1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package org.xwiki.wiki.script; |
21 |
|
|
22 |
|
import java.util.ArrayList; |
23 |
|
import java.util.Collection; |
24 |
|
|
25 |
|
import javax.inject.Inject; |
26 |
|
import javax.inject.Named; |
27 |
|
import javax.inject.Provider; |
28 |
|
import javax.inject.Singleton; |
29 |
|
|
30 |
|
import org.apache.commons.lang3.StringUtils; |
31 |
|
import org.slf4j.Logger; |
32 |
|
import org.xwiki.component.annotation.Component; |
33 |
|
import org.xwiki.context.Execution; |
34 |
|
import org.xwiki.model.reference.DocumentReference; |
35 |
|
import org.xwiki.model.reference.DocumentReferenceResolver; |
36 |
|
import org.xwiki.model.reference.EntityReferenceSerializer; |
37 |
|
import org.xwiki.model.reference.WikiReference; |
38 |
|
import org.xwiki.script.service.ScriptService; |
39 |
|
import org.xwiki.script.service.ScriptServiceManager; |
40 |
|
import org.xwiki.security.authorization.AccessDeniedException; |
41 |
|
import org.xwiki.security.authorization.AuthorizationException; |
42 |
|
import org.xwiki.security.authorization.AuthorizationManager; |
43 |
|
import org.xwiki.security.authorization.Right; |
44 |
|
import org.xwiki.url.internal.standard.StandardURLConfiguration; |
45 |
|
import org.xwiki.wiki.configuration.WikiConfiguration; |
46 |
|
import org.xwiki.wiki.descriptor.WikiDescriptor; |
47 |
|
import org.xwiki.wiki.descriptor.WikiDescriptorManager; |
48 |
|
import org.xwiki.wiki.internal.descriptor.document.WikiDescriptorDocumentHelper; |
49 |
|
import org.xwiki.wiki.manager.WikiManager; |
50 |
|
import org.xwiki.wiki.manager.WikiManagerException; |
51 |
|
|
52 |
|
import com.xpn.xwiki.XWikiContext; |
53 |
|
|
54 |
|
|
55 |
|
|
56 |
|
|
57 |
|
@version |
58 |
|
@since |
59 |
|
|
60 |
|
@Component |
61 |
|
@Named(WikiManagerScriptService.ROLEHINT) |
62 |
|
@Singleton |
|
|
| 89.2% |
Uncovered Elements: 17 (158) |
Complexity: 45 |
Complexity Density: 0.39 |
|
63 |
|
public class WikiManagerScriptService implements ScriptService |
64 |
|
{ |
65 |
|
|
66 |
|
|
67 |
|
|
68 |
|
public static final String ROLEHINT = "wiki"; |
69 |
|
|
70 |
|
|
71 |
|
|
72 |
|
|
73 |
|
@Deprecated |
74 |
|
public static final String CONTEXT_LASTEXCEPTION = "lastexception"; |
75 |
|
|
76 |
|
|
77 |
|
|
78 |
|
|
79 |
|
private static final String WIKIERROR_KEY = "scriptservice.wiki.error"; |
80 |
|
|
81 |
|
@Inject |
82 |
|
private WikiManager wikiManager; |
83 |
|
|
84 |
|
@Inject |
85 |
|
private WikiDescriptorManager wikiDescriptorManager; |
86 |
|
|
87 |
|
@Inject |
88 |
|
private Provider<XWikiContext> xcontextProvider; |
89 |
|
|
90 |
|
|
91 |
|
|
92 |
|
|
93 |
|
@Inject |
94 |
|
private Execution execution; |
95 |
|
|
96 |
|
@Inject |
97 |
|
private AuthorizationManager authorizationManager; |
98 |
|
|
99 |
|
@Inject |
100 |
|
private DocumentReferenceResolver<String> documentReferenceResolver; |
101 |
|
|
102 |
|
@Inject |
103 |
|
private EntityReferenceSerializer<String> entityReferenceSerializer; |
104 |
|
|
105 |
|
@Inject |
106 |
|
private ScriptServiceManager scriptServiceManager; |
107 |
|
|
108 |
|
@Inject |
109 |
|
private StandardURLConfiguration standardURLConfiguration; |
110 |
|
|
111 |
|
@Inject |
112 |
|
private WikiConfiguration wikiConfiguration; |
113 |
|
|
114 |
|
