/** * {@inheritDoc} */ @Override public Environment getEnvironment() { return backing.getEnvironment(); }
/** * Increments the step that is recorded in session. * * @param uic the current user's session */ public static void incrementSessionStep(final UIContext uic) { int step = uic.getEnvironment().getStep(); uic.getEnvironment().setStep(step + 1); }
/** * Build the url to refresh the application. * * @param uic the current user's context * @return the application url */ private String buildApplicationUrl(final UIContext uic) { Environment env = uic.getEnvironment(); return env.getPostPath(); }
/** * {@inheritDoc} */ @Override public Environment getEnvironment() { UIContext uic = UIContextHolder.getCurrent(); return uic == null ? null : uic.getEnvironment(); }
/** * {@inheritDoc} */ @Override public void preparePaint(final Request request) { // Set session token UIContext uic = UIContextHolder.getCurrent(); if (uic.getEnvironment().getSessionToken() == null) { uic.getEnvironment().setSessionToken(UUID.randomUUID().toString()); } super.preparePaint(request); }
/** * @return the URL which can be used to target this resource. */ public String getTargetUrl() { UIContext uic = UIContextHolder.getCurrent(); if (uic == null) { return null; } String url = uic.getEnvironment().getWServletPath(); Map<String, String> parameters = new HashMap<>(); String resourceCacheKey = InternalResourceMap.getResourceCacheKey(resourceName); parameters.put(WServlet.STATIC_RESOURCE_PARAM_NAME, resourceName); if (resourceCacheKey != null) { parameters.put("cacheKey", resourceCacheKey); } return WebUtilities.getPath(url, parameters, true); } }
/** * Override preparePaint in order to perform processing specific to this interceptor. * * @param request the request being responded to. */ @Override public void preparePaint(final Request request) { // Reset the form encoding type before painting the content. UIContext uic = UIContextHolder.getCurrent(); uic.getEnvironment().setFormEncType(null); super.preparePaint(request); }
@Test public void testEnvironmentAccessors() { UIContext uic = createUIContext(); Assert.assertTrue("User Context should have a dummy environment by default", uic. isDummyEnvironment()); Assert.assertNotNull("User context should return an environment by default", uic. getEnvironment()); Environment environment = new AbstractEnvironment() { }; uic.setEnvironment(environment); Assert.assertEquals("Incorrect environment returned", environment, uic.getEnvironment()); }
@Test public void testServiceRequestCorrectToken() { uic.getEnvironment().setSessionToken("X"); uic.getEnvironment().setStep(10); request.setParameter(Environment.SESSION_TOKEN_VARIABLE, "X"); interceptor.serviceRequest(request); Assert.assertTrue("Action phase should have occurred for corret token", component.handleRequestCalled); Assert.assertEquals("Step count should not have been incremented for correct token", 10, uic.getEnvironment() .getStep()); }
@Test public void testServiceRequestDefaultState() { // Test default state interceptor.serviceRequest(request); Assert.assertTrue("Action phase should have occurred by default", component.handleRequestCalled); Assert.assertEquals("Step should not have been incremented", 0, uic.getEnvironment(). getStep()); interceptor.preparePaint(request); Assert.assertEquals("Step should have been incremented", 1, uic.getEnvironment().getStep()); }
@Test public void testServiceRequestCorrectSequence() { uic.getEnvironment().setStep(3); request.setParameter(Environment.STEP_VARIABLE, "3"); interceptor.serviceRequest(request); Assert.assertTrue("Action phase should have occurred for no step error", component.handleRequestCalled); Assert.assertEquals("Step should not have been incremented", 3, uic.getEnvironment(). getStep()); interceptor.preparePaint(request); Assert.assertEquals("Step should have been incremented", 4, uic.getEnvironment().getStep()); }
