You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2009/04/02 12:02:34 UTC
svn commit: r761223 - in /ofbiz/trunk: applications/humanres/widget/
applications/marketing/widget/sfa/
applications/party/webapp/partymgr/communication/
applications/party/widget/partymgr/ applications/workeffort/widget/
framework/exampleext/widget/ex...
Author: jleroux
Date: Thu Apr 2 10:02:34 2009
New Revision: 761223
URL: http://svn.apache.org/viewvc?rev=761223&view=rev
Log:
Securing URLs, link element in screens and menus : 23th set + tabs to 4 spaces
Modified:
ofbiz/trunk/applications/humanres/widget/EmployeeScreens.xml
ofbiz/trunk/applications/marketing/widget/sfa/CommonScreens.xml
ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml
ofbiz/trunk/applications/party/widget/partymgr/PartyMenus.xml
ofbiz/trunk/applications/party/widget/partymgr/PartyScreens.xml
ofbiz/trunk/applications/workeffort/widget/TimesheetScreens.xml
ofbiz/trunk/applications/workeffort/widget/WorkEffortScreens.xml
ofbiz/trunk/framework/exampleext/widget/example/ExampleMenus.xml
ofbiz/trunk/specialpurpose/ecommerce/widget/blog/BlogScreens.xml
Modified: ofbiz/trunk/applications/humanres/widget/EmployeeScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/humanres/widget/EmployeeScreens.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/applications/humanres/widget/EmployeeScreens.xml (original)
+++ ofbiz/trunk/applications/humanres/widget/EmployeeScreens.xml Thu Apr 2 10:02:34 2009
@@ -105,7 +105,9 @@
</condition>
<widgets>
<container style="button-bar button-style-2">
- <link target="viewprofile?partyId=${party.partyId}" text="${uiLabelMap.PartyHideOld}"/>
+ <link target="viewprofile" text="${uiLabelMap.PartyHideOld}">
+ <parameter param-name="partyId" from-field="party.partyId"/>
+ </link>
</container>
</widgets>
<fail-widgets>
Modified: ofbiz/trunk/applications/marketing/widget/sfa/CommonScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/marketing/widget/sfa/CommonScreens.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/applications/marketing/widget/sfa/CommonScreens.xml (original)
+++ ofbiz/trunk/applications/marketing/widget/sfa/CommonScreens.xml Thu Apr 2 10:02:34 2009
@@ -271,7 +271,9 @@
</condition>
<widgets>
<container style="button-bar button-style-2">
- <link target="viewprofile?partyId=${party.partyId}" text="${uiLabelMap.PartyHideOld}"/>
+ <link target="viewprofile" text="${uiLabelMap.PartyHideOld}">
+ <parameter param-name="partyId" from-field="party.partyId"/>
+ </link>
</container>
</widgets>
<fail-widgets>
Modified: ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml (original)
+++ ofbiz/trunk/applications/party/webapp/partymgr/communication/CommForms.xml Thu Apr 2 10:02:34 2009
@@ -216,7 +216,9 @@
<field name="communicationEventTypeId"><display-entity entity-name="CommunicationEventType" description="${description}"/></field>
<field name="partyIdFrom" use-when="partyIdFrom!=void">
<display-entity entity-name="PartyNameView" key-field-name="partyId" description="${firstName} ${middleName} ${lastName} ${groupName} (${contactMechFrom.infoString})">
- <sub-hyperlink description=" [${communicationEvent.partyIdFrom}]" target="/partymgr/control/viewprofile?partyIdFrom=${partyIdFrom}" target-type="inter-app"/>
+ <sub-hyperlink description=" [${communicationEvent.partyIdFrom}]" target="/partymgr/control/viewprofile" target-type="inter-app">
+ <parameter param-name="partyIdFrom" from-field="partyIdFrom"/>
+ </sub-hyperlink>
</display-entity>
</field>
<field name="partyIdTo">
@@ -238,7 +240,9 @@
<field name="communicationEventId"><display/></field>
<field name="partyIdFrom" use-when=""my"==void" title="${uiLabelMap.PartyPartyFrom}">
<display-entity entity-name="PartyNameView" key-field-name="partyId" description="${firstName} ${middleName} ${lastName} ${groupName}">
