Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
xmlEntities special chars in user_list_authorized_users action for XM…
Browse files Browse the repository at this point in the history 
…L parsing.

Remove text ellipsis on user-badge-label for better handling of long group names.
Fix gui-debug template
  • Loading branch information
@cdujeu
cdujeu committed Sep 14, 2016
1 parent 079f906 commit 013f337
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 14 deletions.
6 changes: 2 additions & 4 deletions core/src/plugins/action.share/res/react-share-form.css
View file
Expand Up @@ -284,10 +284,8 @@ div#react_share_form div.user-badge .user-badge-label {
-webkit-flex: 5;
-ms-flex: 5;
flex: 5;
padding: 13px 0;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
padding: 9px 0;
line-height: 25px;
}
div#react_share_form div.user-badge:last-of-type {
border-bottom: 0;
Expand Down
6 changes: 2 additions & 4 deletions core/src/plugins/action.share/res/react-share-form.less
View file
Expand Up @@ -299,10 +299,8 @@ div#react_share_form {
flex-direction: row;
.user-badge-label {
flex: 5;
padding: 13px 0;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
padding: 9px 0;
line-height: 25px;
}
&:last-of-type {
border-bottom: 0;
Expand Down
17 changes: 11 additions & 6 deletions core/src/plugins/core.conf/AbstractConfDriver.php
View file
Expand Up @@ -54,6 +54,7 @@
use Pydio\Core\PluginFramework\Plugin;
use Pydio\Core\PluginFramework\PluginsService;
use Pydio\Core\Services\ConfService;
use Pydio\Core\Utils\Vars\StringHelper;
use Zend\Diactoros\Response\JsonResponse;

defined('AJXP_EXEC') or die( 'Access not allowed');
Expand Down Expand Up @@ -1226,19 +1227,20 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
$crtValue = InputFilter::sanitize($crtValue, InputFilter::SANITIZE_HTML_STRICT);
}
if ($regexp != null && (!count($allUsers) || (!empty($crtValue) && !array_key_exists(strtolower($crtValue), $allUsers))) && ConfService::getContextConf($ctx, "USER_CREATE_USERS", "conf") && !$existingOnly) {
$users .= "<li class='complete_user_entry_temp' data-temporary='true' data-label='$crtValue'><span class='user_entry_label'>$crtValue (".$mess["448"].")</span></li>";
$users .= "<li class='complete_user_entry_temp' data-temporary='true' data-label=\"".StringHelper::xmlEntities($crtValue)."\"><span class='user_entry_label'>".StringHelper::xmlEntities($crtValue." (".$mess["448"]).")</span></li>";
} else if ($existingOnly && !empty($crtValue)) {
$users .= "<li class='complete_user_entry_temp' data-temporary='true' data-label='$crtValue' data-entry_id='$crtValue'><span class='user_entry_label'>$crtValue</span></li>";
$users .= "<li class='complete_user_entry_temp' data-temporary='true' data-label=\"".StringHelper::xmlEntities($crtValue)."\" data-entry_id=\"".StringHelper::xmlEntities($crtValue)."\"><span class='user_entry_label'>".StringHelper::xmlEntities($crtValue)."</span></li>";
}
$mess = LocaleService::getMessages();
if (!$usersOnly && (empty($regexp) || preg_match($pregexp, $mess["447"]))) {
$users .= "<li class='complete_group_entry' data-group='AJXP_GRP_/' data-label=\"".$mess["447"]."\"><span class='user_entry_label'>".$mess["447"]."</span></li>";
$users .= "<li class='complete_group_entry' data-group='AJXP_GRP_/' data-label=\"".StringHelper::xmlEntities($mess["447"])."\"><span class='user_entry_label'>".StringHelper::xmlEntities($mess["447"])."</span></li>";
}
$indexGroup = 0;
if (!$usersOnly && isset($allGroups) && is_array($allGroups)) {
foreach ($allGroups as $groupId => $groupLabel) {
if ($regexp == null || preg_match($pregexp, $groupLabel)) {
$users .= "<li class='complete_group_entry' data-group='$groupId' data-label=\"$groupLabel\" data-entry_id='$groupId'><span class='user_entry_label'>".$groupLabel."</span></li>";
$groupLabel = StringHelper::xmlEntities($groupLabel);
$users .= "<li class='complete_group_entry' data-group='$groupId' data-label=\"".$groupLabel."\" data-entry_id='$groupId'><span class='user_entry_label'>".$groupLabel."</span></li>";
$indexGroup++;
}
if($indexGroup == $limit) break;
Expand All @@ -1248,7 +1250,8 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
$teams = $this->listUserTeams($ctx->getUser());
foreach ($teams as $tId => $tData) {
if($regexp == null || preg_match($pregexp, $tData["LABEL"])){
$users.= "<li class='complete_group_entry' data-group='/AJXP_TEAM/$tId' data-label=\"[team] ".$tData["LABEL"]."\"><span class='user_entry_label'>[team] ".$tData["LABEL"]."</span></li>";
$teamLabel = StringHelper::xmlEntities($tData["LABEL"]);
$users.= "<li class='complete_group_entry' data-group='/AJXP_TEAM/$tId' data-label=\"[team] ".$teamLabel."\"><span class='user_entry_label'>[team] ".$teamLabel."</span></li>";
}
}
}
Expand All @@ -1263,7 +1266,9 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
$userDisplay = $userLabel;
}
$userIsExternal = $userObject->hasParent() ? "true":"false";
$users .= "<li class='complete_user_entry' data-external=\"$userIsExternal\" data-label=\"$userLabel\" data-avatar='$userAvatar' data-entry_id='$userId'><span class='user_entry_label'>".$userDisplay."</span></li>";
$userLabel = StringHelper::xmlEntities($userLabel);
$userDisplay = StringHelper::xmlEntities($userDisplay);
$users .= "<li class='complete_user_entry' data-external=\"$userIsExternal\" data-label=\"".$userLabel."\" data-avatar='$userAvatar' data-entry_id='$userId'><span class='user_entry_label'>".$userDisplay."</span></li>";
$index ++;
}
if($index == $limit) break;
Expand Down

0 comments on commit 013f337

Please sign in to comment.