This is an automated email from the ASF dual-hosted git repository.
deepak pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit 6c3b0068a99bb3b93321fdb983a0046b0679c86d
Author: Deepak Dixit <deepak.di...@hotwax.co>
AuthorDate: Fri Jul 19 17:10:39 2024 +0530
Revert "Improved: Added support to allow direct view rendering in override
view functionality (OFBIZ-13117)"
This reverts commit 8b1ee1b3a5da79ae669aee324c51d073e4ba8b1f.
---
.../content/webapp/content/WEB-INF/controller.xml | 2 +-
framework/webapp/dtd/site-conf.xsd | 19 -------------------
.../ofbiz/webapp/control/ConfigXMLReader.java | 4 ----
.../ofbiz/webapp/control/RequestHandler.java | 22 +++++-----------------
.../ofbiz/webapp/control/RequestHandlerTests.java | 5 +----
5 files changed, 7 insertions(+), 45 deletions(-)
diff --git a/applications/content/webapp/content/WEB-INF/controller.xml
b/applications/content/webapp/content/WEB-INF/controller.xml
index 63c443e77a..f3d8e58e82 100644
--- a/applications/content/webapp/content/WEB-INF/controller.xml
+++ b/applications/content/webapp/content/WEB-INF/controller.xml
@@ -1993,7 +1993,7 @@ under the License.
<view-map name="EditWebSitePathAlias" type="screen"
page="component://content/widget/WebSiteScreens.xml#EditWebSitePathAlias"/>
<view-map name="WebSiteContent" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteContent"/>
<view-map name="WebSiteCMS" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMS"/>
- <view-map name="WebSiteCMSContent" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSContent"
allow-direct-view-rendering="true"/>
+ <view-map name="WebSiteCMSContent" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSContent"/>
<view-map name="WebSiteCMSEditor" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSEditor"/>
<view-map name="WebSiteCMSMetaInfo" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSMetaInfo"/>
<view-map name="WebSiteCMSPathAlias" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSPathAlias"/>
diff --git a/framework/webapp/dtd/site-conf.xsd
b/framework/webapp/dtd/site-conf.xsd
index 6f42552f8e..fc9a966615 100644
--- a/framework/webapp/dtd/site-conf.xsd
+++ b/framework/webapp/dtd/site-conf.xsd
@@ -719,25 +719,6 @@ under the License.
</xs:documentation>
</xs:annotation>
</xs:attribute>
- <xs:attribute type="xs:boolean" name="allow-direct-view-rendering"
default="false">
- <xs:annotation>
- <xs:documentation>
- This attribute determines whether direct rendering of the
view is allowed when using the override view functionality.
- If set to true,
- the system permits the view to be rendered directly using
the override view functionality.
- If false or not specified,
- direct rendering is not allowed, and system throws Unknown
request exception.
- </xs:documentation>
- </xs:annotation>
- </xs:attribute>
- <xs:attribute type="xs:boolean" name="direct-view-rendering-with-auth"
default="false">
- <xs:annotation>
- <xs:documentation>
- If direct-view-rendering-with-auth=true, direct rendering
of the view is only allowed with an active login when using the override view
functionality.
- If direct-view-rendering-with-auth=false, no active login
is required.
- </xs:documentation>
- </xs:annotation>
- </xs:attribute>
<xs:attribute name="x-frame-options" default="sameorigin">
<xs:annotation>
<xs:documentation>
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
index cb15c385b4..8181eb860e 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
@@ -573,8 +573,6 @@ public class ConfigXMLReader {
public String strictTransportSecurity;
public String description;
public boolean noCache = false;
- public boolean allowDirectViewRendering = false;
- public boolean directViewRenderingWithAuth = false;
public ViewMap(Element viewMapElement) {
this.name = viewMapElement.getAttribute("name");
@@ -583,8 +581,6 @@ public class ConfigXMLReader {
this.info = viewMapElement.getAttribute("info");
this.contentType = viewMapElement.getAttribute("content-type");
this.noCache =
"true".equals(viewMapElement.getAttribute("no-cache"));
- this.allowDirectViewRendering =
"true".equals(viewMapElement.getAttribute("allow-direct-view-rendering"));
- this.directViewRenderingWithAuth =
"true".equals(viewMapElement.getAttribute("direct-view-rendering-with-auth"));
this.encoding = viewMapElement.getAttribute("encoding");
this.xFrameOption = viewMapElement.getAttribute("x-frame-options");
this.strictTransportSecurity =
viewMapElement.getAttribute("strict-transport-security");
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
index 98f205aeec..59daed237d 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
@@ -194,20 +194,15 @@ public class RequestHandler {
*/
static Collection<RequestMap> resolveURI(ControllerConfig ccfg,
HttpServletRequest req) {
Map<String, List<RequestMap>> requestMapMap = ccfg.getRequestMapMap();
+ Map<String, ConfigXMLReader.ViewMap> viewMapMap = ccfg.getViewMapMap();
String defaultRequest = ccfg.getDefaultRequest();
String path = req.getPathInfo();
String requestUri = getRequestUri(path);
- String overrideViewUri = getOverrideViewUri(path);
- boolean allowDirectViewRendering = false;
+ String viewUri = getOverrideViewUri(path);
Collection<RequestMap> rmaps;
- // Ensure that overridden view exists and direct view rendering is
allowed.
