Changes for page NotificationPreferenceService

Last modified by Julien Fleury on 2021/05/03 15:40

From version < 2.1

edited by Julien Fleury
on 2021/05/03 15:40

To version 1.1 >

edited by Julien Fleury
on 2020/12/12 16:56

Change comment: Install extension [org.xwiki.platform:xwiki-platform-notifications-ui/12.10]

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

@@ -1,47 +1,29 @@
  {{velocity}}
--#if ("$!request.user" != "")
--    #if ($request.user.contains("."))
--      #set ($targetUser = $request.user)
--    #else
--      #set ($targetUser = "XWiki." + $request.user)
--    #end
--#end
--#if ("$!request.target" == 'wiki')
--  #set ($targetDoc = $xwiki.getDocument($services.model.createDocumentReference('', ['XWiki', 'Notifications', 'Code'], 'NotificationAdministration')))
--  #set ($targetRef = $services.wiki.getCurrentWikiReference())
--#elseif ("$!request.target" == 'user')
--  #set ($targetDoc = $xwiki.getDocument($targetUser))
--  #set ($targetRef = $targetUser)
--#end
--#if ("$!request.action" == "" && $request.method.equalsIgnoreCase('get'))
--  This is a technical page for Notifications macro.
--#elseif (!$services.csrf.isTokenValid($request.csrf))
--  #set ($discard = $response.sendError(401, $services.localization.render('notifications.settings.error.badCSRF')))
--#elseif ("$!request.target" == 'wiki' && !$hasAdmin)
--  #set ($discard = $response.sendError(401))
--#elseif ("$!request.action" == "" || "$!request.target" == "" || ("$!request.target" == 'user' && "$!request.user" == ""))
--  #set ($discard = $response.sendError(400, $services.localization.render('notifications.settings.error.badParameters')))
--#elseif ("$!request.action" == "setInterval")
--  #if ("$!request.interval" == '' || "$!request.target" == 'wiki')
--    #set ($discard = $response.sendError(400, $services.localization.render('notifications.settings.error.badParameters')))
--  #end
--  #set ($userDoc = $xwiki.getDocument($targetUser))
++#if ("$!request.interval" != '')
++  #set ($userDoc = $xwiki.getDocument($xcontext.userReference))
    #set ($prefObj = $userDoc.getObject('XWiki.Notifications.Code.NotificationEmailPreferenceClass', true))
    #set ($discard = $prefObj.set('interval', $request.interval))
    #set ($discard = $userDoc.save('Update Notification Email Interval'))
--#elseif ("$!request.action" == "setDiffType")
--  #if ("$!request.diffType" == '')
--    #set ($discard = $response.sendError(400, $services.localization.render('notifications.settings.error.badParameters')))
++#elseif ("$!request.diffType" != '')
++  #set ($targetDoc = 0)
++  #if ("$!request.target" == 'wiki' && $hasAdmin)
++    #set ($targetDoc = $xwiki.getDocument($services.model.createDocumentReference('', ['XWiki', 'Notifications', 'Code'], 'NotificationAdministration')))
++  #elseif ("$!request.target" == 'user')
++    #set ($targetDoc = $xwiki.getDocument($xcontext.userReference))
    #end
--  #set ($prefObj = $targetDoc.getObject('XWiki.Notifications.Code.NotificationEmailPreferenceClass', true))
--  #set ($discard = $prefObj.set('diffType', $request.diffType))
--  #set ($discard = $targetDoc.save('Update Notification Email Diff Type'))
++  #if ($targetDoc == 0)
++    #set ($discard = $response.sendError(401))
++  #else
++    #set ($prefObj = $targetDoc.getObject('XWiki.Notifications.Code.NotificationEmailPreferenceClass', true))
++    #set ($discard = $prefObj.set('diffType', $request.diffType))
++    #set ($discard = $targetDoc.save('Update Notification Email Diff Type'))
++  #end
  #elseif ("$!request.action" == 'savePreferences')
    #try()
      #if ("$!request.target" == 'wiki')
        $services.notification.preferences.saveNotificationPreferencesForCurrentWiki($request.json)
      #else
--      $services.notification.preferences.saveNotificationPreferences($request.json, $targetRef)
++      $services.notification.preferences.saveNotificationPreferences($request.json)
      #end
    #end
    #if ("$!exception" != '')
@@ -49,10 +49,10 @@
    #end
  #elseif ("$!request.action" == 'deleteFilterPreference')
    #try()
--    #if ("$!request.target" == 'wiki')
--      $services.notification.filters.deleteWikiFilterPreference($request.filterPreferenceId, $targetRef)
++    #if ($services.csrf.isTokenValid($request.csrf))
++      $services.notification.filters.deleteFilterPreference($request.filterPreferenceId)
      #else
--      $services.notification.filters.deleteFilterPreference($request.filterPreferenceId, $targetRef)
++      $response.sendError(401, 'Bad CSRF Token')
      #end
    #end
    #if ("$!exception" != '')
@@ -60,10 +60,10 @@
    #end
  #elseif ("$!request.action" == 'setFilterPreferenceEnabled')
    #try()
--    #if ("$!request.target" == 'wiki')
--      $services.notification.filters.setWikiFilterPreferenceEnabled($request.filterPreferenceId, $stringtool.equals("$!request.enabled", 'true'), $targetRef)
++    #if ($services.csrf.isTokenValid($request.csrf))
++      $services.notification.filters.setFilterPreferenceEnabled($request.filterPreferenceId, $stringtool.equals("$!request.enabled", 'true'))
