mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-11-05 15:32:21 +00:00
Compare commits
20 Commits
release/23
...
23.7.0.5
| Author | SHA1 | Date | |
|---|---|---|---|
|
9c0ac89015 | ||
|
1028b5c44b | ||
|
|
39d209a6a1 | ||
|
|
d9adbd60e1 | ||
|
cb07b26653 | ||
|
327129f021 | ||
|
|
afbaf11ff9 | ||
|
|
e779057f23 | ||
|
49ee9f8f29 | ||
|
|
213886cedd | ||
|
|
1be9a43bcd | ||
|
|
eceb7c0eb3 | ||
|
|
8cd46d4585 | ||
|
|
11d71e1941 | ||
|
|
353d50a35c | ||
|
|
2daafc711d | ||
|
|
dfa94fbe21 | ||
|
|
4a93aec66b | ||
|
3f0bbc9844 | ||
|
|
cb9ad42101 |
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
@@ -107,7 +107,7 @@ jobs:
|
||||
bash ./scripts/ci/init.sh
|
||||
bash ./scripts/ci/build.sh
|
||||
- name: "Run SAST Scan"
|
||||
uses: veracode/Veracode-pipeline-scan-action@v1.0.16
|
||||
uses: veracode/Veracode-pipeline-scan-action@v1.0.20
|
||||
with:
|
||||
vid: ${{ secrets.VERACODE_API_ID }}
|
||||
vkey: ${{ secrets.VERACODE_API_KEY }}
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-amps</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<modules>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-governance-services-community-parent</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<modules>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-governance-services-automation-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<build>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-governance-services-community-parent</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<modules>
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-governance-services-community-repo-parent</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<properties>
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
|
||||
# Version label
|
||||
version.major=23
|
||||
version.minor=6
|
||||
version.minor=7
|
||||
version.revision=0
|
||||
version.label=
|
||||
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-governance-services-community-repo-parent</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<build>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<modules>
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-amps</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<properties>
|
||||
|
||||
@@ -134,6 +134,25 @@ function doclist_main()
|
||||
logger.log("doclist.lib.js - NodeRef: " + parsedArgs.nodeRef + " Query: " + query);
|
||||
|
||||
favourites = sanitizeJunkFavouriteKeys(favourites);
|
||||
if(query === null)
|
||||
{
|
||||
return {
|
||||
luceneQuery: "",
|
||||
paging: {
|
||||
totalRecords: 0,
|
||||
startIndex: 0
|
||||
},
|
||||
container: parsedArgs.rootNode,
|
||||
parent: null,
|
||||
onlineEditing: utils.moduleInstalled("org.alfresco.module.vti"),
|
||||
itemCount: {
|
||||
folders: 0,
|
||||
documents: 0
|
||||
},
|
||||
items: [],
|
||||
customJSON: slingshotDocLib.getJSON()
|
||||
};
|
||||
}
|
||||
|
||||
if(Object.keys(favourites).length === 0 && query === null)
|
||||
{
|
||||
|
||||
@@ -240,7 +240,7 @@ var Filters =
|
||||
filterData = filterData.slice(0, -1);
|
||||
}
|
||||
filterQuery = this.constructPathQuery(parsedArgs);
|
||||
filterParams.query = filterQuery + " +PATH:\"/cm:taggable/cm:" + search.ISO9075Encode(filterData) + "/member\"";
|
||||
filterParams.query = filterQuery + " +TAG:\"" + search.ISO9075Encode(filterData) + "\"";
|
||||
break;
|
||||
|
||||
case "category":
|
||||
@@ -249,8 +249,15 @@ var Filters =
|
||||
{
|
||||
filterData = filterData.slice(0, -1);
|
||||
}
|
||||
filterQuery = this.constructPathQuery(parsedArgs);
|
||||
filterParams.query = filterQuery + " +PATH:\"/cm:categoryRoot/cm:generalclassifiable" + Filters.iso9075EncodePath(filterData) + "/member\"";
|
||||
|
||||
var categoryNodeRef = this.getCategoryNodeRef(filterData);
|
||||
|
||||
if (categoryNodeRef && search.findNode(categoryNodeRef) != null) {
|
||||
filterParams.query = filterQuery + ' +@cm\\:categories:"' + categoryNodeRef + '"';
|
||||
} else {
|
||||
logger.warn("category filter: skipping invalid category node : " + categoryNodeRef);
|
||||
}
|
||||
filterParams.language = "fts-alfresco";
|
||||
break;
|
||||
|
||||
case "aspect":
|
||||
@@ -271,11 +278,24 @@ var Filters =
|
||||
{
|
||||
filterParams.query += " " + (Filters.TYPE_MAP[parsedArgs.type] || "");
|
||||
}
|
||||
|
||||
logger.warn("Final Query : " + filterParams.query);
|
||||
return filterParams;
