Re: Test Page renders with Nested Panel

2017-02-09 Thread Martin Grigorov 
Hi,


On Fri, Feb 10, 2017 at 12:08 AM, David Beer  wrote:

> Hi Guys
>
> I am new to WicketTester and testing pages here. I am also getting back
> into wicket slowly.
>
> I have a page which currently simply adds a panel (more to come), the panel
> contains a DataTable. I am not interested in the content of the table just
> that the page renders with an empty table.
>
> MyPage -> MyPanel -> Adds a DataTable, using dataproviders.
>
> The problem is that when I do tester.startPage(MyPage.class) it tries to
> add the data table and fails unless data provider size is set to 0.
>
> MyPage Code
>
> public class MyPage extends BasePage {
>
> private NotificationPanel notificationPanel;
> private BootstrapDefaultDataTable userTable;
>

This is not used/needed.


>
> public MyPage() {
> notificationPanel = new NotificationPanel("notification");
> notificationPanel.setOutputMarkupId(true);
> notificationPanel.hideAfter(Duration.seconds(2));
> add(notificationPanel);
> add(new MyPanel("users-table-panel"));
> }
> }
>
> MyPanel code
>
> public class MyPanel extends Panel {
>
> private NotificationPanel notificationPanel;
> private BootstrapDefaultDataTable userTable;
>
>
> public UsersTablePanel(String id) {
> super(id);
> notificationPanel = new NotificationPanel("notification");


This looks the same as in the page. Maybe one should be removed ?!


> notificationPanel.setOutputMarkupId(true);
> notificationPanel.hideAfter(Duration.seconds(2));
> add(notificationPanel);
> usersTable();
> }
>
> private void usersTable() {
> List> columns = new ArrayList<>();
> columns.add(new PropertyColumn<>(Model.of("First Name"),
> "firstName", "firstName"));
> columns.add(new PropertyColumn<>(Model.of("Last Name"),
> "lastName"));
> columns.add(new PropertyColumn<>(Model.of("Email Address"),
> "email"));
> columns.add(new PropertyColumn<>(Model.of("Username"),
> "userName"));
>
> userTable = new BootstrapDefaultDataTable<>("users-table",
> columns,
> new DataProvider(), 20);
>

Here you create a new DataProvider.
Does it use some service (Spring, EJB, Guice,...) to load the items ?!


> userTable.add(new TableBehavior().hover().bordered());
> add(userTable);
> }
> }
>
> MyPageTest Code
>
> public class AdminViewPageTest extends WicketApplicationTest {
>
> private WicketTester tester;
>
> private UsersDataProvider usersDataProvider;
>
> private AdminViewPage adminViewPage;
>
> @Before
> public void setUp() throws Exception {
> super.setUp();
> usersDataProvider = mock(UsersDataProvider.class);
> adminViewPage = new AdminViewPage();
> doNothing().when(usersDataProvider).checkDAO();
> when(usersDataProvider.size()).thenReturn(0L);
>

This usersDataProvider is not really used by UsersTablePanel.java because
it creates its own one (new DataProvider()). So the mocking doesn't really
help.


> tester = getTester();
> tester.startPage(adminViewPage);
> }
>
> @Test
> public void renderSuccessfully() throws Exception {
> tester.assertRenderedPage(AdminViewPage.class);
> }
>
> }
>
> Any pointers would be great.
>

Usually the DataProviders use some service to load the items and this
service is injected (Spring, CDI, ...).
Then in your tests you need to provide Dependency Injection context that
provides mocked service. This way Wicket will used the mock for the tests
and the real service when running the application.


>
> Thanks
>
> David
>

Re: Java Wickets Delete and Checkbox

2017-02-09 Thread ASHU_JAVA 
Hello All,

Here's a brief about my scenario:-

1) I've a Page with a custom Datatable that contains a list of category.
2) Onclick of any one category, a pop-up appears (I'm using model window for
this).
3) In the model window, we can view, add and delete users belonging to the
particular category. (I'm using Panel component).

4) Task to do:-

a) Delete one, multiple, and all users (Checkbox and Delete button)
b) Refresh the DataView of users (On addition/deletion of Users)

HTML code:-




Java Wicket Code:



Kindly provide inputs to perform these tasks.
Thanks in advance.

