You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jspwiki.apache.org by br...@apache.org on 2019/09/07 17:53:18 UTC
[jspwiki] branch master updated: 2.11.0-M5-git-17: critical
sonarcloud fixes
This is an automated email from the ASF dual-hosted git repository.
brushed pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jspwiki.git
The following commit(s) were added to refs/heads/master by this push:
new 6fbd76f 2.11.0-M5-git-17: critical sonarcloud fixes
6fbd76f is described below
commit 6fbd76f2e9e2b1658bc79712511dbbd820a833b3
Author: brushed <di...@gmail.com>
AuthorDate: Sat Sep 7 19:53:04 2019 +0200
2.11.0-M5-git-17: critical sonarcloud fixes
---
ChangeLog | 6 ++
.../java/org/apache/wiki/ReferenceManager.java | 26 ++---
.../src/main/java/org/apache/wiki/Release.java | 2 +-
.../src/main/java/org/apache/wiki/WikiContext.java | 6 +-
.../src/main/java/org/apache/wiki/WikiSession.java | 31 +++---
.../apache/wiki/attachment/AttachmentServlet.java | 7 +-
.../org/apache/wiki/auth/user/XMLUserDatabase.java | 112 +++++++++++----------
.../org/apache/wiki/pages/DefaultPageManager.java | 2 +-
.../org/apache/wiki/ui/admin/beans/CoreBean.java | 4 +-
.../org/apache/wiki/ui/admin/beans/ModuleBean.java | 2 +-
.../wiki/auth/login/AnonymousLoginModuleTest.java | 6 +-
.../auth/login/CookieAssertionLoginModuleTest.java | 5 +-
.../auth/login/UserDatabaseLoginModuleTest.java | 5 +-
.../auth/login/WebContainerLoginModuleTest.java | 3 +
.../wiki/auth/permissions/GroupPermissionTest.java | 11 ++
.../wiki/auth/permissions/PagePermissionTest.java | 11 ++
16 files changed, 145 insertions(+), 94 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index bcd1948..9f10f2b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2019-07-09 Dirk Frederickx (brushed AT apache DOT org)
+
+ * 2.11.0-M5-git-17
+
+ * Few critical sonarcloud fixes; added clean parsing of "skin" parameter
+
2019-31-08 Dirk Frederickx (brushed AT apache DOT org)
* 2.11.0-M5-git-16
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/ReferenceManager.java b/jspwiki-main/src/main/java/org/apache/wiki/ReferenceManager.java
index c9f0105..0939371 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/ReferenceManager.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/ReferenceManager.java
@@ -14,7 +14,7 @@
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
- under the License.
+ under the License.
*/
package org.apache.wiki;
@@ -148,7 +148,7 @@ public class ReferenceManager
private Map<String,Set<String>> m_unmutableReferredBy;
/** The WikiEngine that owns this object. */
- private WikiEngine m_engine;
+ //private WikiEngine m_engine; //inherited from BasicPageFilter class
private boolean m_matchEnglishPlurals = false;
@@ -458,7 +458,7 @@ public class ReferenceManager
p.setHasMetadata();
}
}
-
+
return saved;
}
@@ -481,11 +481,11 @@ public class ReferenceManager
// Create a digest for the name
//
f = new File( f, hashName );
-
+
try( ObjectOutputStream out = new ObjectOutputStream( new BufferedOutputStream( new FileOutputStream( f ) ) ) ) {
Set< Map.Entry < String, Object > > entries = new HashSet<>( p.getAttributes().entrySet() ); // new Set to avoid concurrency issue
- if( entries.size() == 0 )
+ if( entries.size() == 0 )
{
// Nothing to serialize, therefore we will just simply remove the
// serialization file so that the next time we boot, we don't
@@ -516,12 +516,12 @@ public class ReferenceManager
log.debug("serialization for "+p.getName()+" done - took "+sw);
}
}
-
+
}
/**
* After the page has been saved, updates the reference lists.
- *
+ *
* @param context {@inheritDoc}
* @param content {@inheritDoc}
*/
@@ -689,7 +689,7 @@ public class ReferenceManager
/**
* Returns the refers-to list. For debugging.
- *
+ *
* @return The refers-to list.
*/
protected Map< String, Collection< String > > getRefersTo()
@@ -699,7 +699,7 @@ public class ReferenceManager
/**
* Returns the referred-by list. For debugging.