|
||||
},
|
||||
|
||||
constructPathQuery: function constructPathQuery(parsedArgs)
|
||||
getCategoryNodeRef: function(categoryName) {
|
||||
var results = search.luceneSearch(
|
||||
'PATH:"/cm:categoryRoot/cm:generalclassifiable//*" AND @cm\\:name:"' + categoryName + '"'
|
||||
);
|
||||
|
||||
if (results && results.length > 0) {
|
||||
return results[0].nodeRef.toString();
|
||||
}
|
||||
|
||||
logger.warn("Category not found: " + categoryName);
|
||||
return null;
|
||||
},
|
||||
|
||||
constructPathQuery: function(parsedArgs)
|
||||
{
|
||||
var pathQuery = "";
|
||||
if (parsedArgs.libraryRoot != companyhome || parsedArgs.nodeRef != "alfresco://company/home")
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<properties>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
|
||||
@@ -9,6 +9,6 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-packaging</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
</project>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-packaging</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<properties>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<modules>
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-packaging</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<modules>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-tests</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<organization>
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-tests</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<developers>
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-tests</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<developers>
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-tests</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<properties>
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-tests</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<developers>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo-packaging</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<properties>
|
||||
|
||||
10
pom.xml
10
pom.xml
@@ -2,7 +2,7 @@
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
<packaging>pom</packaging>
|
||||
<name>Alfresco Community Repo Parent</name>
|
||||
|
||||
@@ -24,7 +24,7 @@
|
||||
|
||||
<properties>
|
||||
<acs.version.major>23</acs.version.major>
|
||||
<acs.version.minor>6</acs.version.minor>
|
||||
<acs.version.minor>7</acs.version.minor>
|
||||
<acs.version.revision>0</acs.version.revision>
|
||||
<acs.version.label />
|
||||
<amp.min.version>${acs.version.major}.0.0</amp.min.version>
|
||||
@@ -85,8 +85,8 @@
|
||||
<dependency.truezip.version>7.7.10</dependency.truezip.version>
|
||||
<dependency.poi.version>5.4.1</dependency.poi.version>
|
||||
<dependency.jboss.logging.version>3.5.0.Final</dependency.jboss.logging.version>
|
||||
<dependency.camel.version>4.10.2</dependency.camel.version> <!-- when bumping this version, please keep track/sync with included netty.io dependencies -->
|
||||
<dependency.netty.version>4.1.118.Final</dependency.netty.version> <!-- must be in sync with camels transitive dependencies, e.g.: netty-common -->
|
||||
<dependency.camel.version>4.15.0</dependency.camel.version> <!-- when bumping this version, please keep track/sync with included netty.io dependencies -->
|
||||
<dependency.netty.version>4.1.127.Final</dependency.netty.version> <!-- must be in sync with camels transitive dependencies, e.g.: netty-common -->
|
||||
<dependency.activemq.version>5.18.3</dependency.activemq.version>
|
||||
<dependency.apache-compress.version>1.27.1</dependency.apache-compress.version>
|
||||
<dependency.awaitility.version>4.2.2</dependency.awaitility.version>
|
||||
@@ -154,7 +154,7 @@
|
||||
<connection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</connection>
|
||||
<developerConnection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</developerConnection>
|
||||
<url>https://github.com/Alfresco/alfresco-community-repo</url>
|
||||
<tag>23.6.0.33</tag>
|
||||
<tag>23.7.0.5</tag>
|
||||
</scm>
|
||||
|
||||
<distributionManagement>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
* #%L
|
||||
* Alfresco Remote API
|
||||
* %%
|
||||
* Copyright (C) 2005 - 2016 Alfresco Software Limited
|
||||
* Copyright (C) 2005 - 2025 Alfresco Software Limited
|
||||
* %%
|
||||
* This file is part of the Alfresco software.
