diff --git a/src/java/fr/paris/lutece/portal/business/portlet/PortletHome.java b/src/java/fr/paris/lutece/portal/business/portlet/PortletHome.java index 9df8478360..7605e14871 100644 --- a/src/java/fr/paris/lutece/portal/business/portlet/PortletHome.java +++ b/src/java/fr/paris/lutece/portal/business/portlet/PortletHome.java @@ -41,6 +41,7 @@ import fr.paris.lutece.util.ReferenceList; import jakarta.enterprise.inject.spi.CDI; +import java.lang.reflect.InvocationTargetException; import java.util.Collection; import java.util.List; @@ -73,11 +74,11 @@ public static Portlet findByPrimaryKey( int nKey ) try { - PortletHomeInterface home = (PortletHomeInterface) Class.forName( strHomeClass ).newInstance( ); + PortletHomeInterface home = (PortletHomeInterface) Class.forName( strHomeClass ).getDeclaredConstructor().newInstance( ); p = home.getDAO( ).load( nKey ); p.copy( portlet ); } - catch( IllegalAccessException | InstantiationException | ClassNotFoundException e ) + catch( IllegalAccessException | InstantiationException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/business/role/RoleHome.java b/src/java/fr/paris/lutece/portal/business/role/RoleHome.java index a71b3ab679..11c1eb7a17 100644 --- a/src/java/fr/paris/lutece/portal/business/role/RoleHome.java +++ b/src/java/fr/paris/lutece/portal/business/role/RoleHome.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.business.role; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.util.AppLogService; import fr.paris.lutece.portal.service.util.AppPropertiesService; @@ -201,7 +202,7 @@ private static Role getDefaultRole( ) public static ReferenceList getRolesList( AdminUser user ) { Collection listRoles = RoleHome.findAll( ); - listRoles = AdminWorkgroupService.getAuthorizedCollection( listRoles, user ); + listRoles = AdminWorkgroupService.getAuthorizedCollection( listRoles, ( User ) user ); ReferenceList roleList = new ReferenceList( ); diff --git a/src/java/fr/paris/lutece/portal/business/user/AdminUser.java b/src/java/fr/paris/lutece/portal/business/user/AdminUser.java index be80bdf74a..bf8cd3c077 100644 --- a/src/java/fr/paris/lutece/portal/business/user/AdminUser.java +++ b/src/java/fr/paris/lutece/portal/business/user/AdminUser.java @@ -371,7 +371,7 @@ public void setAccountMaxValidDate( Timestamp accountMaxValidDate ) /** * Returns user's roles * - * @deprecated use getRBACRoles( ) + * @deprecated use getUserRoles( ) * @return Returns user's roles */ @Deprecated diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldDAO.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldDAO.java index 31521599bb..4dda2fd0dd 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldDAO.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldDAO.java @@ -39,6 +39,7 @@ import fr.paris.lutece.util.sql.DAOUtil; import jakarta.enterprise.context.ApplicationScoped; +import java.lang.reflect.InvocationTargetException; import java.sql.Statement; import java.util.ArrayList; import java.util.List; @@ -289,9 +290,9 @@ public List selectUserFieldsByIdUserIdAttribute( int nIdUser, in try { - attribute = (IAttribute) Class.forName( daoUtil.getString( 7 ) ).newInstance( ); + attribute = (IAttribute) Class.forName( daoUtil.getString( 7 ) ).getDeclaredConstructor( ).newInstance( ); } - catch( IllegalAccessException | InstantiationException | ClassNotFoundException e ) + catch( IllegalAccessException | InstantiationException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e ); } @@ -521,9 +522,9 @@ private AdminUserField dataToObject( DAOUtil daoUtil ) try { - attribute = (IAttribute) Class.forName( daoUtil.getString( 14 ) ).newInstance( ); + attribute = (IAttribute) Class.forName( daoUtil.getString( 14 ) ).getDeclaredConstructor( ).newInstance( ); } - catch( ClassNotFoundException | InstantiationException | IllegalAccessException e ) + catch( ClassNotFoundException | InstantiationException | IllegalAccessException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e ); } diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldFilter.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldFilter.java index 5ebb903d1c..357ab260b5 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldFilter.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AdminUserFieldFilter.java @@ -48,6 +48,7 @@ import java.util.List; import java.util.Locale; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -204,7 +205,8 @@ public void setAdminUserFieldFilter( HttpServletRequest request, Locale locale ) if ( strIsSearch != null ) { - List listAttributes = AttributeService.getInstance( ).getAllAttributesWithoutFields( locale ); + AttributeService attributeService = CDI.current( ).select( AttributeService.class ).get( ); + List listAttributes = attributeService.getAllAttributesWithoutFields( locale ); for ( IAttribute attribute : listAttributes ) { diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeCheckBox.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeCheckBox.java index 260b13c0e7..9317dcfdbc 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeCheckBox.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeCheckBox.java @@ -36,7 +36,6 @@ import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; -import fr.paris.lutece.portal.service.user.attribute.AttributeFieldService; import fr.paris.lutece.portal.web.constants.Messages; import org.apache.commons.lang3.StringUtils; @@ -80,6 +79,7 @@ public class AttributeCheckBox extends AbstractAttribute implements ISimpleValue private static final String TEMPLATE_HTML_FORM_SEARCH_ATTRIBUTE = "admin/user/attribute/checkbox/html_code_form_search_attribute_checkbox.html"; private static final String TEMPLATE_HTML_VALUE = "admin/user/attribute/checkbox/html_code_value_attribute_checkbox.html"; + /** * Constructor */ @@ -254,7 +254,8 @@ public List getUserFieldsData( String [ ] strValues, AdminUser u if ( StringUtils.isNotBlank( strValue ) && StringUtils.isNumeric( strValue ) ) { int nIdField = Integer.parseInt( strValue ); - attributeField = AttributeFieldService.getInstance( ).getAttributeField( nIdField ); + attributeField = AttributeFieldHome.findByPrimaryKey( nIdField ); + } else { diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeComboBox.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeComboBox.java index 828b625aea..5a843df2fd 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeComboBox.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeComboBox.java @@ -36,7 +36,6 @@ import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; -import fr.paris.lutece.portal.service.user.attribute.AttributeFieldService; import fr.paris.lutece.portal.web.constants.Messages; import org.apache.commons.lang3.StringUtils; @@ -80,6 +79,7 @@ public class AttributeComboBox extends AbstractAttribute implements ISimpleValue private static final String TEMPLATE_HTML_FORM_SEARCH_ATTRIBUTE = "admin/user/attribute/combobox/html_code_form_search_attribute_combobox.html"; private static final String TEMPLATE_HTML_VALUE = "admin/user/attribute/combobox/html_code_value_attribute_combobox.html"; + /** * Constructor */ @@ -263,7 +263,7 @@ public List getUserFieldsData( String [ ] strValues, AdminUser u if ( StringUtils.isNotBlank( strValue ) && StringUtils.isNumeric( strValue ) ) { int nIdField = Integer.parseInt( strValue ); - attributeField = AttributeFieldService.getInstance( ).getAttributeField( nIdField ); + attributeField = AttributeFieldHome.findByPrimaryKey( nIdField ); } else { diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeDAO.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeDAO.java index 042c613521..f9b5e0fda9 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeDAO.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeDAO.java @@ -39,6 +39,7 @@ import fr.paris.lutece.util.sql.DAOUtil; import jakarta.enterprise.context.ApplicationScoped; +import java.lang.reflect.InvocationTargetException; import java.sql.Statement; import java.util.ArrayList; import java.util.List; @@ -124,9 +125,9 @@ public IAttribute load( int nIdAttribute, Locale locale ) try { - attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).newInstance( ); + attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).getDeclaredConstructor().newInstance( ); } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } @@ -246,9 +247,9 @@ public List selectAll( Locale locale ) try { - attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).newInstance( ); + attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).getDeclaredConstructor().newInstance( ); } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } @@ -304,9 +305,9 @@ public List selectPluginAttributes( String strPluginName, Locale loc try { - attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).newInstance( ); + attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).getDeclaredConstructor().newInstance( ); } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } @@ -356,9 +357,9 @@ public List selectCoreAttributes( Locale locale ) try { - attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).newInstance( ); + attribute = (IAttribute) Class.forName( daoUtil.getString( nIndex++ ) ).getDeclaredConstructor().newInstance( ); } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeFieldDAO.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeFieldDAO.java index 51ce55052c..27314c393e 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeFieldDAO.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeFieldDAO.java @@ -37,6 +37,7 @@ import fr.paris.lutece.util.sql.DAOUtil; import jakarta.enterprise.context.ApplicationScoped; +import java.lang.reflect.InvocationTargetException; import java.sql.Statement; import java.util.ArrayList; import java.util.List; @@ -155,9 +156,9 @@ public IAttribute selectAttributeByIdField( int nIdField ) { try { - attribute = (IAttribute) Class.forName( daoUtil.getString( 1 ) ).newInstance( ); + attribute = (IAttribute) Class.forName( daoUtil.getString( 1 ) ).getDeclaredConstructor().newInstance( ); } - catch( IllegalAccessException | InstantiationException | ClassNotFoundException e ) + catch( IllegalAccessException | InstantiationException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeImage.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeImage.java index 931c071460..e3ee451801 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeImage.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeImage.java @@ -41,7 +41,6 @@ import fr.paris.lutece.portal.service.fileupload.FileUploadService; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; -import fr.paris.lutece.portal.service.user.attribute.AttributeService; import fr.paris.lutece.portal.service.util.AppLogService; import fr.paris.lutece.portal.web.constants.Messages; import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest; @@ -62,6 +61,7 @@ import javax.imageio.ImageIO; import jakarta.enterprise.context.ApplicationScoped; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -100,6 +100,7 @@ public class AttributeImage extends AbstractAttribute private static final String TEMPLATE_HTML_VALUE = "admin/user/attribute/image/html_code_value_attribute_image.html"; private static final String REGEX_ID = "-?[0-9]+"; + /** * Constructor */ @@ -306,7 +307,7 @@ public List getUserFieldsData( HttpServletRequest request, Admin userField.setUser( user ); userField.setAttribute( this ); - AttributeService.getInstance( ).setAttributeField( this ); + this.setListAttributeFields(AttributeFieldHome.selectAttributeFieldsByIdAttribute( this.getIdAttribute( ) )); if ( CollectionUtils.isNotEmpty( getListAttributeFields( ) ) ) { diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeRadioButton.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeRadioButton.java index 3ad72b82a3..806906b80a 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeRadioButton.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeRadioButton.java @@ -36,7 +36,6 @@ import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; -import fr.paris.lutece.portal.service.user.attribute.AttributeFieldService; import fr.paris.lutece.portal.web.constants.Messages; import org.apache.commons.lang3.StringUtils; @@ -80,6 +79,7 @@ public class AttributeRadioButton extends AbstractAttribute implements ISimpleVa private static final String TEMPLATE_HTML_FORM_SEARCH_ATTRIBUTE = "admin/user/attribute/radiobutton/html_code_form_search_attribute_radio_button.html"; private static final String TEMPLATE_HTML_VALUE = "admin/user/attribute/radiobutton/html_code_value_attribute_radio_button.html"; + /** * Constructor */ @@ -248,7 +248,7 @@ public List getUserFieldsData( String [ ] strValues, AdminUser u if ( StringUtils.isNotBlank( strValue ) && StringUtils.isNumeric( strValue ) ) { int nIdField = Integer.parseInt( strValue ); - attributeField = AttributeFieldService.getInstance( ).getAttributeField( nIdField ); + attributeField = AttributeFieldHome.findByPrimaryKey( nIdField ); } else { diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeText.java b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeText.java index 418a6619dc..4c6495e095 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeText.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/AttributeText.java @@ -36,7 +36,6 @@ import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; -import fr.paris.lutece.portal.service.user.attribute.AttributeService; import fr.paris.lutece.portal.web.constants.Messages; import org.apache.commons.collections.CollectionUtils; @@ -86,6 +85,7 @@ public class AttributeText extends AbstractAttribute implements ISimpleValuesAtt private static final String TEMPLATE_HTML_VALUE = "admin/user/attribute/text/html_code_value_attribute_text.html"; private static final String REGEX_ID = "-?