      #else
--      $services.notification.filters.setFilterPreferenceEnabled($request.filterPreferenceId, $stringtool.equals("$!request.enabled", 'true'), $targetRef)
++      $response.sendError(401, 'Bad CSRF Token')
      #end
    #end
    #if ("$!exception" != '')
@@ -71,40 +71,52 @@
    #end
  #elseif ("$!request.action" == 'createScopeFilterPreference')
    #try()
--    #macro (saveScopeFilterPreference $reference)
--      #if ("$!request.target" == 'wiki')
--        $services.notification.filters.createWikiScopeFilterPreference($request.filterType, $request.filterFormats.split(','), $request.eventTypes.split(','), $reference, $targetRef)
--      #else
--        $services.notification.filters.createScopeFilterPreference($request.filterType, $request.filterFormats.split(','), $request.eventTypes.split(','), $reference, $targetRef)
++    #if ($services.csrf.isTokenValid($request.csrf))
++      #macro (saveScopeFilterPreference $reference)
++        $services.notification.filters.createScopeFilterPreference($request.filterType, $request.filterFormats.split(','), $request.eventTypes.split(','), $reference)
        #end
--    #end
--    #if ("$!request.wiki" != "")
--      #foreach ($wikiRequest in $request.getParameterValues('wiki'))
--        #set ($reference = $services.model.createWikiReference($wikiRequest))
--        #saveScopeFilterPreference($reference)
++      #if ("$!request.wiki" != "")
++        #foreach ($wikiRequest in $request.getParameterValues('wiki'))
++          #set ($reference = $services.model.createWikiReference($wikiRequest))
++          #saveScopeFilterPreference($reference)
++        #end
        #end
--    #end
--    #if ("$!request.space" != "")
--      #foreach ($spaceRequest in $request.getParameterValues('space'))
--        #set ($reference = $services.model.resolveSpace($spaceRequest))
--        #saveScopeFilterPreference($reference)
++      #if ("$!request.space" != "")
++        #foreach ($spaceRequest in $request.getParameterValues('space'))
++          SPACE REQUEST: $spaceRequest
++          #set ($reference = $services.model.resolveSpace($spaceRequest))
++          #saveScopeFilterPreference($reference)
++        #end
        #end
--    #end
--    #if ("$!request.page" != "")
--      #foreach ($pageRequest in $request.getParameterValues('page'))
--        #set ($reference = $services.model.resolveDocument($pageRequest))
--        #saveScopeFilterPreference($reference)
++      #if ("$!request.page" != "")
++        #foreach ($pageRequest in $request.getParameterValues('page'))
++          #set ($reference = $services.model.resolveDocument($pageRequest))
++          #saveScopeFilterPreference($reference)
++        #end
        #end
++    #else
++      $response.sendError(401, 'Bad CSRF Token')
      #end
    #end
    #if ("$!exception" != '')
      $response.sendError(500, "$!exceptiontool.getStackTrace($exception)")
    #end
--#elseif ("$!request.action" == 'setAutoWatchMode')
++#elseif ("$!request.action" == 'setAutoWatchMode' || "$!request.action" == 'setDefaultAutoWatchMode')
    #try()
--    #set ($obj = $targetDoc.getObject('XWiki.Notifications.Code.AutomaticWatchModeClass', true))
--    #set ($discard = $obj.set('automaticWatchMode', $request.mode))
--    #set ($discard = $targetDoc.save('Update the automaticWatchMode.'))
++    #if ($services.csrf.isTokenValid($request.csrf))
++      #if ($request.action == 'setAutoWatchMode')
++        #set ($targetDoc = $xwiki.getDocument($xcontext.userReference))
++      #elseif (!$hasAdmin)
++        $response.sendError(401, 'Unauthorized')
++      #else
++        #set ($targetDoc = $xwiki.getDocument($services.model.createDocumentReference('', ['XWiki', 'Notifications', 'Code'], 'NotificationAdministration')))
++      #end
++      #set ($obj = $targetDoc.getObject('XWiki.Notifications.Code.AutomaticWatchModeClass', true))
++      #set ($discard = $obj.set('automaticWatchMode', $request.mode))
++      #set ($discard = $targetDoc.save('Update the automaticWatchMode.'))
++    #else
++      $response.sendError(401, 'Bad CSRF Token')
++    #end
    #end
    #if ("$!exception" != '')
      $response.sendError(500, "$!exceptiontool.getStackTrace($exception)")
@@ -111,10 +111,14 @@
    #end
  #elseif ("$!request.action" == 'watchUser' || "$!request.action" == 'unwatchUser')
    #try()
--    #if ($request.action == 'watchUser')
--      #set ($discard = $services.notification.watch.watchUser($request.user))
++    #if ($services.csrf.isTokenValid($request.csrf))
++      #if ($request.action == 'watchUser')
++        #set ($discard = $services.notification.watch.watchUser($request.userId))
++      #else
++        #set ($discard = $services.notification.watch.unwatchUser($request.userId))
++      #end
      #else
--      #set ($discard = $services.notification.watch.unwatchUser($request.user))
++      $response.sendError(401, 'Bad CSRF Token')
      #end
    #end
    #if ("$!exception" != '')

Changes for page NotificationPreferenceService

Summary

Details

Navigation

Applications