Example 6 with PageFilter
use of org.apache.wiki.api.filters.PageFilter in project jspwiki by apache.
the class DefaultFilterManager method doPostTranslateFiltering.
/**
* Does the filtering after HTML translation.
*
* @param context The WikiContext
* @param htmlData HTML data to be passed through the postTranslate
* @throws FilterException If any of the filters throws a FilterException
* @return The modified HTML
* @see PageFilter#postTranslate(WikiContext, String)
*/
public String doPostTranslateFiltering(WikiContext context, String htmlData) throws FilterException {
fireEvent(WikiPageEvent.POST_TRANSLATE_BEGIN, context);
for (PageFilter f : m_pageFilters) {
htmlData = f.postTranslate(context, htmlData);
}
fireEvent(WikiPageEvent.POST_TRANSLATE_END, context);
return htmlData;
}
Also used :
PageFilter(org.apache.wiki.api.filters.PageFilter)
Example 7 with PageFilter
use of org.apache.wiki.api.filters.PageFilter in project jspwiki by apache.
the class UserManager method validateProfile.
/**
* Validates a user profile, and appends any errors to the session errors
* list. If the profile is new, the password will be checked to make sure it
* isn't null. Otherwise, the password is checked for length and that it
* matches the value of the 'password2' HTTP parameter. Note that we have a
* special case when container-managed authentication is used and the user
* is not authenticated; this will always cause validation to fail. Any
* validation errors are added to the wiki session's messages collection
* (see {@link WikiSession#getMessages()}.
* @param context the current wiki context
* @param profile the supplied UserProfile
*/
public void validateProfile(WikiContext context, UserProfile profile) {
final boolean isNew = profile.isNew();
final WikiSession session = context.getWikiSession();
final InputValidator validator = new InputValidator(SESSION_MESSAGES, context);
final ResourceBundle rb = Preferences.getBundle(context, InternationalizationManager.CORE_BUNDLE);
//
// Query the SpamFilter first
//
final FilterManager fm = m_engine.getFilterManager();
final List<PageFilter> ls = fm.getFilterList();
for (final PageFilter pf : ls) {
if (pf instanceof SpamFilter) {
if (((SpamFilter) pf).isValidUserProfile(context, profile) == false) {
session.addMessage(SESSION_MESSAGES, "Invalid userprofile");
return;
}
break;
}
}
// If container-managed auth and user not logged in, throw an error
if (m_engine.getAuthenticationManager().isContainerAuthenticated() && !context.getWikiSession().isAuthenticated()) {
session.addMessage(SESSION_MESSAGES, rb.getString("security.error.createprofilebeforelogin"));
}
validator.validateNotNull(profile.getLoginName(), rb.getString("security.user.loginname"));
validator.validateNotNull(profile.getFullname(), rb.getString("security.user.fullname"));
validator.validate(profile.getEmail(), rb.getString("security.user.email"), InputValidator.EMAIL);
// If new profile, passwords must match and can't be null
if (!m_engine.getAuthenticationManager().isContainerAuthenticated()) {
final String password = profile.getPassword();
if (password == null) {
if (isNew) {
session.addMessage(SESSION_MESSAGES, rb.getString("security.error.blankpassword"));
}
} else {
final HttpServletRequest request = context.getHttpRequest();
final String password2 = (request == null) ? null : request.getParameter("password2");
if (!password.equals(password2)) {
session.addMessage(SESSION_MESSAGES, rb.getString("security.error.passwordnomatch"));
}
}
}
UserProfile otherProfile;
final String fullName = profile.getFullname();
final String loginName = profile.getLoginName();
final String email = profile.getEmail();
// It's illegal to use as a full name someone else's login name
try {
otherProfile = getUserDatabase().find(fullName);
if (otherProfile != null && !profile.equals(otherProfile) && !fullName.equals(otherProfile.getFullname())) {
final Object[] args = { fullName };
session.addMessage(SESSION_MESSAGES, MessageFormat.format(rb.getString("security.error.illegalfullname"), args));
}
} catch (final NoSuchPrincipalException e) {
/* It's clean */
}
// It's illegal to use as a login name someone else's full name
try {
otherProfile = getUserDatabase().find(loginName);
if (otherProfile != null && !profile.equals(otherProfile) && !loginName.equals(otherProfile.getLoginName())) {
final Object[] args = { loginName };
session.addMessage(SESSION_MESSAGES, MessageFormat.format(rb.getString("security.error.illegalloginname"), args));
}
} catch (final NoSuchPrincipalException e) {
/* It's clean */
}
// It's illegal to use multiple accounts with the same email
try {
otherProfile = getUserDatabase().findByEmail(email);
if (otherProfile != null && // Issue JSPWIKI-1042
!profile.getUid().equals(otherProfile.getUid()) && !profile.equals(otherProfile) && StringUtils.lowerCase(email).equals(StringUtils.lowerCase(otherProfile.getEmail()))) {
final Object[] args = { email };
session.addMessage(SESSION_MESSAGES, MessageFormat.format(rb.getString("security.error.email.taken"), args));
}
} catch (final NoSuchPrincipalException e) {
/* It's clean */
}
}
Also used :
UserProfile(org.apache.wiki.auth.user.UserProfile)
SpamFilter(org.apache.wiki.filters.SpamFilter)
FilterManager(org.apache.wiki.api.engine.FilterManager)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
WikiSession(org.apache.wiki.WikiSession)
InputValidator(org.apache.wiki.ui.InputValidator)
ResourceBundle(java.util.ResourceBundle)
PageFilter(org.apache.wiki.api.filters.PageFilter)
Aggregations
PageFilter (org.apache.wiki.api.filters.PageFilter)7
FilterManager (org.apache.wiki.api.engine.FilterManager)2
Iterator (java.util.Iterator)1
List (java.util.List)1
ResourceBundle (java.util.ResourceBundle)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
WikiSession (org.apache.wiki.WikiSession)1
FilterException (org.apache.wiki.api.exceptions.FilterException)1
UserProfile (org.apache.wiki.auth.user.UserProfile)1
SpamFilter (org.apache.wiki.filters.SpamFilter)1
InputValidator (org.apache.wiki.ui.InputValidator)1
Test (org.junit.Test)1
