1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package com.xpn.xwiki.web; |
21 |
|
|
22 |
|
import javax.script.ScriptContext; |
23 |
|
|
24 |
|
import org.apache.commons.lang3.StringUtils; |
25 |
|
|
26 |
|
import com.xpn.xwiki.XWiki; |
27 |
|
import com.xpn.xwiki.XWikiContext; |
28 |
|
import com.xpn.xwiki.XWikiException; |
29 |
|
import com.xpn.xwiki.doc.XWikiDocument; |
30 |
|
import com.xpn.xwiki.objects.BaseObject; |
31 |
|
import com.xpn.xwiki.objects.BaseProperty; |
32 |
|
import com.xpn.xwiki.objects.classes.BaseClass; |
33 |
|
import com.xpn.xwiki.user.api.XWikiRightService; |
34 |
|
|
35 |
|
|
36 |
|
|
37 |
|
|
38 |
|
|
39 |
|
@version |
40 |
|
|
|
|
| 45.8% |
Uncovered Elements: 32 (59) |
Complexity: 14 |
Complexity Density: 0.35 |
|
41 |
|
public class CommentAddAction extends XWikiAction |
42 |
|
{ |
43 |
|
|
44 |
|
private static final String AUTHOR_PROPERTY_NAME = "author"; |
45 |
|
|
46 |
|
|
47 |
|
private static final String USER_SPACE_PREFIX = "XWiki."; |
48 |
|
|
|
|
| 53.7% |
Uncovered Elements: 19 (41) |
Complexity: 8 |
Complexity Density: 0.28 |
|
49 |
1 |
@Override... |
50 |
|
public boolean action(XWikiContext context) throws XWikiException |
51 |
|
{ |
52 |
|
|
53 |
1 |
if (!csrfTokenCheck(context)) { |
54 |
0 |
return false; |
55 |
|
} |
56 |
|
|
57 |
1 |
XWiki xwiki = context.getWiki(); |
58 |
1 |
XWikiResponse response = context.getResponse(); |
59 |
1 |
XWikiDocument doc = context.getDoc(); |
60 |
1 |
ObjectAddForm oform = (ObjectAddForm) context.getForm(); |
61 |
|
|
62 |
|
|
63 |
1 |
BaseClass baseclass = xwiki.getCommentsClass(context); |
64 |
1 |
if (doc.isNew()) { |
65 |
0 |
return true; |
66 |
1 |
} else if (context.getUser().equals(XWikiRightService.GUEST_USER_FULLNAME) && !checkCaptcha(context)) { |
67 |
0 |
getCurrentScriptContext().setAttribute("captchaAnswerWrong", Boolean.TRUE, ScriptContext.ENGINE_SCOPE); |
68 |
|
} else { |
69 |
|
|
70 |
1 |
String className = baseclass.getName(); |
71 |
|
|
72 |
1 |
BaseObject object = doc.newObject(className, context); |
73 |
|
|
74 |
|
|
75 |
1 |
baseclass.fromMap(oform.getObject(className), object); |
76 |
|
|
77 |
1 |
if (XWikiRightService.GUEST_USER_FULLNAME.equals(context.getUser())) { |
78 |
|
|
79 |
0 |
String author = ((BaseProperty) object.get(AUTHOR_PROPERTY_NAME)).getValue() + ""; |
80 |
0 |
author = StringUtils.remove(author, ':'); |
81 |
0 |
while (author.startsWith(USER_SPACE_PREFIX)) { |
82 |
0 |
author = StringUtils.removeStart(author, USER_SPACE_PREFIX); |
83 |
|
} |
84 |
|
|
85 |
|
|
86 |
0 |
author = author.substring(0, Math.min(author.length(), 255)); |
87 |
0 |
object.set(AUTHOR_PROPERTY_NAME, author, context); |
88 |
|
} else { |
89 |
|
|
90 |
1 |
object.set(AUTHOR_PROPERTY_NAME, context.getUser(), context); |
91 |
|
} |
92 |
1 |
doc.setAuthorReference(context.getUserReference()); |
93 |
|
|
94 |
|
|
95 |
1 |
xwiki.saveDocument(doc, localizePlainOrKey("core.comment.addComment"), true, context); |
96 |
|
} |
97 |
|
|
98 |
1 |
if (context.getRequest().get("xpage") != null) { |
99 |
1 |
return true; |
100 |
|
} |
101 |
|
|
102 |
0 |
String redirect = Utils.getRedirect("edit", context); |
103 |
0 |
sendRedirect(response, redirect); |
104 |
0 |
return false; |
105 |
|
} |
106 |
|
|
|
|
| 50% |
Uncovered Elements: 3 (6) |
Complexity: 2 |
Complexity Density: 0.5 |
|
107 |
1 |
@Override... |
108 |
|
public String render(XWikiContext context) throws XWikiException |
109 |
|
{ |
110 |
1 |
if (context.getDoc().isNew()) { |
111 |
0 |
context.put("message", "nocommentwithnewdoc"); |
112 |
0 |
return "exception"; |
113 |
|
} |
114 |
1 |
return ""; |
115 |
|
} |
116 |
|
|
117 |
|
|
118 |
|
|
119 |
|
|
120 |
|
|
121 |
|
@param |
122 |
|
@return |
123 |
|
@throws |
124 |
|
@since |
125 |
|
|
|
|
| 0% |
Uncovered Elements: 9 (9) |
Complexity: 4 |
Complexity Density: 0.57 |
|
126 |
0 |
private boolean checkCaptcha(XWikiContext context) throws XWikiException... |
127 |
|
{ |
128 |
0 |
String answer = context.getRequest().get("captcha_answer"); |
129 |
0 |
if (answer != null && answer.length() > 0) { |
130 |
0 |
org.xwiki.captcha.CaptchaVerifier cv = |
131 |
|
Utils.getComponent(org.xwiki.captcha.CaptchaVerifier.class, context.getRequest().get("captcha_type")); |
132 |
0 |
try { |
133 |
0 |
return cv.isAnswerCorrect(cv.getUserId(context.getRequest()), answer); |
134 |
|
} catch (Exception e) { |
135 |
0 |
throw new XWikiException(XWikiException.MODULE_XWIKI, XWikiException.ERROR_XWIKI_UNKNOWN, |
136 |
|
"Exception while attempting to verify captcha", e); |
137 |
|
} |
138 |
|
} else { |
139 |
0 |
return (context.getWiki().getSpacePreferenceAsInt("guest_comment_requires_captcha", 0, context) != 1); |
140 |
|
} |
141 |
|
} |
142 |
|
} |