing.portlets.links.model.Link;
 import com.dotmarketing.portlets.templates.business.TemplateAPI;
 import com.dotmarketing.portlets.templates.model.Template;
-import com.dotmarketing.util.InodeUtils;
-import com.dotmarketing.util.Logger;
-import com.dotmarketing.util.PaginatedArrayList;
-import com.dotmarketing.util.UtilMethods;
-import com.dotmarketing.util.WebKeys;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-
+import com.dotmarketing.util.*;
 import com.liferay.portal.model.User;
 import com.liferay.portal.struts.ActionException;
+import com.liferay.util.StringPool;
 import io.vavr.control.Try;
 
-import java.util.Optional;
+import java.util.*;
+
+import static com.dotmarketing.business.PermissionAPI.PERMISSION_WRITE;
 
 /**
  *
@@ -1009,75 +979,113 @@ else if(currWebAsset instanceof Link)
 		return returnValue;
 	}
 
-	public PaginatedArrayList<PermissionAsset> getAssetsAndPermissions(String hostId, Role[] roles,
-			boolean includeArchived, int limit, int offset, String orderBy, String tableName, String parent, String query, User user) throws DotIdentifierStateException, DotDataException, DotSecurityException {
-		PaginatedArrayList<PermissionAsset>  paginatedEntries = new PaginatedArrayList<PermissionAsset> ();
-		long totalCount = 0;
+	/**
+	 * Returns a list of Assets based on the specified filtering parameters. Several legacy portlets in the dotCMS UI
+	 * (specially the ones built with JSP files and Dojo) use this method to display a list of different types of
+	 * objects, such as: Containers, Menu Links, etc.
+	 *
+	 * @param siteId          The ID of the Site that the requested assets will be retrieved from.
+	 * @param roles           list of {@link Role} objects associated to the User that is calling this method.
+	 * @param includeArchived If set to {@code true}, archived Assets will be added to the result set.
+	 * @param limit           The maximum number of elements added to the result set, for pagination purposes.
+	 * @param offset          The offset value for elements added to the result set, for pagination purposes.
+	 * @param orderBy         The criterion used to sort the result set.
+	 * @param tableName       The type of Asset that is being requested. For more information: {@link AssetType}.
+	 * @param parent          For Containers only: The ID or Velocity Variable Name of the Content Type that must be
+	 *                        associated to the Containers that will be returned.
+	 * @param query           The filtering criterion for the result set.
+	 * @param user            The {@link User} executing this action.
+	 *
+	 * @return The {@link PaginatedArrayList} of the requested dotCMS Assets.
+	 *
+	 * @throws DotIdentifierStateException An error occurred when processing Identifier-related information.
+	 * @throws DotDataException            An error occurred when interacting with the data source.
+	 * @throws DotSecurityException        The specified User does not have the required permissions to perform this
+	 *                                     action.
+	 */
+	public PaginatedArrayList<PermissionAsset> getAssetsAndPermissions(final String siteId, final Role[] roles,
+																	   final boolean includeArchived, final int limit,
+																	   final int offset, String orderBy,
+																	   final String tableName, String parent,
+																	   String query, final User user) throws
+			DotIdentifierStateException, DotDataException, DotSecurityException {
+		final PaginatedArrayList<PermissionAsset> paginatedEntries = new PaginatedArrayList<>();
+		long totalCount;
 
 		parent = SQLUtil.sanitizeParameter(parent);
 		query = SQLUtil.sanitizeParameter(query);
 		orderBy = SQLUtil.sanitizeSortBy(orderBy);
 
