April 2010 - gatein-commits - Jboss List Archives

gatein SVN: r2694 - in portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui: portal and 1 other directory.

by do-not-reply＠jboss.org

Author: thomas.heute(a)jboss.com Date: 2010-04-20 15:36:51 -0400 (Tue, 20 Apr 2010) New Revision: 2694 Modified: portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java Log: JBEPP-318: Remove screens to select layouts Modified: portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java =================================================================== --- portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java 2010-04-20 19:33:19 UTC (rev 2693) +++ portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java 2010-04-20 19:36:51 UTC (rev 2694) @@ -129,13 +129,13 @@ addUIFormInput(uiSettingSet); setSelectedTab(uiSettingSet.getId()); - WebuiRequestContext context = WebuiRequestContext.getCurrentInstance(); - Param param = initParams.getParam("PageTemplate"); - List<SelectItemCategory> itemCategories = (List<SelectItemCategory>)param.getMapGroovyObject(context); +// WebuiRequestContext context = WebuiRequestContext.getCurrentInstance(); +// Param param = initParams.getParam("PageTemplate"); +// List<SelectItemCategory> itemCategories = (List<SelectItemCategory>)param.getMapGroovyObject(context); - UIFormInputItemSelector uiTemplate = new UIFormInputItemSelector("Template", "template"); - uiTemplate.setItemCategories(itemCategories); - addUIFormInput(uiTemplate); +// UIFormInputItemSelector uiTemplate = new UIFormInputItemSelector("Template", "template"); +// uiTemplate.setItemCategories(itemCategories); +// addUIFormInput(uiTemplate); uiPermissionSetting = createUIComponent(UIFormInputSet.class, "PermissionSetting", null); UIListPermissionSelector uiListPermissionSelector = createUIComponent(UIListPermissionSelector.class, null, null); @@ -470,4 +470,4 @@ event.getRequestContext().addUIComponentToUpdateByAjax(uiForm.getParent()); } } -} \ No newline at end of file +} Modified: portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java =================================================================== --- portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java 2010-04-20 19:33:19 UTC (rev 2693) +++ portal/branches/EPP_5_0_Branch/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java 2010-04-20 19:36:51 UTC (rev 2694) @@ -101,14 +101,16 @@ { super("UIPortalForm"); UIFormInputItemSelector uiTemplateInput = new UIFormInputItemSelector("PortalTemplate", null); - addUIFormInput(uiTemplateInput); - setSelectedTab(uiTemplateInput.getId()); +// addUIFormInput(uiTemplateInput); +// setSelectedTab(uiTemplateInput.getId()); createDefaultItem(); UIFormInputSet uiPortalSetting = this.<UIFormInputSet> getChildById("PortalSetting"); UIFormStringInput uiNameInput = uiPortalSetting.getUIStringInput(FIELD_NAME); uiNameInput.setEditable(true); + setSelectedTab(uiPortalSetting.getId()); + setActions(new String[]{"Save", "Close"}); if (initParams == null) @@ -319,7 +321,8 @@ { UIPortalForm uiForm = event.getSource(); PortalRequestContext pcontext = (PortalRequestContext)event.getRequestContext(); - String template = uiForm.getChild(UIFormInputItemSelector.class).getSelectedItemOption().getValue().toString(); + String template = "classic"; +// String template = uiForm.getChild(UIFormInputItemSelector.class).getSelectedItemOption().getValue().toString(); String portalName = uiForm.getUIStringInput(FIELD_NAME).getValue(); DataStorage dataService = uiForm.getApplicationComponent(DataStorage.class); PortalConfig config = dataService.getPortalConfig(portalName);

14 years, 6 months

1
0
0 / 0

gatein SVN: r2693 - in portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui: portal and 1 other directory.

