General Actions:
Log-in
Wiki:
L3D's Wiki
▼
:
Document Index
»
Space:
XWiki
▼
:
Document Index
»
Page:
ConfigurableClass
Search
Page Actions:
Export
▼
:
Export as PDF
Export as RTF
Export as HTML
More actions
▼
:
Print preview
View Source
Welcome to your wiki
»
XWiki Space
»
XWiki.ConfigurableClass
Wiki source code of
XWiki.ConfigurableClass
Last modified by
Administrator
on 2011/03/02 17:34
Content
·
Comments
(0)
·
Attachments
(1)
·
History
·
Information
Hide line numbers
1: {{velocity}} 2: #* 3: * This part takes the configuration from any documents containing XWiki.ConfigurableClass objects and creates a form 4: * for each. To includeForm this document, you may specify: 5: * 6: * $section - String - The section which we are administrating eg: "Registration", "Users", or "Import". 7: * If none is specified then it checks for a request parameter called "section" and uses that, 8: * if no parameter, then this code assumes that it is part of the admin icons sheet and adds icons 9: * for any section which is not in $sections, in that event, this code assumes it is being run 10: * inside of a <ul> block. 11: * 12: * $sections - List<String> - If section is not specified, any sections on this list will not have icons made for them 13: * the assumption being that the icons are already there. If section is specified then this 14: * is not taken into account and may safely be undefined. 15: * 16: * $currentDoc - String (document.fullName) - The administration document, users who don't have permission to edit 17: * it will not be able to include applications (possibly injecting 18: * arbitrary code.) if none specified then $doc.getFullName() is used. 19: * 20: * $globaladmin - boolean - If set true then we will assume we are administrationg the entire wiki. 21: * If not set then we look for a request parameter called "editor" if that exists and equals 22: * "globaladmin" then $globaladmin is true, if it doesn't exist then we check to see if 23: * $currentDoc.getFullName() equals "XWiki.XWikiPreferences". 24: * 25: * $doNotUnlockConfigurableDocuments - boolean - If true then this code will not make any attempt to unlock configurable 26: * documents. By default it does because it locks any document in the 27: * section which is being configured which would lead to a lot of stray 28: * locks if they weren't all canceled. Only recommended if this page is 29: * being included twice in the same page. 30: *### 31: ## Constants: 32: #set($redirectParameter = 'xredirect') 33: #set($nameOfThisDocument = 'XWiki.ConfigurableClass') 34: ## 35: ## Form submission depends on this. 36: $xwiki.jsfx.use('js/xwiki/actionbuttons/actionButtons.js', true) 37: ## 38: #if(!$section) 39: #set($section = $request.getParameter('section')) 40: #end 41: #if(!$currentDoc) 42: #set($currentDoc = $doc.getFullName()) 43: #end 44: ## Get value of $globaladmin if not specified. 45: #if("$!globaladmin" == '') 46: #if($editor != 'globaladmin' 47: && $request.getParameter('editor') != 'globaladmin' 48: && $currentDoc != 'XWiki.XWikiPreferences') 49: ## 50: #set($globaladmin = false) 51: #else 52: #set($globaladmin = true) 53: #end 54: #end 55: #set($currentSpace = $xwiki.getDocument($currentDoc).getSpace()) 56: ## 57: ## This application should not run with programming rights because it evaluates code which may not be trustworthy. 58: ## Removing the next line will open a security hole. 59: #sandboxDocument() 60: ## 61: ## This application locks every document in a section while that section is being edited so we should 62: ## check for locks held by the current user on any of the applications configured here and remove them. 63: #if(!$doNotUnlockConfigurableDocuments) 64: #set($outputList = []) 65: #findNamesOfAppsToConfigure("", $globaladmin, $currentSpace, $outputList)## 66: ## We don't want to generate javascript which unlocks the current document just after we got finished locking it. 67: #set($discard = $outputList.remove($currentDoc)) 68: #unlockDocuments($outputList) 69: #end 70: ## 71: ##------------------------------------------------------------------------------------------------------------ 72: ## If $section exists then we are viewing the admin page for a particular section. 