inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.3-BUG-FIX to HEAD

Browse Source 
22496: Merged V3.3 to V3.3-BUG-FIX
      22383: *Record only* Merged HEAD to V3.3
         22381: Fixes FTL syntax error in Calendar view webscript
      22404: *Record only* Merged HEAD to V3.3
         22403: Fixed ALF-4669: Delete Links (app:filelink) in Share deletes destination
      22409: Fixed ALF-2857: Links broken for updated discussions [Contribution]
      22449: Fix for ALF-3698 - Need to re-enable request-scoped javascript scopes for webscripts
              - Improvements to repo and web-tier JS script processsor config to allow "shared scope" feature to be disabled
              - Sealed shared scopes are used between script executions - processor config can now disabled this feature and ensure that a new scope is created for each executed script. Allows core JS objects to be extended in scripts.
      22454: ALF-3803 Fix for ISO8601 Date Format parser - milliseconds are optional.
      22455: Fix to handle non-200 status code in some Share dashlets.
             Missing I18N string in site profile dashlet.
      22456: SpringSurf contrib of ALF-3803 Fix for ISO8601 Date Format parser - milliseconds are optional.
      22457: SESURF-66 - Remote Client improvements
      22458: Merged BRANCHES/DEV/BELARUS/V3.3-2010_06_08 to BRANCHES/V3.3:
      20585: ALF-1861: Shortcut parent-child association path should align with the actual 'cm:name' property of the shortcut
      22464: ALF-1518 - Added support for Java System property "http.nonProxyHosts" in Remote Client
              - specifies a list of hosts that should *not* be proxied if the associated http.proxyHost property is set
      22475: Fix for SESURF-76 - contributed by Ooi Leng Chye.
      22484: Fix for ALF-4674 - added "max-age=0" to cache-control header for Download servlet to fix issues with content not always being re-requested after an update
              - brings the Download servlet inline with the ContentGet webscript that already does this

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@22502 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2010-09-14 13:00:57 +00:00
parent 6d0e3cbeff
commit 807c419318
2 changed files with 76 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
config/alfresco/script-services-context.xml
View File

@@ -18,7 +18,16 @@
</property> </property>
<property name="extension"> <property name="extension">
<value>js</value> <value>js</value>
</property> </property>
<!-- compile javascript and cache compiled scripts -->
<property name="compile">
<value>true</value>
</property>
<!-- allow sharing of sealed scopes for performance -->
<!-- disable to give each script it's own new scope which can be extended -->
<property name="shareSealedScopes">
<value>true</value>
</property>
<property name="scriptService"> <property name="scriptService">
<ref bean="scriptService"/> <ref bean="scriptService"/>
</property> </property>