by do-not-reply＠jboss.org

Author: thomas.heute(a)jboss.com Date: 2010-04-20 15:33:19 -0400 (Tue, 20 Apr 2010) New Revision: 2693 Modified: portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java Log: GTNPORTAL-1106: Remove screens to select layouts Modified: portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java =================================================================== --- portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java 2010-04-20 16:46:24 UTC (rev 2692) +++ portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/page/UIPageForm.java 2010-04-20 19:33:19 UTC (rev 2693) @@ -129,13 +129,13 @@ addUIFormInput(uiSettingSet); setSelectedTab(uiSettingSet.getId()); - WebuiRequestContext context = WebuiRequestContext.getCurrentInstance(); - Param param = initParams.getParam("PageTemplate"); - List<SelectItemCategory> itemCategories = (List<SelectItemCategory>)param.getMapGroovyObject(context); +// WebuiRequestContext context = WebuiRequestContext.getCurrentInstance(); +// Param param = initParams.getParam("PageTemplate"); +// List<SelectItemCategory> itemCategories = (List<SelectItemCategory>)param.getMapGroovyObject(context); - UIFormInputItemSelector uiTemplate = new UIFormInputItemSelector("Template", "template"); - uiTemplate.setItemCategories(itemCategories); - addUIFormInput(uiTemplate); +// UIFormInputItemSelector uiTemplate = new UIFormInputItemSelector("Template", "template"); +// uiTemplate.setItemCategories(itemCategories); +// addUIFormInput(uiTemplate); uiPermissionSetting = createUIComponent(UIFormInputSet.class, "PermissionSetting", null); UIListPermissionSelector uiListPermissionSelector = createUIComponent(UIListPermissionSelector.class, null, null); @@ -470,4 +470,4 @@ event.getRequestContext().addUIComponentToUpdateByAjax(uiForm.getParent()); } } -} \ No newline at end of file +} Modified: portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java =================================================================== --- portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java 2010-04-20 16:46:24 UTC (rev 2692) +++ portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/webui/portal/UIPortalForm.java 2010-04-20 19:33:19 UTC (rev 2693) @@ -101,14 +101,16 @@ { super("UIPortalForm"); UIFormInputItemSelector uiTemplateInput = new UIFormInputItemSelector("PortalTemplate", null); - addUIFormInput(uiTemplateInput); - setSelectedTab(uiTemplateInput.getId()); +// addUIFormInput(uiTemplateInput); +// setSelectedTab(uiTemplateInput.getId()); createDefaultItem(); UIFormInputSet uiPortalSetting = this.<UIFormInputSet> getChildById("PortalSetting"); UIFormStringInput uiNameInput = uiPortalSetting.getUIStringInput(FIELD_NAME); uiNameInput.setEditable(true); + setSelectedTab(uiPortalSetting.getId()); + setActions(new String[]{"Save", "Close"}); if (initParams == null) @@ -319,7 +321,8 @@ { UIPortalForm uiForm = event.getSource(); PortalRequestContext pcontext = (PortalRequestContext)event.getRequestContext(); - String template = uiForm.getChild(UIFormInputItemSelector.class).getSelectedItemOption().getValue().toString(); + String template = "classic"; +// String template = uiForm.getChild(UIFormInputItemSelector.class).getSelectedItemOption().getValue().toString(); String portalName = uiForm.getUIStringInput(FIELD_NAME).getValue(); DataStorage dataService = uiForm.getApplicationComponent(DataStorage.class); PortalConfig config = dataService.getPortalConfig(portalName);

14 years, 6 months

1
0
0 / 0

gatein SVN: r2692 - portal/trunk/docs/reference-guide/en.

by do-not-reply＠jboss.org

Author: chris.laprun(a)jboss.com Date: 2010-04-20 12:46:24 -0400 (Tue, 20 Apr 2010) New Revision: 2692 Modified: portal/trunk/docs/reference-guide/en/Reference_Guide.ent Log: - Updated entities to reflect the proper version. Modified: portal/trunk/docs/reference-guide/en/Reference_Guide.ent =================================================================== --- portal/trunk/docs/reference-guide/en/Reference_Guide.ent 2010-04-20 16:17:38 UTC (rev 2691) +++ portal/trunk/docs/reference-guide/en/Reference_Guide.ent 2010-04-20 16:46:24 UTC (rev 2692) @@ -1,6 +1,6 @@ -<!ENTITY PRODUCT "GateIn 3.0"> +<!ENTITY PRODUCT "GateIn 3.1"> <!ENTITY PRODUCT_NAME "GateIn"> -<!ENTITY PRODUCT_VERSION "3.0"> +<!ENTITY PRODUCT_VERSION "3.1"> <!ENTITY BOOKID "Reference Guide"> <!ENTITY YEAR "2010"> <!ENTITY HOLDER "Red Hat, Inc">

14 years, 6 months

1
0
0 / 0

gatein SVN: r2691 - portal/branches/EPP_5_0_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component.

