Skip to content

Commit

Permalink
XWIKI-21121: Improve handling of headings in configurable section
Browse files Browse the repository at this point in the history
  • Loading branch information
michitux committed Aug 2, 2023
1 parent d25518b commit 1157c1e
Show file tree
Hide file tree
Showing 3 changed files with 103 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,32 @@
<type>test-jar</type>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.xwiki.platform</groupId>
<artifactId>xwiki-platform-web-templates</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.xwiki.platform</groupId>
<artifactId>xwiki-platform-security-authorization-script</artifactId>
<version>${project.version}</version>
<type>test-jar</type>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.xwiki.platform</groupId>
<artifactId>xwiki-platform-user-default</artifactId>
<version>${project.version}</version>
<type>test-jar</type>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.xwiki.platform</groupId>
<artifactId>xwiki-platform-user-default</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,13 @@ $xwiki.jsfx.use('js/xwiki/actionbuttons/actionButtons.js', true)
## Can't use $configurableObj.display('heading', 'view', false) to have proper heading id (because of the html macro)
## FIXME: find a cleaner solution
#set($void = $doc.dropPermissions())
== #evaluate($heading) ==
#if ($services.security.authorization.hasAccess("script",
$app.authors.effectiveMetadataAuthor, $app.documentReference) &amp;&amp; !$app.restricted)
#set($evaluatedHeading = "#evaluate($heading)")
#else
#set($evaluatedHeading = $heading)
#end
== $services.rendering.escape($evaluatedHeading, 'xwiki/2.1') ==
#end
## Display code to execute
#if($codeToExecute != '')
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@
import org.jsoup.nodes.Document;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.ValueSource;
import org.mockito.Mock;
import org.xwiki.localization.macro.internal.TranslationMacro;
import org.xwiki.model.reference.DocumentReference;
Expand All @@ -33,20 +35,28 @@
import org.xwiki.rendering.RenderingScriptServiceComponentList;
import org.xwiki.rendering.internal.configuration.DefaultRenderingConfigurationComponentList;
import org.xwiki.rendering.internal.macro.message.ErrorMessageMacro;
import org.xwiki.rendering.internal.macro.message.WarningMessageMacro;
import org.xwiki.script.service.ScriptService;
import org.xwiki.template.script.TemplateScriptService;
import org.xwiki.security.authorization.Right;
import org.xwiki.security.script.SecurityScriptServiceComponentList;
import org.xwiki.test.annotation.ComponentList;
import org.xwiki.test.page.HTML50ComponentList;
import org.xwiki.test.page.PageTest;
import org.xwiki.test.page.TestNoScriptMacro;
import org.xwiki.test.page.XWikiSyntax21ComponentList;
import org.xwiki.user.UserReferenceComponentList;
import org.xwiki.user.internal.converter.DocumentUserReferenceConverter;
import org.xwiki.user.internal.document.DocumentUserReference;

import com.xpn.xwiki.doc.XWikiDocument;
import com.xpn.xwiki.internal.model.reference.DocumentReferenceConverter;
import com.xpn.xwiki.objects.BaseObject;

import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.when;

/**
Expand All @@ -58,11 +68,15 @@
@XWikiSyntax21ComponentList
@RenderingScriptServiceComponentList
@DefaultRenderingConfigurationComponentList
@SecurityScriptServiceComponentList
@UserReferenceComponentList
@ComponentList({
TestNoScriptMacro.class,
TranslationMacro.class,
ErrorMessageMacro.class,
TemplateScriptService.class
WarningMessageMacro.class,
DocumentUserReferenceConverter.class,
DocumentReferenceConverter.class
})
class ConfigurableClassPageTest extends PageTest
{
Expand All @@ -77,9 +91,9 @@ class ConfigurableClassPageTest extends PageTest
new DocumentReference(WIKI_NAME, SPACE_NAME, "ConfigurableClassMacros");

private static final DocumentReference MY_SECTION =
new DocumentReference(WIKI_NAME, SPACE_NAME, "]]{{noscript /}}");
new DocumentReference(WIKI_NAME, SPACE_NAME, "]],{{noscript /}}");

private static final String MY_SECTION_SERIALIZED = "XWiki.]]{{noscript /}}";
private static final String MY_SECTION_SERIALIZED = "XWiki.]],{{noscript /}}";

@Mock
private QueryManagerScriptService queryService;
Expand Down Expand Up @@ -116,4 +130,56 @@ void escapeHeadingForError() throws Exception
assertEquals(String.format("admin.customize %s:", MY_SECTION_SERIALIZED),
htmlPage.selectFirst("h1").text());
}

@Test
void escapeHeading() throws Exception
{
this.request.put("section", "other");
when(this.query.execute()).thenReturn(List.of(MY_SECTION_SERIALIZED)).thenReturn(List.of());
when(this.oldcore.getMockRightService()
.hasAccessLevel(eq("edit"), any(), any(), any())).thenReturn(true);

XWikiDocument mySectionDoc = new XWikiDocument(MY_SECTION);
BaseObject object = mySectionDoc.newXObject(CONFIGURABLE_CLASS, this.context);
object.setStringValue("displayInCategory", "other");
object.setStringValue("displayInSection", "other");
object.setStringValue("heading", "{{noscript /}}");
object.set("scope", "WIKI+ALL_SPACES", this.context);
this.xwiki.saveDocument(mySectionDoc, this.context);

Document htmlPage = renderHTMLPage(CONFIGURABLE_CLASS);
assertEquals("{{noscript /}}", htmlPage.selectFirst("h2").text());
}

@ParameterizedTest
@ValueSource(booleans = {true, false})
void checkScriptRight(boolean hasScript) throws Exception
{
this.request.put("section", "other");
when(this.query.execute()).thenReturn(List.of(MY_SECTION_SERIALIZED)).thenReturn(List.of());
when(this.oldcore.getMockRightService()
.hasAccessLevel(eq("edit"), any(), any(), any())).thenReturn(true);

XWikiDocument mySectionDoc = new XWikiDocument(MY_SECTION);
BaseObject object = mySectionDoc.newXObject(CONFIGURABLE_CLASS, this.context);
object.setStringValue("displayInCategory", "other");
object.setStringValue("displayInSection", "other");
String originalHeading = "$appName {{noscript /}}";
object.setStringValue("heading", originalHeading);
object.set("scope", "WIKI+ALL_SPACES", this.context);
DocumentReference userReference = new DocumentReference(WIKI_NAME, SPACE_NAME, "Admin");
mySectionDoc.getAuthors().setEffectiveMetadataAuthor(new DocumentUserReference(userReference, true));
this.xwiki.saveDocument(mySectionDoc, this.context);
when(this.oldcore.getMockAuthorizationManager().hasAccess(Right.SCRIPT,
userReference, mySectionDoc.getDocumentReference())).thenReturn(hasScript);

Document htmlPage = renderHTMLPage(CONFIGURABLE_CLASS);
String expected;
if (hasScript) {
expected = String.format("%s {{noscript /}}", MY_SECTION_SERIALIZED);
} else {
expected = originalHeading;
}
assertEquals(expected, htmlPage.selectFirst("h2").text());
}
}

0 comments on commit 1157c1e

Please sign in to comment.