This is an automated email from the ASF dual-hosted git repository. ahuber pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/isis.git
The following commit(s) were added to refs/heads/master by this push: new f7e419b ISIS-2223: more mitigations f7e419b is described below commit f7e419b886cdf1a36f77bcd25b3e29e3f5fe3048 Author: Andi Huber <ahu...@apache.org> AuthorDate: Fri Feb 14 14:58:59 2020 +0100 ISIS-2223: more mitigations --- .../wicket/ui/pages/login/IsisSignInPanel.java | 19 +++++++------ .../viewer/integration/LocalizerForIsis.java | 31 +++++++++++++--------- .../viewer/integration/WebRequestCycleForIsis.java | 27 ++++++++++++------- .../wicket/viewer/mixins/Object_clearHints.java | 5 +++- 4 files changed, 50 insertions(+), 32 deletions(-) diff --git a/viewers/wicket/ui/src/main/java/org/apache/isis/viewer/wicket/ui/pages/login/IsisSignInPanel.java b/viewers/wicket/ui/src/main/java/org/apache/isis/viewer/wicket/ui/pages/login/IsisSignInPanel.java index 258bac2..b1b76ad 100644 --- a/viewers/wicket/ui/src/main/java/org/apache/isis/viewer/wicket/ui/pages/login/IsisSignInPanel.java +++ b/viewers/wicket/ui/src/main/java/org/apache/isis/viewer/wicket/ui/pages/login/IsisSignInPanel.java @@ -36,6 +36,8 @@ import org.apache.isis.core.runtime.session.IsisSessionFactory; import org.apache.isis.viewer.wicket.model.models.PageType; import org.apache.isis.viewer.wicket.ui.pages.PageClassRegistry; +import lombok.val; + import de.agilecoders.wicket.core.markup.html.bootstrap.common.NotificationPanel; /** @@ -44,7 +46,6 @@ import de.agilecoders.wicket.core.markup.html.bootstrap.common.NotificationPanel * {@link de.agilecoders.wicket.core.markup.html.bootstrap.common.NotificationPanel} * for Bootstrap styled error messages */ -@SuppressWarnings("CdiManagedBeanInconsistencyInspection") public class IsisSignInPanel extends SignInPanel { private static final long serialVersionUID = 1L; @@ -132,13 +133,15 @@ public class IsisSignInPanel extends SignInPanel { } private void setVisibilityAllowedBasedOnAvailableServices(final Component... components) { - final UserRegistrationService userRegistrationService = - anyUserRegistrationService.stream().findFirst().orElse(null); - final EmailNotificationService emailNotificationService = - anyEmailNotificationService.stream().findFirst().orElse(null); - - final boolean visibilityAllowed = userRegistrationService != null && emailNotificationService.isConfigured(); - for (final Component component: components) { + val hasUserRegistrationService = anyUserRegistrationService.isNotEmpty(); + val hasConfiguredEmailNotificationService = anyEmailNotificationService.stream() + .anyMatch(EmailNotificationService::isConfigured); + + val visibilityAllowed = + hasUserRegistrationService + && hasConfiguredEmailNotificationService; + + for (val component: components) { if(component.isVisibilityAllowed()) { component.setVisibilityAllowed(visibilityAllowed); } diff --git a/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/LocalizerForIsis.java b/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/LocalizerForIsis.java index 6c0cfc2..d959dbc 100644 --- a/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/LocalizerForIsis.java +++ b/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/LocalizerForIsis.java @@ -20,6 +20,7 @@ package org.apache.isis.viewer.wicket.viewer.integration; import java.util.Locale; import java.util.MissingResourceException; +import java.util.Optional; import java.util.concurrent.Callable; import javax.inject.Inject; @@ -33,11 +34,14 @@ import org.apache.wicket.markup.html.panel.Panel; import org.apache.wicket.model.IModel; import org.apache.isis.applib.services.i18n.TranslationService; +import org.apache.isis.core.commons.internal.base._Casts; import org.apache.isis.core.commons.internal.base._Strings; import org.apache.isis.core.runtime.session.IsisSession; import org.apache.isis.core.runtime.session.IsisSessionFactory; import org.apache.isis.viewer.wicket.viewer.wicketapp.IsisWicketApplication; +import lombok.val; + /** * Implementation integrates Isis' own i18n support ({@link TranslationService}) with Wicket's equivalent i18n * mechanism (the {@link Localizer} singleton). @@ -84,25 +88,26 @@ public class LocalizerForIsis extends Localizer { } private Class<?> determineContextClassElse(final Component component, final Class<?