by do-not-reply＠jboss.org

Author: thomas.heute(a)jboss.com Date: 2010-04-20 12:17:38 -0400 (Tue, 20 Apr 2010) New Revision: 2691 Modified: portal/branches/EPP_5_0_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl Log: JBEPP-313: XSS in navigation management Modified: portal/branches/EPP_5_0_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl =================================================================== --- portal/branches/EPP_5_0_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl 2010-04-20 16:10:53 UTC (rev 2690) +++ portal/branches/EPP_5_0_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl 2010-04-20 16:17:38 UTC (rev 2691) @@ -151,6 +151,8 @@ String pageURI = Util.getPortalRequestContext().getPortalURI() + node.getUri(); String label = node.resolvedLabel; if(label.length() > 30) label = label.substring(0,29) + "..."; + EntityEncoder entityEncoder = EntityEncoder.FULL; + label=entityEncoder.encode(label); if(node.pageReference != null) { if(uicomponent.isUseAjax()) { String onclickEvt = uicomponent.event("SelectNode", nav.getId() + "::" + node.getUri()) + ";return false;";

14 years, 6 months

1
0
0 / 0

gatein SVN: r2690 - portal/branches/EPP_5_0_0_CR01_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component.

by do-not-reply＠jboss.org

Author: thomas.heute(a)jboss.com Date: 2010-04-20 12:10:53 -0400 (Tue, 20 Apr 2010) New Revision: 2690 Modified: portal/branches/EPP_5_0_0_CR01_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl Log: JBEPP-313: XSS in navigation management Modified: portal/branches/EPP_5_0_0_CR01_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl =================================================================== --- portal/branches/EPP_5_0_0_CR01_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl 2010-04-20 16:09:36 UTC (rev 2689) +++ portal/branches/EPP_5_0_0_CR01_Branch/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl 2010-04-20 16:10:53 UTC (rev 2690) @@ -151,6 +151,8 @@ String pageURI = Util.getPortalRequestContext().getPortalURI() + node.getUri(); String label = node.resolvedLabel; if(label.length() > 30) label = label.substring(0,29) + "..."; + EntityEncoder entityEncoder = EntityEncoder.FULL; + label=entityEncoder.encode(label); if(node.pageReference != null) { if(uicomponent.isUseAjax()) { String onclickEvt = uicomponent.event("SelectNode", nav.getId() + "::" + node.getUri()) + ";return false;";

14 years, 6 months

1
0
0 / 0

gatein SVN: r2689 - portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component.