|
||||
* If the software was purchased under a paid Alfresco license, the terms of
|
||||
@@ -31,6 +31,14 @@ import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.json.simple.JSONObject;
|
||||
import org.owasp.html.HtmlPolicyBuilder;
|
||||
import org.owasp.html.PolicyFactory;
|
||||
import org.springframework.extensions.webscripts.Cache;
|
||||
import org.springframework.extensions.webscripts.Status;
|
||||
import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||
|
||||
import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.model.ForumModel;
|
||||
import org.alfresco.repo.content.MimetypeMap;
|
||||
@@ -44,10 +52,6 @@ import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.namespace.NamespaceService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.service.namespace.RegexQNamePattern;
|
||||
import org.json.simple.JSONObject;
|
||||
import org.springframework.extensions.webscripts.Cache;
|
||||
import org.springframework.extensions.webscripts.Status;
|
||||
import org.springframework.extensions.webscripts.WebScriptRequest;
|
||||
|
||||
/**
|
||||
* This class is the controller for the comments.post web script.
|
||||
@@ -66,6 +70,29 @@ public class CommentsPost extends AbstractCommentsWebScript
|
||||
// get json object from request
|
||||
JSONObject json = parseJSON(req);
|
||||
|
||||
// Validating and Sanitizing comment content to prevent XSS
|
||||
String commentContent = getOrNull(json, "content");
|
||||
if (StringUtils.isBlank(commentContent))
|
||||
{
|
||||
throw new IllegalArgumentException("Comment content must not be empty");
|
||||
}
|
||||
else
|
||||
{
|
||||
// Allowed HTML elements and attributes in comment content e.g. Text formatting ,Lists and Structure & Styling
|
||||
String[] allowedElements = {"b", "i", "u", "strong", "em", "ul", "ol", "li", "p", "br", "span", "div"};
|
||||
|
||||
PolicyFactory policy = new HtmlPolicyBuilder()
|
||||
.allowElements(allowedElements)
|
||||
.allowAttributes("style")
|
||||
.onElements("span", "div", "p", "ul")
|
||||
.allowStyling()
|
||||
.allowStandardUrlProtocols()
|
||||
.toFactory();
|
||||
|
||||
String safeContent = policy.sanitize(commentContent);
|
||||
json.replace("content", safeContent);
|
||||
}
|
||||
|
||||
/* MNT-10231, MNT-9771 fix */
|
||||
this.behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
|
||||
|
||||
@@ -229,8 +256,7 @@ public class CommentsPost extends AbstractCommentsWebScript
|
||||
*/
|
||||
private NodeRef createCommentsFolder(final NodeRef nodeRef)
|
||||
{
|
||||
NodeRef commentsFolder = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<NodeRef>()
|
||||
{
|
||||
NodeRef commentsFolder = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<NodeRef>() {
|
||||
public NodeRef doWork() throws Exception
|
||||
{
|
||||
NodeRef commentsFolder = null;
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
<parent>
|
||||
<groupId>org.alfresco</groupId>
|
||||
<artifactId>alfresco-community-repo</artifactId>
|
||||
<version>23.6.0.33</version>
|
||||
<version>23.7.0.5</version>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
repository.name=Main Repository
|
||||
|
||||
# Schema number
|
||||
version.schema=19500
|
||||
version.schema=19600
|
||||
|
||||
# Directory configuration
|
||||
|
||||
|
||||
Reference in New Issue
Block a user