> fallback) { - return component != null - ? determineContextClass(component) - : fallback; - } + + if(component==null) { + return fallback; + } - private Class<? > determineContextClass(final Component component) { // special case if(component instanceof org.wicketstuff.select2.Select2Choice || component instanceof org.wicketstuff.select2.Select2MultiChoice) { return component.getClass(); } - final Component parentComponent = pageElseSignificantParentOf(component); - return enclosing(parentComponent.getClass()); + + return pageElseSignificantParentOf(component) + .map(parentComponent->enclosing(parentComponent.getClass())) + .orElse(_Casts.uncheckedCast(fallback)); } - private Component pageElseSignificantParentOf(final Component component) { + private Optional<Component> pageElseSignificantParentOf(final Component component) { final Component page = pageOf(component); if (page != null) { - return page; + return Optional.of(page); } return parentFormOrPanelOf(component); } @@ -125,15 +130,15 @@ public class LocalizerForIsis extends Localizer { * Search up this component instance's hierarchy, and use the first form or panel that is a parent * of this component. */ - private Component parentFormOrPanelOf(final Component component) { + private Optional<Component> parentFormOrPanelOf(final Component component) { if(component instanceof Form || component instanceof Panel) { - return component; + return Optional.of(component); } - final MarkupContainer parent = component.getParent(); + val parent = component.getParent(); if(parent != null) { return parentFormOrPanelOf(parent); } - return parent; + return Optional.empty(); } private Class<?> enclosing(final Class<?> cls) { diff --git a/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/WebRequestCycleForIsis.java b/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/WebRequestCycleForIsis.java index 02ce194..3466933 100644 --- a/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/WebRequestCycleForIsis.java +++ b/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/WebRequestCycleForIsis.java @@ -272,11 +272,17 @@ public class WebRequestCycleForIsis implements IRequestCycleListener { } private void addTranslatedMessage(final String translatedSuffixIfAny) { - final String translatedPrefix = translate("Action no longer available"); - final String message = translatedSuffixIfAny != null - ? String.format("%s (%s)", translatedPrefix, translatedSuffixIfAny) - : translatedPrefix; - getMessageBroker().addMessage(message); + + getMessageBroker().ifPresent(broker->{ + + final String translatedPrefix = translate("Action no longer available"); + final String message = translatedSuffixIfAny != null + ? String.format("%s (%s)", translatedPrefix, translatedSuffixIfAny) + : translatedPrefix; + + broker.addMessage(message); + + }); } private String translate(final String text) { @@ -366,7 +372,7 @@ public class WebRequestCycleForIsis implements IRequestCycleListener { if(!inIsisSession()) { return false; } - if(getAuthenticationSession() == null) { + if(!getAuthenticationSession().isPresent()) { return false; } return getWicketAuthenticationSession().isSignedIn(); @@ -391,12 +397,13 @@ public class WebRequestCycleForIsis implements IRequestCycleListener { return IsisSession.currentOrElseNull()!=null; } - private AuthenticationSession getAuthenticationSession() { - return IsisContext.getCurrentAuthenticationSession().orElse(null); + private Optional<AuthenticationSession> getAuthenticationSession() { + return IsisContext.getCurrentAuthenticationSession(); } - private MessageBroker getMessageBroker() { - return getAuthenticationSession().getMessageBroker(); + private Optional<MessageBroker> getMessageBroker() { + return getAuthenticationSession() + .map(AuthenticationSession::getMessageBroker); } private AuthenticatedWebSession getWicketAuthenticationSession() { diff --git a/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/mixins/Object_clearHints.java b/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/mixins/Object_clearHints.java index 55e6936..a599a0d 100644 --- a/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/mixins/Object_clearHints.java +++ b/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/mixins/Object_clearHints.java @@ -60,7 +60,10 @@ public class Object_clearHints { public Object act() { if (getHintStoreUsingWicketSession() != null) { val bookmark = bookmarkService.bookmarkForElseThrow(holder); - getHintStoreUsingWicketSession().removeAll(bookmark); + val hintStore = getHintStoreUsingWicketSession(); + if(hintStore!=null) { // just in case + hintStore.removeAll(bookmark); + } } return holder; }