This is an automated email from the ASF dual-hosted git repository.
deepak pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit 2a3f10fad3233263405fc17f938ccdac2d61b454
Author: Deepak Dixit <deepak.di...@hotwax.co>
AuthorDate: Fri Jul 19 17:17:07 2024 +0530
Revert "Improved: Added support to allow direct view rendering in override
view (#816)"
This reverts commit 05349a94f5b28ed7316580f464217a165956eb3c.
---
.../content/webapp/content/WEB-INF/controller.xml | 2 +-
framework/webapp/dtd/site-conf.xsd | 19 -------------------
.../ofbiz/webapp/control/ConfigXMLReader.java | 22 ----------------------
.../ofbiz/webapp/control/RequestHandler.java | 20 ++++----------------
.../ofbiz/webapp/control/RequestHandlerTests.java | 5 +----
5 files changed, 6 insertions(+), 62 deletions(-)
diff --git a/applications/content/webapp/content/WEB-INF/controller.xml
b/applications/content/webapp/content/WEB-INF/controller.xml
index 87e72b564e..1667d087b0 100644
--- a/applications/content/webapp/content/WEB-INF/controller.xml
+++ b/applications/content/webapp/content/WEB-INF/controller.xml
@@ -1851,7 +1851,7 @@ under the License.
<view-map name="EditWebSitePathAlias" type="screen"
page="component://content/widget/WebSiteScreens.xml#EditWebSitePathAlias"/>
<view-map name="WebSiteContent" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteContent"/>
<view-map name="WebSiteCMS" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMS"/>
- <view-map name="WebSiteCMSContent" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSContent"
allow-direct-view-rendering="true"/>
+ <view-map name="WebSiteCMSContent" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSContent"/>
<view-map name="WebSiteCMSEditor" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSEditor"/>
<view-map name="WebSiteCMSMetaInfo" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSMetaInfo"/>
<view-map name="WebSiteCMSPathAlias" type="screen"
page="component://content/widget/WebSiteScreens.xml#WebSiteCMSPathAlias"/>
diff --git a/framework/webapp/dtd/site-conf.xsd
b/framework/webapp/dtd/site-conf.xsd
index cf6c63b977..8f3bf3732c 100644
--- a/framework/webapp/dtd/site-conf.xsd
+++ b/framework/webapp/dtd/site-conf.xsd
@@ -776,25 +776,6 @@ under the License.
</xs:documentation>
</xs:annotation>
</xs:attribute>
- <xs:attribute type="xs:boolean" name="allow-direct-view-rendering"
default="false">
- <xs:annotation>
- <xs:documentation>
- This attribute determines whether direct rendering of the
view is allowed when using the override view functionality.
- If set to true,
- the system permits the view to be rendered directly using
the override view functionality.
- If false or not specified,
- direct rendering is not allowed, and system throws Unknown
request exception.
- </xs:documentation>
- </xs:annotation>
- </xs:attribute>
- <xs:attribute type="xs:boolean" name="direct-view-rendering-with-auth"
default="false">
- <xs:annotation>
- <xs:documentation>
- If direct-view-rendering-with-auth=true, direct rendering
of the view is only allowed with an active login when using the override view
functionality.
- If direct-view-rendering-with-auth=false, no active login
is required.
- </xs:documentation>
- </xs:annotation>
- </xs:attribute>
<xs:attribute name="x-frame-options" default="sameorigin">
<xs:annotation>
<xs:documentation>
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
index 9cb1aa616f..1ed0a0a8cd 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ConfigXMLReader.java
@@ -1044,8 +1044,6 @@ public final class ConfigXMLReader {
private String strictTransportSecurity;
private String description;
private boolean noCache = false;
- private boolean allowDirectViewRendering = false;
- private boolean directViewRenderingWithAuth = false;
/**
* Gets name.
@@ -1122,24 +1120,6 @@ public final class ConfigXMLReader {
return contentType;
}
- /**
- * allow direct view rendering boolean
- *
- * @return the boolean
- */
- public boolean isAllowDirectViewRendering() {
- return this.allowDirectViewRendering;
- }
-
- /**
- * direct view rendering with authentication boolean
- *
- * @return the boolean
- */
- public boolean isDirectViewRenderingWithAuth() {
- return this.directViewRenderingWithAuth;
- }
-
/**
* Gets encoding.
