RM-2268 (If the currentPage attribute value is changed to a invalid one in the URL the Security Clearance page is not displayed in error)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104905 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2015-05-27 15:59:48 +00:00
parent 5c077ef098
commit 4d29332cb6
1 changed files with 23 additions and 2 deletions
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/classification/UserSecurityClearanceGet.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/classification/UserSecurityClearanceGet.java
@@ -57,6 +57,7 @@ public class UserSecurityClearanceGet extends AbstractRmWebScript
    private static final String ITEMS = "items";
    private static final String DATA = "data";
    private static final String NAME_FILTER = "nameFilter";
+    private static final String PAGE_NUMBER = "page";

    /** Security clearance service */
    private SecurityClearanceService securityClearanceService;
@@ -92,11 +93,19 @@ public class UserSecurityClearanceGet extends AbstractRmWebScript
        setSortProps(userQueryParams, req);

        PagingResults<SecurityClearance> usersSecurityClearance = getSecurityClearanceService().getUsersSecurityClearance(userQueryParams);
+
+        int total = getTotal(usersSecurityClearance).intValue();
+        int maxItems = userQueryParams.getMaxItems();
+        if (getPageNumber(req) > Math.ceil((double) total / (double) maxItems))
+        {
+            throw new WebScriptException("The requested page is not valid");
+        }
+
        List<SecurityClearance> securityClearanceItems = getSecurityClearanceItems(usersSecurityClearance);

        Map<String, Object> securityClearanceData = new HashMap<>();
-        securityClearanceData.put(TOTAL, getTotal(usersSecurityClearance));
-        securityClearanceData.put(MAX_ITEMS, userQueryParams.getMaxItems());
+        securityClearanceData.put(TOTAL, total);
+        securityClearanceData.put(MAX_ITEMS, maxItems);
        securityClearanceData.put(SKIP_COUNT, userQueryParams.getSkipCount());
        securityClearanceData.put(ITEM_COUNT, securityClearanceItems.size());
        securityClearanceData.put(ITEMS, securityClearanceItems);
@@ -145,6 +154,18 @@ public class UserSecurityClearanceGet extends AbstractRmWebScript
        return req.getParameter(NAME_FILTER);
    }

+    /**
+     * Gets the page number from the webscript request
+     *
+     * @param req {@link WebScriptRequest} The webscript request
+     * @return <code>int</code> The page number
+     */
+    private int getPageNumber(WebScriptRequest req)
+    {
+        String pageNumber = req.getParameter(PAGE_NUMBER);
+        return isNotBlank(pageNumber) ? parseInt(pageNumber) : 1;
+    }
+
    /**
     * Helper method to set the max index for the request query object
     *