73: ## eg: 'Registration', 'Presentation', 'Import' etc. 74: ##------------------------------------------------------------------------------------------------------------ 75: ## 76: #if($section && $section != '') 77: ## 78: ## This is for keeping track of whether we have shown the heading yet or not. 79: ## If the heading doesn't need to be shown, but an error occurs in processing, then we show the heading 80: ## so that the user knows what the error relates to. 81: #set($headingShowing = false) 82: ## 83: ## Searches the database for names of apps to be configured 84: #set($outputList = []) 85: #findNamesOfAppsToConfigure($section, $globaladmin, $xwiki.getDocument($currentDoc).getSpace(), $outputList) 86: ## 87: #foreach($appName in $outputList) 88: ## 89: ## Make sure the current user has permission to edit the configurable application. 90: #set($userHasAccessToDocument = $xcontext.hasAccessLevel('edit', $appName)) 91: ## 92: ## If the document was not last saved by a user with edit privilege on this page 93: ## then we can't safely display the page but we should warn the viewer. 94: #if($userHasAccessToDocument) 95: ## Get the configurable application 96: #set($app = $xwiki.getDocument($appName)) 97: ## 98: #set($documentSavedByAuthorizedUser = false) 99: #checkDocumentSavedByAuthorizedUser($app, $currentDoc, $documentSavedByAuthorizedUser) 100: #end 101: ## 102: ## There is no need to display a heading unless: 103: ## 1. There was already a section before this document. 104: ## 2. This is not the first document in this section. 105: ## 106: ## If we are displaying the heading and there is an error to be shown Javascript will not strip the heading. 107: #if(!$appName.equals($outputList.get(0)) || $sections.contains($section)) 108: ## Create a document heading. 109: #showHeading($appName, $headingShowing) 110: #end 111: ## 112: #if(!$userHasAccessToDocument) 113: #showHeading($appName, $headingShowing) 114: 115: {{error}}$msg.get('xe.admin.configurable.noPermissionThisApplication'){{/error}} 116: 117: #else 118: ## 119: #if(!$documentSavedByAuthorizedUser) 120: #showHeading($appName, $headingShowing) 121: 122: {{error}}$msg.get('xe.admin.configurable.applicationAuthorNoAdmin', [$app.Author]){{/error}} 123: 124: #else 125: ## 126: ## Locking document 127: ##------------------------------------------------------------------------------------------------------------ 128: #if($app.getLocked()) 129: #set($locked = true) 130: #end 131: ## If the document is locked and not by the current user and forceEdit is not set true, 132: #if($locked && $app.getLockingUser() != $xcontext.getUser() && !$request.getParameter('forceEdit')) 133: #set($requestURL = "$request.getRequestURL()") 134: #if($requestURL.indexOf('?') == -1) 135: #set($requestURL = "${requestURL}?") 136: #end 137: #showHeading($appName, $headingShowing) 138: 139: {{error}}$msg.get('doclockedby') $app.getLockingUser() [[$msg.get('forcelock')>>${requestURL}&forceEdit=1]]{{/error}} 140: 141: #else 142: ## If the document is not already locked, attempt to acquire the lock. 143: #if(!$locked) 144: ## Try to use an AJAX call to lock the document. 145: 146: 147: {{html wiki=true}} 148: <noscript> 149: 150: {{warning}}$msg.get('xe.admin.configurable.cannotLockNoJavascript'){{/warning}} 151: 152: </noscript> 153: <script type="text/javascript"> 154: document.observe("xwiki:dom:loaded", function() { 155: new Ajax.Request("$xwiki.getURL($app.getFullName(), 'lock', 'ajax=1')"); 156: }); 157: </script> 158: {{/html}} 159: 160: #set($discard = $lockedDocumentNames.add($app.getFullName())) 161: #end 162: ##------------------------------------------------------------------------------------------------------------ 163: ## Done Locking. 164: ## 165: ## Get all objects of the "ConfigurableClass" from this document. 