by do-not-reply＠jboss.org

Author: thomas.heute(a)jboss.com Date: 2010-04-20 12:09:36 -0400 (Tue, 20 Apr 2010) New Revision: 2689 Modified: portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl Log: JBEPP-312: JS Injection in App.registry - portlet description and display name Modified: portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl =================================================================== --- portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl 2010-04-20 16:06:42 UTC (rev 2688) +++ portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl 2010-04-20 16:09:36 UTC (rev 2689) @@ -1,17 +1,24 @@ -<% +<% +import org.gatein.common.text.EntityEncoder; def application = uicomponent.getApplication(); def category = uicomponent.getApplicationCategory(); String name = application.getApplicationName(); String srcBG = application.getIconURL(); String srcBGError = "/eXoResources/skin/sharedImages/Icon80x80/DefaultPortlet.png"; + +EntityEncoder encoder = EntityEncoder.FULL; + +String categoryDisplayName = encoder.encode(category.getDisplayName()); +String applicationDisplayName = encoder.encode(application.getDisplayName()); +String applicationDescription = encoder.encode(application.getDescription()); %> <div class="$uicomponent.id" id="$uicomponent.id"> <div class="UIBreadcumb"> <div class="ControlIcon EditIcon" title="<%=_ctx.appRes("UIApplicationInfo.title.editApplication")%>" onclick="<%= uicomponent.event("EditApplication") %>"><span></span></div> <div class="BreadcumbInfo"> - <div class="LeftBlock" title="<%= category.getDisplayName() %>"><%= category.getDisplayName() %></div> + <div class="LeftBlock" title="<%= category.getDisplayName() %>"><%= categoryDisplayName %></div> <div class="RightBlackGridArrow16x16Icon"><span></span></div> - <div class="Selected" title="<%= application.getDisplayName() %> "><%= application.getDisplayName() %></div> + <div class="Selected" title="<%= application.getDisplayName() %> "><%= applicationDisplayName %></div> </div> </div> <div class="Application"> @@ -22,7 +29,7 @@ <div class="ApplicationContent"> <div class="TitleBarApplication"> <span class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.displayName")%></span> - <span class="RightLabel"><%= application.getDisplayName() %></span> + <span class="RightLabel"><%= applicationDisplayName %></span> </div> <div class="ApplicationContentLabel"> <div class="ContentLabel"> @@ -31,7 +38,7 @@ </div> <div class="ContentLabel"> <span class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.description")%></span> - <span class="RightLabel"><%= application.getDescription() %></span> + <span class="RightLabel"><%= applicationDescription %></span> </div> </div> </div> @@ -40,7 +47,7 @@ <table class="TitleBarApplication"> <tr> <td class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.displayName")%></td> - <td class="RightLabel" title=" <%= application.getDisplayName() %> "><%= application.getDisplayName() %></td> + <td class="RightLabel" title=" <%= application.getDisplayName() %> "><%= applicationDisplayName %></td> </tr> </table> <table> @@ -52,7 +59,7 @@ <table> <tr> <td class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.description")%></td> - <td class="RightLabel" title=" <%= application.getDescription() %> "><%= application.getDescription() %></td> + <td class="RightLabel" title=" <%= application.getDescription() %> "><%= applicationDescription %></td> </tr> </table> </div> @@ -64,4 +71,4 @@ <% uicomponent.renderChildren() %> </div> </div> -</div> \ No newline at end of file +</div> Modified: portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl =================================================================== --- portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl 2010-04-20 16:06:42 UTC (rev 2688) +++ portal/branches/EPP_5_0_0_CR01_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl 2010-04-20 16:09:36 UTC (rev 2689) @@ -1,4 +1,5 @@ <% +import org.gatein.common.text.EntityEncoder; def categories = uicomponent.getCategories(); def selectedCategory = uicomponent.getSelectedCategory(); def apps = uicomponent.getApplications(); @@ -28,6 +29,8 @@ cName = category.getName(); displayName =category.getDisplayName(); if(displayName == null || displayName.length() < 1 ) displayName = cName; + EntityEncoder encoder = EntityEncoder.FULL; + displayName = encoder.encode(displayName); if(selectedCategory != null && cName == selectedCategory.getName()) { isSelected = true; cTab = "SelectedTab"; @@ -64,8 +67,11 @@ String appName= application.getApplicationName(); %> <div class="ItemContent $cssClass"> - <% def applicationLabel = application.getDisplayName() %> - <a onclick="<%= uicomponent.event("SelectApplication", "$appName") %>" class="ItemLabel" title="<%= application.getDisplayName() %>"><%= (applicationLabel.length() <= 30) ? applicationLabel : applicationLabel.substring(0, 27)+"..." %><span></span></a> + <% def applicationLabel = application.getDisplayName() + String displayApplicationName = (applicationLabel.length() <= 30) ? applicationLabel : applicationLabel.substring(0, 27)+"..."; + displayApplicationName = encoder.encode(displayApplicationName); + %> + <a onclick="<%= uicomponent.event("SelectApplication", "$appName") %>" class="ItemLabel" title="<%= application.getDisplayName() %>"><%= displayApplicationName %><span></span></a> <a class="ControlIcon DeletePortalIcon" title="<%=_ctx.appRes("UIOrganizer.title.deleteApplication")%>" onclick="<%= uicomponent.event("RemoveApplication", appName) %>"><span></span></a> <div class="ClearBoth"><span></span></div> </div> @@ -86,4 +92,4 @@ <div class="ClearLeft"><span></span></div> </div> -</div> \ No newline at end of file +</div>

14 years, 6 months

1
0
0 / 0

gatein SVN: r2688 - portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component.