- *
+ *
* @return Referred-by lists.
*/
protected Map< String, Set< String > > getReferredBy()
@@ -865,7 +865,7 @@ public class ReferenceManager
/**
* Finds all unreferenced pages. This requires a linear scan through
* m_referredBy to locate keys with null or empty values.
- *
+ *
* @return The Collection of Strings
*/
public synchronized Collection< String > findUnreferenced()
@@ -875,7 +875,7 @@ public class ReferenceManager
for( String key : m_referredBy.keySet() )
{
Set<?> refs = getReferenceList( m_referredBy, key );
-
+
if( refs == null || refs.isEmpty() )
{
unref.add( key );
@@ -895,7 +895,7 @@ public class ReferenceManager
* Returns a Collection containing Strings of unreferenced page names.
* Each non-existant page name is shown only once - we don't return information
* on who referred to it.
- *
+ *
* @return A Collection of Strings
*/
public synchronized Collection< String > findUncreated()
@@ -928,7 +928,7 @@ public class ReferenceManager
* Searches for the given page in the given Map, and returns
* the set of references. This method also takes care of English plural
* matching.
- *
+ *
* @param coll The Map to search in
* @param pagename The name to find.
* @return The references list.
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/Release.java b/jspwiki-main/src/main/java/org/apache/wiki/Release.java
index 0c012d1..ee23a4a 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/Release.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/Release.java
@@ -72,7 +72,7 @@ public final class Release {
* <p>
* If the build identifier is empty, it is not added.
*/
- public static final String BUILD = "16";
+ public static final String BUILD = "17";
/**
* This is the generic version string you should use when printing out the version. It is of
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/WikiContext.java b/jspwiki-main/src/main/java/org/apache/wiki/WikiContext.java
index 503ac22..41a1fef 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/WikiContext.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/WikiContext.java
@@ -72,14 +72,14 @@ public class WikiContext implements Cloneable, Command {
private WikiPage m_realPage;
private WikiEngine m_engine;
private String m_template = "default";
-
+
private HashMap<String,Object> m_variableMap = new HashMap<>();
/** Stores the HttpServletRequest. May be null, if the request did not come from a servlet. */
protected HttpServletRequest m_request = null;
private WikiSession m_session = null;
-
+
/** User is administering JSPWiki (Install, SecurityConfig). */
public static final String INSTALL = WikiCommand.INSTALL.getRequestContext();
@@ -805,6 +805,8 @@ public class WikiContext implements Cloneable, Command {
if ( request != null )
{
template = request.getParameter( "skin" );
+
+ if( template != null ) template = template.replaceAll("\\p{Punct}", "");
}
// If request doesn't supply the value, extract from wiki page
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/WikiSession.java b/jspwiki-main/src/main/java/org/apache/wiki/WikiSession.java
index 98c977e..b75e911 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/WikiSession.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/WikiSession.java
@@ -14,7 +14,7 @@
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
- under the License.
+ under the License.