166: #set($allConfigurableObjs = $app.getObjects($nameOfThisDocument)) 167: ## Separate out the objects which are for this section. 168: #set($configurableObjs = []) 169: #foreach($configurableObj in $allConfigurableObjs) 170: #if($app.getValue('displayInSection', $configurableObj) == $section) 171: ## If this is space admin, then don't display global, if global don't display space. 172: #if($globaladmin == ($app.getValue('configureGlobally', $configurableObj) == 1)) 173: #set($discard = $configurableObjs.add($configurableObj)) 174: #end 175: #end 176: #end 177: #if($configurableObjs.size() == 0) 178: ## Internal error, not translated. 179: #showHeading($appName, $headingShowing) 180: 181: {{error}}Internal error: All objects were filtered out for application: $appName.{{/error}} 182: 183: #else 184: #set($formAction = $xwiki.getURL($app.getFullName(), 'save')) 185: #set($formId = "${section.toLowerCase()}_${app.getFullName()}") 186: #set($escapedAppName = $escapetool.xml($app.getFullName())) 187: #foreach($configurableObj in $configurableObjs) 188: ## Display the header if one exists. 189: #set($heading = $app.getValue('heading', $configurableObj)) 190: #if($heading && $heading != '') 191: == #evaluate($heading) == 192: #end 193: ## 194: #set($codeToExecute = "$!app.getValue('codeToExecute', $configurableObj)") 195: #if($codeToExecute != '') 196: (%class="codeToExecute"%)(((## 197: #evaluate($codeToExecute)## 198: ))) 199: #end 200: ## 201: ## If propertiesToShow is set, then we will only show the properties contained therein. 202: #set($propertiesToShow = $app.getValue('propertiesToShow', $configurableObj)) 203: #if(!$propertiesToShow || $propertiesToShow.getClass().getName().indexOf('List') == -1) 204: #set($propertiesToShow = []) 205: #end 206: ## 207: ## If linkPrefix is set, then we will make each property label a link which starts with that prefix. 208: #set($linkPrefix = "$!app.getValue('linkPrefix', $configurableObj)") 209: ## 210: ## If the Configurable object specifies a configuration class, use it, 211: ## otherwise assume custom forms are used instead. 212: #set($configClassName = "$!app.getValue('configurationClass', $configurableObj)") 213: #if($configClassName != '') 214: #set($objClass = $xwiki.getDocument($configClassName).getxWikiClass()) 215: #if(!$objClass || $objClass.getClass().getName().indexOf('.Class') == -1) 216: #showHeading($appName, $headingShowing) 217: 218: {{error}}$msg.get('xe.admin.configurable.configurationClassNonexistant'){{/error}} 219: 220: #else 221: ## Use the first object from the document which is of the configuration class. 222: #set($obj = $app.getObject($objClass.getName())) 223: ## 224: #if(!$obj || $obj.getClass().getName().indexOf('.Object') == -1) 225: #showHeading($appName, $headingShowing) 226: 227: {{error}} 228: $msg.get('xe.admin.configurable.noObjectOfConfigurationClassFound', 229: [$objClass.getName(), $app.getFullName()]) 230: {{/error}} 231: 232: #else 233: ## 234: ## Merge save buttons, remove headings from subsections, and make information links into popups. 235: ## This is not done if there is only a custom defined form. 236: $xwiki.jsx.use($nameOfThisDocument) 237: ## 238: ## We don't begin the form until we have content for it so that a configurable can specify a 239: ## custom form in codeToExecute and if that configurable object is the first of it's kind in that 240: ## document, the custom form will not be put inside of our form. 241: #if(!$insideForm) 242: ## We are opening a form and fieldset without closing it, thus we cannot clean this html. 243: 244: {{html clean=false}} 245: <form id="$formId" method="post" action="$formAction"> 246: <fieldset> 247: {{/html}} 248: #set($insideForm = true) 249: #end 250: #define($formHtml) 251: #foreach($propName in $objClass.getPropertyNames()) 252: #if($propertiesToShow.size() > 0 && !$propertiesToShow.contains($propName)) 253: ## Silently skip over this property. 