Modifications pour le document Sections des configurations personnalisables

Modifié par Florent Charton le 2025/08/19 15:15

Gérer
- Copier
Actions
- Exporter
- Aperçu avant impression
Affichage

Depuis la version 4.1

modifié par Florent Charton
sur 2025/08/19 15:15

Commentaire de modification : Install extension [org.xwiki.platform:xwiki-platform-administration-ui/17.4.3]

À la version 1.1

modifié par superadmin
sur 2022/06/20 08:48

Commentaire de modification : Install extension [org.xwiki.platform:xwiki-platform-administration-ui/13.10.6]

Source
Rendu

Résumé

Propriétés de la Page (3 modifications, 0 ajouts, 0 suppressions)

Détails

Propriétés de la Page

Auteur du document

@@ -1,1 +1,1 @@
--xwiki:XWiki.fcharton
++XWiki.superadmin

Syntaxe

@@ -1,1 +1,1 @@
--XWiki 2.1
++XWiki 2.0

Contenu

@@ -69,8 +69,7 @@
    #foreach($appName in $outputList)
      ##
      ## Make sure the current user has permission to edit the configurable application.
--    ## Unless we are in the page administration which is never about modifying the application configuration page
--    #set($userHasAccessToDocument = $level == '.page' || $xcontext.hasAccessLevel('edit', $appName))
++    #set($userHasAccessToDocument = $xcontext.hasAccessLevel('edit', $appName))
      ##
      ## If the document was not last saved by a user with edit privilege on this page
      ## then we can't safely display the page but we should warn the viewer.
@@ -124,9 +124,6 @@
              {{warning}}{{translation key="xe.admin.configurable.cannotLockNoJavascript"/}}{{/warning}}
            </noscript>
--        {{/html}}
--
--        {{html clean=false}}
            <script>
              document.observe("xwiki:dom:loaded", function() {
                XWiki.DocumentLock && new XWiki.DocumentLock('$escapetool.javascript($app.prefixedFullName)').lock();
@@ -150,8 +150,7 @@
          ## Internal error, not translated.
          #showHeading($appName, $headingShowing)
--        {{error}}Internal error: All objects were filtered out for application:
--        $services.rendering.escape($appName, 'xwiki/2.1').{{/error}}
++        {{error}}Internal error: All objects were filtered out for application: $appName.{{/error}}
        #else
          #set($formAction = $xwiki.getURL($app.getFullName(), 'save'))
@@ -158,23 +158,26 @@
          #set($formId = "${section.toLowerCase()}_${app.getFullName()}")
          #set($escapedAppName = $escapetool.xml($app.getFullName()))
          #foreach($configurableObj in $configurableObjs)
--          #set ($heading = $app.getValue('heading', $configurableObj))
--          #set ($codeToExecute = "$!app.getValue('codeToExecute', $configurableObj)")
--          ## If linkPrefix is set, then we will make each property label a link which starts with that prefix.
--          #set ($linkPrefix = "$!app.getValue('linkPrefix', $configurableObj)")
--          #if (!$app.restricted)
--            #set ($evaluatedConfigurableObj = $configurableObj.evaluate())
--            #set ($heading = $evaluatedConfigurableObj.heading)
--            #set ($linkPrefix = $evaluatedConfigurableObj.linkPrefix)
++          ## Execute the content code if any
++          ## FIXME: we have to do that before the title before of the dropPermissions
++          #set($codeToExecute = "$!app.getValue('codeToExecute', $configurableObj)")
++          #if($codeToExecute != '')
++            #set($codeToExecuteResult = $configurableObj.display('codeToExecute', 'view', false))
            #end
            ## Display the header if one exists.
++          #set($heading = $app.getValue('heading', $configurableObj))
            #if($heading && $heading != '')
--            == $services.rendering.escape($heading, 'xwiki/2.1') ==
++            ## This application should not run with programming rights because it evaluates code which may not be trustworthy.
++            ## Removing the next line will open a security hole.
++            ## Can't use $configurableObj.display('heading', 'view', false) to have proper heading id (because of the html macro)
++            ## FIXME: find a cleaner solution
++            #set($void = $doc.dropPermissions())
++            == #evaluate($heading) ==
            #end
            ## Display code to execute
--          #if ($codeToExecute != '')
++          #if($codeToExecute != '')
              (%class="codeToExecute"%)(((##
--              $configurableObj.display('codeToExecute', 'view', false)
++              $codeToExecuteResult
              )))
            #end
            ##
@@ -184,6 +184,9 @@
              #set($propertiesToShow = [])
            #end
            ##
++          ## If linkPrefix is set, then we will make each property label a link which starts with that prefix.
++          #set($linkPrefix = "$!app.getValue('linkPrefix', $configurableObj)")
++          ##
            ## If the Configurable object specifies a configuration class, use it,
            ## otherwise assume custom forms are used instead.
            #set($configClassName = "$!app.getValue('configurationClass', $configurableObj)")
@@ -202,12 +202,7 @@
                  #showHeading($appName, $headingShowing)
                  {{error}}
--                  #set($escapedObjClassName =
--                    $services.rendering.escape($escapetool.java($objClass.getName()), 'xwiki/2.1'))
--                  #set($translationEscapedAppName =
--                    $services.rendering.escape($escapetool.java($app.getFullName()), 'xwiki/2.1'))
--                  {{translation key="xe.admin.configurable.noObjectOfConfigurationClassFound"
--                    parameters="~"$escapedObjClassName~", ~"$translationEscapedAppName~""/}}
++                  {{translation key="xe.admin.configurable.noObjectOfConfigurationClassFound" parameters="$objClass.getName(), $app.getFullName()"/}}
                  {{/error}}
                #else
@@ -358,7 +358,7 @@
    #if($globaladmin)
      #set($queryString = "editor=globaladmin&amp;section=")
    #else
--    #set($queryString = "space=$escapetool.url($currentSpace)&amp;section=")
++    #set($queryString = "space=${currentSpace}&amp;section=")
      #if($request.getParameter('editor'))
        #set($queryString = "editor=$escapetool.url($request.getParameter('editor'))&amp;$queryString")
      #end
@@ -391,7 +391,7 @@
        $escapetool.xml($sectionDisplayName)
        </span>
        #if(!$hasAccess)
--        <br/>#inlineError($services.localization.render('xe.admin.configurable.sectionIconNoAccess'))
++        <br/><span class="errormessage">$services.localization.render('xe.admin.configurable.sectionIconNoAccess')</span>
        #end
        </a>
      </li>
@@ -400,9 +400,9 @@
    ## Finally we display an error message if there are any applications which we were unable to view.
    #if($appsUserCannotView.size() > 0)
--    {{error}}$services.localization.render('xe.admin.configurable.noViewAccessSomeApplications',
--      'xwiki/2.1', [$appsUserCannotView]){{/error}}
++    {{error}}$services.localization.render('xe.admin.configurable.noViewAccessSomeApplications', [$appsUserCannotView]){{/error}}
++
    #end
  #end## If we should be looking at the main administration page.
  {{/velocity}}