by do-not-reply＠jboss.org

Author: thomas.heute(a)jboss.com Date: 2010-04-20 12:06:42 -0400 (Tue, 20 Apr 2010) New Revision: 2688 Modified: portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl Log: JBEPP-312: JS Injection in App.registry - portlet description and display name Modified: portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl =================================================================== --- portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl 2010-04-20 15:59:07 UTC (rev 2687) +++ portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationInfo.gtmpl 2010-04-20 16:06:42 UTC (rev 2688) @@ -1,17 +1,24 @@ -<% +<% +import org.gatein.common.text.EntityEncoder; def application = uicomponent.getApplication(); def category = uicomponent.getApplicationCategory(); String name = application.getApplicationName(); String srcBG = application.getIconURL(); String srcBGError = "/eXoResources/skin/sharedImages/Icon80x80/DefaultPortlet.png"; + +EntityEncoder encoder = EntityEncoder.FULL; + +String categoryDisplayName = encoder.encode(category.getDisplayName()); +String applicationDisplayName = encoder.encode(application.getDisplayName()); +String applicationDescription = encoder.encode(application.getDescription()); %> <div class="$uicomponent.id" id="$uicomponent.id"> <div class="UIBreadcumb"> <div class="ControlIcon EditIcon" title="<%=_ctx.appRes("UIApplicationInfo.title.editApplication")%>" onclick="<%= uicomponent.event("EditApplication") %>"><span></span></div> <div class="BreadcumbInfo"> - <div class="LeftBlock" title="<%= category.getDisplayName() %>"><%= category.getDisplayName() %></div> + <div class="LeftBlock" title="<%= category.getDisplayName() %>"><%= categoryDisplayName %></div> <div class="RightBlackGridArrow16x16Icon"><span></span></div> - <div class="Selected" title="<%= application.getDisplayName() %> "><%= application.getDisplayName() %></div> + <div class="Selected" title="<%= application.getDisplayName() %> "><%= applicationDisplayName %></div> </div> </div> <div class="Application"> @@ -22,7 +29,7 @@ <div class="ApplicationContent"> <div class="TitleBarApplication"> <span class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.displayName")%></span> - <span class="RightLabel"><%= application.getDisplayName() %></span> + <span class="RightLabel"><%= applicationDisplayName %></span> </div> <div class="ApplicationContentLabel"> <div class="ContentLabel"> @@ -31,7 +38,7 @@ </div> <div class="ContentLabel"> <span class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.description")%></span> - <span class="RightLabel"><%= application.getDescription() %></span> + <span class="RightLabel"><%= applicationDescription %></span> </div> </div> </div> @@ -40,7 +47,7 @@ <table class="TitleBarApplication"> <tr> <td class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.displayName")%></td> - <td class="RightLabel" title=" <%= application.getDisplayName() %> "><%= application.getDisplayName() %></td> + <td class="RightLabel" title=" <%= application.getDisplayName() %> "><%= applicationDisplayName %></td> </tr> </table> <table> @@ -52,7 +59,7 @@ <table> <tr> <td class="LeftLabel"><%=_ctx.appRes("UIApplicationInfo.label.description")%></td> - <td class="RightLabel" title=" <%= application.getDescription() %> "><%= application.getDescription() %></td> + <td class="RightLabel" title=" <%= application.getDescription() %> "><%= applicationDescription %></td> </tr> </table> </div> @@ -64,4 +71,4 @@ <% uicomponent.renderChildren() %> </div> </div> -</div> \ No newline at end of file +</div> Modified: portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl =================================================================== --- portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl 2010-04-20 15:59:07 UTC (rev 2687) +++ portal/branches/EPP_5_0_Branch/portlet/exoadmin/src/main/webapp/groovy/applicationregistry/webui/component/UIApplicationOrganizer.gtmpl 2010-04-20 16:06:42 UTC (rev 2688) @@ -1,4 +1,5 @@ <% +import org.gatein.common.text.EntityEncoder; def categories = uicomponent.getCategories(); def selectedCategory = uicomponent.getSelectedCategory(); def apps = uicomponent.getApplications(); @@ -28,6 +29,8 @@ cName = category.getName(); displayName =category.getDisplayName(); if(displayName == null || displayName.length() < 1 ) displayName = cName; + EntityEncoder encoder = EntityEncoder.FULL; + displayName = encoder.encode(displayName); if(selectedCategory != null && cName == selectedCategory.getName()) { isSelected = true; cTab = "SelectedTab"; @@ -64,8 +67,11 @@ String appName= application.getApplicationName(); %> <div class="ItemContent $cssClass"> - <% def applicationLabel = application.getDisplayName() %> - <a onclick="<%= uicomponent.event("SelectApplication", "$appName") %>" class="ItemLabel" title="<%= application.getDisplayName() %>"><%= (applicationLabel.length() <= 30) ? applicationLabel : applicationLabel.substring(0, 27)+"..." %><span></span></a> + <% def applicationLabel = application.getDisplayName() + String displayApplicationName = (applicationLabel.length() <= 30) ? applicationLabel : applicationLabel.substring(0, 27)+"..."; + displayApplicationName = encoder.encode(displayApplicationName); + %> + <a onclick="<%= uicomponent.event("SelectApplication", "$appName") %>" class="ItemLabel" title="<%= application.getDisplayName() %>"><%= displayApplicationName %><span></span></a> <a class="ControlIcon DeletePortalIcon" title="<%=_ctx.appRes("UIOrganizer.title.deleteApplication")%>" onclick="<%= uicomponent.event("RemoveApplication", appName) %>"><span></span></a> <div class="ClearBoth"><span></span></div> </div> @@ -86,4 +92,4 @@ <div class="ClearLeft"><span></span></div> </div> -</div> \ No newline at end of file +</div>