254: #else 255: <p> 256: #set($prettyName = "#evaluate($app.displayPrettyName($propName, $obj))") 257: ## App Name is prepended to for= to make label work with id which is modified to prevent collisions. 258: <label for="${escapedAppName}_$objClass.getName()_$obj.getNumber()_$propName"> 259: #if($linkPrefix != '') 260: #set($linkScript = "$linkPrefix$propName") 261: <a href="$escapetool.xml("#evaluate($linkScript)")">$escapetool.xml($prettyName)</a> 262: #else 263: $escapetool.xml($prettyName) 264: #end 265: </label> 266: ## Step 1: Strip pre tags which $obj.display inserts, this won't affect content because it's escaped. 267: #set($out = $obj.display($propName, 'edit').replaceAll('<[/]?pre>', '')) 268: ## Step 2: Select only content between first < and last > because $obj.display inserts html macros. 269: ## Careful not to remove html macros from the content because they are not escaped! 270: ## Step 3: Prepend app name to all ID and FOR attributes to prevent id collision with multiple apps on one page. 271: $out.substring($out.indexOf('<'), $mathtool.add(1, $out.lastIndexOf('>'))).replaceAll( 272: " id='$objClass.getName()_$obj.getNumber()_$propName", 273: " id='${escapedAppName}_$objClass.getName()_$obj.getNumber()_$propName").replaceAll( 274: " for='$objClass.getName()_$obj.getNumber()_$propName", 275: " for='${escapedAppName}_$objClass.getName()_$obj.getNumber()_$propName") 276: </p> 277: #end## If property is in propertiesToShow 278: #end## Foreach property in this class 279: #end## define $formHtml 280: 281: 282: {{html}} 283: $formHtml.toString() 284: {{/html}} 285: 286: #end## If object exists 287: #end## If class exists 288: #end## If class name is specified. 289: #end## Foreach configurable object found in this document 290: ## If a form was started then we end it. 291: #if($insideForm) 292: 293: ## This is closing an open form which was opened above, we cannot clean this html. 294: {{html clean=false}} 295: ## We add in a redirect field to prevent the user from being carried away when they save 296: ## if they don't have javascript. 297: #set($thisURL = $request.getRequestURL()) 298: #if($request.getQueryString() && $request.getQueryString().length() > 0) 299: #set($thisURL = "${thisURL}?$request.getQueryString()") 300: #end 301: <input type="hidden" id="${escapedAppName}_redirect" name="$redirectParameter" value="$escapetool.xml($thisURL)" /> 302: <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" /> 303: </fieldset> 304: <div class="bottombuttons"> 305: <p class="admin-buttons"> 306: <span class="buttonwrapper"> 307: ## Text to display on the button. If there is a heading then this button should be labeled 308: ## that it is for saving this section. Otherwise it should be a generic "save" button. 309: #if($headingShowing) 310: #set($buttonText = "$msg.get('admin.save') $escapedAppName") 311: #else 312: #set($buttonText = "$msg.get('admin.save')") 313: #end 314: <input class="button" type="submit" name="action_saveandcontinue" value="$buttonText" /> 315: </span> 316: </p> 317: </div> ## bottombuttons 318: </form> 319: #set($insideForm = false) 320: {{/html}} 321: 322: #end 323: #end## If there are configurable objects 324: #end## If document is not locked or forceEdit is enabled 325: #end## If app author has permission to edit admin page 326: #end## If the current user has permission to edit the configurable application. 327: #end## Foreach document name in names to configure 328: 329: 330: {{html}} 331: <script type="text/javascript"> 332: /* <![CDATA[ */ 333: ## Alt+Shift+S presses the first saveAndContinue button it finds, not what we want so we will disable edit shortcuts. 334: document.observe('xwiki:dom:loaded', function() { 335: XWiki.actionButtons.EditActions = Object.extend(XWiki.actionButtons.EditActions, {addShortcuts : function() { }}); 336: }); 337: //]]> 338: </script> 339: {{/html}}## 340: ## 341: #else 342: ## 343: ##------------------------------------------------------------------------------------------------------------ 344: ## If section is not set then we are viewing the main administration page. 345: ##------------------------------------------------------------------------------------------------------------ 346: ## 347: ## If there is no list called sections then we set sections to an empty list. 348: #if(!