- <sub-hyperlink target="viewprofile?partyId=${partyIdFrom}" description="[${partyIdFrom}]"/>
+ <sub-hyperlink target="viewprofile" description="[${partyIdFrom}]">
+ <parameter param-name="partyId" from-field="partyIdFrom"/>
+ </sub-hyperlink>
</display-entity>
</field>
<field name="partyIdTo" use-when=""my"==void" title="${uiLabelMap.PartyPartyTo}">
Modified: ofbiz/trunk/applications/party/widget/partymgr/PartyMenus.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/widget/partymgr/PartyMenus.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/applications/party/widget/partymgr/PartyMenus.xml (original)
+++ ofbiz/trunk/applications/party/widget/partymgr/PartyMenus.xml Thu Apr 2 10:02:34 2009
@@ -124,13 +124,17 @@
<condition>
<if-has-permission permission="ACCOUNTING" action="_VIEW"/>
</condition>
- <link target="/accounting/control/FindBillingAccount?partyId=${partyId}" url-mode="inter-app"/>
+ <link target="/accounting/control/FindBillingAccount" url-mode="inter-app">
+ <parameter param-name="partyId" from-field="partyId"/>
+ </link>
</menu-item>
<menu-item name="finAccounts" title="${uiLabelMap.AccountingFinAccounts}">
<condition>
<if-has-permission permission="ACCOUNTING" action="_VIEW"/>
</condition>
- <link target="/accounting/control/FindFinAccount?ownerPartyId=${partyId}" url-mode="inter-app"/>
+ <link target="/accounting/control/FindFinAccount" url-mode="inter-app">
+ <parameter param-name="ownerPartyId" from-field="partyId"/>
+ </link>
</menu-item>
<menu-item name="PartyCommEvents" title="${uiLabelMap.PartyCommunications}" >
<link target="ListPartyCommEvents?partyId=${partyId}"/>
Modified: ofbiz/trunk/applications/party/widget/partymgr/PartyScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/widget/partymgr/PartyScreens.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/applications/party/widget/partymgr/PartyScreens.xml (original)
+++ ofbiz/trunk/applications/party/widget/partymgr/PartyScreens.xml Thu Apr 2 10:02:34 2009
@@ -84,7 +84,9 @@
</condition>
<widgets>
<container style="button-bar button-style-2">
- <link target="viewprofile?partyId=${party.partyId}" text="${uiLabelMap.PartyHideOld}"/>
+ <link target="viewprofile" text="${uiLabelMap.PartyHideOld}">
+ <parameter param-name="partyId" from-field="party.partyId"/>
+ </link>
</container>
</widgets>
<fail-widgets>
Modified: ofbiz/trunk/applications/workeffort/widget/TimesheetScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/workeffort/widget/TimesheetScreens.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/applications/workeffort/widget/TimesheetScreens.xml (original)
+++ ofbiz/trunk/applications/workeffort/widget/TimesheetScreens.xml Thu Apr 2 10:02:34 2009
@@ -50,8 +50,12 @@
</container>
</container>
<container style="screenlet-body">
- <link text="${uiLabelMap.PageTitleCreateWeekTimesheet}" target="createTimesheetForThisWeek?partyId=${userLogin.partyId}" style="buttontext"/>
- <link text="${uiLabelMap.WorkEffortTimesheetCreate}" target="EditTimesheet?partyId=${userLogin.partyId}" style="buttontext"/>
+ <link text="${uiLabelMap.PageTitleCreateWeekTimesheet}" target="createTimesheetForThisWeek" style="buttontext">
+ <parameter param-name="partyId" from-field="userLogin.partyId"/>
+ </link>
+ <link text="${uiLabelMap.WorkEffortTimesheetCreate}" target="EditTimesheet" style="buttontext">
+ <parameter param-name="partyId" from-field="userLogin.partyId"/>
+ </link>
<iterate-section entry="currentTimesheet" list="currentTimesheetList">
<section>
<actions>
Modified: ofbiz/trunk/applications/workeffort/widget/WorkEffortScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/workeffort/widget/WorkEffortScreens.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/applications/workeffort/widget/WorkEffortScreens.xml (original)
+++ ofbiz/trunk/applications/workeffort/widget/WorkEffortScreens.xml Thu Apr 2 10:02:34 2009
@@ -195,7 +195,9 @@
