@Test @PrepareForTest({Encode.class}) public void testStartExecutionTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException { KettleLogStore.init(); HttpServletRequest mockHttpServletRequest = mock(HttpServletRequest.class); HttpServletResponse mockHttpServletResponse = mock(HttpServletResponse.class); Trans mockTrans = mock(Trans.class); TransMeta mockTransMeta = mock(TransMeta.class); LogChannelInterface mockChannelInterface = mock(LogChannelInterface.class); StringWriter out = new StringWriter(); PrintWriter printWriter = new PrintWriter(out); PowerMockito.spy(Encode.class); when(mockHttpServletRequest.getContextPath()) .thenReturn(StartExecutionTransServlet.CONTEXT_PATH); when(mockHttpServletRequest.getParameter(anyString())) .thenReturn(ServletTestUtils.BAD_STRING_TO_TEST); when(mockHttpServletResponse.getWriter()).thenReturn(printWriter); when(mockTransformationMap.getTransformation(any(CarteObjectEntry.class))) .thenReturn(mockTrans); when(mockTrans.getLogChannel()).thenReturn(mockChannelInterface); when(mockTrans.isReadyToStart()).thenReturn(true); when(mockTrans.getLogChannelId()).thenReturn("test"); when(mockTrans.getTransMeta()).thenReturn(mockTransMeta); when(mockTransMeta.getMaximum()).thenReturn(new Point(10, 10)); startExecutionTransServlet.doGet(mockHttpServletRequest, mockHttpServletResponse); assertFalse(ServletTestUtils.hasBadText(ServletTestUtils.getInsideOfTag("H1", out.toString()))); PowerMockito.verifyStatic(atLeastOnce()); Encode.forHtml(anyString()); }
private NodeAttrEntity(final NodeDetail node, URI uri, String lang) { this.componentId = node.getNodePK().getInstanceId(); this.id = node.getNodePK().getId(); this.uri = uri; if (node.getNbObjects() != -1) { this.nbItems = String.valueOf(node.getNbObjects()); } this.status = node.getStatus(); this.role = node.getUserRole(); this.creatorId = node.getCreatorId(); this.description = Encode.forHtml(node.getDescription(lang)); UserDetail user = UserDetail.getById(node.getCreatorId()); if (user != null) { this.creator = UserProfileEntity.fromUser(user); } try { this.creationDate = DateUtil.parse(node.getCreationDate()); } catch (ParseException e) { } }
@Test @PrepareForTest({Encode.class}) public void testStartExecutionTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException { HttpServletRequest mockHttpServletRequest = mock(HttpServletRequest.class); HttpServletResponse mockHttpServletResponse = mock(HttpServletResponse.class); StringWriter out = new StringWriter(); PrintWriter printWriter = new PrintWriter(out); PowerMockito.spy(Encode.class); when(mockHttpServletRequest.getContextPath()) .thenReturn(StartExecutionTransServlet.CONTEXT_PATH); when(mockHttpServletRequest.getParameter(anyString())) .thenReturn(ServletTestUtils.BAD_STRING_TO_TEST); when(mockHttpServletResponse.getWriter()).thenReturn(printWriter); startExecutionTransServlet.doGet(mockHttpServletRequest, mockHttpServletResponse); assertFalse(ServletTestUtils.hasBadText(ServletTestUtils.getInsideOfTag("H1", out.toString()))); PowerMockito.verifyStatic(atLeastOnce()); Encode.forHtml(anyString()); }
private String printBreadCrumb() { StringBuilder result = new StringBuilder(); String information = getExtraInformation(); String path = getPath(); // print javascript to go to spaces in displayed path result.append(printScript()); if (!StringUtil.isDefined(getSpaceJavascriptCallback())) { setSpaceJavascriptCallback("goSpace"); } result.append("<div id=\"breadCrumb\">"); boolean emptyBreadCrumb = true; // Display spaces path from root to component String language = (getMainSessionController() == null) ? "" : getMainSessionController().getFavoriteLanguage(); if (StringUtil.isDefined(getComponentId()) || StringUtil.isDefined(getSpaceId())) { List<SpaceInst> spaces; OrganizationController