$sections || $sections.getClass().getName().indexOf('List') == -1) 349: #set($sections = []) 350: #end 351: ## 352: ## We have to create a list of documents which the current user doesn't have permission to view. 353: ## So we can add an error message to the bottom of the page if there are any. 354: #set($appsUserCannotView = []) 355: ## 356: ## A list of sections (to be added) which the user is not allowed to edit, icons will be displayed with a message 357: #set($sectionsUserCannotEdit = []) 358: ## List of sections to be added, in order by creationDate of oldest contained application. 359: #set($sectionsToAdd = []) 360: ## Map of URL of icon to use by the name of the section to use that icon on. 361: #set($iconBySection = {}) 362: ## 363: #set($outputList = []) 364: #findNamesOfAppsToConfigure("", $globaladmin, $currentSpace, $outputList) 365: ## 366: #foreach($appName in $outputList) 367: ## 368: ## Get the configurable application 369: #set($app = $xwiki.getDocument($appName)) 370: ## 371: ## If getDocument returns null, then warn the user that they don't have view access to that application. 372: #if(!$app) 373: #set($discard = $appsUserCannotView.add($appName)) 374: #end 375: ## 376: #set($configurableObjects = $app.getObjects($nameOfThisDocument)) 377: #foreach($configurableObject in $configurableObjects) 378: #set($displayInSection = $app.getValue('displayInSection', $configurableObject)) 379: ## 380: ## If there is no section for this configurable or if the section cannot be edited, then check if the 381: ## application can be edited by the current user, if so then we display the icon from the current app and 382: ## don't display any message to tell the user they can't edit that section. 383: #if(!$sections.contains($displayInSection) || $sectionsUserCannotEdit.contains($displayInSection)) 384: ## 385: ## If there is no section for this configurable, then we will have to add one. 386: #if(!$sections.contains($displayInSection) && !$sectionsToAdd.contains($displayInSection)) 387: #set($discard = $sectionsToAdd.add($displayInSection)) 388: #end 389: ## 390: ## If an attachment by the filename iconAttachment exists and is an image 391: #set($attachment = $app.getAttachment("$app.getValue('iconAttachment', $configurableObject)")) 392: #if($attachment && $attachment.isImage()) 393: ## Set the icon for this section as the attachment URL. 394: #set($discard = $iconBySection.put($displayInSection, $app.getAttachmentURL($attachment.getFilename()))) 395: #end 396: ## 397: ## If the user doesn't have edit access to the application, we want to show a message on the icon 398: #if(!$xcontext.hasAccessLevel("edit", $app.getFullName())) 399: #if(!$sectionsUserCannotEdit.contains($displayInSection)) 400: #set($discard = $sectionsUserCannotEdit.add($displayInSection)) 401: #end 402: #elseif($sectionsUserCannotEdit.contains($displayInSection)) 403: ## If the user didn't have access to the section before but does have access to _this_ app which is 404: ## configured in the section, then the section becomes accessible. 405: #set($discard = $sectionsUserCannotEdit.remove($displayInSection)) 406: #end 407: #end## If section doesn't exist or user doesn't have access. 408: #end## Foreach configurable object in this app. 409: #end## Foreach application which is configurable. 410: ## 411: ## Now we go through sectionsToAdd and generate icons for them 412: #set($defaultIcon = $xwiki.getAttachmentURL($nameOfThisDocument, 'DefaultAdminSectionIcon.png')) 413: #if($globaladmin) 414: #set($queryString = "editor=globaladmin&section=") 415: #else 416: #set($queryString = "space=${currentSpace}&section=") 417: #if($request.getParameter('editor')) 418: #set($queryString = "editor=$escapetool.url($request.getParameter('editor'))&$queryString") 419: #end 420: #end 421: 422: ## This is an html fragment and thus cannot be cleaned 423: {{html clean=false}} 424: #foreach($sectionToAdd in $sectionsToAdd) 425: #set($icon = $iconBySection.get($sectionToAdd)) 426: #if(!