* @return the encoding
@@ -1155,8 +1135,6 @@ public final class ConfigXMLReader {
this.info = viewMapElement.getAttribute("info");
this.contentType = viewMapElement.getAttribute("content-type");
this.noCache =
"true".equals(viewMapElement.getAttribute("no-cache"));
- this.allowDirectViewRendering =
"true".equals(viewMapElement.getAttribute("allow-direct-view-rendering"));
- this.directViewRenderingWithAuth =
"true".equals(viewMapElement.getAttribute("direct-view-rendering-with-auth"));
this.encoding = viewMapElement.getAttribute("encoding");
this.xFrameOption = viewMapElement.getAttribute("x-frame-options");
this.strictTransportSecurity =
viewMapElement.getAttribute("strict-transport-security");
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
index e3cb6ce8bc..1e6f110c2b 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
@@ -129,18 +129,14 @@ public final class RequestHandler {
Map<String, List<RequestMap>> requestMapMap =
ccfg.getRequestMapMultiMap();
Collection<RequestMap> rmaps = resolveTemplateURI(requestMapMap, req);
if (rmaps.isEmpty()) {
+ Map<String, ConfigXMLReader.ViewMap> viewMapMap =
ccfg.getViewMapMap();
String defaultRequest = ccfg.getDefaultRequest();
String path = req.getPathInfo();
String requestUri = getRequestUri(path);
String overrideViewUri = getOverrideViewUri(path);
- boolean allowDirectViewRendering = false;
- // Ensure that overridden view exists and direct view rendering is
allowed.
- if (UtilValidate.isNotEmpty(overrideViewUri)) {
- ConfigXMLReader.ViewMap overrideViewMap =
ccfg.getViewMapMap().get(overrideViewUri);
- allowDirectViewRendering = (overrideViewMap != null &&
overrideViewMap.isAllowDirectViewRendering());
- }
if (requestMapMap.containsKey(requestUri)
- && (allowDirectViewRendering
+ // Ensure that overridden view exists.
+ && (overrideViewUri == null ||
viewMapMap.containsKey(overrideViewUri)
|| ("SOAPService".equals(requestUri) &&
"wsdl".equalsIgnoreCase(req.getQueryString())))) {
rmaps = requestMapMap.get(requestUri);
req.setAttribute("overriddenView", overrideViewUri);
@@ -610,13 +606,7 @@ public final class RequestHandler {
}
// Perform security check.
- boolean directViewRenderingWithAuth = false;
- // Check if direct view rendering requires authentication.
- if (UtilValidate.isNotEmpty(overrideViewUri)) {
- ConfigXMLReader.ViewMap overrideViewMap =
ccfg.getViewMapMap().get(overrideViewUri);
- directViewRenderingWithAuth = (overrideViewMap != null &&
overrideViewMap.isDirectViewRenderingWithAuth());
- }
- if (requestMap.isSecurityAuth() || directViewRenderingWithAuth) {
+ if (requestMap.isSecurityAuth()) {
// Invoke the security handler
// catch exceptions and throw RequestHandlerException if failed.
if (Debug.verboseOn()) {
@@ -639,8 +629,6 @@ public final class RequestHandler {
} else {
requestMap = ccfg.getRequestMapMap().get("ajaxCheckLogin");
}
- // overrideViewUri needs to be deleted, as there is no
authentication
- overrideViewUri = null;
}
} else if (requestUri != null) {
String[] loginUris =
EntityUtilProperties.getPropertyValue("security", "login.uris",
delegator).split(",");
diff --git
a/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
b/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
index 384cffbbec..9ba9ecab58 100644
---
a/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
+++
b/framework/webapp/src/test/java/org/apache/ofbiz/webapp/control/RequestHandlerTests.java
@@ -46,7 +46,6 @@ import
org.apache.ofbiz.webapp.control.ConfigXMLReader.ViewMap;
import org.junit.Before;
import org.junit.Test;
import org.w3c.dom.Element;
-import org.mockito.Mockito;
public class RequestHandlerTests {
public static class ResolveURITests {
@@ -191,12 +190,10 @@ public class RequestHandlerTests {
reqMaps.putSingle("foo", foo);
reqMaps.putSingle("bar", bar);
- //viewMaps.put("baz", new ViewMap(dummyElement));
- viewMaps.put("baz", Mockito.mock(ViewMap.class)); // Mock the
ViewMap
+ viewMaps.put("baz", new ViewMap(dummyElement));
when(req.getPathInfo()).thenReturn("/foo/baz");
when(ccfg.getDefaultRequest()).thenReturn("bar");
-
when(viewMaps.get("baz").isAllowDirectViewRendering()).thenReturn(true);
assertThat(RequestHandler.resolveURI(ccfg, req), hasItem(foo));
}
