Repository: wicket Updated Branches: refs/heads/wicket-6.x 6501ab739 -> a05aa4cae
WICKET-5712 SecuritySettings.setEnforceMounts() does not work when the mounted mapper is not in the root compound mapper Project: http://git-wip-us.apache.org/repos/asf/wicket/repo Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/a05aa4ca Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/a05aa4ca Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/a05aa4ca Branch: refs/heads/wicket-6.x Commit: a05aa4cae6145a707698fce9ef73885656589318 Parents: 6501ab7 Author: Jesse Long <[email protected]> Authored: Tue Sep 30 18:11:45 2014 +0200 Committer: Jesse Long <[email protected]> Committed: Tue Sep 30 18:11:45 2014 +0200 ---------------------------------------------------------------------- .../core/request/mapper/BookmarkableMapper.java | 38 +++++++++++++------- .../wicket/settings/ISecuritySettingsTest.java | 12 +++++++ 2 files changed, 38 insertions(+), 12 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/wicket/blob/a05aa4ca/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java b/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java index 284f003..3aa6cfb 100644 --- a/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java +++ b/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java @@ -24,6 +24,7 @@ import org.apache.wicket.request.Request; import org.apache.wicket.request.Url; import org.apache.wicket.request.component.IRequestablePage; import org.apache.wicket.request.mapper.ICompoundRequestMapper; +import org.apache.wicket.request.mapper.IRequestMapperDelegate; import org.apache.wicket.request.mapper.info.PageComponentInfo; import org.apache.wicket.request.mapper.mount.MountMapper; import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder; @@ -131,7 +132,7 @@ public class BookmarkableMapper extends AbstractBookmarkableMapper if (!pageClass.equals(application.getHomePage())) { // WICKET-5094 only enforce mount if page is mounted - if (isPageMounted(pageClass, application)) + if (isPageMounted(pageClass, application.getRootRequestMapperAsCompound())) { return null; } @@ -149,27 +150,40 @@ public class BookmarkableMapper extends AbstractBookmarkableMapper return null; } - private boolean isPageMounted(Class<? extends IRequestablePage> pageClass, Application application) + private boolean isPageMounted(Class<? extends IRequestablePage> pageClass, ICompoundRequestMapper compoundMapper) { - ICompoundRequestMapper applicationMappers = application.getRootRequestMapperAsCompound(); - - for (IRequestMapper requestMapper : applicationMappers) + for (IRequestMapper requestMapper : compoundMapper) { - if (requestMapper instanceof MountMapper) + while (requestMapper instanceof IRequestMapperDelegate) { - MountMapper mountMapper = (MountMapper) requestMapper; - requestMapper = mountMapper.getInnerRequestMapper(); + requestMapper = ((IRequestMapperDelegate)requestMapper).getDelegateMapper(); } - if (requestMapper instanceof AbstractBookmarkableMapper && requestMapper != this) + if (requestMapper instanceof ICompoundRequestMapper) { - AbstractBookmarkableMapper mapper = (AbstractBookmarkableMapper) requestMapper; - - if (mapper.checkPageClass(pageClass)) + if (isPageMounted(pageClass, (ICompoundRequestMapper)requestMapper)) { return true; } } + else + { + if (requestMapper instanceof MountMapper) + { + MountMapper mountMapper = (MountMapper) requestMapper; + requestMapper = mountMapper.getInnerRequestMapper(); + } + + if (requestMapper instanceof AbstractBookmarkableMapper && requestMapper != this) + { + AbstractBookmarkableMapper mapper = (AbstractBookmarkableMapper) requestMapper; + + if (mapper.checkPageClass(pageClass)) + { + return true; + } + } + } } return false; http://git-wip-us.apache.org/repos/asf/wicket/blob/a05aa4ca/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java ---------------------------------------------------------------------- diff --git a/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java b/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java index 7e5b2a2..f13db98 100644 --- a/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java +++ b/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java @@ -26,6 +26,8 @@ import org.apache.wicket.markup.Markup; import org.apache.wicket.markup.html.WebPage; import org.apache.wicket.markup.html.link.Link; import org.apache.wicket.protocol.http.WebApplication; +import org.apache.wicket.protocol.https.HttpsConfig; +import org.apache.wicket.protocol.https.HttpsMapper; import org.apache.wicket.request.flow.RedirectToUrlException; import org.junit.Test; @@ -72,6 +74,16 @@ public class ISecuritySettingsTest extends WicketTestCase tester.assertRenderedPage(MockPageWithLink.class); tester.clickLink(MockPageWithLink.LINK_ID); Assert.assertNull(tester.getLastRenderedPage()); + + /* + * Test that mounts are enforced when the root compound mapper does not directly contain the mounted mapper. + */ + tester.getApplication().setRootRequestMapper(new HttpsMapper(tester.getApplication().getRootRequestMapper(), new HttpsConfig())); + + tester.startPage(pageWithLink); + tester.assertRenderedPage(MockPageWithLink.class); + tester.clickLink(MockPageWithLink.LINK_ID); + Assert.assertNull(tester.getLastRenderedPage()); } /**