$icon) 427: #set($icon = $defaultIcon) 428: #end 429: <li class="$escapetool.xml($sectionToAdd).replaceAll(' ', '_')"> 430: #set($hasAccess = !$sectionsUserCannotEdit.contains($sectionToAdd)) 431: #if($hasAccess) 432: <a href="$xwiki.getURL($currentDoc, $xcontext.getAction(), "$queryString$escapetool.url($sectionToAdd)")"> 433: #else 434: <a title="$msg.get('xe.admin.configurable.sectionIconNoAccessTooltip')"> 435: #end 436: <span> 437: <img src="$icon" alt="$escapetool.xml($sectionToAdd) icon"/> 438: ## Try to translate the names of the sections, build the key by adding an "admin." in front. 439: ## Not the best way to translate, but very inline with the way the translations are done in XWiki.AdminSheet for individual administration page titles. 440: ## If there is no translation (translated message is equals to key), don't display the message key, but the section name instead. 441: #if($msg.get("admin.${sectionToAdd.toLowerCase()}") != "admin.${sectionToAdd.toLowerCase()}") 442: #set($sectionDisplayName = $msg.get("admin.${sectionToAdd.toLowerCase()}")) 443: #else 444: #set($sectionDisplayName = $sectionToAdd) 445: #end 446: $escapetool.xml($sectionDisplayName) 447: </span> 448: #if(!$hasAccess) 449: <br/><span class="errormessage">$msg.get('xe.admin.configurable.sectionIconNoAccess')</span> 450: #end 451: </a> 452: </li> 453: #end 454: {{/html}} 455: 456: ## Finally we display an error message if there are any applications which we were unable to view. 457: #if($appsUserCannotView.size() > 0) 458: 459: {{error}}$msg.get('xe.admin.configurable.noViewAccessSomeApplications', [$appsUserCannotView]){{/error}} 460: 461: #end 462: #end## If we should be looking at the main administration page. 463: ## 464: ##------------------------------------------------------------------------------------------------------------ 465: ## The Macros, nothing below this point is run directly. 466: ##------------------------------------------------------------------------------------------------------------ 467: ## 468: #* 469: * 470: * Any documents which are on the provided list ($documentNames) which are locked by the current user will be unlocked. 471: * If this macro has programming rights, then they are unlocked programmatically, otherwise a javascript tag is 472: * generated with ajax calls to cancel for all of the documents. If there are documents on this list which are not 473: * locked by the current user, then they are ignored. 474: * 475: * @param $documentNames - List<String> - fullNames of documents which should be unlocked if they are locked by the 476: * current user. 477: *### 478: #macro(unlockDocuments $documentNames) 479: #if($documentNames.size() > 0) 480: #set($sql = "doc.fullName=") 481: #foreach($documentName in $documentNames) 482: #set($sql = "${sql}'$documentName' or doc.fullName=") 483: #end 484: ## Trim the dangling ' or doc.fullName=?' 485: #set($sql = $sql.substring(0, $sql.lastIndexOf(' or doc.fullName='))) 486: #set($sql = ", XWikiLock lock where lock.docId=doc.id and lock.userName='$xcontext.getUser()' and (${sql})") 487: #set($namesOfdocumentsToUnlock = $xwiki.searchDocuments($sql)) 488: ## Use ajax and hope the user runs javascript. 489: {{html}} 490: <script type="text/javascript"> 491: document.observe("dom:loaded", function() { 492: #foreach($nameOflockedDocument in $namesOfdocumentsToUnlock) 493: new Ajax.Request("$xwiki.getURL($nameOflockedDocument, 'cancel', 'ajax=1')"); 494: #end 495: }); 496: </script> 497: {{/html}}## 498: #end## If output list size > 0 499: #end## Macro 500: ## 501: #* 502: * Find names of documents which contain objects of the class 'XWiki.ConfigurableClass' 503: * 504: * @param $section - String - Look for apps which specify that they should be configured in this section, 505: * if null or "" then returns them for all sections. 