14 years, 6 months

1
0
0 / 0

gatein SVN: r2687 - in portal/trunk: examples/extension/war/src/main/webapp/WEB-INF/conf/sample-ext/jcr and 2 other directories.

by do-not-reply＠jboss.org

Author: julien_viet Date: 2010-04-20 11:59:07 -0400 (Tue, 20 Apr 2010) New Revision: 2687 Modified: portal/trunk/component/test/jcr/src/main/resources/conf/exo.portal.component.test.jcr-repository-configuration.xml portal/trunk/examples/extension/war/src/main/webapp/WEB-INF/conf/sample-ext/jcr/repository-configuration.xml portal/trunk/examples/portal/war/src/main/webapp/WEB-INF/conf/sample-portal/jcr/repository-configuration.xml portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/jcr-configuration.xml portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/repository-configuration.xml Log: GTNPORTAL-730 : Secure webdav access Modified: portal/trunk/component/test/jcr/src/main/resources/conf/exo.portal.component.test.jcr-repository-configuration.xml =================================================================== --- portal/trunk/component/test/jcr/src/main/resources/conf/exo.portal.component.test.jcr-repository-configuration.xml 2010-04-20 15:48:50 UTC (rev 2686) +++ portal/trunk/component/test/jcr/src/main/resources/conf/exo.portal.component.test.jcr-repository-configuration.xml 2010-04-20 15:59:07 UTC (rev 2687) @@ -96,7 +96,7 @@ <initializer class="org.exoplatform.services.jcr.impl.core.ScratchWorkspaceInitializer"> <properties> <property name="root-nodetype" value="nt:unstructured"/> - <property name="root-permissions" value="any read;*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> + <property name="root-permissions" value="*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> </properties> </initializer> <cache enabled="true" class="org.exoplatform.services.jcr.impl.dataflow.persistent.jbosscache.JBossCacheWorkspaceStorageCache"> Modified: portal/trunk/examples/extension/war/src/main/webapp/WEB-INF/conf/sample-ext/jcr/repository-configuration.xml =================================================================== --- portal/trunk/examples/extension/war/src/main/webapp/WEB-INF/conf/sample-ext/jcr/repository-configuration.xml 2010-04-20 15:48:50 UTC (rev 2686) +++ portal/trunk/examples/extension/war/src/main/webapp/WEB-INF/conf/sample-ext/jcr/repository-configuration.xml 2010-04-20 15:59:07 UTC (rev 2687) @@ -50,7 +50,7 @@ <initializer class="org.exoplatform.services.jcr.impl.core.ScratchWorkspaceInitializer"> <properties> <property name="root-nodetype" value="nt:unstructured" /> - <property name="root-permissions" value="any read;*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove" /> + <property name="root-permissions" value="*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove" /> </properties> </initializer> <cache enabled="true" class="org.exoplatform.services.jcr.impl.dataflow.persistent.jbosscache.JBossCacheWorkspaceStorageCache"> Modified: portal/trunk/examples/portal/war/src/main/webapp/WEB-INF/conf/sample-portal/jcr/repository-configuration.xml =================================================================== --- portal/trunk/examples/portal/war/src/main/webapp/WEB-INF/conf/sample-portal/jcr/repository-configuration.xml 2010-04-20 15:48:50 UTC (rev 2686) +++ portal/trunk/examples/portal/war/src/main/webapp/WEB-INF/conf/sample-portal/jcr/repository-configuration.xml 2010-04-20 15:59:07 UTC (rev 2687) @@ -50,7 +50,7 @@ <initializer class="org.exoplatform.services.jcr.impl.core.ScratchWorkspaceInitializer"> <properties> <property name="root-nodetype" value="nt:unstructured" /> - <property name="root-permissions" value="any read;*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove" /> + <property name="root-permissions" value="*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove" /> </properties> </initializer> <cache enabled="true" class="org.exoplatform.services.jcr.impl.dataflow.persistent.jbosscache.JBossCacheWorkspaceStorageCache"> Modified: portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/jcr-configuration.xml =================================================================== --- portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/jcr-configuration.xml 2010-04-20 15:48:50 UTC (rev 2686) +++ portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/jcr-configuration.xml 2010-04-20 15:59:07 UTC (rev 2687) @@ -51,7 +51,7 @@ <component> <key>org.exoplatform.services.jcr.ext.hierarchy.NodeHierarchyCreator</key> <type>org.exoplatform.services.jcr.ext.hierarchy.impl.NodeHierarchyCreatorImpl</type> - </component> + </component> <component> <key>org.exoplatform.services.jcr.webdav.WebDavServiceImpl</key> @@ -159,4 +159,70 @@ </component-plugin> </external-component-plugins> + <external-component-plugins> + <target-component>org.exoplatform.services.jcr.ext.hierarchy.NodeHierarchyCreator</target-component> + <component-plugin> + <name>addPaths</name> + <set-method>addPlugin</set-method> + <type>org.exoplatform.services.jcr.ext.hierarchy.impl.AddPathPlugin</type> + <init-params> + <object-param> + <name>gadgets.root</name> + <description>Create