[0-9]+"; + /** * Constructor */ @@ -286,7 +286,7 @@ public List getUserFieldsData( String [ ] strValues, AdminUser u { List listUserFields = new ArrayList<>( ); AdminUserField userField = new AdminUserField( ); - AttributeService.getInstance( ).setAttributeField( this ); + this.setListAttributeFields( AttributeFieldHome.selectAttributeFieldsByIdAttribute( this.getIdAttribute( ) ) ); if ( strValues != null ) { diff --git a/src/java/fr/paris/lutece/portal/business/user/attribute/SimpleAdminUserFieldListener.java b/src/java/fr/paris/lutece/portal/business/user/attribute/SimpleAdminUserFieldListener.java index 1d7d4a8cf5..8a7fd59c5b 100644 --- a/src/java/fr/paris/lutece/portal/business/user/attribute/SimpleAdminUserFieldListener.java +++ b/src/java/fr/paris/lutece/portal/business/user/attribute/SimpleAdminUserFieldListener.java @@ -43,6 +43,7 @@ import java.util.List; import java.util.Locale; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -99,7 +100,8 @@ public abstract class SimpleAdminUserFieldListener implements AdminUserFieldList @Override public void doCreateUserFields( AdminUser user, HttpServletRequest request, Locale locale ) { - List listAttributes = AttributeService.getInstance( ).getPluginAttributesWithoutFields( getPlugin( ).getName( ), locale ); + AttributeService attributeService = CDI.current( ).select( AttributeService.class ).get( ); + List listAttributes = attributeService.getPluginAttributesWithoutFields( getPlugin( ).getName( ), locale ); List listUserFields = new ArrayList<>( ); for ( IAttribute attribute : listAttributes ) @@ -129,7 +131,8 @@ public void doCreateUserFields( AdminUser user, HttpServletRequest request, Loca @Override public void doModifyUserFields( AdminUser user, HttpServletRequest request, Locale locale, AdminUser currentUser ) { - List listAttributes = AttributeService.getInstance( ).getPluginAttributesWithoutFields( getPlugin( ).getName( ), locale ); + AttributeService attributeService = CDI.current( ).select( AttributeService.class ).get( ); + List listAttributes = attributeService.getPluginAttributesWithoutFields( getPlugin( ).getName( ), locale ); List listUserFields = new ArrayList<>( ); for ( IAttribute attribute : listAttributes ) diff --git a/src/java/fr/paris/lutece/portal/business/user/menu/AccessibilityModeAdminUserMenuItemProvider.java b/src/java/fr/paris/lutece/portal/business/user/menu/AccessibilityModeAdminUserMenuItemProvider.java index 4c741be5e5..870a995f06 100644 --- a/src/java/fr/paris/lutece/portal/business/user/menu/AccessibilityModeAdminUserMenuItemProvider.java +++ b/src/java/fr/paris/lutece/portal/business/user/menu/AccessibilityModeAdminUserMenuItemProvider.java @@ -37,10 +37,12 @@ import java.util.Map; import jakarta.enterprise.context.ApplicationScoped; +import jakarta.inject.Inject; import jakarta.servlet.http.HttpServletRequest; import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.admin.AdminUserService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.util.html.HtmlTemplate; @@ -53,6 +55,10 @@ public class AccessibilityModeAdminUserMenuItemProvider extends AbstractAdminUse { public static final String TEMPLATE = "admin/user/menu/modify_accessibility_mode.html"; private static final String MARK_USER = "user"; + + @Inject + private transient ISecurityTokenService _securityTokenService; + @Override protected boolean isItemProviderInvoked( HttpServletRequest request ) @@ -66,7 +72,7 @@ public AdminUserMenuItem getItem( HttpServletRequest request ) AdminUser user = AdminUserService.getAdminUser( request ); Map model = new HashMap<>( ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE ) ); + model.put( SecurityTokenService.MARK_TOKEN, _securityTokenService.getToken( request, TEMPLATE ) ); model.put( MARK_USER, user ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE, user.getLocale( ), model ); diff --git a/src/java/fr/paris/lutece/portal/business/user/menu/LanguageAdminUserMenuItemProvider.java b/src/java/fr/paris/lutece/portal/business/user/menu/LanguageAdminUserMenuItemProvider.java index d06dc093ea..864a0741eb 100644 --- a/src/java/fr/paris/lutece/portal/business/user/menu/LanguageAdminUserMenuItemProvider.java +++ b/src/java/fr/paris/lutece/portal/business/user/menu/LanguageAdminUserMenuItemProvider.java @@ -38,11 +38,13 @@ import java.util.Map; import jakarta.enterprise.context.ApplicationScoped; +import jakarta.inject.Inject; import jakarta.servlet.http.HttpServletRequest; import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.admin.AdminUserService; import fr.paris.lutece.portal.service.i18n.I18nService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.util.html.HtmlTemplate; @@ -57,6 +59,9 @@ public class LanguageAdminUserMenuItemProvider extends AbstractAdminUserMenuItem private static final String MARK_CURRENT_LANGUAGE = "current_language"; private static final String MARK_LANGUAGES_LIST = "languages_list"; + @Inject + private transient ISecurityTokenService _securityTokenService; + @Override protected boolean isItemProviderInvoked( HttpServletRequest request ) { @@ -70,7 +75,7 @@ public AdminUserMenuItem getItem( HttpServletRequest request ) Locale locale = user.getLocale( ); Map model = new HashMap<>( ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE ) ); + model.put( SecurityTokenService.MARK_TOKEN, _securityTokenService.getToken( request, TEMPLATE ) ); model.put( MARK_LANGUAGES_LIST, I18nService.getAdminLocales( locale ) ); model.put( MARK_CURRENT_LANGUAGE, locale.getLanguage( ) ); diff --git a/src/java/fr/paris/lutece/portal/service/admin/AdminAuthenticationService.java b/src/java/fr/paris/lutece/portal/service/admin/AdminAuthenticationService.java index 5dea065d56..b5dcbf4bce 100644 --- a/src/java/fr/paris/lutece/portal/service/admin/AdminAuthenticationService.java +++ b/src/java/fr/paris/lutece/portal/service/admin/AdminAuthenticationService.java @@ -195,7 +195,8 @@ public void loginUser( HttpServletRequest request, final String strAccessCode, f { AdminUser user = _authentication.login( strAccessCode, strPassword, request ); - AccessLogService.getInstance( ).info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGIN_ADMINUSER, user, null, CONSTANT_BO ); + AccessLogService accessLogService = CDI.current( ).select( AccessLogService.class ).get( ); + accessLogService.info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGIN_ADMINUSER, user, null, CONSTANT_BO ); try { @@ -231,7 +232,8 @@ public void logoutUser( HttpServletRequest request ) _authentication.logout( user ); unregisterUser( request ); - AccessLogService.getInstance( ).info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGOUT_ADMINUSER, user, null, CONSTANT_BO ); + AccessLogService accessLogService = CDI.current( ).select( AccessLogService.class ).get( ); + accessLogService.info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGOUT_ADMINUSER, user, null, CONSTANT_BO ); } diff --git a/src/java/fr/paris/lutece/portal/service/admin/AdminUserService.java b/src/java/fr/paris/lutece/portal/service/admin/AdminUserService.java index 91e329e5b0..bd2482429f 100644 --- a/src/java/fr/paris/lutece/portal/service/admin/AdminUserService.java +++ b/src/java/fr/paris/lutece/portal/service/admin/AdminUserService.java @@ -58,6 +58,7 @@ import org.apache.commons.lang3.ArrayUtils; import fr.paris.lutece.portal.business.rbac.RBACRole; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.rbac.RBAC; import fr.paris.lutece.portal.business.regularexpression.RegularExpression; import fr.paris.lutece.portal.business.right.Level; @@ -364,7 +365,8 @@ public static List getFilteredUsersInterface( Collection l map.put( String.valueOf( user.getUserId( ) ), listAdminUserFields ); } - List listAttributes = AttributeService.getInstance( ).getAllAttributesWithFields( currentUser.getLocale( ) ); + AttributeService attributeService = CDI.current( ).select( AttributeService.class ).get( ); + List listAttributes = attributeService.getAllAttributesWithFields( currentUser.getLocale( ) ); String strSortSearchAttribute = StringUtils.EMPTY; @@ -398,7 +400,7 @@ public static Map getManageAdvancedParameters( AdminUser user ) Map model = new HashMap<>( ); boolean bPermissionManageAdvancedParameters = RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, - AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, user ); + AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, ( User ) user ); if ( bPermissionManageAdvancedParameters ) { @@ -424,7 +426,8 @@ public static Map getManageAdvancedParameters( AdminUser user ) model.put( MARK_DEFAULT_USER_STATUS, nDefaultUserStatus ); // EMAIL PATTERN - model.put( MARK_PLUGIN_REGULAREXPRESSION, RegularExpressionService.getInstance( ).isAvailable( ) ); + RegularExpressionService regularExpressionService = CDI.current( ).select( RegularExpressionService.class ).get( ); + model.put( MARK_PLUGIN_REGULAREXPRESSION, regularExpressionService.isAvailable( ) ); model.put( MARK_IS_EMAIL_PATTERN_SET_MANUALLY, isEmailPatternSetManually( ) ); model.put( MARK_EMAIL_PATTERN, getEmailPattern( ) ); model.put( MARK_AVAILABLE_REGULAREXPRESSIONS, getAvailableRegularExpressions( ) ); @@ -486,9 +489,10 @@ public static boolean checkEmail( String strEmail ) } else { + RegularExpressionService regularExpressionService = CDI.current( ).select( RegularExpressionService.class ).get( ); for ( RegularExpression regularExpression : getSelectedRegularExpressions( ) ) { - if ( !RegularExpressionService.getInstance( ).isMatches( strEmail, regularExpression ) ) + if ( !regularExpressionService.isMatches( strEmail, regularExpression ) ) { bIsValid = false; @@ -577,6 +581,7 @@ public static String getEmailErrorMessageUrl( HttpServletRequest request ) String emailPatternVerifyBy = DefaultUserParameterHome.findByKey( DSKEY_EMAIL_PATTERN_VERIFY_BY ); String [ ] regularExpressionIds = emailPatternVerifyBy.split( COMMA ); + RegularExpressionService regularExpressionService = CDI.current( ).select( RegularExpressionService.class ).get( ); for ( String strRegularExpressionId : regularExpressionIds ) { String trimedId = strRegularExpressionId.trim( ); @@ -584,7 +589,7 @@ public static String getEmailErrorMessageUrl( HttpServletRequest request ) if ( StringUtils.isNotBlank( trimedId ) && StringUtils.isNumeric( trimedId ) ) { int nRegularExpressionId = Integer.parseInt( trimedId ); - RegularExpression regularExpression = RegularExpressionService.getInstance( ).getRegularExpressionByKey( nRegularExpressionId ); + RegularExpression regularExpression = regularExpressionService.getRegularExpressionByKey( nRegularExpressionId ); if ( regularExpression != null ) { @@ -757,7 +762,8 @@ public static ReferenceList getAvailableRegularExpressions( ) } // Fetch all regular expressions - List listRegularExpression = RegularExpressionService.getInstance( ).getAllRegularExpression( ); + RegularExpressionService regularExpressionService = CDI.current( ).select( RegularExpressionService.class ).get( ); + List listRegularExpression = regularExpressionService.getAllRegularExpression( ); // Get only the expressions that are not already selected for ( RegularExpression regularExpression : listRegularExpression ) @@ -787,6 +793,7 @@ public static List getSelectedRegularExpressions( ) String emailPatternVerifyBy = DefaultUserParameterHome.findByKey( DSKEY_EMAIL_PATTERN_VERIFY_BY ); String [ ] regularExpressionIds = emailPatternVerifyBy.split( COMMA ); + RegularExpressionService regularExpressionService = CDI.current( ).select( RegularExpressionService.class ).get( ); for ( String strRegularExpressionId : regularExpressionIds ) { String trimedId = strRegularExpressionId.trim( ); @@ -794,7 +801,7 @@ public static List getSelectedRegularExpressions( ) if ( StringUtils.isNotBlank( trimedId ) && StringUtils.isNumeric( trimedId ) ) { int nRegularExpressionId = Integer.parseInt( trimedId ); - RegularExpression expression = RegularExpressionService.getInstance( ).getRegularExpressionByKey( nRegularExpressionId ); + RegularExpression expression = regularExpressionService.getRegularExpressionByKey( nRegularExpressionId ); if ( expression != null ) { @@ -815,8 +822,9 @@ public static List getSelectedRegularExpressions( ) private static boolean isEmailPatternSetManually( ) { boolean bIsSetManually = true; + RegularExpressionService regularExpressionService = CDI.current( ).select( RegularExpressionService.class ).get( ); - if ( RegularExpressionService.getInstance( ).isAvailable( ) ) + if ( regularExpressionService.isAvailable( ) ) { String emailPatternVerifyBy = DefaultUserParameterHome.findByKey( DSKEY_EMAIL_PATTERN_VERIFY_BY ); @@ -1216,7 +1224,7 @@ public static void anonymizeUser( int nAdminUserId, Locale locale ) AdminUserHome.removeAllPasswordHistoryForUser( nAdminUserId ); AdminUserHome.update( user ); - AttributeService attributeService = AttributeService.getInstance( ); + AttributeService attributeService = CDI.current( ).select( AttributeService.class ).get( ); List listAllAttributes = attributeService.getAllAttributesWithoutFields( locale ); List listAttributesText = new ArrayList<>( ); diff --git a/src/java/fr/paris/lutece/portal/service/admin/DefaultImportAdminUserService.java b/src/java/fr/paris/lutece/portal/service/admin/DefaultImportAdminUserService.java index 47e6bf263c..bb61c43df5 100644 --- a/src/java/fr/paris/lutece/portal/service/admin/DefaultImportAdminUserService.java +++ b/src/java/fr/paris/lutece/portal/service/admin/DefaultImportAdminUserService.java @@ -68,6 +68,7 @@ import fr.paris.lutece.portal.service.util.AppPathService; import jakarta.enterprise.context.ApplicationScoped; import jakarta.enterprise.inject.spi.CDI; +import jakarta.inject.Inject; /** * Class to import Admin Users from CSV files. @@ -88,7 +89,14 @@ public class DefaultImportAdminUserService extends ImportAdminUserService // Template private static final String TEMPLATE_DEFAULT_IMPORT_USERS_FROM_FILE = "admin/user/import_users_from_file.html"; - private static final AttributeService _attributeService = AttributeService.getInstance( ); + + private transient AttributeService _attributeService; + + @Inject + public DefaultImportAdminUserService( AttributeService attributeService ) + { + _attributeService = attributeService; + } /** * {@inheritDoc} diff --git a/src/java/fr/paris/lutece/portal/service/content/XPageAppService.java b/src/java/fr/paris/lutece/portal/service/content/XPageAppService.java index 64684e972d..40777126ed 100644 --- a/src/java/fr/paris/lutece/portal/service/content/XPageAppService.java +++ b/src/java/fr/paris/lutece/portal/service/content/XPageAppService.java @@ -54,6 +54,7 @@ import org.apache.commons.collections.CollectionUtils; +import java.lang.reflect.InvocationTargetException; import java.util.Collection; import java.util.HashMap; import java.util.List; @@ -114,7 +115,7 @@ public static void registerXPageApplication( XPageApplicationEntry entry ) throw else { // check that the class can be found - Object instance = Class.forName( entry.getClassName( ) ).newInstance( ); + Object instance = Class.forName( entry.getClassName( ) ).getDeclaredConstructor().newInstance( ); SecurityTokenHandler securityTokenHandler = CDI.current( ).select( SecurityTokenHandler.class ).get( ); securityTokenHandler.registerActions( entry.getId( ), ReflectionUtils.getDeclaredMethods( instance.getClass( ) ) ); @@ -123,7 +124,7 @@ public static void registerXPageApplication( XPageApplicationEntry entry ) throw _mapApplications.put( entry.getId( ), entry ); AppLogService.info( "New XPage application registered : {} {}", entry::getId, ( ) -> ( entry.isEnabled( ) ? "" : " (disabled)" ) ); } - catch( ClassNotFoundException | InstantiationException | IllegalAccessException e ) + catch( ClassNotFoundException | InstantiationException | IllegalAccessException | InvocationTargetException | NoSuchMethodException e ) { throw new LuteceInitException( ERROR_INSTANTIATION + entry.getId( ) + " - " + e.getCause( ), e ); } @@ -321,7 +322,7 @@ public static XPageApplication getApplicationInstance( XPageApplicationEntry ent } else { - application = (XPageApplication) Class.forName( entry.getClassName( ) ).newInstance( ); + application = (XPageApplication) Class.forName( entry.getClassName( ) ).getDeclaredConstructor().newInstance( ); } } catch( Exception e ) diff --git a/src/java/fr/paris/lutece/portal/service/daemon/AppDaemonService.java b/src/java/fr/paris/lutece/portal/service/daemon/AppDaemonService.java index e621652f0b..86dd1b4b8f 100644 --- a/src/java/fr/paris/lutece/portal/service/daemon/AppDaemonService.java +++ b/src/java/fr/paris/lutece/portal/service/daemon/AppDaemonService.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.daemon; +import java.lang.reflect.InvocationTargetException; import java.util.Collection; import java.util.HashMap; import java.util.Map; @@ -169,7 +170,7 @@ public static void registerDaemon( DaemonEntry entry ) throws LuteceInitExceptio { entry.loadDaemon( ); } - catch( IllegalAccessException | InstantiationException | ClassNotFoundException e ) + catch( IllegalAccessException | InstantiationException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { throw new LuteceInitException( "Couldn't instantiate daemon: " + entry.getId( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/daemon/DaemonEntry.java b/src/java/fr/paris/lutece/portal/service/daemon/DaemonEntry.java index f7db426e3f..0144e8be07 100644 --- a/src/java/fr/paris/lutece/portal/service/daemon/DaemonEntry.java +++ b/src/java/fr/paris/lutece/portal/service/daemon/DaemonEntry.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.daemon; +import java.lang.reflect.InvocationTargetException; import java.text.SimpleDateFormat; import java.util.Date; import java.util.Locale; @@ -163,9 +164,9 @@ public void setClassName( String strClassName ) * @throws IllegalAccessException * If an error occured */ - public void loadDaemon( ) throws ClassNotFoundException, InstantiationException, IllegalAccessException + public void loadDaemon( ) throws ClassNotFoundException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException { - _daemon = (Daemon) Class.forName( _strClassName ).newInstance( ); + _daemon = (Daemon) Class.forName( _strClassName ).getDeclaredConstructor().newInstance( ); } /** diff --git a/src/java/fr/paris/lutece/portal/service/dashboard/DashboardComponent.java b/src/java/fr/paris/lutece/portal/service/dashboard/DashboardComponent.java index 57efe5295f..90d0056e21 100644 --- a/src/java/fr/paris/lutece/portal/service/dashboard/DashboardComponent.java +++ b/src/java/fr/paris/lutece/portal/service/dashboard/DashboardComponent.java @@ -38,8 +38,7 @@ import fr.paris.lutece.portal.service.plugin.PluginService; import fr.paris.lutece.portal.web.l10n.LocaleService; import java.util.Locale; - -import org.apache.commons.lang3.ObjectUtils; +import java.util.Objects; /** * Dashboard Component @@ -209,7 +208,7 @@ public boolean equals( Object obj ) { IDashboardComponent other = (IDashboardComponent) obj; - return ObjectUtils.equals( this.getName( ), other.getName( ) ); + return Objects.equals( this.getName( ), other.getName( ) ); } return false; @@ -222,7 +221,7 @@ public boolean equals( Object obj ) @Override public int hashCode( ) { - return ObjectUtils.hashCode( this.getName( ) ); + return Objects.hashCode( this.getName( ) ); } /** diff --git a/src/java/fr/paris/lutece/portal/service/dashboard/DashboardService.java b/src/java/fr/paris/lutece/portal/service/dashboard/DashboardService.java index 3d59216e46..236a5457a6 100644 --- a/src/java/fr/paris/lutece/portal/service/dashboard/DashboardService.java +++ b/src/java/fr/paris/lutece/portal/service/dashboard/DashboardService.java @@ -43,6 +43,7 @@ import fr.paris.lutece.util.ReferenceList; import fr.paris.lutece.util.sort.AttributeComparator; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; @@ -140,7 +141,7 @@ public void registerDashboardComponent( DashboardComponentEntry entry, Plugin pl { try { - DashboardComponent dc = (DashboardComponent) Class.forName( entry.getComponentClass( ) ).newInstance( ); + DashboardComponent dc = (DashboardComponent) Class.forName( entry.getComponentClass( ) ).getDeclaredConstructor().newInstance( ); dc.setName( entry.getName( ) ); dc.setRight( entry.getRight( ) ); @@ -157,7 +158,7 @@ public void registerDashboardComponent( DashboardComponentEntry entry, Plugin pl AppLogService.error( " Dashboard Component not registered : {} : {}", entry.getName( ), entry.getComponentClass( ) ); } } - catch( ClassNotFoundException | IllegalAccessException | InstantiationException e ) + catch( ClassNotFoundException | IllegalAccessException | InstantiationException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( "Error registering a DashboardComponent : {}", e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/dashboard/admin/AdminDashboardService.java b/src/java/fr/paris/lutece/portal/service/dashboard/admin/AdminDashboardService.java index 98e0cdc39c..582550c2a8 100644 --- a/src/java/fr/paris/lutece/portal/service/dashboard/admin/AdminDashboardService.java +++ b/src/java/fr/paris/lutece/portal/service/dashboard/admin/AdminDashboardService.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.dashboard.admin; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; @@ -140,7 +141,7 @@ public void registerDashboardComponent( DashboardComponentEntry entry, Plugin pl { try { - IAdminDashboardComponent dc = (IAdminDashboardComponent) Class.forName( entry.getComponentClass( ) ).newInstance( ); + IAdminDashboardComponent dc = (IAdminDashboardComponent) Class.forName( entry.getComponentClass( ) ).getDeclaredConstructor().newInstance( ); dc.setName( entry.getName( ) ); dc.setPlugin( plugin ); @@ -156,7 +157,7 @@ public void registerDashboardComponent( DashboardComponentEntry entry, Plugin pl AppLogService.error( " Admin Dashboard Component not registered : {} : {}", entry.getName( ), entry.getComponentClass( ) ); } } - catch( ClassNotFoundException | InstantiationException | IllegalAccessException e ) + catch( ClassNotFoundException | InstantiationException | IllegalAccessException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( "Error registering an Admin DashboardComponent : {}", e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/fileimage/FileImagePublicService.java b/src/java/fr/paris/lutece/portal/service/fileimage/FileImagePublicService.java index 0d6528aaa8..633d9dca8a 100644 --- a/src/java/fr/paris/lutece/portal/service/fileimage/FileImagePublicService.java +++ b/src/java/fr/paris/lutece/portal/service/fileimage/FileImagePublicService.java @@ -39,7 +39,6 @@ import fr.paris.lutece.portal.business.file.File; import fr.paris.lutece.portal.service.cache.Lutece107Cache; import fr.paris.lutece.portal.service.cache.LuteceCache; -import fr.paris.lutece.portal.service.file.FileService; import fr.paris.lutece.portal.service.file.FileServiceException; import fr.paris.lutece.portal.service.file.IFileStoreServiceProvider; import fr.paris.lutece.portal.service.image.ImageResource; @@ -63,7 +62,9 @@ public class FileImagePublicService implements ImageResourceProvider private Lutece107Cache _cacheFileImage; public static final String IMAGE_RESOURCE_TYPE_ID = "public_image_resource"; - private static final IFileStoreServiceProvider _fileStoreService = FileService.getInstance( ).getFileStoreServiceProvider( ); + + @Inject + private transient IFileStoreServiceProvider _fileStoreService; /** diff --git a/src/java/fr/paris/lutece/portal/service/filter/FilterService.java b/src/java/fr/paris/lutece/portal/service/filter/FilterService.java index 5fa859c447..b2b97df18a 100644 --- a/src/java/fr/paris/lutece/portal/service/filter/FilterService.java +++ b/src/java/fr/paris/lutece/portal/service/filter/FilterService.java @@ -37,6 +37,7 @@ import fr.paris.lutece.portal.service.plugin.Plugin; import fr.paris.lutece.portal.service.util.AppLogService; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -90,7 +91,7 @@ public void registerFilter( FilterEntry entry, Plugin plugin ) { try { - Filter filter = (Filter) Class.forName( entry.getFilterClass( ) ).newInstance( ); + Filter filter = (Filter) Class.forName( entry.getFilterClass( ) ).getDeclaredConstructor().newInstance( ); LuteceFilter f = new LuteceFilter( entry.getName( ), filter, entry.getMappingUrlPattern( ), plugin, entry.getInitParameters( ) ); f.setOrder( entry.getOrder( ) ); _listFilters.add( f ); @@ -101,7 +102,7 @@ public void registerFilter( FilterEntry entry, Plugin plugin ) AppLogService.info( " * init parameter - name : '{}' - value : '{}'", ( ) -> strKey, ( ) -> entry.getInitParameters( ).get( strKey ) ); } } - catch( ClassNotFoundException | IllegalAccessException | InstantiationException e ) + catch( ClassNotFoundException | IllegalAccessException | InstantiationException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( "Error registering a filter : {}", e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/filter/MainFilter.java b/src/java/fr/paris/lutece/portal/service/filter/MainFilter.java index 3a10ae57a4..54e98bc728 100644 --- a/src/java/fr/paris/lutece/portal/service/filter/MainFilter.java +++ b/src/java/fr/paris/lutece/portal/service/filter/MainFilter.java @@ -35,6 +35,7 @@ import java.io.IOException; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.Filter; import jakarta.servlet.FilterChain; import jakarta.servlet.FilterConfig; @@ -71,7 +72,8 @@ public void doFilter( ServletRequest requestServlet, ServletResponse responseSer AppLogService.debug("MainFilter : doFilter() - requested URI = {}", ( ) -> ( ( HttpServletRequest ) requestServlet ).getRequestURI( ) ); - for ( LuteceFilter filter : FilterService.getInstance( ).getFilters( ) ) + FilterService filterService = CDI.current( ).select( FilterService.class ).get( ); + for ( LuteceFilter filter : filterService.getFilters( ) ) { AppLogService.debug( "PluginFilter : {} - url pattern : {}", filter.getName( ), filter.getMappingUrlPattern( ) ); @@ -113,7 +115,8 @@ public void doFilter( ServletRequest requestServlet, ServletResponse responseSer */ public void destroy( ) { - for ( LuteceFilter filter : FilterService.getInstance( ).getFilters( ) ) + FilterService filterService = CDI.current( ).select( FilterService.class ).get( ); + for ( LuteceFilter filter : filterService.getFilters( ) ) { // Catch exception for each filter to execute all chain try diff --git a/src/java/fr/paris/lutece/portal/service/html/XmlTransformerCacheService.java b/src/java/fr/paris/lutece/portal/service/html/XmlTransformerCacheService.java index 2aa85b5785..d2f57ab80f 100644 --- a/src/java/fr/paris/lutece/portal/service/html/XmlTransformerCacheService.java +++ b/src/java/fr/paris/lutece/portal/service/html/XmlTransformerCacheService.java @@ -37,7 +37,6 @@ import fr.paris.lutece.portal.service.cache.CacheService; import fr.paris.lutece.portal.service.cache.CacheableService; import fr.paris.lutece.util.xml.XmlTransformer; -import