*/
package org.apache.wiki;
@@ -479,6 +479,7 @@ public final class WikiSession implements WikiEventListener
case WikiSecurityEvent.LOGIN_INITIATED:
{
// Do nothing
+ break;
}
case WikiSecurityEvent.PRINCIPAL_ADD:
{
@@ -496,12 +497,12 @@ public final class WikiSession implements WikiEventListener
if ( this.equals( target ) )
{
m_status = ANONYMOUS;
-
+
// Set the login/user principals and login status
Set<Principal> principals = m_subject.getPrincipals();
m_loginPrincipal = (Principal)e.getPrincipal();
m_userPrincipal = m_loginPrincipal;
-
+
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
@@ -516,12 +517,12 @@ public final class WikiSession implements WikiEventListener
if ( this.equals( target ) )
{
m_status = ASSERTED;
-
+
// Set the login/user principals and login status
Set<Principal> principals = m_subject.getPrincipals();
m_loginPrincipal = (Principal)e.getPrincipal();
m_userPrincipal = m_loginPrincipal;
-
+
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
@@ -536,18 +537,18 @@ public final class WikiSession implements WikiEventListener
if ( this.equals( target ) )
{
m_status = AUTHENTICATED;
-
+
// Set the login/user principals and login status
Set<Principal> principals = m_subject.getPrincipals();
m_loginPrincipal = (Principal)e.getPrincipal();
m_userPrincipal = m_loginPrincipal;
-
+
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
principals.add( Role.ALL );
principals.add( Role.AUTHENTICATED );
-
+
// Add the user and group principals
injectUserProfilePrincipals(); // Add principals for the user profile
injectGroupPrincipals(); // Inject group principals
@@ -577,16 +578,16 @@ public final class WikiSession implements WikiEventListener
{
throw new IllegalStateException( "User profile FullName cannot be null." );
}
-
+
Set<Principal> principals = m_subject.getPrincipals();
m_loginPrincipal = new WikiPrincipal( newProfile.getLoginName() );
-
+
// Add the login principal to the Subject, and set the built-in roles
principals.clear();
principals.add( m_loginPrincipal );
principals.add( Role.ALL );
principals.add( Role.AUTHENTICATED );
-
+
// Add the user and group principals
injectUserProfilePrincipals(); // Add principals for the user profile
injectGroupPrincipals(); // Inject group principals
@@ -635,7 +636,7 @@ public final class WikiSession implements WikiEventListener
{
// Flush the existing GroupPrincipals
m_subject.getPrincipals().removeAll( m_subject.getPrincipals(GroupPrincipal.class) );
-
+
// Get the GroupManager and test for each Group
GroupManager manager = m_engine.getGroupManager();
for ( Principal group : manager.getRoles() )
@@ -679,16 +680,16 @@ public final class WikiSession implements WikiEventListener
{
// Add the Principal to the Subject
m_subject.getPrincipals().add( principal );
-
+
// Set the user principal if needed; we prefer FullName, but the WikiName will also work
boolean isFullNamePrincipal = ( principal instanceof WikiPrincipal && ((WikiPrincipal)principal).getType() == WikiPrincipal.FULL_NAME );
if ( isFullNamePrincipal )
{
- m_userPrincipal = principal;
+ m_userPrincipal = principal;
}
else if ( !( m_userPrincipal instanceof WikiPrincipal ) )
{
- m_userPrincipal = principal;
+ m_userPrincipal = principal;
}
}
}
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/attachment/AttachmentServlet.java b/jspwiki-main/src/main/java/org/apache/wiki/attachment/AttachmentServlet.java
index 499e339..7c449d8 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/attachment/AttachmentServlet.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/attachment/AttachmentServlet.java
@@ -272,7 +272,12 @@ public class AttachmentServlet extends HttpServlet {
log.debug( "Attachment "+att.getFileName()+" sent to "+req.getRemoteUser()+" on "+HttpUtil.getRemoteAddress(req) );
}
if( nextPage != null ) {
- res.sendRedirect( validateNextPage( nextPage, m_engine.getURL( WikiContext.ERROR, "", null, false ) ) );
+ res.sendRedirect(
+ validateNextPage(
+ TextUtil.urlEncodeUTF8(nextPage),
+ m_engine.getURL( WikiContext.ERROR, "", null, false )
+ )
+ );
}
} else {
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/auth/user/XMLUserDatabase.java b/jspwiki-main/src/main/java/org/apache/wiki/auth/user/XMLUserDatabase.java
index 9afc1be..466587c 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/auth/user/XMLUserDatabase.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/auth/user/XMLUserDatabase.java
@@ -1,4 +1,4 @@
-/*
+/*
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
@@ -14,7 +14,7 @@
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
- under the License.
+ under the License.
*/
package org.apache.wiki.auth.user;
@@ -59,11 +59,11 @@ import java.util.TreeSet;
* element. For example:</p>
* <blockquote><code>
* <users><br/>
- * <user loginName="janne" fullName="Janne Jalkanen"<br/>
+ * <user loginName="janne" fullName="Janne Jalkanen"<br/>
* wikiName="JanneJalkanen" email="janne@ecyrd.com"<br/>
* password="{SHA}457b08e825da547c3b77fbc1ff906a1d00a7daee"/><br/>
* </users>
- * </code></blockquote>
+ * </code></blockquote>
* <p>In this example, the un-hashed password is <code>myP@5sw0rd</code>. Passwords are hashed without salt.</p>
* @since 2.3
*/
@@ -77,13 +77,13 @@ public class XMLUserDatabase extends AbstractUserDatabase {
* the user database.