@Inject |
115 |
|
private WikiDescriptorDocumentHelper wikiDescriptorDocumentHelper; |
116 |
|
|
117 |
|
|
118 |
|
|
119 |
|
|
120 |
|
@Inject |
121 |
|
private Logger logger; |
122 |
|
|
123 |
|
|
124 |
|
|
125 |
|
|
126 |
|
|
127 |
|
|
128 |
|
|
129 |
|
@param |
130 |
|
@return |
131 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
132 |
210 |
public ScriptService get(String serviceName)... |
133 |
|
{ |
134 |
210 |
return scriptServiceManager.get(ROLEHINT + '.' + serviceName); |
135 |
|
} |
136 |
|
|
137 |
|
|
138 |
|
|
139 |
|
|
140 |
|
@return |
141 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
142 |
15 |
public Exception getLastError()... |
143 |
|
{ |
144 |
15 |
return (Exception) this.execution.getContext().getProperty(WIKIERROR_KEY); |
145 |
|
} |
146 |
|
|
147 |
|
|
148 |
|
@link |
149 |
|
|
150 |
|
@param |
151 |
|
@see |
152 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
153 |
14 |
private void setLastError(Exception e)... |
154 |
|
{ |
155 |
14 |
this.execution.getContext().setProperty(WIKIERROR_KEY, e); |
156 |
|
} |
157 |
|
|
158 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
159 |
8 |
private void checkProgrammingRights() throws AuthorizationException... |
160 |
|
{ |
161 |
8 |
XWikiContext xcontext = this.xcontextProvider.get(); |
162 |
8 |
authorizationManager.checkAccess(Right.PROGRAM, xcontext.getDoc().getAuthorReference(), xcontext.getDoc() |
163 |
|
.getDocumentReference()); |
164 |
|
} |
165 |
|
|
166 |
|
|
167 |
|
|
168 |
|
|
169 |
|
@param |
170 |
|
@param |
171 |
|
@param |
172 |
|
@param |
173 |
|
@return |
174 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (15) |
Complexity: 3 |
Complexity Density: 0.23 |
|
175 |
5 |
public WikiDescriptor createWiki(String wikiId, String wikiAlias, String ownerId, boolean failOnExist)... |
176 |
|
{ |
177 |
5 |
WikiDescriptor descriptor = null; |
178 |
|
|
179 |
5 |
XWikiContext context = xcontextProvider.get(); |
180 |
|
|
181 |
5 |
try { |
182 |
|
|
183 |
5 |
checkProgrammingRights(); |
184 |
|
|
185 |
|
|
186 |
4 |
WikiReference mainWikiReference = new WikiReference(getMainWikiId()); |
187 |
4 |
authorizationManager.checkAccess(Right.CREATE_WIKI, context.getUserReference(), mainWikiReference); |
188 |
3 |
if (!failOnExist) { |
189 |
1 |
authorizationManager.checkAccess(Right.PROGRAM, context.getUserReference(), mainWikiReference); |
190 |
|
} |
191 |
|
|
192 |
|
|
193 |
2 |
descriptor = wikiManager.create(wikiId, wikiAlias, failOnExist); |
194 |
|
|
195 |
1 |
descriptor.setOwnerId(ownerId); |
196 |
1 |
wikiDescriptorManager.saveDescriptor(descriptor); |
197 |
|
} catch (Exception e) { |
198 |
4 |
error(e); |
199 |
|
} |
200 |
|
|
201 |
5 |
return descriptor; |
202 |
|
} |
203 |
|
|
204 |
|
|
205 |
|
|
206 |
|
|
207 |
|
@param |
208 |
|
@return |
209 |
|
|
|
|
| 63.6% |
Uncovered Elements: 4 (11) |
Complexity: 3 |
Complexity Density: 0.33 |
|
210 |
3 |
public boolean deleteWiki(String wikiId)... |
211 |
|
{ |
212 |
|
|
213 |
3 |
XWikiContext context = xcontextProvider.get(); |
214 |
|
|
215 |
3 |
try { |
216 |
|
|
217 |
3 |
checkProgrammingRights(); |
218 |
|
|
219 |
|
|
220 |
3 |
if (!canDeleteWiki(entityReferenceSerializer.serialize(context.getUserReference()), wikiId)) { |
221 |
0 |
throw new AuthorizationException("You don't have the right to delete the wiki"); |