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Java-Wickets-Delete-and-Checkbox-tp4677014p4677093.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Test Page renders with Nested Panel

2017-02-09 Thread David Beer 
Hi Guys

I am new to WicketTester and testing pages here. I am also getting back
into wicket slowly.

I have a page which currently simply adds a panel (more to come), the panel
contains a DataTable. I am not interested in the content of the table just
that the page renders with an empty table.

MyPage -> MyPanel -> Adds a DataTable, using dataproviders.

The problem is that when I do tester.startPage(MyPage.class) it tries to
add the data table and fails unless data provider size is set to 0.

MyPage Code

public class MyPage extends BasePage {

private NotificationPanel notificationPanel;
private BootstrapDefaultDataTable userTable;

public MyPage() {
notificationPanel = new NotificationPanel("notification");
notificationPanel.setOutputMarkupId(true);
notificationPanel.hideAfter(Duration.seconds(2));
add(notificationPanel);
add(new MyPanel("users-table-panel"));
}
}

MyPanel code

public class MyPanel extends Panel {

private NotificationPanel notificationPanel;
private BootstrapDefaultDataTable userTable;


public UsersTablePanel(String id) {
super(id);
notificationPanel = new NotificationPanel("notification");
notificationPanel.setOutputMarkupId(true);
notificationPanel.hideAfter(Duration.seconds(2));
add(notificationPanel);
usersTable();
}

private void usersTable() {
List> columns = new ArrayList<>();
columns.add(new PropertyColumn<>(Model.of("First Name"),
"firstName", "firstName"));
columns.add(new PropertyColumn<>(Model.of("Last Name"),
"lastName"));
columns.add(new PropertyColumn<>(Model.of("Email Address"),
"email"));
columns.add(new PropertyColumn<>(Model.of("Username"), "userName"));

userTable = new BootstrapDefaultDataTable<>("users-table", columns,
new DataProvider(), 20);
userTable.add(new TableBehavior().hover().bordered());
add(userTable);
}
}

MyPageTest Code

public class AdminViewPageTest extends WicketApplicationTest {

private WicketTester tester;

private UsersDataProvider usersDataProvider;

private AdminViewPage adminViewPage;

@Before
public void setUp() throws Exception {
super.setUp();
usersDataProvider = mock(UsersDataProvider.class);
adminViewPage = new AdminViewPage();
doNothing().when(usersDataProvider).checkDAO();
when(usersDataProvider.size()).thenReturn(0L);
tester = getTester();
tester.startPage(adminViewPage);
}

@Test
public void renderSuccessfully() throws Exception {
tester.assertRenderedPage(AdminViewPage.class);
}

}

Any pointers would be great.

Thanks

David

Re: Safe way to display HTML user input

2017-02-09 Thread daniel simko 
Thank you Martin! This is exactly what I was looking for.

2017-02-09 13:03 GMT+01:00 Martin Grigorov :

> Hi,
>
> Check https://jsoup.org/cookbook/cleaning-html/whitelist-sanitizer
>
> Martin Grigorov
> Wicket Training and Consulting
> https://twitter.com/mtgrigorov
>
> On Thu, Feb 9, 2017 at 12:50 PM, daniel simko  wrote:
>
> > Hello,
> >
> > I would like to ask you whether there is some safe way how to display
> html
> > output from some rich editor (e.g. TinyMCE)? In order to display html it
> is
> > necessary to switch off model escaping [1] which is opening a door for
> XSS.
> > I was thinking about some converter [2] which would escape only JS
> related
> > stuff (e.g.

Re: How can i authorize a 'bot' to access my REST resource?

2017-02-09 Thread Martin Grigorov 
Hi,

I see two options:
1) if you use http client (like Apache HttpClient or Okio) then you can
login first and then go to the REST endpoint. Just make sure the client
preserves the cookies
2) remove @AuthorizeResource and use other means to protect it, e.g. Basic
Authentication. With Spring Security or Apache Shiro you can do this easily

Martin Grigorov
Wicket Training and Consulting
https://twitter.com/mtgrigorov

On Thu, Feb 9, 2017 at 11:15 AM, Per Newgro  wrote:

> Hi,
>
> i've extended an org.wicketstuff.rest.resource.AbstractRestResource and
> mounted it in my WebApplication.
> Everything works so far.
>
> But i've annotated my Method with a role that shall be extracted from the
> session. I'm not quite sure how to
> 'login' my import command (CLI) as a user
>
> Has someone maybe a working example for authorized resource access?
>
> Thanks
> Per
>
> 
> @AuthorizeResource
> public class CRMDataImportResource extends 
> AbstractRestResource
> {
>
>   @SpringBean(name = "FullImport")
>   private DataImport dataImport;
>
>   public CRMDataImportResource() {
> super(new JsonWebSerialDeserial(
> new GsonObjectSerialDeserial()), new IRoleCheckingStrategy() {
>
> @Override
> public boolean hasAnyRole(Roles roles) {
>   CDISession session = CDISession.get();
>   return session.hasAnyRole(roles);
> }
> }
> );
> Injector.get().inject(this);
>   }
>
>   @MethodMapping(
> value = "/full",
> httpMethod = HttpMethod.POST)
>   @AuthorizeInvocation("CRMDataImport")
>   public String fullImport(@RequestBody DocumentBatch batch) throws
> Exception {
> return dataImport.fullImport(batch);
>   }
> }
> 
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>

Re: Safe way to display HTML user input

2017-02-09 Thread Martin Grigorov 
Hi,

Check https://jsoup.org/cookbook/cleaning-html/whitelist-sanitizer

Martin Grigorov
Wicket Training and Consulting
https://twitter.com/mtgrigorov

On Thu, Feb 9, 2017 at 12:50 PM, daniel simko  wrote:

> Hello,
>
> I would like to ask you whether there is some safe way how to display html
> output from some rich editor (e.g. TinyMCE)? In order to display html it is
> necessary to switch off model escaping [1] which is opening a door for XSS.
> I was thinking about some converter [2] which would escape only JS related
> stuff (e.g.

Safe way to display HTML user input

2017-02-09 Thread daniel simko 
Hello,

I would like to ask you whether there is some safe way how to display html
output from some rich editor (e.g. TinyMCE)? In order to display html it is
necessary to switch off model escaping [1] which is opening a door for XSS.
I was thinking about some converter [2] which would escape only JS related
stuff (e.g.

How can i authorize a 'bot' to access my REST resource?

2017-02-09 Thread Per Newgro 
Hi,

i've extended an org.wicketstuff.rest.resource.AbstractRestResource and mounted 
it in my WebApplication.
Everything works so far.

But i've annotated my Method with a role that shall be extracted from the 
session. I'm not quite sure how to
'login' my import command (CLI) as a user

Has someone maybe a working example for authorized resource access?

Thanks
Per


@AuthorizeResource
public class CRMDataImportResource extends 
AbstractRestResource {

  @SpringBean(name = "FullImport")
  private DataImport dataImport;

  public CRMDataImportResource() {
super(new JsonWebSerialDeserial(
new GsonObjectSerialDeserial()), new IRoleCheckingStrategy() {

@Override
public boolean hasAnyRole(Roles roles) {
  CDISession session = CDISession.get();
  return session.hasAnyRole(roles);
}
}
);
Injector.get().inject(this);
  }

  @MethodMapping(
value = "/full",
httpMethod = HttpMethod.POST)
  @AuthorizeInvocation("CRMDataImport")
  public String fullImport(@RequestBody DocumentBatch batch) throws Exception {
return dataImport.fullImport(batch);
  }
}


-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Re: DiskDataStore exception at end of day

2017-02-09 Thread Martin Grigorov 
On Wed, Feb 8, 2017 at 2:03 PM, Peter Henderson  wrote:

> Thanks Martin,
>
> On 8 February 2017 at 10:45, Martin Grigorov  wrote:
>
> > Hi,
> >
> > The WebSocket communication doesn't update the session, i.e. doesn't
> renew
> > it. This is by Servlet specification.
> > So if there is no normal HTTP request then the http session will expire
> and
> > Wicket will clean up its resources.
> > Later when a web socket message comes it might fail with such kind of
> > error.
> >
>
> I've done a little more analysis of the logs and my code.
>
> It seems this happened to only 1 used yesterday.
> Tracking her session ID she logs in, 7 hours later her session times out.
>
> My code has a HttpSessionListener which sends a message to an actor which
> monitors sessions. This actor eventually does a web socket broadcast to
> notify everyone who is online.
>
> Could there be a race condition when sessions are being destroyed and
> sending web socket push messages?
>

Wicket also uses HttpSessionListener to be notified when to cleanup the
user's resources.
It might be that your listener is notified later than Wicket's one.
You may try using Wicket's callbacks instead: Session#onInvalidate(),
Application#sessionUnbound()
/ org.apache.wicket.Application#getSessionListeners().add(...)


