git commit: WICKET-5094 enforce mount for mounted pages only

Tue, 12 Mar 2013 10:30:18 -0700 

Updated Branches:
  refs/heads/wicket-1.5.x 2a7ba5ef1 -> 34735e027


WICKET-5094 enforce mount for mounted pages only


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/34735e02
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/34735e02
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/34735e02

Branch: refs/heads/wicket-1.5.x
Commit: 34735e027071bba98100f3fc291c667959b46eee
Parents: 2a7ba5e
Author: svenmeier <[email protected]>
Authored: Tue Mar 12 15:26:49 2013 +0100
Committer: svenmeier <[email protected]>
Committed: Tue Mar 12 15:26:49 2013 +0100

----------------------------------------------------------------------
 .../wicket/request/mapper/BookmarkableMapper.java  |   29 +++++++++++----
 .../wicket/settings/ISecuritySettingsTest.java     |    8 ++++
 2 files changed, 29 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/34735e02/wicket-core/src/main/java/org/apache/wicket/request/mapper/BookmarkableMapper.java
----------------------------------------------------------------------
diff --git 
a/wicket-core/src/main/java/org/apache/wicket/request/mapper/BookmarkableMapper.java
 
b/wicket-core/src/main/java/org/apache/wicket/request/mapper/BookmarkableMapper.java
index 759f389..eb917e1 100644
--- 
a/wicket-core/src/main/java/org/apache/wicket/request/mapper/BookmarkableMapper.java
+++ 
b/wicket-core/src/main/java/org/apache/wicket/request/mapper/BookmarkableMapper.java
@@ -20,6 +20,8 @@ import org.apache.wicket.Application;
 import org.apache.wicket.request.Request;
 import org.apache.wicket.request.Url;
 import org.apache.wicket.request.component.IRequestablePage;
+import org.apache.wicket.request.handler.PageProvider;
+import org.apache.wicket.request.handler.RenderPageRequestHandler;
 import org.apache.wicket.request.mapper.info.PageComponentInfo;
 import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder;
 import org.apache.wicket.request.mapper.parameter.PageParameters;
@@ -91,14 +93,6 @@ public class BookmarkableMapper extends 
AbstractBookmarkableMapper
        @Override
        protected UrlInfo parseRequest(Request request)
        {
-               if (Application.exists())
-               {
-                       if 
(Application.get().getSecuritySettings().getEnforceMounts())
-                       {
-                               return null;
-                       }
-               }
-
                Url url = request.getUrl();
                if (matches(url))
                {
@@ -111,6 +105,25 @@ public class BookmarkableMapper extends 
AbstractBookmarkableMapper
 
                        if (pageClass != null && 
IRequestablePage.class.isAssignableFrom(pageClass))
                        {
+                               if (Application.exists())
+                               {
+                                       Application application = 
Application.get();
+
+                                       if 
(application.getSecuritySettings().getEnforceMounts())
+                                       {
+                                               // we make an excepion if the 
homepage itself was mounted, see WICKET-1898
+                                               if 
(!pageClass.equals(application.getHomePage()))
+                                               {
+                                                       // WICKET-5094 only 
enforce mount if page is mounted
+                                                       Url reverseUrl = 
application.getRootRequestMapper().mapHandler(
+                                                               new 
RenderPageRequestHandler(new PageProvider(pageClass)));
+                                                       if 
(!matches(reverseUrl))
+                                                       {
+                                                               return null;
+                                                       }
+                                               }
+                                       }
+                               }
 
                                // extract the PageParameters from URL if there 
are any
                                PageParameters pageParameters = 
extractPageParameters(request, 3,

http://git-wip-us.apache.org/repos/asf/wicket/blob/34735e02/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
----------------------------------------------------------------------
diff --git 
a/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
 
b/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
index ddcde75..7822531 100644
--- 
a/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
+++ 
b/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
@@ -58,6 +58,14 @@ public class ISecuritySettingsTest extends WicketTestCase
                tester.assertRenderedPage(UnknownPage.class);
 
                
tester.getApplication().getSecuritySettings().setEnforceMounts(true);
+
+               tester.startPage(pageWithLink);
+               tester.assertRenderedPage(MockPageWithLink.class);
+               tester.clickLink(MockPageWithLink.LINK_ID);
+               tester.assertRenderedPage(UnknownPage.class);
+
+               tester.getApplication().mountPackage("unknown", 
UnknownPage.class);
+
                tester.startPage(pageWithLink);
                tester.assertRenderedPage(MockPageWithLink.class);
                tester.clickLink(MockPageWithLink.LINK_ID);

Reply via email to