-		AssetType type = AssetType.getObject(tableName.toUpperCase());
-		java.util.List<? extends Permissionable> elements = null;
-		Map<String,Object> params = new HashMap<String, Object>();
+		final AssetType type = AssetType.getObject(tableName.toUpperCase());
+		List<? extends Permissionable> elements = null;
+		final Map<String,Object> params = new HashMap<>();
 		if(UtilMethods.isSet(query) && !type.equals(AssetType.TEMPLATE)){
 			params.put("title", query.toLowerCase().replace("\'","\\\'"));
 		}
 		try {
-		if (type.equals(AssetType.CONTAINER)){
-			if(APILocator.getIdentifierAPI().isIdentifier(query)){
-				params.put("identifier", query);
+			if (type.equals(AssetType.CONTAINER)){
+				if(APILocator.getIdentifierAPI().isIdentifier(query)){
+					params.put("identifier", query);
+				}
+				final ContainerAPI.SearchParams searchParams = ContainerAPI.SearchParams.newBuilder()
+						.includeArchived(includeArchived)
+						.includeSystemContainer(Boolean.TRUE)
+						.filteringCriterion(params)
+						.siteId(siteId)
+						.contentTypeIdOrVar(parent)
+						.offset(offset)
+						.limit(limit)
+						.orderBy(orderBy).build();
+				elements = containerAPI.findContainers(user, searchParams);
+			} else if (type.equals(AssetType.TEMPLATE)){
+				params.put("filter",query.toLowerCase());
+				elements = templateAPI.findTemplates(user, includeArchived, params, siteId, null, null,  parent, offset, limit, orderBy);
+			} else if (type.equals(AssetType.LINK)){
+				elements = linksAPI.findLinks(user, includeArchived, params, siteId, null, null, parent, offset, limit, orderBy);
 			}
-			elements = containerAPI.findContainers(user, includeArchived, params, hostId, null, null, parent, offset, limit, orderBy);
-		}else if (type.equals(AssetType.TEMPLATE)){
-			params.put("filter",query.toLowerCase());
-			elements = templateAPI.findTemplates(user, includeArchived, params, hostId, null, null,  parent, offset, limit, orderBy);
-		}else if (type.equals(AssetType.LINK)){
-			elements = linksAPI.findLinks(user, includeArchived, params, hostId, null, null, parent, offset, limit, orderBy);
+		} catch (final DotSecurityException | DotDataException e) {
+			Logger.warn(WebAssetFactory.class, String.format(
+					"An error occurred when User '%s' tried to retrieve assets and permissions from '%s' in Site '%s': %s",
+					user.getUserId(), tableName, siteId, e.getMessage()), e);
 		}
-		} catch (DotSecurityException e) {
-			Logger.warn(WebAssetFactory.class, "getAssetsAndPermissions failed:" + e, e);
-		} catch (DotDataException e) {
-			Logger.warn(WebAssetFactory.class, "getAssetsAndPermissions failed:" + e, e);
-		}
-
 
 		totalCount =  elements!=null?((PaginatedArrayList)elements).getTotalResults():0;
-	    java.util.Iterator<? extends Permissionable> elementsIter = elements.iterator();
+	    final Iterator<? extends Permissionable> elementsIter = elements.iterator();
 
