Skip to content
Sign in
En échec

Changes

Summary

  1. Bug #14926 (details)
Commit f3347050a5abcac724675a0b1214abef22bb9975 by Miguel Moquillon
Bug #14926

In the WorkflowDesigner the side-effect operations are done by sending
HTTP GET requests. Such requests require to have the session token to be
specified in order to protect any CRSF attempts. But, in the case of
removal, the request is performed directly by an explicit relocation
(document.location) instead of using a simple anchor. In this situation,
there is no session token set automatically. And, if the URL to which
the relocation is performed contains some specific keywords (like creat
for example), then the massive web shield forbiddes such relocation
attempt without any anti-CRSF token. So, the fix was to replace the
relocation mechanism by one in which a form is dynamically generated for
the removal with as HTTP method POST.

By the way, I discovered by testing the fix the workflow  designer
wasn't designer to create a workflow from scratch but to edit existing
ones. Besides that, I discovered also some hidden bugs. So I took the
opportunity to clean up this mess up to a given level (in order to avoid
to rewrite all the designer or to take too much time in this effort).
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ParticipantImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/RelatedGroupImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/SpecificLabelListHelper.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/PresentationImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editColumns.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Consequence.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ActionImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/StateRef.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/presentation.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editInput.jsp (diff)
The file was addedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/taglib/WorkflowTagSupport.java
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editConsequence.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Column.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/UserInRoleImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Presentation.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/State.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Actions.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/RolesImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Participant.java (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/servlets/WorkflowDesignerRequestRouter.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editRelatedUser.jsp (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/taglib/ContextualDesignationList.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/StateImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/states.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editForm.jsp (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/taglib/ProcessModelTabs.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Trigger.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/SpecificLabel.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/RelatedUserImpl.java (diff)
The file was modifiedcore-api/src/main/java/org/silverpeas/core/notification/message/MessageContainer.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ColumnImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Form.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ProcessModelManagerImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/FormsImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ColumnsImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/errorpageMain.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/AllowedAction.java (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/control/WorkflowDesignerSessionController.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ProcessModelImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Forms.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/DataFolderImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editItem.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editContextualDesignation.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Triggers.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/StatesImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/QualifiedUsersImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/TriggerImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/workflow.jsp (diff)
The file was modifiedcore-api/src/test/java/org/silverpeas/core/notification/message/MessageManagerTest.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/importWorkflow.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editParameter.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ConsequencesImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/JavaScript/forms.js (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editAction.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/RoleImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/FormImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ConsequenceImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editRole.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Action.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/userInfos.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/roles.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/UserInRole.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/actions.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/TimeOutActionImpl.java (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/taglib/RelatedUserList.java (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/taglib/ItemList.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editParticipant.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editQualifiedUsers.jsp (diff)
The file was modifiedcore-api/src/main/java/org/silverpeas/core/notification/message/MessageManager.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/TriggersImpl.java (diff)
The file was modifiedcore-configuration/src/main/config/properties/org/silverpeas/util/security.properties (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/ProcessModelManager.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ParameterImpl.java (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/token/SessionSynchronizerTokenValidator.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/TimeOutAction.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Item.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/QualifiedUsers.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/TimeOutActionsImpl.java (diff)
The file was modifiedcore-web/src/main/java/org/silverpeas/core/web/filter/MessageFilter.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Roles.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/editState.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/participants.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ItemRef.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Participants.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ActionRef.java (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/taglib/ProcessModelButtonPane.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Columns.java (diff)
The file was modifiedcore-web/src/main/java/org/silverpeas/core/web/mvc/route/AdminComponentRequestRouter.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Role.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/welcome.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/Consequences.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/ContextualDesignations.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ActionRefs.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ParticipantsImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/dataFolder.jsp (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/forms.jsp (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/TimeOutActions.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/api/model/RelatedUser.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ActionsImpl.java (diff)
The file was modifiedcore-services/workflow/src/main/java/org/silverpeas/core/workflow/engine/model/ItemImpl.java (diff)
The file was modifiedcore-war/src/main/webapp/workflowDesigner/jsp/check.jsp (diff)
The file was modifiedcore-war/src/main/java/org/silverpeas/web/workflowdesigner/servlets/FunctionHandler.java (diff)

Summary

  1. Fix feature #14941 (details)
  2. Fixe Feature #14941 (details)
  3. Feature #14943 (details)
The file was modifiedaurora/aurora-war/src/main/java/org/silverpeas/looks/aurora/LookAuroraHelper.java (diff)
The file was addedaurora/aurora-war/src/main/webapp/look/jsp/listOfNewsBySubscription.jsp
The file was addedaurora/aurora-war/src/main/webapp/WEB-INF/tags/silverpeas/look/displayNewsSubscribed.tag
The file was modifiedaurora/aurora-war/src/main/webapp/WEB-INF/tags/silverpeas/look/displayNextEvents.tag (diff)
The file was modifiedaurora/aurora-war/src/main/java/org/silverpeas/looks/aurora/LookSettings.java (diff)
The file was modifiedaurora/aurora-war/src/main/webapp/look/jsp/parts/MainNextEventsPart.jsp (diff)
The file was modifiedaurora/aurora-configuration/src/main/config/properties/org/silverpeas/util/viewGenerator/settings/Aurora.properties (diff)