jakarta.annotation.Priority; import jakarta.enterprise.context.ApplicationScoped; import jakarta.enterprise.context.Initialized; import jakarta.enterprise.event.Observes; @@ -123,33 +122,6 @@ public List getKeys( ) return list; } - /** - * {@inheritDoc } - */ - @Override - public int getMaxElements( ) - { - return XmlTransformer.TRANSFORMER_POOL_SIZE * XmlTransformer.MAX_TRANSFORMER_SIZE; - } - - /** - * {@inheritDoc } - */ - @Override - public long getTimeToLive( ) - { - return 0L; - } - - /** - * {@inheritDoc } - */ - @Override - public long getMemorySize( ) - { - return 0L; - } - /** * {@inheritDoc } */ diff --git a/src/java/fr/paris/lutece/portal/service/includes/PageIncludeService.java b/src/java/fr/paris/lutece/portal/service/includes/PageIncludeService.java index 598521274b..6d8fd024e8 100644 --- a/src/java/fr/paris/lutece/portal/service/includes/PageIncludeService.java +++ b/src/java/fr/paris/lutece/portal/service/includes/PageIncludeService.java @@ -36,6 +36,7 @@ import fr.paris.lutece.portal.service.init.LuteceInitException; import fr.paris.lutece.portal.service.util.AppLogService; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -69,12 +70,12 @@ public static void registerPageInclude( PageIncludeEntry entry ) throws LuteceIn { try { - PageInclude pageInclude = (PageInclude) Class.forName( entry.getClassName( ) ).newInstance( ); + PageInclude pageInclude = (PageInclude) Class.forName( entry.getClassName( ) ).getDeclaredConstructor().newInstance( ); entry.setPageInclude( pageInclude ); _mapPageIncludes.put( entry.getId( ), entry ); AppLogService.info( "New Page Include Service registered : {} {}", entry.getId( ), ( ( !entry.isEnabled( ) ) ? " (disabled)" : "" ) ); } - catch( ClassNotFoundException | IllegalAccessException | InstantiationException e ) + catch( ClassNotFoundException | IllegalAccessException | InstantiationException | InvocationTargetException | NoSuchMethodException e ) { throw new LuteceInitException( e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/insert/InsertService.java b/src/java/fr/paris/lutece/portal/service/insert/InsertService.java index a780274cd6..6c2063455b 100644 --- a/src/java/fr/paris/lutece/portal/service/insert/InsertService.java +++ b/src/java/fr/paris/lutece/portal/service/insert/InsertService.java @@ -41,6 +41,7 @@ import fr.paris.lutece.portal.service.util.AppException; import fr.paris.lutece.portal.web.insert.InsertServiceSelectionBean; +import java.lang.reflect.InvocationTargetException; import java.util.Locale; import jakarta.servlet.http.HttpServletRequest; @@ -214,9 +215,9 @@ public InsertServiceSelectionBean getSelectionActionBean( ) { try { - return (InsertServiceSelectionBean) Class.forName( getActionBeanString( ) ).newInstance( ); + return (InsertServiceSelectionBean) Class.forName( getActionBeanString( ) ).getDeclaredConstructor().newInstance( ); } - catch( ClassNotFoundException | IllegalAccessException | InstantiationException e ) + catch( ClassNotFoundException | IllegalAccessException | InstantiationException | InvocationTargetException | NoSuchMethodException e ) { throw new AppException( "Error instantiating a LinkService Selection Bean : " + e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/page/PageService.java b/src/java/fr/paris/lutece/portal/service/page/PageService.java index 2925336850..fc92276c87 100644 --- a/src/java/fr/paris/lutece/portal/service/page/PageService.java +++ b/src/java/fr/paris/lutece/portal/service/page/PageService.java @@ -57,6 +57,7 @@ import org.apache.logging.log4j.Logger; import org.apache.commons.lang3.BooleanUtils; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.page.Page; import fr.paris.lutece.portal.business.page.PageHome; import fr.paris.lutece.portal.business.page.PageRoleRemovalListener; @@ -944,7 +945,7 @@ public boolean isAuthorizedAdminPage( int nIdPage, String strPermission, AdminUs { String strAuthorizationNode = Integer.toString( page.getIdAuthorizationNode( ) ); - return ( RBACService.isAuthorized( Page.RESOURCE_TYPE, strAuthorizationNode, strPermission, user ) ); + return ( RBACService.isAuthorized( Page.RESOURCE_TYPE, strAuthorizationNode, strPermission, ( User ) user ) ); } return true; @@ -963,7 +964,7 @@ private String addAdminButtons( HttpServletRequest request, Portlet portlet ) { AdminUser user = AdminUserService.getAdminUser( request ); - if ( RBACService.isAuthorized( PortletType.RESOURCE_TYPE, portlet.getPortletTypeId( ), PortletResourceIdService.PERMISSION_MANAGE, user ) ) + if ( RBACService.isAuthorized( PortletType.RESOURCE_TYPE, portlet.getPortletTypeId( ), PortletResourceIdService.PERMISSION_MANAGE, ( User ) user ) ) { Locale locale = user.getLocale( ); Collection listCustomActions = new ArrayList<>( ); diff --git a/src/java/fr/paris/lutece/portal/service/plugin/Plugin.java b/src/java/fr/paris/lutece/portal/service/plugin/Plugin.java index e91b9c8c4f..1fead34c13 100644 --- a/src/java/fr/paris/lutece/portal/service/plugin/Plugin.java +++ b/src/java/fr/paris/lutece/portal/service/plugin/Plugin.java @@ -68,6 +68,7 @@ import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.portal.web.xpages.XPageApplicationEntry; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.Collections; import java.util.Comparator; @@ -390,9 +391,10 @@ protected void registerXPageApplications( ) throws LuteceInitException */ protected void registerFilters( ) throws LuteceInitException { + FilterService filterService = CDI.current( ).select( FilterService.class ).get( ); for ( FilterEntry entry : _listFilters ) { - FilterService.getInstance( ).registerFilter( entry, this ); + filterService.registerFilter( entry, this ); } } @@ -404,9 +406,10 @@ protected void registerFilters( ) throws LuteceInitException */ protected void registerServlets( ) throws LuteceInitException { + ServletService servletService = CDI.current( ).select( ServletService.class ).get( ); for ( ServletEntry entry : _listServlets ) { - ServletService.getInstance( ).registerServlet( entry, this ); + servletService.registerServlet( entry, this ); } } @@ -436,13 +439,13 @@ protected void registerContentServices( ) throws LuteceInitException { try { - ContentService cs = (ContentService) Class.forName( entry.getClassName( ) ).newInstance( ); + ContentService cs = (ContentService) Class.forName( entry.getClassName( ) ).getDeclaredConstructor( ).newInstance( ); cs.setPluginName( getName( ) ); PortalService.registerContentService( cs.getName( ), cs ); } - catch( InstantiationException | ClassNotFoundException | IllegalAccessException e ) + catch( InstantiationException | ClassNotFoundException | IllegalAccessException | InvocationTargetException | NoSuchMethodException e ) { throw new LuteceInitException( e.getMessage( ), e ); } @@ -476,10 +479,10 @@ protected void registerSearchIndexers( ) throws LuteceInitException { try { - SearchIndexer indexer = (SearchIndexer) Class.forName( entry.getClassName( ) ).newInstance( ); + SearchIndexer indexer = (SearchIndexer) Class.forName( entry.getClassName( ) ).getDeclaredConstructor( ).newInstance( ); IndexationService.registerIndexer( indexer ); } - catch( IllegalAccessException | ClassNotFoundException | InstantiationException e ) + catch( IllegalAccessException | ClassNotFoundException | InstantiationException | InvocationTargetException | NoSuchMethodException e ) { throw new LuteceInitException( e.getMessage( ), e ); } @@ -509,9 +512,10 @@ protected void registerPageIncludes( ) throws LuteceInitException */ protected void registerDashboardComponents( ) throws LuteceInitException { + DashboardService dashboardService = CDI.current( ).select( DashboardService.class ).get( ); for ( DashboardComponentEntry entry : _listDashboardComponents ) { - DashboardService.getInstance( ).registerDashboardComponent( entry, this ); + dashboardService.registerDashboardComponent( entry, this ); } } @@ -523,9 +527,10 @@ protected void registerDashboardComponents( ) throws LuteceInitException */ protected void registerAdminDashboardComponents( ) throws LuteceInitException { + AdminDashboardService adminDashboardService = CDI.current( ).select( AdminDashboardService.class ).get( ); for ( DashboardComponentEntry entry : _listAdminDashboardComponents ) { - AdminDashboardService.getInstance( ).registerDashboardComponent( entry, this ); + adminDashboardService.registerDashboardComponent( entry, this ); } } @@ -543,11 +548,11 @@ protected void registerRBACResourceTypes( ) throws LuteceInitException try { - ris = (ResourceIdService) Class.forName( entry.getClassName( ) ).newInstance( ); + ris = (ResourceIdService) Class.forName( entry.getClassName( ) ).getDeclaredConstructor( ).newInstance( ); // Each resource id service should register itself and its permissions ris.register( ); } - catch( InstantiationException | ClassNotFoundException | IllegalAccessException e ) + catch( InstantiationException | ClassNotFoundException | IllegalAccessException | InvocationTargetException | NoSuchMethodException e ) { throw new LuteceInitException( e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/plugin/PluginFile.java b/src/java/fr/paris/lutece/portal/service/plugin/PluginFile.java index e37e10df83..933dbdb306 100644 --- a/src/java/fr/paris/lutece/portal/service/plugin/PluginFile.java +++ b/src/java/fr/paris/lutece/portal/service/plugin/PluginFile.java @@ -33,7 +33,6 @@ */ package fr.paris.lutece.portal.service.plugin; -import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; diff --git a/src/java/fr/paris/lutece/portal/service/portal/StandaloneAppService.java b/src/java/fr/paris/lutece/portal/service/portal/StandaloneAppService.java index 6e9b2c58fd..494209c197 100644 --- a/src/java/fr/paris/lutece/portal/service/portal/StandaloneAppService.java +++ b/src/java/fr/paris/lutece/portal/service/portal/StandaloneAppService.java @@ -33,7 +33,6 @@ */ package fr.paris.lutece.portal.service.portal; -import fr.paris.lutece.plugins.resource.loader.ResourceNotFoundException; import fr.paris.lutece.portal.service.content.ContentService; import fr.paris.lutece.portal.service.content.PageData; import fr.paris.lutece.portal.service.content.XPageAppService; @@ -55,8 +54,6 @@ import fr.paris.lutece.util.html.HtmlTemplate; import fr.paris.lutece.util.http.SecurityUtil; -import java.io.File; - import java.util.Collection; import java.util.HashMap; diff --git a/src/java/fr/paris/lutece/portal/service/prefs/PortalUserPreferenceServiceImpl.java b/src/java/fr/paris/lutece/portal/service/prefs/PortalUserPreferenceServiceImpl.java index 3275eebf49..611486b432 100644 --- a/src/java/fr/paris/lutece/portal/service/prefs/PortalUserPreferenceServiceImpl.java +++ b/src/java/fr/paris/lutece/portal/service/prefs/PortalUserPreferenceServiceImpl.java @@ -35,7 +35,6 @@ import fr.paris.lutece.portal.business.prefs.IPreferencesDAO; import fr.paris.lutece.portal.service.security.LuteceUser; -import jakarta.annotation.PostConstruct; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; diff --git a/src/java/fr/paris/lutece/portal/service/rbac/ResourceType.java b/src/java/fr/paris/lutece/portal/service/rbac/ResourceType.java index 51ac17a51b..d7701c659a 100644 --- a/src/java/fr/paris/lutece/portal/service/rbac/ResourceType.java +++ b/src/java/fr/paris/lutece/portal/service/rbac/ResourceType.java @@ -37,6 +37,7 @@ import fr.paris.lutece.portal.service.i18n.Localizable; import fr.paris.lutece.portal.service.util.AppLogService; +import java.lang.reflect.InvocationTargetException; import java.util.Collection; import java.util.HashMap; import java.util.Locale; @@ -179,14 +180,14 @@ public ResourceIdService getResourceIdService( ) { try { - ResourceIdService service = (ResourceIdService) Class.forName( getResourceIdServiceClass( ) ).newInstance( ); + ResourceIdService service = (ResourceIdService) Class.forName( getResourceIdServiceClass( ) ).getDeclaredConstructor().newInstance( ); if ( service != null ) { service.setPluginName( getPluginName( ) ); return service; } } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/search/IndexationService.java b/src/java/fr/paris/lutece/portal/service/search/IndexationService.java index 6e27cf16d2..76f1d68469 100644 --- a/src/java/fr/paris/lutece/portal/service/search/IndexationService.java +++ b/src/java/fr/paris/lutece/portal/service/search/IndexationService.java @@ -128,7 +128,7 @@ public static void init( ) throws LuteceInitException try { - _analyzer = (Analyzer) Class.forName( strAnalyserClassName ).newInstance( ); + _analyzer = (Analyzer) Class.forName( strAnalyserClassName ).getDeclaredConstructor().newInstance( ); } catch( Exception e ) { diff --git a/src/java/fr/paris/lutece/portal/service/security/LuteceUser.java b/src/java/fr/paris/lutece/portal/service/security/LuteceUser.java index e15e31076a..c8bbcf9b64 100644 --- a/src/java/fr/paris/lutece/portal/service/security/LuteceUser.java +++ b/src/java/fr/paris/lutece/portal/service/security/LuteceUser.java @@ -44,8 +44,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; - -import org.apache.commons.lang3.ObjectUtils; +import java.util.Objects; /** * This Interface defines all methods required for a Lutece user implementation @@ -226,7 +225,7 @@ public final String getUserInfo( String key ) public boolean equals( Object object ) { // FIXME : use LuteceUser property instead of object.toString() - return ObjectUtils.equals( this.toString( ), ObjectUtils.toString( object ) ); + return Objects.equals( this, object ); } /** diff --git a/src/java/fr/paris/lutece/portal/service/security/SecurityService.java b/src/java/fr/paris/lutece/portal/service/security/SecurityService.java index 9bab3a12b9..5986709b35 100644 --- a/src/java/fr/paris/lutece/portal/service/security/SecurityService.java +++ b/src/java/fr/paris/lutece/portal/service/security/SecurityService.