*/
public static final String PROP_USERDATABASE = "jspwiki.xmlUserDatabaseFile";
-
+
private static final String DEFAULT_USERDATABASE = "userdatabase.xml";
private static final String ATTRIBUTES_TAG = "attributes";
-
+
private static final String CREATED = "created";
-
+
private static final String EMAIL = "email";
private static final String FULL_NAME = "fullName";
@@ -91,7 +91,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
private static final String LOGIN_NAME = "loginName";
private static final String LAST_MODIFIED = "lastModified";
-
+
private static final String LOCK_EXPIRY = "lockExpiry";
private static final String PASSWORD = "password";
@@ -121,7 +121,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
{
throw new WikiSecurityException( "FATAL: database does not exist" );
}
-
+
NodeList users = c_dom.getDocumentElement().getElementsByTagName( USER_TAG );
for( int i = 0; i < users.getLength(); i++ )
{
@@ -129,14 +129,14 @@ public class XMLUserDatabase extends AbstractUserDatabase {
if ( user.getAttribute( LOGIN_NAME ).equals( loginName ) )
{
c_dom.getDocumentElement().removeChild(user);
-
+
// Commit to disk
saveDOM();
return;
}
}
throw new NoSuchPrincipalException( "Not in database: " + loginName );
- }
+ }
/**
* Looks up and returns the first {@link UserProfile}in the user database
@@ -259,7 +259,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
}
return principals.toArray( new Principal[principals.size()] );
}
-
+
/**
* Initializes the user database based on values from a Properties object.
* The properties object must contain a file path to the XML database file
@@ -288,17 +288,17 @@ public class XMLUserDatabase extends AbstractUserDatabase {
log.warn( "XML user database property " + PROP_USERDATABASE + " not found; trying " + defaultFile );
c_file = defaultFile;
}
- else
+ else
{
c_file = new File( file );
}
log.info("XML user database at "+c_file.getAbsolutePath());
-
+
buildDOM();
sanitizeDOM();
}
-
+
private void buildDOM()
{
// Read DOM
@@ -346,7 +346,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
}
}
}
-
+
private void saveDOM() throws WikiSecurityException
{
if ( c_dom == null )
@@ -356,17 +356,19 @@ public class XMLUserDatabase extends AbstractUserDatabase {
File newFile = new File( c_file.getAbsolutePath() + ".new" );
try
- {
- BufferedWriter io = new BufferedWriter( new OutputStreamWriter (
+ (
+ BufferedWriter io = new BufferedWriter( new OutputStreamWriter (
new FileOutputStream( newFile ), "UTF-8" ) );
-
+ )
+ {
+
// Write the file header and document root
io.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
io.write("<users>\n");
-
+
// Write each profile as a <user> node
Element root = c_dom.getDocumentElement();
- NodeList nodes = root.getElementsByTagName( USER_TAG );
+ NodeList nodes = root.getElementsByTagName( USER_TAG );
for( int i = 0; i < nodes.getLength(); i++ )
{
Element user = (Element)nodes.item( i );
@@ -432,18 +434,18 @@ public class XMLUserDatabase extends AbstractUserDatabase {
log.error( "Could not save database: " + c_file + ". Check the file permissions" );
}
}
-
+
private long c_lastCheck = 0;
private long c_lastModified = 0;
-
+
private void checkForRefresh()
{
long time = System.currentTimeMillis();
-
+
if( time - c_lastCheck > 60*1000L )
{
long lastModified = c_file.lastModified();
-
+
if( lastModified > c_lastModified )
{
buildDOM();
@@ -462,12 +464,12 @@ public class XMLUserDatabase extends AbstractUserDatabase {
throw new IllegalStateException( "FATAL: database does not exist" );
}
checkForRefresh();
-
+
// Get the existing user; if not found, throws NoSuchPrincipalException
UserProfile profile = findByLoginName( loginName );
-
+
// Get user with the proposed name; if found, it's a collision
- try
+ try
{
UserProfile otherProfile = findByLoginName( newName );
if ( otherProfile != null )
@@ -479,7 +481,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
{
// Good! That means it's safe to save using the new name
}
-
+
// Find the user with the old login id attribute, and change it