organizationController = OrganizationControllerProvider.getOrganisationController(); if (StringUtil.isDefined(getComponentId())) { spaces = organizationController.getSpacePathToComponent(getComponentId()); } else { spaces = organizationController.getSpacePath(getSpaceId()); } boolean firstSpace = true; for (SpaceInst spaceInst : spaces) { String spaceId = spaceInst.getId(); if (!spaceId.startsWith("WA")) { spaceId = "WA" + spaceId; } String href = "javascript:" + getSpaceJavascriptCallback() + "('" + spaceId + "')"; if (!isClickable()) { href = "#"; } if (!firstSpace) { result.append(CONNECTOR); } result.append("<a href=\"").append(href).append("\""); result.append(" class=\"space\""); result.append(" id=\"space").append(spaceId).append("\""); result.append(">"); result.append(Encode.forHtml(spaceInst.getName(language))); result.append("</a>"); firstSpace = false; emptyBreadCrumb = false; } if (StringUtil.isDefined(getComponentId())) { // Display component's label ComponentInstLight componentInstLight = organizationController.getComponentInstLight(getComponentId()); if (componentInstLight != null) { result.append(CONNECTOR); result.append("<a href=\""); if (!isClickable()) { result.append("#"); } else if (StringUtil.isDefined(getComponentJavascriptCallback())) { result .append("javascript:") .append(getComponentJavascriptCallback()) .append("('") .append(getComponentId()) .append("')"); } else { result .append(URLUtil.getApplicationURL()) .append(URLUtil.getURL(getSpaceId(), getComponentId())); if (ignoreComponentLink()) { result.append("Main"); } else { result.append(getComponentLink()); } } result.append("\""); result.append(" class=\"component\""); result.append(" id=\"bc_").append(componentInstLight.getId()).append("\""); result.append(">"); result.append(Encode.forHtml(componentInstLight.getLabel(language))); result.append("</a>"); emptyBreadCrumb = false; } } } else { if (getDomainName() != null) { result.append(getDomainName()); emptyBreadCrumb = false; } if (getComponentName() != null) { if (getDomainName() != null) { result.append(CONNECTOR); } if (getComponentLink() != null) { result .append("<a href=\"") .append(getComponentLink()) .append("\">") .append(getComponentName()) .append("</a>"); } else { result.append(getComponentName()); } emptyBreadCrumb = false; } } // Display path List<BrowseBarElement> elements = getElements(); if (!elements.isEmpty()) { for (BrowseBarElement element : elements) { if (!emptyBreadCrumb) { result.append(CONNECTOR); } result.append("<a href=\"").append(element.getLink()).append("\""); result.append(" class=\"element\""); if (StringUtil.isDefined(element.getId())) { result.append(" id=\"").append(element.getId()).append("\""); } result.append(">"); result.append(EncodeHelper.javaStringToHtmlString(element.getLabel())); result.append("</a>"); emptyBreadCrumb = false; } } else if (StringUtil.isDefined(path)) { if (!emptyBreadCrumb) { result.append(CONNECTOR); } result.append("<span class=\"path\">"); result.append(path); result.append("</span>"); } // Display extra information if (StringUtil.isDefined(information)) { if (!emptyBreadCrumb) { result.append(CONNECTOR); } result.append("<span class=\"information\">"); result.append(information); result.append("</span>"); } result.append("</div>"); return result.toString(); }