gadget root node</description> + <object type="org.exoplatform.services.jcr.ext.hierarchy.impl.HierarchyConfig"> + <field name="repository"><string>repository</string></field> + <field name="workspaces"> + <collection type="java.util.ArrayList"> + <value><string>portal-system</string></value> + </collection> + </field> + <field name="jcrPaths"> + <collection type="java.util.ArrayList"> + <value> + <object type="org.exoplatform.services.jcr.ext.hierarchy.impl.HierarchyConfig$JcrPath"> + <field name="alias"><string>production</string></field> + <field name="path"><string>/production</string></field> + <field name="permissions"> + <collection type="java.util.ArrayList"> + </collection> + </field> + </object> + </value> + <value> + <object type="org.exoplatform.services.jcr.ext.hierarchy.impl.HierarchyConfig$JcrPath"> + <field name="alias"><string>gadgets</string></field> + <field name="path"><string>/production/app:gadgets</string></field> + <field name="nodeType"><string>app:gadgetregistry</string></field> + <field name="permissions"> + <collection type="java.util.ArrayList"> + <value> + <object type="org.exoplatform.services.jcr.ext.hierarchy.impl.HierarchyConfig$Permission"> + <field name="identity"><string>*:/platform/administrators</string></field> + <field name="read"><string>true</string></field> + <field name="addNode"><string>true</string></field> + <field name="setProperty"><string>true</string></field> + <field name="remove"><string>true</string></field> + </object> + </value> + <value> + <object type="org.exoplatform.services.jcr.ext.hierarchy.impl.HierarchyConfig$Permission"> + <field name="identity"><string>any</string></field> + <field name="read"><string>true</string></field> + <field name="addNode"><string>false</string></field> + <field name="setProperty"><string>false</string></field> + <field name="remove"><string>false</string></field> + </object> + </value> + </collection> + </field> + </object> + </value> + </collection> + </field> + </object> + </object-param> + </init-params> + </component-plugin> + </external-component-plugins> + </configuration> Modified: portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/repository-configuration.xml =================================================================== --- portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/repository-configuration.xml 2010-04-20 15:48:50 UTC (rev 2686) +++ portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/jcr/repository-configuration.xml 2010-04-20 15:59:07 UTC (rev 2687) @@ -118,7 +118,7 @@ <initializer class="org.exoplatform.services.jcr.impl.core.ScratchWorkspaceInitializer"> <properties> <property name="root-nodetype" value="nt:unstructured"/> - <property name="root-permissions" value="any read;*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> + <property name="root-permissions" value="*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> </properties> </initializer> <cache enabled="true" class="org.exoplatform.services.jcr.impl.dataflow.persistent.jbosscache.JBossCacheWorkspaceStorageCache"> @@ -184,7 +184,7 @@ <initializer class="org.exoplatform.services.jcr.impl.core.ScratchWorkspaceInitializer"> <properties> <property name="root-nodetype" value="nt:unstructured"/> - <property name="root-permissions" value="any read;*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> + <property name="root-permissions" value="*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> </properties> </initializer> <cache enabled="true" class="org.exoplatform.services.jcr.impl.dataflow.persistent.jbosscache.JBossCacheWorkspaceStorageCache"> @@ -251,7 +251,7 @@ <initializer class="org.exoplatform.services.jcr.impl.core.ScratchWorkspaceInitializer"> <properties> <property name="root-nodetype" value="nt:unstructured"/> - <property name="root-permissions" value="any read;*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> + <property name="root-permissions" value="*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> </properties> </initializer> <cache enabled="true" class="org.exoplatform.services.jcr.impl.dataflow.persistent.jbosscache.JBossCacheWorkspaceStorageCache"> @@ -317,7 +317,7 @@ <initializer class="org.exoplatform.services.jcr.impl.core.ScratchWorkspaceInitializer"> <properties> <property name="root-nodetype" value="nt:unstructured"/> - <property name="root-permissions" value="any read;*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> + <property name="root-permissions" value="*:/platform/administrators read;*:/platform/administrators add_node;*:/platform/administrators set_property;*:/platform/administrators remove"/> </properties> </initializer> <cache enabled="true"