222 |
|
} |
223 |
|
|
224 |
|
|
225 |
3 |
wikiManager.delete(wikiId); |
226 |
|
|
227 |
|
|
228 |
3 |
return true; |
229 |
|
} catch (Exception e) { |
230 |
0 |
error(String.format("Failed to delete wiki [%s]", wikiId), e); |
231 |
|
} |
232 |
|
|
233 |
0 |
return false; |
234 |
|
} |
235 |
|
|
236 |
|
|
237 |
|
|
238 |
|
|
239 |
|
@param |
240 |
|
@param |
241 |
|
@return |
242 |
|
|
|
|
| 47.6% |
Uncovered Elements: 11 (21) |
Complexity: 5 |
Complexity Density: 0.33 |
|
243 |
37 |
public boolean canDeleteWiki(String userId, String wikiId)... |
244 |
|
{ |
245 |
37 |
try { |
246 |
|
|
247 |
37 |
WikiDescriptor descriptor = wikiDescriptorManager.getById(wikiId); |
248 |
37 |
if (descriptor == null) { |
249 |
0 |
error(new Exception(String.format("Could not find descriptor for wiki [%s]]", wikiId))); |
250 |
0 |
return false; |
251 |
|
} |
252 |
|
|
253 |
37 |
DocumentReference userReference = documentReferenceResolver.resolve(userId); |
254 |
37 |
String fullUserId = entityReferenceSerializer.serialize(userReference); |
255 |
|
|
256 |
|
|
257 |
37 |
String owner = descriptor.getOwnerId(); |
258 |
37 |
if (fullUserId.equals(owner)) { |
259 |
37 |
return true; |
260 |
|
} |
261 |
|
|
262 |
|
|
263 |
0 |
WikiReference wikiReference = new WikiReference(wikiId); |
264 |
0 |
if (authorizationManager.hasAccess(Right.ADMIN, userReference, wikiReference)) { |
265 |
0 |
return true; |
266 |
|
} |
267 |
|
} catch (WikiManagerException e) { |
268 |
0 |
error(String.format("Error while getting the descriptor of wiki [%s]", wikiId), e); |
269 |
|
} |
270 |
|
|
271 |
0 |
return false; |
272 |
|
} |
273 |
|
|
274 |
|
|
275 |
|
|
276 |
|
|
277 |
|
@param |
278 |
|
@return |
279 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (5) |
Complexity: 2 |
Complexity Density: 0.4 |
|
280 |
2 |
public WikiDescriptor getByAlias(String wikiAlias)... |
281 |
|
{ |
282 |
2 |
WikiDescriptor descriptor = null; |
283 |
|
|
284 |
2 |
try { |
285 |
2 |
descriptor = wikiDescriptorManager.getByAlias(wikiAlias); |
286 |
|
} catch (WikiManagerException e) { |
287 |
1 |
error(e); |
288 |
|
} |
289 |
|
|
290 |
2 |
return descriptor; |
291 |
|
} |
292 |
|
|
293 |
|
|
294 |
|
|
295 |
|
|
296 |
|
@param |
297 |
|
@return |
298 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (5) |
Complexity: 2 |
Complexity Density: 0.4 |
|
299 |
3551 |
public WikiDescriptor getById(String wikiId)... |
300 |
|
{ |
301 |
3551 |
WikiDescriptor descriptor = null; |
302 |
|
|
303 |
3551 |
try { |
304 |
3551 |
descriptor = wikiDescriptorManager.getById(wikiId); |
305 |
|
} catch (WikiManagerException e) { |
306 |
1 |
error(e); |
307 |
|
} |
308 |
|
|
309 |
3551 |
return descriptor; |
310 |
|
} |
311 |
|
|
312 |
|
|
313 |
|
|
314 |
|
|
315 |
|
@return |
316 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (6) |
Complexity: 2 |
Complexity Density: 0.33 |
|
317 |
50 |
public Collection<WikiDescriptor> getAll()... |
318 |
|
{ |
319 |
50 |
Collection<WikiDescriptor> wikis; |
320 |
50 |
try { |
321 |
50 |
wikis = wikiDescriptorManager.getAll(); |
322 |
|
} catch (WikiManagerException e) { |
323 |
1 |
error(e); |
324 |
1 |
wikis = new ArrayList<WikiDescriptor>(); |
325 |
|
} |
326 |
|
|
327 |
50 |
return wikis; |
328 |
|
} |
329 |
|
|
330 |
|
|
331 |
|