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.security; +import java.lang.reflect.InvocationTargetException; import java.security.Principal; import java.util.Collection; import java.util.Enumeration; @@ -266,19 +267,20 @@ public void loginUser( HttpServletRequest request, final String strUserName, fin LuteceUser user = _authenticationService.login( strUserName, strPassword, request ); _authenticationService.updateDateLastLogin( user, request ); + AccessLogService accessLogService = CDI.current( ).select( AccessLogService.class ).get( ); if ( _authenticationService.findResetPassword( request, strUserName ) ) { String redirect = _authenticationService.getResetPasswordPageUrl( request ); registerUser( request, user ); - AccessLogService.getInstance( ).info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGIN_USER, user, null, CONSTANT_FO ); + accessLogService.info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGIN_USER, user, null, CONSTANT_FO ); throw new LoginRedirectException( redirect ); } registerUser( request, user ); - AccessLogService.getInstance( ).info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGIN_USER, user, null, CONSTANT_FO ); + accessLogService.info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGIN_USER, user, null, CONSTANT_FO ); } @@ -308,7 +310,9 @@ public void logoutUser( HttpServletRequest request ) session.invalidate(); } CDI.current( ).getBeanManager( ).getEvent( ).fire( new LuteceUserEvent( user, LuteceUserEvent.EventType.LOGOUT ) ); - AccessLogService.getInstance( ).info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGOUT_USER, user, null, CONSTANT_FO ); + + AccessLogService accessLogService = CDI.current( ).select( AccessLogService.class ).get( ); + accessLogService.info( AccessLoggerConstants.EVENT_TYPE_CONNECT, CONSTANT_ACTION_LOGOUT_USER, user, null, CONSTANT_FO ); } /** @@ -327,10 +331,10 @@ private static LuteceAuthentication getPortalAuthentication( ) throws LuteceInit { try { - authentication = (LuteceAuthentication) Class.forName( strAuthenticationClass ).newInstance( ); + authentication = (LuteceAuthentication) Class.forName( strAuthenticationClass ).getDeclaredConstructor().newInstance( ); AppLogService.info( "Authentication service loaded : {}", authentication.getAuthServiceName( ) ); } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { throw new LuteceInitException( "Error instantiating Authentication Class", e ); } diff --git a/src/java/fr/paris/lutece/portal/service/servlet/MainServlet.java b/src/java/fr/paris/lutece/portal/service/servlet/MainServlet.java index 9e4328c9c9..d1c9abf93a 100644 --- a/src/java/fr/paris/lutece/portal/service/servlet/MainServlet.java +++ b/src/java/fr/paris/lutece/portal/service/servlet/MainServlet.java @@ -37,6 +37,7 @@ import java.io.IOException; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.Servlet; import jakarta.servlet.ServletConfig; import jakarta.servlet.ServletException; @@ -72,7 +73,8 @@ public void service( ServletRequest requestServlet, ServletResponse responseServ HttpServletRequest request = (HttpServletRequest) requestServlet; HttpServletResponse response = (HttpServletResponse) responseServlet; - for ( LuteceServlet servlet : ServletService.getInstance( ).getServlets( ) ) + ServletService servletService = CDI.current( ).select( ServletService.class ).get( ); + for ( LuteceServlet servlet : servletService.getServlets( ) ) { AppLogService.debug( "PluginServlet : {} - url pattern : {}", servlet.getName( ), servlet.getMappingUrlPattern( ) ); @@ -97,7 +99,8 @@ public void service( ServletRequest requestServlet, ServletResponse responseServ @Override public void destroy( ) { - for ( LuteceServlet servlet : ServletService.getInstance( ).getServlets( ) ) + ServletService servletService = CDI.current( ).select( ServletService.class ).get( ); + for ( LuteceServlet servlet : servletService.getServlets( ) ) { // Catch exception for each servlet to execute all chain try diff --git a/src/java/fr/paris/lutece/portal/service/servlet/ServletService.java b/src/java/fr/paris/lutece/portal/service/servlet/ServletService.java index c3a1d1cf3e..1130099b81 100644 --- a/src/java/fr/paris/lutece/portal/service/servlet/ServletService.java +++ b/src/java/fr/paris/lutece/portal/service/servlet/ServletService.java @@ -37,6 +37,7 @@ import fr.paris.lutece.portal.service.plugin.Plugin; import fr.paris.lutece.portal.service.util.AppLogService; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.List; @@ -89,7 +90,7 @@ public void registerServlet( ServletEntry entry, Plugin plugin ) { try { - HttpServlet servlet = (HttpServlet) Class.forName( entry.getServletClass( ) ).newInstance( ); + HttpServlet servlet = (HttpServlet) Class.forName( entry.getServletClass( ) ).getDeclaredConstructor().newInstance( ); LuteceServlet s = new LuteceServlet( entry.getName( ), servlet, entry.getMappingUrlPattern( ), plugin, entry.getInitParameters( ) ); _listServlets.add( s ); AppLogService.info( "New Servlet registered : {}", entry.getName( ) ); @@ -99,7 +100,7 @@ public void registerServlet( ServletEntry entry, Plugin plugin ) AppLogService.info( " * init parameter - name : '{}' - value : '{}'", strKey, entry.getInitParameters( ).get( strKey ) ); } } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( "Error registering a servlet : {}", e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/sessionlistener/HttpSessionListenerService.java b/src/java/fr/paris/lutece/portal/service/sessionlistener/HttpSessionListenerService.java index 40328cfc46..ae4b3581aa 100644 --- a/src/java/fr/paris/lutece/portal/service/sessionlistener/HttpSessionListenerService.java +++ b/src/java/fr/paris/lutece/portal/service/sessionlistener/HttpSessionListenerService.java @@ -35,6 +35,7 @@ import fr.paris.lutece.portal.service.util.AppLogService; +import java.lang.reflect.InvocationTargetException; import java.util.ArrayList; import java.util.List; @@ -68,11 +69,11 @@ public static void registerListener( HttpSessionListenerEntry entry ) try { - HttpSessionListener listener = (HttpSessionListener) Class.forName( strListenerClass ).newInstance( ); + HttpSessionListener listener = (HttpSessionListener) Class.forName( strListenerClass ).getDeclaredConstructor().newInstance( ); LIST_LISTENERS.add( listener ); AppLogService.info( "New Listener registered : {}", strListenerClass ); } - catch( InstantiationException | IllegalAccessException | ClassNotFoundException e ) + catch( InstantiationException | IllegalAccessException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( "Error registering the listener {} : {}", strListenerClass, e.getMessage( ), e ); } diff --git a/src/java/fr/paris/lutece/portal/service/user/attribute/AdminUserFieldService.java b/src/java/fr/paris/lutece/portal/service/user/attribute/AdminUserFieldService.java index f740f7f3f0..7432def847 100644 --- a/src/java/fr/paris/lutece/portal/service/user/attribute/AdminUserFieldService.java +++ b/src/java/fr/paris/lutece/portal/service/user/attribute/AdminUserFieldService.java @@ -70,7 +70,7 @@ public final class AdminUserFieldService // PARAMETERS private static final String PARAMETER_ATTRIBUTE = "attribute"; private static final String PARAMETER_UPDATE_ATTRIBUTE = "update_attribute"; - private static final AttributeService _attributeService = AttributeService.getInstance( ); + private static final AttributeService _attributeService = CDI.current( ).select( AttributeService.class ).get( ); /** * Instantiates a new admin user field service. diff --git a/src/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrar.java b/src/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrar.java index 8e0bfbf620..2fd56cb11f 100644 --- a/src/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrar.java +++ b/src/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrar.java @@ -35,6 +35,8 @@ +import java.lang.reflect.InvocationTargetException; + import fr.paris.lutece.portal.business.user.menu.IAdminUserMenuItemProvider; /** @@ -89,10 +91,10 @@ public void setService( AdminUserMenuService service ) { * @throws ClassNotFoundException * if the class cannot be found */ - public void setClassName( String strClassName ) throws InstantiationException, IllegalAccessException, ClassNotFoundException + public void setClassName( String strClassName ) throws InstantiationException, IllegalAccessException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { assertItemProviderNotSet( ); - _provider = (IAdminUserMenuItemProvider) Class.forName( strClassName ).newInstance( ); + _provider = (IAdminUserMenuItemProvider) Class.forName( strClassName ).getDeclaredConstructor().newInstance( ); } /** diff --git a/src/java/fr/paris/lutece/portal/service/util/FileSorterUtil.java b/src/java/fr/paris/lutece/portal/service/util/FileSorterUtil.java index ed64a9fc25..17c98a3e8c 100644 --- a/src/java/fr/paris/lutece/portal/service/util/FileSorterUtil.java +++ b/src/java/fr/paris/lutece/portal/service/util/FileSorterUtil.java @@ -1,6 +1,5 @@ package fr.paris.lutece.portal.service.util; -import java.util.Comparator; import java.util.List; import java.util.stream.Collectors; diff --git a/src/java/fr/paris/lutece/portal/service/util/LoggerInfo.java b/src/java/fr/paris/lutece/portal/service/util/LoggerInfo.java index da1fae52d6..4d039eeea9 100644 --- a/src/java/fr/paris/lutece/portal/service/util/LoggerInfo.java +++ b/src/java/fr/paris/lutece/portal/service/util/LoggerInfo.java @@ -33,7 +33,6 @@ */ package fr.paris.lutece.portal.service.util; -import org.apache.logging.log4j.Level; /** * The Class Logger. diff --git a/src/java/fr/paris/lutece/portal/web/PortalJspBean.java b/src/java/fr/paris/lutece/portal/web/PortalJspBean.java index 524fb7395a..fda3d4bef6 100644 --- a/src/java/fr/paris/lutece/portal/web/PortalJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/PortalJspBean.java @@ -78,6 +78,7 @@ import jakarta.enterprise.context.ApplicationScoped; import jakarta.enterprise.inject.spi.CDI; +import jakarta.inject.Inject; import jakarta.inject.Named; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpSession; @@ -132,6 +133,9 @@ public class PortalJspBean private static final String PROPERTY_DEBUG_DEFAULT = "true"; private static final String CONSTANT_SPACE = " "; private static final String KEY_WEBMASTER_EMAIL = "portal.site.site_property.noreply_email"; + + @Inject + private ISiteMessageHandler _handler; /** * Returns the content of a page according to the parameters found in the http request. One distinguishes article, page and xpage and the mode. @@ -247,11 +251,9 @@ public String getSiteMessageContent( HttpServletRequest request, int nMode ) return getStartUpFailurePage( request ); } - ISiteMessageHandler handler = CDI.current().select(ISiteMessageHandler.class).get(); - - if ( handler.hasMessage( request ) ) + if ( _handler.hasMessage( request ) ) { - strContent = handler.getPage( request, nMode ); + strContent = _handler.getPage( request, nMode ); } return strContent; @@ -557,6 +559,8 @@ public static String sendResource( HttpServletRequest request ) throws SiteMessa if ( ( strSend != null ) && ( strError == null ) ) { + EditorBbcodeService editorBbcodeService = CDI.current( ).select( EditorBbcodeService.class ).get( ); + Map mailModel = new HashMap<>( ); mailModel.put( Markers.BASE_URL, AppPathService.getBaseUrl( request ) ); mailModel.put( MARK_RESOURCE, resource ); @@ -564,7 +568,7 @@ public static String sendResource( HttpServletRequest request ) throws SiteMessa mailModel.put( PARAMETER_SENDER_NAME, strSenderName ); mailModel.put( PARAMETER_SENDER_FIRST_NAME, strSenderFirstName ); mailModel.put( Parameters.EMAIL, strReceipientEmail ); - mailModel.put( PARAMETER_CONTENT, EditorBbcodeService.getInstance( ).parse( strContent ) ); + mailModel.put( PARAMETER_CONTENT, editorBbcodeService.parse( strContent ) ); mailModel.put( MARK_RESOURCE_URL, resourceService.getResourceUrl( strIdExtendableResource, strExtendableResourceType ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_EMAIL_SEND_RESOURCE, request.getLocale( ), mailModel ); diff --git a/src/java/fr/paris/lutece/portal/web/admin/AdminFeaturesPageJspBean.java b/src/java/fr/paris/lutece/portal/web/admin/AdminFeaturesPageJspBean.java index c9b510194c..86be283214 100644 --- a/src/java/fr/paris/lutece/portal/web/admin/AdminFeaturesPageJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/admin/AdminFeaturesPageJspBean.java @@ -40,6 +40,7 @@ import fr.paris.lutece.portal.service.admin.AdminUserService; import fr.paris.lutece.portal.service.admin.PasswordResetException; import fr.paris.lutece.portal.service.i18n.I18nService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.portal.service.util.AppPathService; import fr.paris.lutece.portal.service.util.AppPropertiesService; @@ -57,6 +58,8 @@ import java.util.Map; import java.util.Set; +import jakarta.enterprise.inject.spi.CDI; +import jakarta.inject.Inject; import jakarta.servlet.http.HttpServletRequest; import jakarta.validation.ConstraintViolation; @@ -100,6 +103,9 @@ public abstract class AdminFeaturesPageJspBean implements Serializable private Locale _locale; private AdminUser _user; + @Inject + private transient ISecurityTokenService _securityTokenService; + /** * Initialize the jspbean data Allows to set the feature url and feature title associated * @@ -263,6 +269,16 @@ public String getAdminPage( String strContent ) return template.getHtml( ); } + /** + * Returns the SecurityTokenService instance by privileging direct injection. Used during complete transition do CDI XPages. + * + * @return the SecurityTokenService instance + */ + public ISecurityTokenService getSecurityTokenService( ) + { + return null != _securityTokenService ? _securityTokenService : CDI.current( ).select( ISecurityTokenService.class ).get( ); + } + /** * Populate a bean using parameters in http request * diff --git a/src/java/fr/paris/lutece/portal/web/admin/AdminMapJspBean.java b/src/java/fr/paris/lutece/portal/web/admin/AdminMapJspBean.java index 8dc80b60cc..91af7ec45e 100644 --- a/src/java/fr/paris/lutece/portal/web/admin/AdminMapJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/admin/AdminMapJspBean.java @@ -33,13 +33,13 @@ */ package fr.paris.lutece.portal.web.admin; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.XmlContent; import fr.paris.lutece.portal.business.page.Page; import fr.paris.lutece.portal.business.page.PageHome; import fr.paris.lutece.portal.business.portalcomponent.PortalComponentHome; import fr.paris.lutece.portal.business.style.ModeHome; import fr.paris.lutece.portal.business.stylesheet.StyleSheet; -import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.admin.AdminUserService; import fr.paris.lutece.portal.service.html.XmlTransformerService; import fr.paris.lutece.portal.service.page.PageResourceIdService; @@ -153,7 +153,7 @@ private void findPages( HttpServletRequest request, StringBuffer strXmlArboresce { Page page = PageHome.getPage( nPageId ); - AdminUser user = AdminUserService.getAdminUser( request ); + User user = AdminUserService.getAdminUser( request ); String strPageId = Integer.toString( nPageId ); boolean bAuthorizationPage; diff --git a/src/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBean.java b/src/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBean.java index 503befda09..fba2761e73 100644 --- a/src/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBean.java @@ -71,6 +71,7 @@ import fr.paris.lutece.portal.service.plugin.Plugin; import fr.paris.lutece.portal.service.plugin.PluginService; import fr.paris.lutece.portal.service.portal.PortalService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.portal.service.user.menu.AdminUserMenuService; @@ -148,6 +149,8 @@ public class AdminMenuJspBean implements Serializable private static Logger _loggerAccess = LogManager.getLogger( LOGGER_ACCESS ); @Inject private transient DashboardService _dashboardService; + @Inject + private transient ISecurityTokenService _securityTokenService; /** * Returns the Administration header menu @@ -375,7 +378,7 @@ private List getFeatureGroupsList( AdminUser user ) */ public String doChangeLanguage( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, LanguageAdminUserMenuItemProvider.TEMPLATE ) ) + if ( !_securityTokenService.validate( request, LanguageAdminUserMenuItemProvider.TEMPLATE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -430,7 +433,7 @@ public String getModifyDefaultAdminUserPassword( HttpServletRequest request ) Locale locale = user.getLocale( ); Map model = new HashMap<>( ); model.put( MARK_MINIMUM_PASSWORD_SIZE, AdminUserService.getIntegerSecurityParameter( AdminUserService.DSKEY_PASSWORD_MINIMUM_LENGTH ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_PASSWORD_DEFAULT_MODULE ) ); + model.put( SecurityTokenService.MARK_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MODIFY_PASSWORD_DEFAULT_MODULE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_PASSWORD_DEFAULT_MODULE, locale, model ); return template.getHtml( ); @@ -487,7 +490,7 @@ public String doModifyDefaultAdminUserPassword( HttpServletRequest request ) thr { return AdminMessageService.getMessageUrl( request, PASSWORD_CURRENT_ERROR, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_PASSWORD_DEFAULT_MODULE ) ) + if ( !_securityTokenService.validate( request, TEMPLATE_MODIFY_PASSWORD_DEFAULT_MODULE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -515,7 +518,7 @@ public String doModifyDefaultAdminUserPassword( HttpServletRequest request ) thr */ public String doModifyAccessibilityMode( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, AccessibilityModeAdminUserMenuItemProvider.TEMPLATE ) ) + if ( !_securityTokenService.validate( request, AccessibilityModeAdminUserMenuItemProvider.TEMPLATE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/admin/AdminPageJspBean.java b/src/java/fr/paris/lutece/portal/web/admin/AdminPageJspBean.java index 083376e762..4e39ddc96f 100644 --- a/src/java/fr/paris/lutece/portal/web/admin/AdminPageJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/admin/AdminPageJspBean.java @@ -47,6 +47,7 @@ import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang3.StringUtils; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.page.Page; import fr.paris.lutece.portal.business.page.PageHome; import fr.paris.lutece.portal.business.portlet.PortletType; @@ -254,7 +255,7 @@ public String doModifyPage( HttpServletRequest request ) throws AccessDeniedExce return strErrorUrl; } - if ( !SecurityTokenService.getInstance( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY ) ) + if ( !getSecurityTokenService( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_PROPERTY ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -371,7 +372,7 @@ public String getRemovePage( HttpServletRequest request ) } Map parameters = new HashMap<>( ); parameters.put( Parameters.PAGE_ID, strPageId ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_REMOVE_PAGE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_REMOVE_PAGE ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_PAGE, new Object [ ] { page.getName( ) @@ -409,7 +410,7 @@ public String doRemovePage( HttpServletRequest request ) throws AccessDeniedExce page.getName( ), list.size( ) }, JSP_PATH + getUrlPage( nPageId ), AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_REMOVE_PAGE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_REMOVE_PAGE ) ) { throw new AccessDeniedException( "Invalid CSRF token" ); } @@ -447,7 +448,7 @@ public String doCreateChildPage( HttpServletRequest request ) throws AccessDenie { return strErrorUrl; } - if ( !SecurityTokenService.getInstance( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE ) ) + if ( !getSecurityTokenService( ).validate( mRequest, TEMPLATE_ADMIN_PAGE_BLOCK_CHILDPAGE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -629,7 +630,7 @@ private String getAdminPageBlockProperty( Page page, int nParamBlock, Map getPortletTypeList( AdminUser user ) { List listPortletType = PortletTypeHome.getPortletTypesList( getLocale( ) ); - return RBACService.getAuthorizedCollection( listPortletType, PortletResourceIdService.PERMISSION_CREATE, user ); + return RBACService.getAuthorizedCollection( listPortletType, PortletResourceIdService.PERMISSION_CREATE, ( User ) user ); } /** diff --git a/src/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBean.java b/src/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBean.java index 76b17e603f..4c8ec7ba15 100644 --- a/src/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBean.java @@ -44,11 +44,11 @@ import org.apache.commons.lang3.StringUtils; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.portlet.Portlet; import fr.paris.lutece.portal.business.portlet.PortletHome; import fr.paris.lutece.portal.business.portlet.PortletType; import fr.paris.lutece.portal.business.portlet.PortletTypeHome; -import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.admin.AdminUserService; import fr.paris.lutece.portal.service.message.AdminMessage; @@ -171,7 +171,7 @@ public String getRemovePortlet( HttpServletRequest request ) throws AccessDenied nPortletId }, AdminMessage.TYPE_ERROR ); } - AdminUser user = AdminUserService.getAdminUser( request ); + User user = AdminUserService.getAdminUser( request ); if ( !RBACService.isAuthorized( PortletType.RESOURCE_TYPE, portlet.getPortletTypeId( ), PortletResourceIdService.PERMISSION_MANAGE, user ) ) { throw new AccessDeniedException( getMessageErrorAuthorization( user, PortletResourceIdService.PERMISSION_MANAGE, nPortletId ) ); @@ -180,7 +180,7 @@ public String getRemovePortlet( HttpServletRequest request ) throws AccessDenied String strTarget = "_top"; Map parameters = new HashMap<>( ); parameters.put( Parameters.PORTLET_ID, strPortletId ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_REMOVE_PORTLET ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_REMOVE_PORTLET ) ); if ( PortletHome.hasAlias( nPortletId ) ) { @@ -239,11 +239,11 @@ public String doRemovePortlet( HttpServletRequest request ) throws AccessDeniedE nPortletId }, AdminMessage.TYPE_ERROR ); } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_REMOVE_PORTLET ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_REMOVE_PORTLET ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } - AdminUser user = AdminUserService.getAdminUser( request ); + User user = AdminUserService.getAdminUser( request ); if ( !RBACService.isAuthorized( PortletType.RESOURCE_TYPE, portlet.getPortletTypeId( ), PortletResourceIdService.PERMISSION_MANAGE, user ) ) { throw new AccessDeniedException( getMessageErrorAuthorization( user, PortletResourceIdService.PERMISSION_MANAGE, nPortletId ) ); @@ -299,7 +299,7 @@ public String getModifyPortletStatus( HttpServletRequest request ) throws Access nStatus }, AdminMessage.TYPE_ERROR ); } - AdminUser user = AdminUserService.getAdminUser( request ); + User user = AdminUserService.getAdminUser( request ); if ( !RBACService.isAuthorized( PortletType.RESOURCE_TYPE, portlet.getPortletTypeId( ), PortletResourceIdService.PERMISSION_MANAGE, user ) ) { throw new AccessDeniedException( getMessageErrorAuthorization( user, PortletResourceIdService.PERMISSION_MANAGE, nPortletId ) ); @@ -310,7 +310,7 @@ public String getModifyPortletStatus( HttpServletRequest request ) throws Access Map parameters = new HashMap<>( ); parameters.put( Parameters.PORTLET_ID, strPortletId ); parameters.put( PORTLET_STATUS, strStatus ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_DO_MODIFY_STATUS ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_DO_MODIFY_STATUS ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_MODIFY_STATUS, null, null, strUrl, strTarget, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -326,7 +326,7 @@ public String getModifyPortletStatus( HttpServletRequest request ) throws Access */ public String doModifyPortletStatus( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_DO_MODIFY_STATUS ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_DO_MODIFY_STATUS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -359,7 +359,7 @@ public String doModifyPortletStatus( HttpServletRequest request ) throws AccessD nStatus }, AdminMessage.TYPE_ERROR ); } - AdminUser user = AdminUserService.getAdminUser( request ); + User user = AdminUserService.getAdminUser( request ); if ( !RBACService.isAuthorized( PortletType.RESOURCE_TYPE, portlet.getPortletTypeId( ), PortletResourceIdService.PERMISSION_MANAGE, user ) ) { throw new AccessDeniedException( getMessageErrorAuthorization( user, PortletResourceIdService.PERMISSION_MANAGE, nPortletId ) ); @@ -414,7 +414,7 @@ public String doUpdatePortletPosition( HttpServletRequest request ) throws Acces } - private static String getMessageErrorAuthorization( AdminUser user, String permission, int nPortletId ) + private static String getMessageErrorAuthorization( User user, String permission, int nPortletId ) { return "User " + user + " is not authorized to permission " + permission + " on portlet " + nPortletId; } diff --git a/src/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBean.java b/src/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBean.java index 1105c69dab..8d2c5ea39b 100644 --- a/src/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBean.java @@ -152,7 +152,7 @@ public String getManageDashboards( HttpServletRequest request ) model.put( MARK_MAP_AVAILABLE_ORDERS, getMapAvailableOrders( ) ); model.put( MARK_LIST_AVAILABLE_COLUMNS, getListAvailableColumns( ) ); model.put( MARK_MAP_COLUMN_ORDER_STATUS, _adminDashboardService.getOrderedColumnsStatus( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DASHBOARDS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MANAGE_DASHBOARDS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_DASHBOARDS, user.getLocale( ), model ); @@ -189,7 +189,7 @@ public String doReorderColumn( HttpServletRequest request ) throws AccessDeniedE return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -240,7 +240,7 @@ public String doMoveAdminDashboard( HttpServletRequest request ) throws AccessDe nOldOrder = dashboard.getOrder( ); nOldColumn = dashboard.getZone( ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/dashboard/AdminHomePageManagementComponent.java b/src/java/fr/paris/lutece/portal/web/dashboard/AdminHomePageManagementComponent.java index 315aae6c02..746d0a72c7 100644 --- a/src/java/fr/paris/lutece/portal/web/dashboard/AdminHomePageManagementComponent.java +++ b/src/java/fr/paris/lutece/portal/web/dashboard/AdminHomePageManagementComponent.java @@ -37,6 +37,7 @@ import java.util.List; import java.util.Map; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; import fr.paris.lutece.portal.business.user.AdminUser; @@ -44,6 +45,7 @@ import fr.paris.lutece.portal.service.dashboard.IDashboardComponent; import fr.paris.lutece.portal.service.dashboard.admin.AdminDashboardComponent; import