14 years, 6 months

1
0
0 / 0

gatein SVN: r2686 - portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium.

by do-not-reply＠jboss.org

Author: mvanco(a)redhat.com Date: 2010-04-20 11:48:50 -0400 (Tue, 20 Apr 2010) New Revision: 2686 Modified: portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_POR_20_022_CreateGroupPageWithNameTheSameWithExistingPortalPage.html Log: UI test: fixed test POR_20_022 removed duplicate visit of Page Management and useless visit of Group Modified: portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_POR_20_022_CreateGroupPageWithNameTheSameWithExistingPortalPage.html =================================================================== --- portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_POR_20_022_CreateGroupPageWithNameTheSameWithExistingPortalPage.html 2010-04-20 14:44:27 UTC (rev 2685) +++ portal/trunk/testsuite/selenium-snifftests/src/suite/org/exoplatform/portal/selenium/Test_POR_20_022_CreateGroupPageWithNameTheSameWithExistingPortalPage.html 2010-04-20 15:48:50 UTC (rev 2686) @@ -68,26 +68,6 @@ </tr> <tr> <td>waitForElementPresent</td> - <td>link=Group</td> - <td></td> -</tr> -<tr> - <td>clickAt</td> - <td>link=Group</td> - <td></td> -</tr> -<tr> - <td>waitForElementPresent</td> - <td>link=Page Management</td> - <td></td> -</tr> -<tr> - <td>clickAt</td> - <td>link=Page Management</td> - <td></td> -</tr> -<tr> - <td>waitForElementPresent</td> <td>xpath=//div[@id='UIPageBrowser']/div[2]/table/tbody/tr/td/div/div/div/div/a</td> <td></td> </tr>

14 years, 6 months

1
0
0 / 0

gatein SVN: r2685 - portal/trunk/portlet/web/src/main/webapp/groovy/portal/webui/component.

by do-not-reply＠jboss.org

Author: thomas.heute(a)jboss.com Date: 2010-04-20 10:44:27 -0400 (Tue, 20 Apr 2010) New Revision: 2685 Modified: portal/trunk/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl Log: GTNPORTAL-1105: XSS in navigation management Modified: portal/trunk/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl =================================================================== --- portal/trunk/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl 2010-04-20 14:39:19 UTC (rev 2684) +++ portal/trunk/portlet/web/src/main/webapp/groovy/portal/webui/component/UIPortalNavigation.gtmpl 2010-04-20 14:44:27 UTC (rev 2685) @@ -151,6 +151,8 @@ String pageURI = Util.getPortalRequestContext().getPortalURI() + node.getUri(); String label = node.resolvedLabel; if(label.length() > 30) label = label.substring(0,29) + "..."; + EntityEncoder entityEncoder = EntityEncoder.FULL; + label=entityEncoder.encode(label); if(node.pageReference != null) { if(uicomponent.isUseAjax()) { String onclickEvt = uicomponent.event("SelectNode", nav.getId() + "::" + node.getUri()) + ";return false;";

14 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

gatein-commits April 2010