|
332 |
|
|
333 |
|
@return |
334 |
|
@since |
335 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (6) |
Complexity: 2 |
Complexity Density: 0.33 |
|
336 |
2 |
public Collection<String> getAllIds()... |
337 |
|
{ |
338 |
2 |
Collection<String> wikis; |
339 |
2 |
try { |
340 |
2 |
wikis = wikiDescriptorManager.getAllIds(); |
341 |
|
} catch (WikiManagerException e) { |
342 |
1 |
error(e); |
343 |
1 |
wikis = new ArrayList<String>(); |
344 |
|
} |
345 |
|
|
346 |
2 |
return wikis; |
347 |
|
} |
348 |
|
|
349 |
|
|
350 |
|
|
351 |
|
|
352 |
|
@param |
353 |
|
@return |
354 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 2 |
Complexity Density: 0.5 |
|
355 |
4 |
public Boolean exists(String wikiId)... |
356 |
|
{ |
357 |
4 |
try { |
358 |
4 |
return wikiDescriptorManager.exists(wikiId); |
359 |
|
} catch (WikiManagerException e) { |
360 |
1 |
error(e); |
361 |
1 |
return null; |
362 |
|
} |
363 |
|
} |
364 |
|
|
365 |
|
|
366 |
|
|
367 |
|
|
368 |
|
@param |
369 |
|
@return |
370 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 2 |
Complexity Density: 0.5 |
|
371 |
34 |
public Boolean idAvailable(String wikiId)... |
372 |
|
{ |
373 |
33 |
try { |
374 |
34 |
return wikiManager.idAvailable(wikiId); |
375 |
|
} catch (WikiManagerException e) { |
376 |
1 |
error(e); |
377 |
1 |
return null; |
378 |
|
} |
379 |
|
} |
380 |
|
|
381 |
|
|
382 |
|
@return |
383 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (5) |
Complexity: 2 |
Complexity Density: 0.4 |
|
384 |
2 |
public WikiDescriptor getMainWikiDescriptor()... |
385 |
|
{ |
386 |
2 |
WikiDescriptor descriptor = null; |
387 |
2 |
try { |
388 |
2 |
descriptor = wikiDescriptorManager.getMainWikiDescriptor(); |
389 |
|
} catch (WikiManagerException e) { |
390 |
1 |
error(e); |
391 |
|
} |
392 |
|
|
393 |
2 |
return descriptor; |
394 |
|
} |
395 |
|
|
396 |
|
|
397 |
|
@return |
398 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
399 |
237 |
public String getMainWikiId()... |
400 |
|
{ |
401 |
237 |
return wikiDescriptorManager.getMainWikiId(); |
402 |
|
} |
403 |
|
|
404 |
|
|
405 |
|
@return |
406 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
407 |
87 |
public String getCurrentWikiId()... |
408 |
|
{ |
409 |
87 |
return wikiDescriptorManager.getCurrentWikiId(); |
410 |
|
} |
411 |
|
|
412 |
|
|
413 |
|
@return |
414 |
|
|
|
|
| 80% |
Uncovered Elements: 1 (5) |
Complexity: 2 |
Complexity Density: 0.4 |
|
415 |
3385 |
public WikiDescriptor getCurrentWikiDescriptor()... |
416 |
|
{ |
417 |
3385 |
WikiDescriptor descriptor = null; |
418 |
3384 |
try { |
419 |
3385 |
descriptor = wikiDescriptorManager.getCurrentWikiDescriptor(); |
420 |
|
} catch (WikiManagerException e) { |
421 |
0 |
error(e); |
422 |
|
} |
423 |
|
|
424 |
3385 |
return descriptor; |
425 |
|
} |
426 |
|
|
427 |
|
|
428 |
|
|
429 |
|
|
430 |
|
@param |
431 |
|
@return |
432 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (29) |
Complexity: 6 |
Complexity Density: 0.29 |
|
433 |
8 |
public boolean saveDescriptor(WikiDescriptor descriptor)... |
434 |
|
{ |
435 |
8 |
XWikiContext context = xcontextProvider.get(); |
436 |
|
|
437 |
8 |
boolean isAllowed; |
438 |
|
|
439 |
8 |
try { |
440 |
|
|
441 |
8 |
WikiDescriptor oldDescriptor = wikiDescriptorManager.getById(descriptor.getId()); |
442 |