- if (UtilValidate.isNotEmpty(overrideViewUri)) {
- ConfigXMLReader.ViewMap overrideViewMap =
ccfg.getViewMapMap().get(overrideViewUri);
- allowDirectViewRendering = (overrideViewMap != null &&
overrideViewMap.allowDirectViewRendering);
- }
if (requestMapMap.containsKey(requestUri)
// Ensure that overridden view exists.
- && (allowDirectViewRendering
+ && (viewUri == null || viewMapMap.containsKey(viewUri)
|| ("SOAPService".equals(requestUri) &&
"wsdl".equalsIgnoreCase(req.getQueryString())))){
rmaps = requestMapMap.get(requestUri);
} else if (defaultRequest != null) {
@@ -482,14 +477,9 @@ public class RequestHandler {
if (Debug.verboseOn()) Debug.logVerbose("[Processing Request]: " +
requestMap.uri + showSessionId(request), module);
request.setAttribute("thisRequestUri", requestMap.uri); // store the
actual request URI
- boolean directViewRenderingWithAuth = false;
- // Check if direct view rendering requires authentication.
- if (UtilValidate.isNotEmpty(overrideViewUri)) {
- ConfigXMLReader.ViewMap overrideViewMap =
ccfg.getViewMapMap().get(overrideViewUri);
- directViewRenderingWithAuth = (overrideViewMap != null &&
overrideViewMap.directViewRenderingWithAuth);
- }
+
// Perform security check.
- if (requestMap.securityAuth || directViewRenderingWithAuth) {
+ if (requestMap.securityAuth) {
// Invoke the security handler
// catch exceptions and throw RequestHandlerException if failed.
if (Debug.verboseOn()) Debug.logVerbose("[RequestHandler]:
AuthRequired. Running security check. " + showSessionId(request), module);
@@ -510,8 +500,6 @@ public class RequestHandler {
} else {
requestMap =
ccfg.getRequestMapMap().getFirst("ajaxCheckLogin");
}
- // overrideViewUri needs to be deleted, as there is no
authentication
- overrideViewUri = null;
}
} else if (requestUri != null) {
String[] loginUris =
EntityUtilProperties.getPropertyValue("security", "login.uris",
delegator).split(",");
diff --git
a/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
b/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
index 812756fb62..acf941d374 100644
---
a/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
+++
b/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
@@ -40,7 +40,6 @@ import
org.apache.ofbiz.webapp.control.ConfigXMLReader.RequestMap;
import org.apache.ofbiz.webapp.control.ConfigXMLReader.ViewMap;
import org.junit.Before;
import org.junit.Test;
-import org.mockito.Mockito;
import org.w3c.dom.Element;
public class RequestHandlerTests {
@@ -127,12 +126,10 @@ public class RequestHandlerTests {
reqMaps.putSingle("foo", foo);
reqMaps.putSingle("bar", bar);
- //viewMaps.put("baz", new ViewMap(dummyElement));
- viewMaps.put("baz", Mockito.mock(ViewMap.class)); // Mock the
ViewMap
+ viewMaps.put("baz", new ViewMap(dummyElement));
when(req.getPathInfo()).thenReturn("/foo/baz");
when(ccfg.getDefaultRequest()).thenReturn("bar");
-
when(viewMaps.get("baz").allowDirectViewRendering).thenReturn(true);
assertThat(RequestHandler.resolveURI(ccfg, req), hasItem(foo));
}