506: * 507: * @param $globaladmin - boolean - If true then we will look for applications which should be configured globally. 508: * 509: * @param $space - String - If not looking for apps which are configured globally, then this is the space where we 510: * will look for apps in. If null or "" or if $globaladmin is true, then all spaces will be 511: * searched. 512: * 513: * @param $outputList - List - The returns from this macro will be put in this list, passing the list as a parameter 514: * a safety measure because macros can't return values. 515: *### 516: #macro(findNamesOfAppsToConfigure, $section, $globaladmin, $space, $outputList) 517: ## Use a parameterized sql query to prevent injection. 518: #set($params = []) 519: #if($section && $section != '') 520: #set($discard = $params.add("$section")) 521: #set($sqlA = ' StringProperty as section,') 522: #set($sqlB = " and section.id=obj.id and section.name='displayInSection' and section.value=?") 523: #else 524: ## Make sure they are "" in case they were set prior to calling the macro. 525: #set($sqlA = '') 526: #set($sqlB = '') 527: #end 528: ## Set up query based on value of $globaladmin 529: #if($globaladmin == true) 530: #set($sqlC = '1') 531: #else 532: #if($space && $space != '') 533: #set($sqlC = '0 and doc.space = ?') 534: #set($discard = $params.add($space)) 535: #else 536: #set($sqlC = '0') 537: #end 538: #end 539: #set($sql = ", BaseObject as obj,$sqlA IntegerProperty as global where " 540: + "doc.fullName=obj.name and obj.className='" + $nameOfThisDocument + "'$sqlB " 541: + "and global.id=obj.id and global.name='configureGlobally' and global.value=$sqlC " 542: + "order by doc.creationDate") 543: ## 544: ## Run the search 545: #set($outputList = $xwiki.searchDocuments($sql, 0, 0, $params)) 546: ## 547: #end 548: ## 549: #* 550: * If this document is saved with programming access or is includeForm'd into a document with programming, we have to 551: * drop programming rights in order for it to run safely because it evaluates potentially untrustworthy code. 552: *### 553: #macro(sandboxDocument) 554: #if($xcontext.hasProgrammingRights()) 555: $xcontext.dropPermissions()## 556: #end 557: #end 558: ## 559: #* 560: * Try to determine whether a document was edited by a user who has edit right on this page. This is tricky because 561: * documents are imported with the name XWiki.XWikiGuest who has no access to anything after import. 562: * 563: * @param theDoc - Document who's editor should be checked for edit access on this document. 564: *### 565: #macro(checkDocumentSavedByAuthorizedUser, $docToCheck, $currentDoc, $hasAccess) 566: ## The system is started and the only user is XWikiGuest who has admin right but gives it up when he imports the default 567: ## documents, we are checking to see if this looks like the guest imported the document with the first import. 568: #if($docToCheck.getWiki() == $xcontext.getMainWikiName() 569: && $docToCheck.getVersion() == '1.1' 570: && $docToCheck.getCreator() != $docToCheck.getContentAuthor() 571: && $docToCheck.getContentAuthor() == 'XWiki.XWikiGuest') 572: ## 573: #set($userToCheck = $docToCheck.getCreator()) 574: #else 575: #set($userToCheck = $docToCheck.getAuthor()) 576: #end 577: #set($hasAccess = $xwiki.hasAccessLevel('edit', $userToCheck, $currentDoc)) 578: #end 579: ## 580: #* 581: * Show the heading for configuration for a given application. 582: * 583: * $appName (String) Name of the application to show configuration heading for. 584: * 585: * $headingAlreadyShowing (boolean) If true then we don't make another heading. Otherwise it is set to true. 586: *### 587: #macro(showHeading, $appName, $headingAlreadyShowing) 588: #if(!$headingAlreadyShowing) 589: #set($headingAlreadyShowing = true) 590: 591: = $msg.get("admin.customize") __[[$appName>>$appName]]__: = 592: #end 593: #end 594: {{/velocity}}
Quick Links
L3D Calendar
Wiki Dashboard
Document Index
Blog
Sandbox