8 |
WikiReference wikiReference = descriptor.getReference(); |
443 |
8 |
if (oldDescriptor != null) { |
444 |
|
|
445 |
|
|
446 |
6 |
DocumentReference descriptorDocument = |
447 |
|
wikiDescriptorDocumentHelper.getDocumentReferenceFromId(oldDescriptor.getId()); |
448 |
6 |
isAllowed = authorizationManager.hasAccess(Right.EDIT, context.getUserReference(), descriptorDocument); |
449 |
|
|
450 |
6 |
String currentOwner = oldDescriptor.getOwnerId(); |
451 |
6 |
if (!isAllowed) { |
452 |
|
|
453 |
4 |
isAllowed = entityReferenceSerializer.serialize(context.getUserReference()).equals(currentOwner); |
454 |
|
} |
455 |
|
|
456 |
6 |
if (!isAllowed) { |
457 |
|
|
458 |
|
|
459 |
3 |
String newOwner = descriptor.getOwnerId(); |
460 |
3 |
isAllowed = |
461 |
|
authorizationManager.hasAccess(Right.ADMIN, context.getUserReference(), wikiReference) |
462 |
|
&& StringUtils.equals(newOwner, currentOwner); |
463 |
|
} |
464 |
|
} else { |
465 |
|
|
466 |
2 |
isAllowed = |
467 |
|
authorizationManager.hasAccess(Right.ADMIN, context.getUserReference(), new WikiReference( |
468 |
|
wikiDescriptorManager.getMainWikiId())); |
469 |
|
} |
470 |
|
|
471 |
8 |
if (!isAllowed) { |
472 |
|
|
473 |
3 |
throw new AccessDeniedException(context.getUserReference(), wikiReference); |
474 |
|
} else { |
475 |
|
|
476 |
5 |
wikiDescriptorManager.saveDescriptor(descriptor); |
477 |
|
} |
478 |
|
|
479 |
5 |
return true; |
480 |
|
} catch (Exception e) { |
481 |
3 |
error(e); |
482 |
3 |
return false; |
483 |
|
} |
484 |
|
} |
485 |
|
|
486 |
|
|
487 |
|
|
488 |
|
|
489 |
|
|
490 |
|
|
491 |
|
|
492 |
|
|
493 |
|
|
494 |
|
|
495 |
|
|
496 |
|
|
497 |
|
|
498 |
|
|
499 |
|
|
500 |
|
|
501 |
|
@return |
502 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
503 |
6 |
public boolean isPathMode()... |
504 |
|
{ |
505 |
6 |
return standardURLConfiguration.isPathBasedMultiWiki(); |
506 |
|
} |
507 |
|
|
508 |
|
|
509 |
|
@return |
510 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
511 |
2 |
public String getAliasSuffix()... |
512 |
|
{ |
513 |
2 |
return wikiConfiguration.getAliasSuffix(); |
514 |
|
} |
515 |
|
|
516 |
|
|
517 |
|
|
518 |
|
|
519 |
|
@param |
520 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
521 |
14 |
private void error(Exception e)... |
522 |
|
{ |
523 |
14 |
error(null, e); |
524 |
|
} |
525 |
|
|
526 |
|
|
527 |
|
|
528 |
|
|
529 |
|
@param |
530 |
|
@param |
531 |
|
|
|
|
| 87.5% |
Uncovered Elements: 1 (8) |
Complexity: 2 |
Complexity Density: 0.33 |
|
532 |
14 |
private void error(String errorMessage, Exception e)... |
533 |
|
{ |
534 |
14 |
String errorMessageToLog = errorMessage; |
535 |
14 |
if (errorMessageToLog == null) { |
536 |
14 |
errorMessageToLog = e.getMessage(); |
537 |
|
} |
538 |
|
|
539 |
|
|
540 |
14 |
logger.error(errorMessageToLog, e); |
541 |
|
|
542 |
|
|
543 |
14 |
setLastError(e); |
544 |
|
|
545 |
14 |
this.execution.getContext().setProperty(CONTEXT_LASTEXCEPTION, e); |
546 |
|
} |
547 |
|
|
548 |
|
|
549 |
|
@return |
550 |
|
@deprecated@link |
551 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
552 |
4 |
@Deprecated... |
553 |
|
public Exception getLastException() |
554 |
|
{ |
555 |
4 |
return (Exception) this.execution.getContext().getProperty(CONTEXT_LASTEXCEPTION); |
556 |
|
} |
557 |
|
} |