<container style="screenlet-body">
<section>
<widgets>
- <link text="${uiLabelMap.WorkEffortCreate}" target="EditWorkEffort?DONE_PAGE=${donePage}" style="buttontext"/>
+ <link text="${uiLabelMap.WorkEffortCreate}" target="EditWorkEffort" style="buttontext">
+ <parameter param-name="DONE_PAGE" from-field="donePage"/>
+ </link>
<link text="${uiLabelMap.CommonAdvancedSearch}" target="WorkEffortSearchOptions" style="buttontext"/>
<include-form name="FindWorkEffort" location="component://workeffort/widget/WorkEffortForms.xml"/>
</widgets>
Modified: ofbiz/trunk/framework/exampleext/widget/example/ExampleMenus.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/exampleext/widget/example/ExampleMenus.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/framework/exampleext/widget/example/ExampleMenus.xml (original)
+++ ofbiz/trunk/framework/exampleext/widget/example/ExampleMenus.xml Thu Apr 2 10:02:34 2009
@@ -22,7 +22,9 @@
<menu name="EditExample" extends="EditExample" extends-resource="component://example/widget/example/ExampleMenus.xml">
<menu-item name="EditExampleOriginal" title="${uiLabelMap.ExampleOriginalExample}">
- <link target="/example/control/EditExample?exampleId=${exampleId}" url-mode="inter-app"/>
+ <link target="/example/control/EditExample" url-mode="inter-app">
+ <parameter param-name="exampleId" from-field="exampleId"/>
+ </link>
</menu-item>
</menu>
Modified: ofbiz/trunk/specialpurpose/ecommerce/widget/blog/BlogScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/ecommerce/widget/blog/BlogScreens.xml?rev=761223&r1=761222&r2=761223&view=diff
==============================================================================
--- ofbiz/trunk/specialpurpose/ecommerce/widget/blog/BlogScreens.xml (original)
+++ ofbiz/trunk/specialpurpose/ecommerce/widget/blog/BlogScreens.xml Thu Apr 2 10:02:34 2009
@@ -41,7 +41,9 @@
<widgets>
<container style="bloghr">
<container style="leftjustify">
- <link text="${blogContent.contentName} - ${blogContent.description}" target="MainBlog?blogContentId=${blogContentId}" style="blogtitle"/>
+ <link text="${blogContent.contentName} - ${blogContent.description}" target="MainBlog" style="blogtitle">
+ <parameter param-name="blogContentId" from-field="blogContentId"/>
+ </link>
</container>
<container style="rightjustify">
<section>
@@ -49,7 +51,9 @@
<if-service-permission service-name="genericContentPermission" main-action="CREATE" context-map="crPerm"/>
</condition>
<widgets>
- <link text="${uiLabelMap.CommonAddNew}" target="NewBlogArticle?blogContentId=${blogContentId}" style="buttontext"/>
+ <link text="${uiLabelMap.CommonAddNew}" target="NewBlogArticle" style="buttontext">
+ <parameter param-name="blogContentId" from-field="blogContentId"/>
+ </link>
</widgets>
</section>
@@ -116,7 +120,9 @@
<parameter param-name="blogContentId" from-field="blogContentId"/>
</link>
<!--
- <link text="Latest" target="LatestResponses?ownerContentId=${blog.ownerContentId}" />
+ <link text="Latest" target="LatestResponses" >
+ <parameter param-name="ownerContentId" from-field="blog.ownerContentId"/>
+ </link>
-->
<label text="<br/>"/>
<container style="blogtext">
@@ -139,7 +145,9 @@
<parameter param-name="blogContentId" from-field="blogContentId"/>
</link>
<!--
- <link text="Latest" target="LatestResponses?ownerContentId=${blog.ownerContentId}" />
+ <link text="Latest" target="LatestResponses" >
+ <parameter param-name="ownerContentId" from-field="blog.ownerContentId"/>
+ </link>
-->
<label text="<br/>"/>
<container style="blogtext">
@@ -268,7 +276,9 @@
<include-screen name="BlogResponses"/>
<label text="<p/>"/>
<!--
- <link text="Latest" target="LatestResponses?ownerContentId=${webPubPt}" />
+ <link text="Latest" target="LatestResponses" >
+ <parameter param-name="ownerContentId" from-field="webPubPt"/>
+ </link>
-->
<include-screen name="AddBlogResponse"/>
<label text="<p/>"/>