NodeList users = c_dom.getElementsByTagName( USER_TAG );
for( int i = 0; i < users.getLength(); i++ )
@@ -496,11 +498,11 @@ public class XMLUserDatabase extends AbstractUserDatabase {
break;
}
}
-
+
// Commit to disk
saveDOM();
}
-
+
/**
* Saves a {@link UserProfile}to the user database, overwriting the
* existing profile if it exists. The user name under which the profile
@@ -516,9 +518,9 @@ public class XMLUserDatabase extends AbstractUserDatabase {
log.fatal( "Could not save profile " + profile + " database does not exist" );
throw new IllegalStateException( "FATAL: database does not exist" );
}
-
+
checkForRefresh();
-
+
DateFormat c_format = new SimpleDateFormat( DATE_FORMAT );
String index = profile.getLoginName();
NodeList users = c_dom.getElementsByTagName( USER_TAG );
@@ -532,9 +534,9 @@ public class XMLUserDatabase extends AbstractUserDatabase {
break;
}
}
-
+
boolean isNew = false;
-
+
Date modDate = new Date( System.currentTimeMillis() );
if( user == null )
{
@@ -555,7 +557,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
user.removeChild( attributes.item( i ) );
}
}
-
+
setAttribute( user, UID, profile.getUid() );
setAttribute( user, LAST_MODIFIED, c_format.format( modDate ) );
setAttribute( user, LOGIN_NAME, profile.getLoginName() );
@@ -575,7 +577,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
setAttribute( user, PASSWORD, getHash( newPassword ) );
}
}
-
+
// Save the attributes as as Base64 string
if ( profile.getAttributes().size() > 0 )
{
@@ -599,7 +601,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
profile.setCreated( modDate );
}
profile.setLastModified( modDate );
-
+
// Commit to disk
saveDOM();
}
@@ -618,11 +620,11 @@ public class XMLUserDatabase extends AbstractUserDatabase {
{
throw new IllegalStateException( "FATAL: database does not exist" );
}
-
+
checkForRefresh();
-
+
NodeList users = c_dom.getElementsByTagName( USER_TAG );
-
+
if( users == null ) return null;
// check if we have to do a case insensitive compare
@@ -644,7 +646,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
if ( userAttribute.equals( index ) )
{
UserProfile profile = newProfile();
-
+
// Parse basic attributes
profile.setUid( user.getAttribute( UID ) );
if ( profile.getUid() == null || profile.getUid().length() == 0 )
@@ -655,13 +657,13 @@ public class XMLUserDatabase extends AbstractUserDatabase {
profile.setFullname( user.getAttribute( FULL_NAME ) );
profile.setPassword( user.getAttribute( PASSWORD ) );
profile.setEmail( user.getAttribute( EMAIL ) );
-
+
// Get created/modified timestamps
String created = user.getAttribute( CREATED );
String modified = user.getAttribute( LAST_MODIFIED );
- profile.setCreated( parseDate( profile, created ) );
- profile.setLastModified( parseDate( profile, modified ) );
-
+ profile.setCreated( parseDate( profile, created ) );
+ profile.setLastModified( parseDate( profile, modified ) );
+
// Is the profile locked?
String lockExpiry = user.getAttribute( LOCK_EXPIRY );
if ( lockExpiry == null || lockExpiry.length() == 0 )
@@ -672,7 +674,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
{
profile.setLockExpiry( new Date( Long.parseLong( lockExpiry ) ) );
}
-
+
// Extract all of the user's attributes (should only be one attributes tag, but you never know!)
NodeList attributes = user.getElementsByTagName( ATTRIBUTES_TAG );
for ( int j = 0; j < attributes.getLength(); j++ )
@@ -722,7 +724,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
/**
* Tries to parse a date using the default format - then, for backwards
* compatibility reasons, tries the platform default.
- *
+ *
* @param profile
* @param date
* @return A parsed date, or null, if both parse attempts fail.
@@ -746,11 +748,11 @@ public class XMLUserDatabase extends AbstractUserDatabase {
+ "attribute for "
+ " profile '" + profile.getLoginName() + "'."
+ " It may have been tampered with." );
- }
+ }
}
return null;
}
-
+
/**
* After loading the DOM, this method sanity-checks the dates in the DOM and makes
* sure they are formatted properly. This is sort-of hacky, but it should work.