fr.paris.lutece.portal.service.i18n.I18nService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.util.html.HtmlTemplate; @@ -64,7 +66,7 @@ public class AdminHomePageManagementComponent extends AdminDashboardComponent private static final String MARK_MAP_AVAILABLE_ORDERS = "map_available_orders"; private static final String MARK_MAP_COLUMN_ORDER_STATUS = "map_column_order_status"; - private DashboardService _service = DashboardService.getInstance( ); + private DashboardService _service = CDI.current( ).select( DashboardService.class ).get( ); /** * {@inheritDoc} @@ -73,6 +75,7 @@ public class AdminHomePageManagementComponent extends AdminDashboardComponent public String getDashboardData( AdminUser user, HttpServletRequest request ) { Map model = new HashMap<>( ); + ISecurityTokenService securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); Map> mapDashboards = _service.getAllSetDashboards( user ); @@ -90,7 +93,7 @@ public String getDashboardData( AdminUser user, HttpServletRequest request ) model.put( MARK_MAP_AVAILABLE_ORDERS, _service.getMapAvailableOrders( ) ); model.put( MARK_LIST_AVAILABLE_COLUMNS, _service.getListAvailableColumns( ) ); model.put( MARK_MAP_COLUMN_ORDER_STATUS, _service.getOrderedColumnsStatus( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DASHBOARDS ) ); + model.put( SecurityTokenService.MARK_TOKEN, securityTokenService.getToken( request, TEMPLATE_MANAGE_DASHBOARDS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_DASHBOARDS, user.getLocale( ), model ); diff --git a/src/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBean.java b/src/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBean.java index 5555fccbac..5305b25729 100644 --- a/src/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBean.java @@ -47,7 +47,6 @@ import fr.paris.lutece.portal.service.dashboard.IDashboardComponent; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; -import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.AppLogService; import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean; import fr.paris.lutece.portal.web.constants.Messages; @@ -111,7 +110,7 @@ public String doReorderColumn( HttpServletRequest request ) throws AccessDeniedE return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -162,7 +161,7 @@ public String doMoveDashboard( HttpServletRequest request ) throws AccessDeniedE nOldOrder = dashboard.getOrder( ); nOldColumn = dashboard.getZone( ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/download/AbstractDownloadServlet.java b/src/java/fr/paris/lutece/portal/web/download/AbstractDownloadServlet.java index 3c431ea579..104e0da41b 100644 --- a/src/java/fr/paris/lutece/portal/web/download/AbstractDownloadServlet.java +++ b/src/java/fr/paris/lutece/portal/web/download/AbstractDownloadServlet.java @@ -36,6 +36,7 @@ import java.io.IOException; import java.io.OutputStream; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; @@ -63,7 +64,8 @@ public abstract class AbstractDownloadServlet extends HttpServlet protected void doGet( HttpServletRequest request, HttpServletResponse response ) throws ServletException, IOException { File file = null; - IFileStoreServiceProvider fileStoreServiceProvider = FileService.getInstance( ) + FileService fileService = CDI.current( ).select( FileService.class ).get( ); + IFileStoreServiceProvider fileStoreServiceProvider = fileService .getFileStoreServiceProvider( request.getParameter( FileService.PARAMETER_PROVIDER ) ); try diff --git a/src/java/fr/paris/lutece/portal/web/editor/EditorAdminDashboardComponent.java b/src/java/fr/paris/lutece/portal/web/editor/EditorAdminDashboardComponent.java index 9a4b18c326..3be951a1dc 100644 --- a/src/java/fr/paris/lutece/portal/web/editor/EditorAdminDashboardComponent.java +++ b/src/java/fr/paris/lutece/portal/web/editor/EditorAdminDashboardComponent.java @@ -37,11 +37,14 @@ import fr.paris.lutece.portal.service.admin.AdminUserService; import fr.paris.lutece.portal.service.dashboard.admin.AdminDashboardComponent; import fr.paris.lutece.portal.service.editor.RichTextEditorService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.util.html.HtmlTemplate; import java.util.HashMap; import java.util.Map; + +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -61,6 +64,8 @@ public class EditorAdminDashboardComponent extends AdminDashboardComponent @Override public String getDashboardData( AdminUser user, HttpServletRequest request ) { + ISecurityTokenService securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); + Map model = new HashMap<>( ); model.put( MARK_LIST_EDITORS_BACK_OFFICE, RichTextEditorService.getListEditorsForBackOffice( AdminUserService.getLocale( request ) ) ); model.put( MARK_CURRENT_EDITOR_BACK_OFFICE, RichTextEditorService.getBackOfficeDefaultEditor( ) ); @@ -68,7 +73,7 @@ public String getDashboardData( AdminUser user, HttpServletRequest request ) model.put( MARK_LIST_EDITORS_FRONT_OFFICE, RichTextEditorService.getListEditorsForFrontOffice( AdminUserService.getLocale( request ) ) ); model.put( MARK_CURRENT_EDITOR_FRONT_OFFICE, RichTextEditorService.getFrontOfficeDefaultEditor( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_EDITOR_CHOICE_PANEL ) ); + model.put( SecurityTokenService.MARK_TOKEN, securityTokenService.getToken( request, TEMPLATE_EDITOR_CHOICE_PANEL ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_EDITOR_CHOICE_PANEL, user.getLocale( ), model ); diff --git a/src/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBean.java b/src/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBean.java index 79d2e120be..605ca9869b 100644 --- a/src/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBean.java @@ -39,7 +39,6 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.editor.RichTextEditorService; -import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.PluginAdminPageJspBean; /** @@ -71,7 +70,7 @@ public class EditorChoiceLutecePanelJspBean extends PluginAdminPageJspBean */ public String doUpdateBackOfficeEditor( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_EDITOR_CHOICE_PANEL ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_EDITOR_CHOICE_PANEL ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -92,7 +91,7 @@ public String doUpdateBackOfficeEditor( HttpServletRequest request ) throws Acce */ public String doUpdateFrontOfficeEditor( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_EDITOR_CHOICE_PANEL ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_EDITOR_CHOICE_PANEL ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBean.java b/src/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBean.java index 3477460e70..6d47e651f5 100644 --- a/src/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBean.java @@ -120,7 +120,7 @@ public String getCreateExternalFeature( HttpServletRequest request ) rightLevelsReferenceList.add( rightLevel.getReferenceItem( ) ); } model.put( MARK_RIGHT_LEVELS_REFERENCE_LIST, rightLevelsReferenceList ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_EXTERNAL_FEATURE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_EXTERNAL_FEATURE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_EXTERNAL_FEATURE, getLocale( ), model ); @@ -129,7 +129,7 @@ public String getCreateExternalFeature( HttpServletRequest request ) public String doCreateExternalFeature( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_EXTERNAL_FEATURE ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_EXTERNAL_FEATURE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -157,7 +157,7 @@ public String getRemoveExternalFeature( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( PARAMETER_ID_EXTERNAL_FEATURE, strExternalFeatureId ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_DELETE_EXTERNAL_FEATURE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_DELETE_EXTERNAL_FEATURE ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_DELETE, messageArgs, null, JSP_DELETE_EXTERNAL_FEATURE, "", AdminMessage.TYPE_CONFIRMATION, parameters ); @@ -165,7 +165,7 @@ public String getRemoveExternalFeature( HttpServletRequest request ) public String doRemoveExternalFeature( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_DELETE_EXTERNAL_FEATURE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_DELETE_EXTERNAL_FEATURE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -200,7 +200,7 @@ public String getModifyExternalFeature( HttpServletRequest request ) rightLevelsReferenceList.add( rightLevel.getReferenceItem( ) ); } model.put( MARK_RIGHT_LEVELS_REFERENCE_LIST, rightLevelsReferenceList ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_EXTERNAL_FEATURE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_EXTERNAL_FEATURE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_EXTERNAL_FEATURE, getLocale( ), model ); @@ -209,7 +209,7 @@ public String getModifyExternalFeature( HttpServletRequest request ) public String doModifyExternalFeature( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_EXTERNAL_FEATURE ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_EXTERNAL_FEATURE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/features/FeaturesAdminDashboardComponent.java b/src/java/fr/paris/lutece/portal/web/features/FeaturesAdminDashboardComponent.java index c8d20d70c2..f7acf83585 100644 --- a/src/java/fr/paris/lutece/portal/web/features/FeaturesAdminDashboardComponent.java +++ b/src/java/fr/paris/lutece/portal/web/features/FeaturesAdminDashboardComponent.java @@ -39,6 +39,7 @@ import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.dashboard.admin.AdminDashboardComponent; import fr.paris.lutece.portal.service.i18n.I18nService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean; @@ -50,6 +51,8 @@ import java.util.List; import java.util.Locale; import java.util.Map; + +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -79,13 +82,15 @@ public class FeaturesAdminDashboardComponent extends AdminDashboardComponent public String getDashboardData( AdminUser user, HttpServletRequest request ) { List listGroups = FeatureGroupHome.getFeatureGroupsList( ); + ISecurityTokenService securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); + Map model = new HashMap<>( ); model.put( MARK_FEATURE_NO_GROUP, getNoGroup( user.getLocale( ) ) ); model.put( MARK_FEATURE_GROUP_LIST, getRefListFeatureGroups( user.getLocale( ) ) ); model.put( MARK_ORDER_LIST, getOrderRefList( ) ); model.put( MARK_GROUPS_LIST, listGroups ); model.put( MARK_EXTERNAL_FEATURES_LIST, RightHome.getExternalRightList( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + model.put( SecurityTokenService.MARK_TOKEN, securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_FEATURES_ADMINDASHBOARD, user.getLocale( ), model ); diff --git a/src/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBean.java b/src/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBean.java index 049cbd4563..af8b9d30a9 100644 --- a/src/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBean.java @@ -98,7 +98,7 @@ public class FeaturesGroupJspBean extends AdminFeaturesPageJspBean */ public String doDispatchFeature( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -136,7 +136,7 @@ public String doDispatchFeature( HttpServletRequest request ) throws AccessDenie */ public String doDispatchFeatureGroup( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -166,7 +166,7 @@ public String doDispatchFeatureGroup( HttpServletRequest request ) throws Access */ public String doReinitFeatures( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -197,7 +197,7 @@ public String getCreateGroup( HttpServletRequest request ) Map model = new HashMap<>( ); model.put( MARK_ORDER_LIST, getOrderRefList( ) ); model.put( MARK_DEFAULT_ORDER, String.valueOf( nCount ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); HtmlTemplate t = AppTemplateService.getTemplate( TEMPLATE_CREATE_GROUP, getLocale( ), model ); @@ -225,7 +225,7 @@ public String getModifyGroup( HttpServletRequest request ) Map model = new HashMap<>( ); model.put( MARK_ORDER_LIST, getOrderRefList( ) ); model.put( MARK_FEATURE_GROUP, group ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); HtmlTemplate t = AppTemplateService.getTemplate( TEMPLATE_MODIFY_GROUP, getLocale( ), model ); @@ -254,7 +254,7 @@ public String doCreateGroup( HttpServletRequest request ) throws AccessDeniedExc { return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -294,7 +294,7 @@ public String doModifyGroup( HttpServletRequest request ) throws AccessDeniedExc { return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -344,7 +344,7 @@ public String getRemoveGroup( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( PARAMETER_GROUP_ID, strGroupId ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + getSecurityTokenService( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); FeatureGroup group = FeatureGroupHome.findByPrimaryKey( strGroupId ); group.setLocale( getUser( ).getLocale( ) ); @@ -372,7 +372,7 @@ public String doRemoveGroup( HttpServletRequest request ) throws AccessDeniedExc { return AdminMessageService.getMessageUrl( request, MESSAGE_RIGHT_ALREADY_ASSIGN, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/features/LevelsJspBean.java b/src/java/fr/paris/lutece/portal/web/features/LevelsJspBean.java index 71436b3338..5e62e21a6e 100644 --- a/src/java/fr/paris/lutece/portal/web/features/LevelsJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/features/LevelsJspBean.java @@ -50,7 +50,6 @@ import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean; import fr.paris.lutece.portal.web.constants.Messages; import