 		while (elementsIter.hasNext()) {
-			Permissionable asset = elementsIter.next();
-			PermissionAsset permAsset = new PermissionAsset();
+			final Permissionable asset = elementsIter.next();
+			final PermissionAsset permAsset = new PermissionAsset();
 			Folder folderParent = null;
-			Host host = null;
+			Host site = null;
 			if (asset instanceof WebAsset) {
 				// For WebAsset objects
-				WebAsset webAsset = (WebAsset) asset;
+				final WebAsset webAsset = (WebAsset) asset;
 				if (!WebAssetFactory.isAbstractAsset(webAsset)) {
 					folderParent = APILocator.getFolderAPI()
 							.findParentFolder(webAsset, user, false);
 				}
 				try {
-					host = APILocator.getHostAPI().findParentHost(webAsset,
+					site = APILocator.getHostAPI().findParentHost(webAsset,
 							user, false);
-				} catch (DotDataException e1) {
+				} catch (final DotDataException e1) {
 					Logger.error(WebAssetFactory.class,
-							"Could not load host : ", e1);
-				} catch (DotSecurityException e1) {
-					Logger.error(WebAssetFactory.class,
-							"User does not have required permissions : ", e1);
+							String.format("An error occurred when finding Site for WebAsset '%s': %s",
+									webAsset.getIdentifier(), e1.getMessage()), e1);
+				} catch (final DotSecurityException e1) {
+					Logger.error(WebAssetFactory.class, String.format(
+							"User '%s' does not have the required permissions to get information from WebAsset '%s': %s",
+							user.getUserId(), webAsset.getIdentifier(), e1.getMessage()), e1);
 				}
-				if (host != null) {
-					if (host.isArchived()) {
+				if (site != null) {
+					if (site.isArchived()) {
 						continue;
 					}
 				}
 				if (!WebAssetFactory.isAbstractAsset(webAsset)) {
 					permAsset.setPathToMe(APILocator.getIdentifierAPI()
 							.find(folderParent.getIdentifier()).getPath());
 				} else {
-					permAsset.setPathToMe("");
+					permAsset.setPathToMe(StringPool.BLANK);
 				}
 				if (asset instanceof IHTMLPage) {
 					permAsset.setPermissionableAsset(asset);
@@ -1086,45 +1094,49 @@ public PaginatedArrayList<PermissionAsset> getAssetsAndPermissions(String hostId
 				}
 			} else {
 				// For HTMLPage and IHTMLPage objects
-				IHTMLPage page = (IHTMLPage) asset;
-				String pathToFolderParent = APILocator.getIdentifierAPI().find(page).getParentPath();
+				final IHTMLPage page = (IHTMLPage) asset;
+				final String pathToFolderParent = APILocator.getIdentifierAPI().find(page).getParentPath();
 				folderParent = APILocator.getFolderAPI()
 						.findParentFolder((Treeable) asset, user, false);
 				try {
-					String pageHostId = APILocator.getIdentifierAPI()
+					final String pageHostId = APILocator.getIdentifierAPI()
 							.find(page.getIdentifier()).getHostId();
-					host = APILocator.getHostAPI().find(pageHostId, user, false);
-				} catch (DotDataException e1) {
-					Logger.error(WebAssetFactory.class,
-							"Could not load host : ", e1);
-				} catch (DotSecurityException e1) {
+					site = APILocator.getHostAPI().find(pageHostId, user, false);
+				} catch (final DotDataException e1) {
 					Logger.error(WebAssetFactory.class,
-							"User does not have required permissions : ", e1);
+							String.format("An error occurred when finding Site for HTML Page '%s' [%s]: %s",
+									page.getPageUrl(), page.getIdentifier(), e1.getMessage()), e1);
+				} catch (final DotSecurityException e1) {
+					Logger.error(WebAssetFactory.class, String.format(
+							"User '%s' does not have the required permissions to get information from HTML Page '%s' [%s]: %s",
+							user.getUserId(), page.getPageUrl(), page.getIdentifier(), e1.getMessage()), e1);
 				}
-				if (host != null) {
-					if (host.isArchived()) {
+				if (site != null) {
+					if (site.isArchived()) {
 						continue;
 					}
 				}
-				if(folderParent!=null)
+				if (folderParent != null) {
 					permAsset.setPathToMe(APILocator.getIdentifierAPI()
 							.find(folderParent.getIdentifier()).getPath());
-				else
+				} else {
 					permAsset.setPathToMe(pathToFolderParent);
+				}
 				permAsset.setPermissionableAsset(page);
 			}
-			java.util.List<Integer> permissions = new ArrayList<Integer>();
+			List<Integer> permissions = new ArrayList<>();
 			try {
 				permissions = permissionAPI.getPermissionIdsFromRoles(asset, roles, user);
-			} catch (DotDataException e) {
-				Logger.error(WebAssetFactory.class,"Could not load permissions : ",e);
+			} catch (final DotDataException e) {
+				Logger.error(WebAssetFactory.class,
+						String.format("Permissions from Permissionable '%s' for User '%s' could not be retrieved: %s",
+								asset.getPermissionId(), user.getUserId(), e.getMessage()), e);
 			}
 			permAsset.setPermissions(permissions);
 			paginatedEntries.add(permAsset);
 		}
 
 		paginatedEntries.setTotalResults(totalCount);
-
 		return paginatedEntries;
 	}