@@ -761,12 +763,12 @@ public class XMLUserDatabase extends AbstractUserDatabase {
{
throw new IllegalStateException( "FATAL: database does not exist" );
}
-
+
NodeList users = c_dom.getElementsByTagName( USER_TAG );
for( int i = 0; i < users.getLength(); i++ )
{
Element user = (Element) users.item( i );
-
+
// Sanitize UID (and generate a new one if one does not exist)
String uid = user.getAttribute( UID ).trim();
if ( uid == null || uid.length() == 0 || "-1".equals( uid ) )
@@ -774,7 +776,7 @@ public class XMLUserDatabase extends AbstractUserDatabase {
uid = String.valueOf( generateUid( this ) );
user.setAttribute( UID, uid );
}
-
+
// Sanitize dates
String loginName = user.getAttribute( LOGIN_NAME );
String created = user.getAttribute( CREATED );
@@ -800,11 +802,11 @@ public class XMLUserDatabase extends AbstractUserDatabase {
{
log.warn( "Could not parse 'created' or 'lastModified' attribute for profile '" + loginName + "'."
+ " It may have been tampered with." );
- }
+ }
}
}
}
-
+
/**
* Private method that sets an attribute value for a supplied DOM element.
* @param element the element whose attribute is to be set
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java b/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java
index 94d2e39..7a305f6 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/pages/DefaultPageManager.java
@@ -78,7 +78,7 @@ public class DefaultPageManager extends ModuleManager implements PageManager {
protected ConcurrentHashMap<String, PageLock> m_pageLocks = new ConcurrentHashMap<>();
- private WikiEngine m_engine;
+ //private WikiEngine m_engine; //inherited protected field from the ModuleManager
private int m_expiryTime = 60;
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/CoreBean.java b/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/CoreBean.java
index bb2d36a..a031506 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/CoreBean.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/CoreBean.java
@@ -14,7 +14,7 @@
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
- under the License.
+ under the License.
*/
package org.apache.wiki.ui.admin.beans;
@@ -33,7 +33,7 @@ public class CoreBean
{
private static final String[] ATTRIBUTES = { "pages", "version" };
private static final String[] METHODS = { };
- private WikiEngine m_engine;
+ //private WikiEngine m_engine; //inherited proteced filed from SimpleAdminBean
public CoreBean( WikiEngine engine ) throws NotCompliantMBeanException
{
diff --git a/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/ModuleBean.java b/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/ModuleBean.java
index 78d2711..f6340ad 100644
--- a/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/ModuleBean.java
+++ b/jspwiki-main/src/main/java/org/apache/wiki/ui/admin/beans/ModuleBean.java
@@ -33,7 +33,7 @@ import java.util.Collection;
public abstract class ModuleBean extends SimpleAdminBean {
- protected WikiEngine m_engine;
+ //protected WikiEngine m_engine; //inherited protected field from SimpleAdminBean
private static final String VER_WARNING = "<span class='warning'>This module is not compatible with this version of JSPWiki.</span>";
diff --git a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/AnonymousLoginModuleTest.java b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/AnonymousLoginModuleTest.java
index b19335f..01c137b 100644
--- a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/AnonymousLoginModuleTest.java
+++ b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/AnonymousLoginModuleTest.java
@@ -34,9 +34,11 @@ import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.authorize.Role;
import org.apache.wiki.auth.user.UserDatabase;
import org.apache.wiki.auth.user.XMLUserDatabase;
+import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
+
/**
*/
public class AnonymousLoginModuleTest
@@ -47,6 +49,7 @@ public class AnonymousLoginModuleTest
private TestEngine m_engine;
+ @Test
public final void testLogin()
{
HttpServletRequest request = m_engine.newHttpRequest();
@@ -71,6 +74,7 @@ public class AnonymousLoginModuleTest
}
}
+ @Test
public final void testLogout()
{
HttpServletRequest request = m_engine.newHttpRequest();
@@ -99,7 +103,7 @@ public class AnonymousLoginModuleTest
}
/**
- *
+ *
*/
@BeforeEach
public void setUp() throws Exception