>
>
>
>
>
> >
> > I am not sure what is the best solution to this.
> > There is an established web socket connection and there won't be a new
> > handshake when the message arrives.
> > The only workaround I see is to make a ping once per N minutes, where N
> is
> > less than the session timeout duration.
> >
>
> When their session goes, does Tomcat & the browser keep a web socket
> connection open.
>

I'm not sure but it should be very easy to test!


>
> Perhaps the simplest option is for me to mute DiskDataStore exception log
> messages.
>
>
>
> >
> > But the exception in the DiskDataStore happens in a different thread, so
> I
> > think it should not affect the thread where the application reads/writes
> to
> > the websocket connection.
> >
> > Martin Grigorov
> > Wicket Training and Consulting
> > https://twitter.com/mtgrigorov
> >
> > On Wed, Feb 8, 2017 at 9:46 AM, Peter Henderson <
> > peter.hender...@starjar.com
> > > wrote:
> >
> > > Morning all.
> > >
> > > Wicket 7.6.0
> > > Tomcat 8.5.11
> > > Java 1.8.0_121
> > >
> > >
> > >
> > > I'm seeing several DiskDataStore Exceptions [1]. Normally towards the
> end
> > > of the day, long after users have stopped using my app. So probably
> when
> > > their sessions time out.
> > > The file name looks very suspicious to me.
> > > /opt/starjar/domains/customer/apache-tomcat-8.5.11/work/
> > > Catalina/localhost/Starjar/Key[type=org.apache.wicket.
> protocol.ws.javax.
> > > JavaxWebSocketFilter,
> > > annotation=[none]]-filestore/247/7021/D69E0EE552DC1F1FE5FF986A1A919C
> > > 39/data
> > >
> > >
> > >
> > > Another perhaps unrelated exception [2]
> > >
> > >
> > > Any pointers where I should dig to solve this ?
> > >
> > > Thanks
> > > Peter
> > >
> > >
> > >
> > >
> > >
> > > [1]
> > > 2017-02-07 20:59:34.358 SEVERE oawp.DiskDataStore
> > > /opt/starjar/domains/viper/apache-tomcat-8.5.11/work/
> > > Catalina/localhost/Starjar/Key[type=org.apache.wicket.
> protocol.ws.javax.
> > > JavaxWebSocketFilter,
> > > annotation=[none]]-filesto
> > > re/247/7021/D69E0EE552DC1F1FE5FF986A1A919C39/data (No such file or
> > > directory)
> > > java.io.FileNotFoundException:
> > > /opt/starjar/domains/customer/apache-tomcat-8.5.11/work/
> > > Catalina/localhost/Starjar/Key[type=org.apache.wicket.
> protocol.ws.javax.
> > > JavaxWebSocketFilter,
> > > annotation=[none]]-filestore/247/7021/D69E0EE552DC1F1FE5FF986A1A919C
> > > 39/data
> > > (No such file or directory)
> > > at java.io.RandomAccessFile.open0(Native Method)
> > > at java.io.RandomAccessFile.open(RandomAccessFile.java:316)
> > > at java.io.RandomAccessFile.(RandomAccessFile.java:243)
> > > at
> > > org.apache.wicket.pageStore.DiskDataStore$SessionEntry.
> > > getFileChannel(DiskDataStore.java:432)
> > > at
> > > org.apache.wicket.pageStore.DiskDataStore$SessionEntry.
> > > savePage(DiskDataStore.java:350)
> > > at
> > > org.apache.wicket.pageStore.DiskDataStore.storeData(
> > > DiskDataStore.java:188)
> > > at
> > > org.apache.wicket.pageStore.AsynchronousDataStore$
> > PageSavingRunnable.run(
> > > AsynchronousDataStore.java:355)
> > > at java.lang.Thread.run(Thread.java:745)
> > >
> > >
> > >
> > >
> > >
> > >
> > > [2]
> > > 2017-02-07 21:33:52.127 SEVERE oawpwj.WicketEndpoint An error occurred
> in
> > > web socket connection with id : 5c1c
> > > java.io.EOFException
> > > at
> > > org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.
> > > fillReadBuffer(NioEndpoint.java:1221)
> > > at
> > > org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.
> > > fillReadBuffer(NioEndpoint.java:1192)
> > > at
>