@Test public void testServiceRequestIncorrectSequence() { uic.getEnvironment().setStep(3); request.setParameter(Environment.STEP_VARIABLE, "1"); interceptor.serviceRequest(request); Assert.assertTrue("Handle Step Error should have been called for step error", component.handleStepErrorCalled); Assert.assertFalse("Action phase should not have occurred for step error", component.handleRequestCalled); Assert.assertEquals("Step should not have been incremented", 3, uic.getEnvironment(). getStep()); interceptor.preparePaint(request); Assert.assertEquals("Step should have been incremented", 4, uic.getEnvironment().getStep()); }
@Test public void testServiceRequestDefaultState() { // Test default state (ie no params and new session) interceptor.serviceRequest(request); Assert.assertTrue("Action phase should have occurred by default", component.handleRequestCalled); Assert .assertEquals("Step count should not have been incremented by default", 0, uic. getEnvironment().getStep()); }
@Test public void testServiceRequestIncorrectToken() { uic.getEnvironment().setSessionToken("X"); uic.getEnvironment().setStep(10); request.setParameter(Environment.SESSION_TOKEN_VARIABLE, "Y"); try { interceptor.serviceRequest(request); Assert.fail("Should have thrown an excpetion for incorrect token"); } catch (SystemException e) { Assert.assertFalse("Action phase should not have occurred for token error", component.handleRequestCalled); Assert.assertEquals("Step count should not have been incremented for token error", 10, uic.getEnvironment() .getStep()); } }
@Test public void testSessionTimeout() { // Simulate request parameter from previous session request.setParameter(Environment.SESSION_TOKEN_VARIABLE, "X"); try { interceptor.serviceRequest(request); Assert.fail("Should have thrown an excpetion for incorrect token"); } catch (SystemException e) { Assert.assertFalse("Action phase should not have occurred for session timeout", component.handleRequestCalled); Assert. assertEquals("Step count should not have been incremented for session timeout", 0, uic .getEnvironment().getStep()); } }
@Override public void serviceRequest(final Request request) { Environment env = UIContextHolder.getCurrent().getEnvironment(); env.setStep(env.getStep() + 1); }
@Override public void preparePaint(final Request request) { Environment env = UIContextHolder.getCurrent().getEnvironment(); env.setStep(env.getStep() + 1); }
@Override public void paint(final RenderContext renderContext) { Environment env = UIContextHolder.getCurrent().getEnvironment(); env.setStep(env.getStep() + 1); hiddenParams = env.getHiddenParameters(); } }
@Test public void testServiceRequestIncorrectSequenceWithRedirect() { // Set redirect parameter Configuration config = Config.copyConfiguration(originalConfig); config.addProperty(ConfigurationProperties.STEP_ERROR_URL, "test.url"); Config.setConfiguration(config); uic.getEnvironment().setStep(3); request.setParameter(Environment.STEP_VARIABLE, "1"); interceptor.attachResponse(new MockResponse()); try { interceptor.serviceRequest(request); Assert.fail("Interceptor did not detect wrong step"); } catch (ActionEscape e) { Assert.assertFalse("Action phase should not have occurred for step error with redirect", component.handleRequestCalled); Assert.assertFalse("Handle Step Error should not have occurred for redirect", component.handleStepErrorCalled); Assert.assertEquals("Step should not have been incremented", 3, uic.getEnvironment(). getStep()); } }
@Test public void testXssEscaping() throws IOException, SAXException, XpathException { MockWEnvironment environment = new MockWEnvironment(); environment.setPostPath("WApplicationRendererTest.postPath"); WApplication application = new WApplication(); UIContext uic = createUIContext(); uic.setEnvironment(environment); uic.setUI(application); setActiveContext(uic); application.setTitle(getMaliciousAttribute("ui:application")); assertSafeContent(application); uic.getEnvironment().getHiddenParameters().put(getMaliciousAttribute("ui:param"), "dummy"); uic.getEnvironment().getHiddenParameters().put("dummy", getMaliciousAttribute("ui:param")); assertSafeContent(application); }