/** * <div id="mindtouch"> * * <h1>/kettle/prepareExec</h1> * * <a name="GET"></a> * * <h2>GET</h2> * * <p>Prepares previously loaded transformation for execution. Method is used for preparing * previously uploaded transformation for execution by its name. * * <p><b>Example Request:</b><br> * * <pre function="syntax.xml"> * GET /kettle/prepareExec/?name=dummy-trans2&xml=Y * </pre> * * <h3>Parameters</h3> * * <table class="pentaho-table"> * <tbody> * <tr> * <th>name</th> * <th>description</th> * <th>type</th> * </tr> * <tr> * <td>name</td> * <td>Name of the transformation to be prepared for execution.</td> * <td>query</td> * </tr> * <tr> * <td>xml</td> * <td>Boolean flag which sets the output format required. Use <code>Y</code> to receive XML response.</td> * <td>boolean</td> * </tr> * <tr> * <td>id</td> * <td>Carte transformation ID of the transformation to be prepared for execution.</td> * <td>query, optional</td> * </tr> * </tbody> * </table> * * <h3>Response Body</h3> * * <table class="pentaho-table"> * <tbody> * <tr> * <td align="right">text:</td> * <td>HTML</td> * </tr> * <tr> * <td align="right">media types:</td> * <td>text/xml, text/html</td> * </tr> * </tbody> * </table> * * <p>Response XML or HTML containing operation result. When using xml=Y <code>result</code> field * indicates whether operation was successful (<code>OK</code>) or not (<code>ERROR</code>). * * <p><b>Example Response:</b> * * <pre function="syntax.xml"> * <?xml version="1.0" encoding="UTF-8"?> * <webresult> * <result>OK</result> * <message/> * <id/> * </webresult> * </pre> * * <h3>Status Codes</h3> * * <table class="pentaho-table"> * <tbody> * <tr> * <th>code</th> * <th>description</th> * </tr> * <tr> * <td>200</td> * <td>Request was processed.</td> * </tr> * <tr> * <td>500</td> * <td>Internal server error occurs during request processing.</td> * </tr> * </tbody> * </table> * * </div> */ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if (isJettyMode() && !request.getContextPath().startsWith(CONTEXT_PATH)) { return; } if (log.isDebug()) { logDebug( BaseMessages.getString( PKG, "PrepareExecutionTransServlet.TransPrepareExecutionRequested")); } String transName = request.getParameter("name"); String id = request.getParameter("id"); boolean useXML = "Y".equalsIgnoreCase(request.getParameter("xml")); response.setStatus(HttpServletResponse.SC_OK); PrintWriter out = response.getWriter(); if (useXML) { response.setContentType("text/xml"); out.print(XMLHandler.getXMLHeader(Const.XML_ENCODING)); } else { response.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); out.println("<HTML>"); out.println("<HEAD>"); out.println( "<TITLE>" + BaseMessages.getString(PKG, "PrepareExecutionTransServlet.TransPrepareExecution") + "</TITLE>"); out.println( "<META http-equiv=\"Refresh\" content=\"2;url=" + convertContextPath(GetTransStatusServlet.CONTEXT_PATH) + "?name=" + URLEncoder.encode(transName, "UTF-8") + "\">"); out.println("<META http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">"); out.println("</HEAD>"); out.println("<BODY>"); } try { // ID is optional... // Trans trans; CarteObjectEntry entry; if (Utils.isEmpty(id)) { // get the first transformation that matches... // entry = getTransformationMap().getFirstCarteObjectEntry(transName); if (entry == null) { trans = null; } else { id = entry.getId(); trans = getTransformationMap().getTransformation(entry); } } else { // Take the ID into account! // entry = new CarteObjectEntry(transName, id); trans = getTransformationMap().getTransformation(entry); } TransConfiguration transConfiguration = getTransformationMap().getConfiguration(entry); if (trans != null && transConfiguration != null) { TransExecutionConfiguration executionConfiguration = transConfiguration.getTransExecutionConfiguration(); // Set the appropriate logging, variables, arguments, replay date, ... // etc. trans.setArguments(executionConfiguration.getArgumentStrings()); trans.setReplayDate(executionConfiguration.getReplayDate()); trans.setSafeModeEnabled(executionConfiguration.isSafeModeEnabled()); trans.setGatheringMetrics(executionConfiguration.isGatheringMetrics()); trans.injectVariables(executionConfiguration.getVariables()); trans.setPreviousResult(executionConfiguration.getPreviousResult()); try { trans.prepareExecution(null); if (useXML) { out.println(WebResult.OK.getXML()); } else { out.println( "<H1>" + Encode.forHtml( BaseMessages.getString( PKG, "PrepareExecutionTransServlet.TransPrepared", transName)) + "</H1>"); out.println( "<a href=\"" + convertContextPath(GetTransStatusServlet.CONTEXT_PATH) + "?name=" + URLEncoder.encode(transName, "UTF-8") + "&id=" + URLEncoder.encode(id, "UTF-8") + "\">" + BaseMessages.getString(PKG, "TransStatusServlet.BackToTransStatusPage") + "</a><p>"); } } catch (Exception e) { String logText = KettleLogStore.getAppender() .getBuffer(trans.getLogChannel().getLogChannelId(), true) .toString(); if (useXML) { out.println( new WebResult( WebResult.STRING_ERROR, BaseMessages.getString( PKG, "PrepareExecutionTransServlet.Error.TransInitFailed", Const.CR + logText + Const.CR + Const.getStackTracker(e)))); } else { out.println( "<H1>" + Encode.forHtml( BaseMessages.getString( PKG, "PrepareExecutionTransServlet.Log.TransNotInit", transName)) + "</H1>"); out.println("<pre>"); out.println(Encode.forHtml(logText)); out.println(Encode.forHtml(Const.getStackTracker(e))); out.println("</pre>"); out.println( "<a href=\"" + convertContextPath(GetTransStatusServlet.CONTEXT_PATH) + "?name=" + URLEncoder.encode(transName, "UTF-8") + "&id=" + id + "\">" + BaseMessages.getString(PKG, "TransStatusServlet.BackToTransStatusPage") + "</a><p>"); } } } else { if (useXML) { out.println( new WebResult( WebResult.STRING_ERROR, BaseMessages.getString( PKG, "TransStatusServlet.Log.CoundNotFindSpecTrans", transName))); } else { out.println( "<H1>" + Encode.forHtml( BaseMessages.getString( PKG, "TransStatusServlet.Log.CoundNotFindTrans", transName)) + "</H1>"); out.println( "<a href=\"" + convertContextPath(GetStatusServlet.CONTEXT_PATH) + "\">" + BaseMessages.getString(PKG, "TransStatusServlet.BackToStatusPage") + "</a><p>"); } } } catch (Exception ex) { if (useXML) { out.println( new WebResult( WebResult.STRING_ERROR, BaseMessages.getString( PKG, "PrepareExecutionTransServlet.Error.UnexpectedError", Const.CR + Const.getStackTracker(ex)))); } else { out.println("<p>"); out.println("<pre>"); out.println(Encode.forHtml(Const.getStackTracker(ex))); out.println("</pre>"); } } if (!useXML) { out.println("<p>"); out.println("</BODY>"); out.println("</HTML>"); } }
@Override public void setStringValue(String value) { this.value = Encode.forHtml(value); }
private String buildNotificationGroupsHtml() { StringBuilder html = new StringBuilder(); StatsAggHtmlFramework statsAggHtmlFramework = new StatsAggHtmlFramework(); String htmlHeader = statsAggHtmlFramework.createHtmlHeader("StatsAgg - " + PAGE_NAME, ""); StringBuilder htmlBodyStringBuilder = new StringBuilder(); htmlBodyStringBuilder.append( "<div id=\"page-content-wrapper\">\n" + "<!-- Keep all page content within the page-content inset div! -->\n" + "<div class=\"page-content inset statsagg_page_content_font\">\n" + " <div class=\"content-header\"> \n" + " <div class=\"pull-left content-header-h2-min-width-statsagg\"> <h2> " + PAGE_NAME + " </h2> </div>\n" + " <div class=\"pull-right \">\n" + " <a href=\"CreateNotificationGroup\" class=\"btn btn-primary statsagg_page_content_font\">Create New Notification Group <i class=\"fa fa-long-arrow-right\"></i></a> \n" + " </div>" + " </div>" + " <table id=\"NotificationGroupsTable\" style=\"display:none\" class=\"table table-bordered table-hover \">\n" + " <thead>\n" + " <tr>\n" + " <th>Notification Group Name</th>\n" + " <th>Email addresses</th>\n" + " <th>Operations</th>\n" + " </tr>\n" + " </thead>\n" + " <tbody>\n"); AlertsDao alertsDao = new AlertsDao(); Set<Integer> notificationGroupIdsAssociatedWithAlerts = alertsDao.getAllDistinctNotificationGroupIds(); NotificationGroupsDao notificationGroupsDao = new NotificationGroupsDao(); List<NotificationGroup> notificationGroups = notificationGroupsDao.getAllDatabaseObjectsInTable(); for (NotificationGroup notificationGroup : notificationGroups) { String notificationGroupDetails = "<a href=\"NotificationGroupDetails?Name=" + StatsAggHtmlFramework.urlEncode(notificationGroup.getName()) + "\">" + StatsAggHtmlFramework.htmlEncode(notificationGroup.getName()) + "</a>"; StringBuilder emailAddressesOutput = new StringBuilder(); String[] emailAddresses = StringUtils.split(notificationGroup.getEmailAddresses(), ","); if ((emailAddresses != null) && (emailAddresses.length != 0)) { for (int i = 0; i < emailAddresses.length; i++) { String trimmedEmailAddress = emailAddresses[i].trim(); emailAddressesOutput.append(trimmedEmailAddress); if ((i + 1) != emailAddresses.length) emailAddressesOutput.append(", "); } } String alter = "<a href=\"CreateNotificationGroup?Operation=Alter&Name=" + StatsAggHtmlFramework.urlEncode(notificationGroup.getName()) + "\">alter</a>"; List<KeyValue> cloneKeysAndValues = new ArrayList<>(); cloneKeysAndValues.add(new KeyValue("Operation", "Clone")); cloneKeysAndValues.add( new KeyValue("Name", Encode.forHtmlAttribute(notificationGroup.getName()))); String clone = StatsAggHtmlFramework.buildJavaScriptPostLink( "Clone_" + notificationGroup.getName(), "NotificationGroups", "clone", cloneKeysAndValues); List<KeyValue> testKeysAndValues = new ArrayList<>(); testKeysAndValues.add(new KeyValue("Operation", "Test")); testKeysAndValues.add( new KeyValue("Name", Encode.forHtmlAttribute(notificationGroup.getName()))); String test = StatsAggHtmlFramework.buildJavaScriptPostLink( "Test_" + notificationGroup.getName(), "NotificationGroups", "test", testKeysAndValues, true, "Are you sure you want to send a test email alert to \\'" + Encode.forJavaScript(notificationGroup.getName()) + "\\'?"); List<KeyValue> removeKeysAndValues = new ArrayList<>(); removeKeysAndValues.add(new KeyValue("Operation", "Remove")); removeKeysAndValues.add( new KeyValue("Name", Encode.forHtmlAttribute(notificationGroup.getName()))); String remove = StatsAggHtmlFramework.buildJavaScriptPostLink( "Remove_" + notificationGroup.getName(), "NotificationGroups", "remove", removeKeysAndValues, true, "Are you sure you want to remove this notification group?"); htmlBodyStringBuilder .append("<tr>\n") .append("<td class=\"statsagg_force_word_break\">") .append(notificationGroupDetails) .append("</td>\n") .append("<td class=\"statsagg_force_word_break\">") .append(StatsAggHtmlFramework.htmlEncode(emailAddressesOutput.toString())) .append("</td>\n") .append("<td>") .append(alter) .append(", ") .append(clone) .append(", ") .append(test); if (notificationGroupIdsAssociatedWithAlerts == null) htmlBodyStringBuilder.append(", ").append(remove); else if (!notificationGroupIdsAssociatedWithAlerts.contains(notificationGroup.getId())) htmlBodyStringBuilder.append(", ").append(remove); htmlBodyStringBuilder.append("</td>\n").append("</tr>\n"); } htmlBodyStringBuilder.append( "" + "</tbody>\n" + "<tfoot> \n" + " <tr>\n" + " <th></th>\n" + " <th></th>\n" + " <th></th>\n" + " </tr>\n" + "</tfoot>" + "</table>\n" + "</div>\n" + "</div>\n"); String htmlBody = (statsAggHtmlFramework.createHtmlBody(htmlBodyStringBuilder.toString())); html.append("" + "<!DOCTYPE html>\n" + "<html>\n") .append(htmlHeader) .append(htmlBody) .append("</html>"); return html.toString(); }
public OWSException(int httpCode, String exceptionCode, String locator, String exceptionText) { this.httpCode = httpCode; this.exceptionCode = Encode.forXml(exceptionCode); this.locator = Encode.forXml(locator); this.exceptionText = Encode.forXml(exceptionText); }