public ConfigurePortalPages(
final PortalPageService portalPageService,
final JiraAuthenticationContext authenticationContext,
final EmailFormatter emailFormatter,
final GroupPermissionChecker groupPermissionChecker,
final FavouritesService favouritesService,
final PermissionManager permissionManager,
final ShareTypeFactory shareTypeFactory,
final UserFormatManager userFormatManager,
final WebResourceManager webResourceManager,
final UserHistoryManager userHistoryManager) {
this.portalPageService = portalPageService;
this.authenticationContext = authenticationContext;
this.emailFormatter = emailFormatter;
this.groupPermissionChecker = groupPermissionChecker;
this.favouritesService = favouritesService;
this.permissionManager = permissionManager;
this.shareTypeFactory = shareTypeFactory;
this.userFormatManager = userFormatManager;
this.webResourceManager = webResourceManager;
this.portalPageRetriever =
new PortalPageRetriever(portalPageService, userHistoryManager, authenticationContext);
this.portalPageViewHelper =
new PortalPageViewHelper(
this.shareTypeFactory,
this.authenticationContext,
ActionContext.getRequest().getContextPath(),
"ConfigurePortalPages!default.jspa",
portalPageService);
}
/**
* Starts the workflow specified in the request parameter "workflowName" with the initial action
* identified by the request parameter "actionId" and redirects to the view page for the desired
* initial action. If no actionId is passed in the request, we assume that the ID of the initial
* action is zero.
*
* @return Action.NONE if the desired initial action has a view, otherwise the effect is the same
* as calling doExecute()
* @throws SystemException
* @see #doExecute
*/
public String doStartWorkflow() throws SystemException {
workflow =
controller.initializeWorkflow(
getInfoGluePrincipal(),
getWorkflowName(),
actionId,
WorkflowController.createWorkflowParameters(ActionContext.getRequest()));
return redirectToView();
}
@Override
public String render(Long id, String name) {
return "<a href=\""
+ ActionContext.getRequest().getContextPath()
+ "/secure/Dashboard.jspa?selectPageId="
+ id
+ "\">"
+ TextUtils.htmlEncode(name)
+ "</a>";
}
@Override
public String execute() throws Exception {
HttpServletRequest req = ActionContext.getRequest();
String productId = req.getParameter("productId");
String parentId = req.getParameter("parentID");
String pkey = req.getParameter("projectKey");
Product product;
if (!StringUtils.isEmpty(req.getParameter("name"))
&& !StringUtils.isEmpty(req.getParameter("version"))
&& !StringUtils.isEmpty(req.getParameter("description"))) {
// edit
if (Integer.parseInt(productId) > 0) {
product = productService.getProductById(Integer.parseInt(productId));
product.setName(req.getParameter("name"));
product.setVersion(req.getParameter("version"));
product.setDescription(req.getParameter("description"));
product.save();
// create a leaf/branch node
} else if (Integer.parseInt(productId) == 0 && !StringUtils.isEmpty(parentId)) {
productService.add(
req.getParameter("name"),
req.getParameter("version"),
req.getParameter("description"),
Integer.parseInt(parentId));
}
} else {
// remove case
productService.delete(Integer.parseInt(productId));
}
return getRedirect(
"/browse/"
+ pkey
+ "/?selectedTab=com.transcendmanagement.jira.plugin.jira-project-templates-plugin:my.project.product.tabpanel",
true);
}
public String getDashboardHtml() {
final DashboardState state =
dashboardService.get(DashboardId.valueOf(defaultPortalPageId.toString()), getUsername());
final GadgetRequestContext requestContext =
gadgetRequestContextFactory.get(ActionContext.getRequest());
final ViewComponent view =
dashboardTabViewFactory.createDashboardView(
Collections.<DashboardTab>emptyList(),
state,
getUsername(),
DashboardUtil.getMaxGadgets(applicationProperties),
requestContext);
final StringWriter out = new StringWriter();
try {
view.writeTo(out);
return out.toString();
} catch (IOException e) {
throw new RuntimeException(e);
}
}
private void afterExecutionImpl(final String sqlString) {
if (JiraSystemProperties.getInstance().isXsrfDiagnostics()) {
final String requestURL = MDC.get("jira.request.url");
if (isMutatingSQL(sqlString)) {
HttpServletRequest request = ActionContext.getRequest();
if (request != null
&& request.getAttribute(XSRF_VULNERABILITY_DETECTION_SQLINTERCEPTOR_DONE) == null) {
// setting this into the request will make things a lot faster
request.setAttribute(XSRF_VULNERABILITY_DETECTION_SQLINTERCEPTOR_DONE, "true");
CallStack callStack = new CallStack();
if (callStack.hasMethodsWeAreInterestedIn() && !callStack.isProtectedAction()) {
log.error("XSRF VULNERABILITY DETECTED");
log.error("requestURL: " + requestURL);
log.error("sql: " + sqlString);
log.error("CallStack:", callStack);
}
}
}
}
}
/**
* Invokes an action in a workflow based on the values of the actionId and workflowId request
* parameters and redirects to the action's view if one has been defined. If there is no action
* view, the user will be taken to ViewMyDesktopToolStartPage.action, i.e., the effect is the same
* as calling doExecute(). <b>NOTE:</b> Assumes there will be one current action with a view; we
* iterate over the available actions until we find one with a view, then redirect to that view.
* If there are other actions with different views, they will be ignored.
*
* @return NONE if there is an available action with a view and we redirect to the action's view
* page, otherwise performs the same operations as doExecute().
* @throws SystemException if an error occurs invoking the action or URL-encoding the action view
* @see #doExecute
*/
public String doInvoke() throws SystemException {
logger.info("****************************************");
logger.info("workflowId:" + getWorkflowId());
logger.info("actionId:" + actionId);
logger.info("****************************************");
try {
if (this.finalReturnAddress != null && !this.finalReturnAddress.equals("")) {
logger.info("Final return address get's set to " + this.finalReturnAddress);
controller
.getPropertySet(getInfoGluePrincipal(), getWorkflowId())
.setString("finalReturnAddress", this.finalReturnAddress);
} else {
String finalReturnAddressCandidate =
controller
.getPropertySet(getInfoGluePrincipal(), getWorkflowId())
.getString("finalReturnAddress");
logger.info("finalReturnAddressCandidate " + finalReturnAddressCandidate);
if (finalReturnAddressCandidate != null && !finalReturnAddressCandidate.equals("")) {
this.finalReturnAddress = finalReturnAddressCandidate;
logger.info(
"Setting Final return address get's set to "
+ this.finalReturnAddress
+ " from properties..");
}
}
workflow =
controller.invokeAction(
getInfoGluePrincipal(),
getWorkflowId(),
actionId,
WorkflowController.createWorkflowParameters(ActionContext.getRequest()));
return redirectToView();
} catch (InvalidActionException e) {
logger.error("An error occurred when invoking an action:" + e.getMessage(), e);
return INVALID_ACTION;
} catch (WorkflowException e) {
throw new SystemException(e);
}
}
// JRADEV-2637 Make sure the Delete Dashboard gets redirected to /secure/Dashboard.jspa
public String getTargetUrl() {
return ActionContext.getRequest().getContextPath() + "/secure/Dashboard.jspa";
}