86
source/java/org/alfresco/repo/jscript/RhinoScriptProcessor.java
View File

@@ -21,7 +21,6 @@ package org.alfresco.repo.jscript;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.io.Serializable;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
@@ -89,6 +88,9 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
/** Flag to enable or disable runtime script compliation */ /** Flag to enable or disable runtime script compliation */
private boolean compile = true; private boolean compile = true;
/** Flag to enable the sharing of sealed root scopes between scripts executions */
private boolean shareSealedScopes = true;
/** Cache of runtime compiled script instances */ /** Cache of runtime compiled script instances */
private final Map<String, Script> scriptCache = new ConcurrentHashMap<String, Script>(256); private final Map<String, Script> scriptCache = new ConcurrentHashMap<String, Script>(256);
@@ -119,6 +121,15 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
this.compile = compile; this.compile = compile;
} }
/**
* @param shareSealedScopes true to allow sharing of sealed scopes between script executions - set to
* false to disable this feature and ensure that a new scope is created for each executed script.
*/
public void setShareSealedScopes(boolean shareSealedScopes)
{
this.shareSealedScopes = shareSealedScopes;
}
/** /**
* @see org.alfresco.service.cmr.repository.ScriptProcessor#reset() * @see org.alfresco.service.cmr.repository.ScriptProcessor#reset()
*/ */
@@ -414,10 +425,18 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
// Create a thread-specific scope from one of the shared scopes. // Create a thread-specific scope from one of the shared scopes.
// See http://www.mozilla.org/rhino/scopes.html // See http://www.mozilla.org/rhino/scopes.html
cx.setWrapFactory(wrapFactory); cx.setWrapFactory(wrapFactory);
Scriptable sharedScope = secure ? this.nonSecureScope : this.secureScope; Scriptable scope;
Scriptable scope = cx.newObject(sharedScope); if (this.shareSealedScopes)
scope.setPrototype(sharedScope); {
scope.setParentScope(null); Scriptable sharedScope = secure ? this.nonSecureScope : this.secureScope;
scope = cx.newObject(sharedScope);
scope.setPrototype(sharedScope);
scope.setParentScope(null);
}
else
{
scope = initScope(cx, secure, false);
}
// there's always a model, if only to hold the util objects // there's always a model, if only to hold the util objects
if (model == null) if (model == null)
@@ -531,7 +550,7 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
} }
} }
/** /**
* Pre initializes two scope objects (one secure and one not) with the standard objects preinitialised. * Pre initializes two scope objects (one secure and one not) with the standard objects preinitialised.
* This saves on very expensive calls to reinitialize a new scope on every web script execution. See * This saves on very expensive calls to reinitialize a new scope on every web script execution. See
@@ -541,38 +560,65 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
*/ */
public void afterPropertiesSet() throws Exception public void afterPropertiesSet() throws Exception
{ {
// Initialise the secure scope // Initialize the secure scope
Context cx = Context.enter(); Context cx = Context.enter();
try try
{ {
cx.setWrapFactory(wrapFactory); cx.setWrapFactory(wrapFactory);
this.secureScope = cx.initStandardObjects(null, true); this.secureScope = initScope(cx, false, true);
// remove security issue related objects - this ensures the script may not access
// unsecure java.* libraries or import any other classes for direct access - only
// the configured root host objects will be available to the script writer
this.secureScope.delete("Packages");
this.secureScope.delete("getClass");
this.secureScope.delete("java");
} }
finally finally
{ {
Context.exit(); Context.exit();
} }
// Initialise the non-secure scope // Initialize the non-secure scope
cx = Context.enter(); cx = Context.enter();
try try
{ {
cx.setWrapFactory(wrapFactory); cx.setWrapFactory(wrapFactory);
this.nonSecureScope = initScope(cx, true, true);
// allow access to all libraries and objects, including the importer
// @see http://www.mozilla.org/rhino/ScriptingJava.html
this.nonSecureScope = new ImporterTopLevel(cx, true);
} }
finally finally
{ {
Context.exit(); Context.exit();
} }
} }
/**
* Initializes a scope for script execution. The easiest way to embed Rhino is just to create a new scope this
* way whenever you need one. However, initStandardObjects() is an expensive method to call and it allocates a
* fair amount of memory.
*
* @param cx the thread execution context
* @param secure Do we consider the script secure? When <code>false</code> this ensures the script may not
* access insecure java.* libraries or import any other classes for direct access - only the
* configured root host objects will be available to the script writer.
* @param sealed Should the scope be sealed, making it immutable? This should be <code>true</code> if a scope
* is to be reused.
* @return the scope object
*/
protected Scriptable initScope(Context cx, boolean secure, boolean sealed)
{
Scriptable scope;
if (secure)
{
// Initialise the non-secure scope
// allow access to all libraries and objects, including the importer
// @see http://www.mozilla.org/rhino/ScriptingJava.html
scope = new ImporterTopLevel(cx, sealed);
}
else
{
// Initialise the secure scope
scope = cx.initStandardObjects(null, sealed);
// remove security issue related objects - this ensures the script may not access
// unsecure java.* libraries or import any other classes for direct access - only
// the configured root host objects will be available to the script writer
scope.delete("Packages");
scope.delete("getClass");
scope.delete("java");
}
return scope;
}
} }