diff --git a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/CookieAssertionLoginModuleTest.java b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/CookieAssertionLoginModuleTest.java
index d9cf043..a67e029 100644
--- a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/CookieAssertionLoginModuleTest.java
+++ b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/CookieAssertionLoginModuleTest.java
@@ -34,6 +34,7 @@ import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.authorize.Role;
import org.apache.wiki.auth.user.UserDatabase;
import org.apache.wiki.auth.user.XMLUserDatabase;
+import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
@@ -49,6 +50,7 @@ public class CookieAssertionLoginModuleTest
private TestEngine m_engine;
+ @Test
public final void testLogin()
{
MockHttpServletRequest request = m_engine.newHttpRequest();
@@ -81,6 +83,7 @@ public class CookieAssertionLoginModuleTest
}
}
+ @Test
public final void testLogout()
{
MockHttpServletRequest request = m_engine.newHttpRequest();
@@ -111,7 +114,7 @@ public class CookieAssertionLoginModuleTest
}
/**
- *
+ *
*/
@BeforeEach
public void setUp() throws Exception
diff --git a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/UserDatabaseLoginModuleTest.java b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/UserDatabaseLoginModuleTest.java
index 59fcfab..efafbb3 100644
--- a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/UserDatabaseLoginModuleTest.java
+++ b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/UserDatabaseLoginModuleTest.java
@@ -34,6 +34,7 @@ import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.authorize.Role;
import org.apache.wiki.auth.user.UserDatabase;
import org.apache.wiki.auth.user.XMLUserDatabase;
+import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
@@ -47,6 +48,7 @@ public class UserDatabaseLoginModuleTest
Subject m_subject;
+ @Test
public final void testLogin()
{
try
@@ -87,6 +89,7 @@ public class UserDatabaseLoginModuleTest
}
}
+ @Test
public final void testLogout()
{
try
@@ -114,7 +117,7 @@ public class UserDatabaseLoginModuleTest
}
/**
- *
+ *
*/
@BeforeEach
public void setUp() throws Exception
diff --git a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/WebContainerLoginModuleTest.java b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/WebContainerLoginModuleTest.java
index fc256e7..e3ace81 100644
--- a/jspwiki-main/src/test/java/org/apache/wiki/auth/login/WebContainerLoginModuleTest.java
+++ b/jspwiki-main/src/test/java/org/apache/wiki/auth/login/WebContainerLoginModuleTest.java
@@ -33,6 +33,7 @@ import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.authorize.Role;
import org.apache.wiki.auth.user.UserDatabase;
import org.apache.wiki.auth.user.XMLUserDatabase;
+import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
@@ -47,6 +48,7 @@ public class WebContainerLoginModuleTest
private TestEngine m_engine;
+ @Test
public final void testLogin()
{
Principal principal = new WikiPrincipal( "Andrew Jaquith" );
@@ -77,6 +79,7 @@ public class WebContainerLoginModuleTest
}
}
+ @Test
public final void testLogout()
{
Principal principal = new WikiPrincipal( "Andrew Jaquith" );
diff --git a/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/GroupPermissionTest.java b/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/GroupPermissionTest.java
index e1837be..cf8f0c0 100644
--- a/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/GroupPermissionTest.java
+++ b/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/GroupPermissionTest.java
@@ -26,6 +26,7 @@ import javax.security.auth.Subject;
import org.apache.wiki.auth.GroupPrincipal;
import org.apache.wiki.auth.WikiPrincipal;
+import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Assertions;
public class GroupPermissionTest
@@ -34,6 +35,7 @@ public class GroupPermissionTest
/*
* Class under test for boolean equals(java.lang.Object)
*/
+ @Test
public final void testEqualsObject()
{
GroupPermission p1 = new GroupPermission( "mywiki:Test", "view,edit,delete" );
@@ -45,6 +47,7 @@ public class GroupPermissionTest
Assertions.assertFalse( p3.equals( p4 ) );
}
+ @Test
public final void testCreateMask()
{
Assertions.assertEquals( 1, GroupPermission.createMask( "view" ) );
@@ -57,6 +60,7 @@ public class GroupPermissionTest
/*
* Class under test for java.lang.String toString()
*/
+ @Test
public final void testToString()
{
GroupPermission p;
@@ -71,6 +75,7 @@ public class GroupPermissionTest
/**
* Tests wiki name support.
*/
+ @Test
public final void testWikiNames()
{
GroupPermission p1;
@@ -95,6 +100,7 @@ public class GroupPermissionTest
Assertions.assertTrue( p1.implies( p2 ) );
}
+ @Test
public final void testImpliesMember()
{
GroupPermission p1;
@@ -134,6 +140,7 @@ public class GroupPermissionTest
/*
* Class under test for boolean implies(java.security.Permission)
*/
+ @Test
public final void testImpliesPermission()
{
GroupPermission p1;
@@ -258,6 +265,7 @@ public class GroupPermissionTest
Assertions.assertFalse( p2.implies( p1 ) );
}
+ @Test
public final void testImplies()
{
Assertions.assertTrue( GroupPermission.DELETE.implies( GroupPermission.EDIT ) );
@@ -265,6 +273,7 @@ public class GroupPermissionTest
Assertions.assertTrue( GroupPermission.EDIT.implies( GroupPermission.VIEW ) );
}
+ @Test
public final void testImpliedMask()
{
int result = ( GroupPermission.DELETE_MASK | GroupPermission.EDIT_MASK | GroupPermission.VIEW_MASK );
@@ -274,6 +283,7 @@ public class GroupPermissionTest
Assertions.assertEquals( result, GroupPermission.impliedMask( GroupPermission.EDIT_MASK ) );
}
+ @Test
public final void testGetName()
{
GroupPermission p;
@@ -287,6 +297,7 @@ public class GroupPermissionTest
/*
* Class under test for java.lang.String getActions()
*/
+ @Test
public final void testGetActions()
{
GroupPermission p = new GroupPermission( "Test", "VIEW,edit,delete" );
diff --git a/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/PagePermissionTest.java b/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/PagePermissionTest.java
index 4caf233..097d8f8 100644
--- a/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/PagePermissionTest.java
+++ b/jspwiki-main/src/test/java/org/apache/wiki/auth/permissions/PagePermissionTest.java
@@ -18,6 +18,7 @@
*/
package org.apache.wiki.auth.permissions;
+import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Assertions;
/**
@@ -28,6 +29,7 @@ public class PagePermissionTest
/*
* Class under test for boolean equals(java.lang.Object)
*/
+ @Test
public final void testEqualsObject()
{
PagePermission p1 = new PagePermission( "mywiki:Main", "view,edit,delete" );
@@ -39,6 +41,7 @@ public class PagePermissionTest
Assertions.assertFalse( p3.equals( p4 ) );
}
+ @Test
public final void testCreateMask()
{
Assertions.assertEquals( 1, PagePermission.createMask( "view" ) );
@@ -50,6 +53,7 @@ public class PagePermissionTest
/*
* Class under test for java.lang.String toString()
*/
+ @Test
public final void testToString()
{
PagePermission p;
@@ -62,6 +66,7 @@ public class PagePermissionTest
/**
* Tests wiki name support.
*/
+ @Test
public final void testWikiNames()
{
PagePermission p1;
@@ -87,6 +92,7 @@ public class PagePermissionTest
Assertions.assertFalse( p1.implies( p2 ) );
}
+ @Test
public final void testImpliesAttachments()
{
PagePermission p1;
@@ -102,6 +108,7 @@ public class PagePermissionTest
/*
* Class under test for boolean implies(java.security.Permission)
*/
+ @Test
public final void testImpliesPermission()
{
PagePermission p1;
@@ -288,6 +295,7 @@ public class PagePermissionTest
Assertions.assertFalse( p3.implies( p1 ) );
}
+ @Test
public final void testImplies()
{
Assertions.assertFalse(PagePermission.RENAME.implies( PagePermission.MODIFY ) );
@@ -315,6 +323,7 @@ public class PagePermissionTest
Assertions.assertTrue( PagePermission.COMMENT.implies( PagePermission.VIEW ) );
}
+ @Test
public final void testImpliedMask()
{
int result = ( PagePermission.DELETE_MASK | PagePermission.MODIFY_MASK | PagePermission.EDIT_MASK
@@ -339,6 +348,7 @@ public class PagePermissionTest
Assertions.assertEquals( result, PagePermission.impliedMask( PagePermission.UPLOAD_MASK ) );
}
+ @Test
public final void testGetName()
{
PagePermission p;
@@ -352,6 +362,7 @@ public class PagePermissionTest
/*
* Class under test for java.lang.String getActions()
*/
+ @Test
public final void testGetActions()
{
PagePermission p = new PagePermission( "Main", "VIEW,edit,delete" );