fr.paris.lutece.portal.web.constants.Parameters; -import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean; import fr.paris.lutece.util.html.HtmlTemplate; /** @@ -90,7 +89,7 @@ public String getCreateLevel( HttpServletRequest request ) setPageTitleProperty( PROPERTY_PAGE_TITLE_CREATE_LEVEL ); Map model = new HashMap<>( ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_LEVEL ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_LEVEL ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_LEVEL, getLocale( ), model ); return getAdminPage( template.getHtml( ) ); @@ -114,7 +113,7 @@ public String doCreateLevel( HttpServletRequest request ) throws AccessDeniedExc { return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_LEVEL ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_LEVEL ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -148,7 +147,7 @@ public String getModifyLevel( HttpServletRequest request ) HashMap model = new HashMap<>( ); model.put( MARK_LEVEL, level ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_LEVEL ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_LEVEL ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_LEVEL, getLocale( ), model ); @@ -174,7 +173,7 @@ public String doModifyLevel( HttpServletRequest request ) throws AccessDeniedExc { return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_LEVEL ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_LEVEL ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/features/RightJspBean.java b/src/java/fr/paris/lutece/portal/web/features/RightJspBean.java index 8f2f31d45d..f565f99e01 100644 --- a/src/java/fr/paris/lutece/portal/web/features/RightJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/features/RightJspBean.java @@ -240,7 +240,7 @@ public String getAssignUsers( HttpServletRequest request ) model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); model.put( MARK_PAGINATOR, paginator ); model.put( MARK_NB_ITEMS_PER_PAGE, Integer.toString( _nItemsPerPage ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_ASSIGN_USERS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_ASSIGN_USERS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_USERS, getLocale( ), model ); @@ -258,7 +258,7 @@ public String getAssignUsers( HttpServletRequest request ) */ public String doAssignUsers( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -294,7 +294,7 @@ public String doAssignUsers( HttpServletRequest request ) throws AccessDeniedExc */ public String doUnAssignUser( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/includes/MainMenuInclude.java b/src/java/fr/paris/lutece/portal/web/includes/MainMenuInclude.java index 6d3d60c812..8dd27b7329 100644 --- a/src/java/fr/paris/lutece/portal/web/includes/MainMenuInclude.java +++ b/src/java/fr/paris/lutece/portal/web/includes/MainMenuInclude.java @@ -42,6 +42,7 @@ import java.util.Map; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -76,9 +77,10 @@ public void fillTemplate( Map rootModel, PageData data, int nMod AppLogService.info( "MainMenuInclude.fillTemplate() : {}", nfe.getLocalizedMessage( ) ); nCurrentPageId = 0; } - + + PortalMenuService portalMenuService = CDI.current( ).select( PortalMenuService.class ).get( ); rootModel.put( Markers.PAGE_MAIN_MENU, - PortalMenuService.getInstance( ).getMenuContent( nCurrentPageId, nMode, PortalMenuService.MENU_MAIN, request ) ); + portalMenuService.getMenuContent( nCurrentPageId, nMode, PortalMenuService.MENU_MAIN, request ) ); } } } diff --git a/src/java/fr/paris/lutece/portal/web/insert/InsertServiceSelectorJspBean.java b/src/java/fr/paris/lutece/portal/web/insert/InsertServiceSelectorJspBean.java index ab913e7e8d..28c6106a8c 100644 --- a/src/java/fr/paris/lutece/portal/web/insert/InsertServiceSelectorJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/insert/InsertServiceSelectorJspBean.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.insert; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.service.html.EncodingService; import fr.paris.lutece.portal.service.insert.InsertResourceIdService; import fr.paris.lutece.portal.service.insert.InsertService; @@ -105,10 +106,11 @@ public String getServicesListPage( HttpServletRequest request ) strText = EncodingService.encodeUrl( strText ); Collection listServices = InsertServiceManager.getInsertServicesList( ); - + User user = getUser( ); + // building from a template Map model = new HashMap<>( ); - model.put( MARK_INSERT_SERVICES_LIST, RBACService.getAuthorizedCollection( listServices, InsertResourceIdService.PERMISSION_USE, getUser( ) ) ); + model.put( MARK_INSERT_SERVICES_LIST, RBACService.getAuthorizedCollection( listServices, InsertResourceIdService.PERMISSION_USE, user ) ); model.put( MARK_SELECTED_TEXT, strText ); model.put( MARK_INPUT, strInput ); diff --git a/src/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBean.java b/src/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBean.java index ef04080e44..3223baf631 100644 --- a/src/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBean.java @@ -212,7 +212,7 @@ public String getCreateMailinglist( HttpServletRequest request ) model.put( MARK_WORKGROUP_SELECTED, listWorkgroups.get( 0 ).getCode( ) ); } - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_MAILINGLIST ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_MAILINGLIST ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_MAILINGLIST, getLocale( ), model ); return getAdminPage( template.getHtml( ) ); @@ -236,7 +236,7 @@ public String doCreateMailingList( HttpServletRequest request ) throws AccessDen { return AdminMessageService.getMessageUrl( request, strErrors, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_MAILINGLIST ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_MAILINGLIST ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -285,7 +285,7 @@ public String getModifyMailinglist( HttpServletRequest request ) Map model = new HashMap<>( ); model.put( MARK_WORKGROUPS_LIST, listWorkgroups ); model.put( MARK_MAILINGLIST, mailinglist ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_MAILINGLIST ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_MAILINGLIST ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_MAILINGLIST, getLocale( ), model ); @@ -313,7 +313,7 @@ public String doModifyMailingList( HttpServletRequest request ) throws AccessDen { return AdminMessageService.getMessageUrl( request, strErrors, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_MAILINGLIST ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_MAILINGLIST ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -347,7 +347,7 @@ public String getConfirmRemoveMailingList( HttpServletRequest request ) String strUrlRemove = JSP_URL_REMOVE_MAILINGLIST; Map parameters = new HashMap<>( ); parameters.put( PARAMETER_MAILINGLIST_ID, strId ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_MAILINGLIST ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_REMOVE_MAILINGLIST ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE, strUrlRemove, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -363,7 +363,7 @@ public String getConfirmRemoveMailingList( HttpServletRequest request ) */ public String doRemoveMailingList( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_MAILINGLIST ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_MAILINGLIST ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -437,7 +437,7 @@ public String getAddUsers( HttpServletRequest request ) model.put( MARK_WORKGROUPS_LIST, listWorkgroups ); model.put( MARK_ROLES_LIST, listRoles ); model.put( MARK_MAILINGLIST, mailinglist ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_ADD_USERS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_ADD_USERS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADD_USERS, getLocale( ), model ); @@ -466,7 +466,7 @@ public String doAddUsers( HttpServletRequest request ) throws AccessDeniedExcept if ( !AdminMailingListService.checkFilter( filter, nId ) ) { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ADD_USERS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_ADD_USERS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -493,7 +493,7 @@ public String doAddUsers( HttpServletRequest request ) throws AccessDeniedExcept */ public String doDeleteFilter( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_MAILINGLIST ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_MAILINGLIST ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/progressmanager/ProgressManagerServlet.java b/src/java/fr/paris/lutece/portal/web/progressmanager/ProgressManagerServlet.java index 4532b440d2..9a2ac58dfb 100644 --- a/src/java/fr/paris/lutece/portal/web/progressmanager/ProgressManagerServlet.java +++ b/src/java/fr/paris/lutece/portal/web/progressmanager/ProgressManagerServlet.java @@ -42,6 +42,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; + +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.ServletConfig; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServlet; @@ -112,7 +114,7 @@ public void doPost( HttpServletRequest request, HttpServletResponse response ) t return; } - ProgressManagerService progressManagerService = ProgressManagerService.getInstance( ); + ProgressManagerService progressManagerService = CDI.current( ).select( ProgressManagerService.class ).get( ); if ( !progressManagerService.isRegistred( strToken ) ) { diff --git a/src/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBean.java b/src/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBean.java index df060fbd70..0718744854 100644 --- a/src/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBean.java @@ -263,7 +263,7 @@ public String getCreateRole( HttpServletRequest request ) setPageTitleProperty( PROPERTY_ROLE_CREATION_PAGETITLE ); Map model = new HashMap<>( 1 ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_ROLE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_ROLE ) ); model.put( MARK_HAS_RIGHT_MANAGE_FRONT_ROLE, getUser( ).checkRight( RoleJspBean.RIGHT_ROLES_MANAGEMENT ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_ROLE, getLocale( ), model ); @@ -298,7 +298,7 @@ public String doCreateRole( HttpServletRequest request ) throws AccessDeniedExce { return AdminMessageService.getMessageUrl( request, MESSAGE_ROLE_SPECIAL_CHARACTER, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_ROLE ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_ROLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -347,7 +347,7 @@ public String doModifyRole( HttpServletRequest request ) throws AccessDeniedExce if ( strOldRoleKey.equals( strNewRoleKey ) ) // if the key doesn't change, update the description { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_VIEW_ROLE_DESCRIPTION ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_VIEW_ROLE_DESCRIPTION ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -375,7 +375,7 @@ public String doModifyRole( HttpServletRequest request ) throws AccessDeniedExce { return AdminMessageService.getMessageUrl( request, PROPERTY_ROLE_ALREADY_EXISTS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_VIEW_ROLE_DESCRIPTION ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_VIEW_ROLE_DESCRIPTION ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -418,7 +418,7 @@ public String doConfirmRemoveRole( HttpServletRequest request ) String strDeleteUrl = JSP_URL_REMOVE_ROLE; Map parameters = new HashMap<>( 2 ); parameters.put( PARAMETER_ROLE_KEY, strRoleKey ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_ROLE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_REMOVE_ROLE ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_CONFIRM_DELETE_ROLE, strDeleteUrl, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -452,7 +452,7 @@ public String doRemoveRole( HttpServletRequest request ) throws AccessDeniedExce } else { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_ROLE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_ROLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -499,7 +499,7 @@ public String getViewRoleDescription( HttpServletRequest request ) model.put( MARK_ROLE, adminRole ); model.put( MARK_CONTROLED_RESOURCE_LIST, listResources ); model.put( MARK_RESOURCE_TYPE_LIST, listResourceTypes ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_VIEW_ROLE_DESCRIPTION ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_VIEW_ROLE_DESCRIPTION ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_VIEW_ROLE_DESCRIPTION, getLocale( ), model ); @@ -522,7 +522,7 @@ public String doConfirmRemoveControlFromRole( HttpServletRequest request ) String strDeleteUrl = JSP_URL_REMOVE_CONTROL_FROM_ROLE; Map parameters = new HashMap<>( 2 ); parameters.put( PARAMETER_RBAC_ID, strIdControl ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_CONTROL_FROM_ROLE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_REMOVE_CONTROL_FROM_ROLE ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_CONFIRM_DELETE_CONTROL, new Object[ ] { rbac.getRoleKey( ), rbac.getPermissionKey( ), rbac.getResourceIdLabel( ), rbac.getResourceTypeLabel( ) }, @@ -540,7 +540,7 @@ public String doConfirmRemoveControlFromRole( HttpServletRequest request ) */ public String doRemoveControlFromRole( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_CONTROL_FROM_ROLE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_CONTROL_FROM_ROLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -794,7 +794,7 @@ public String getSelectPermissions( HttpServletRequest request ) model.put( MARK_ROLE_KEY, strRoleKey ); model.put( MARK_RESOURCE_TYPE, strResourceType ); model.put( MARK_SELECT_RESOURCES_METHOD, strSelectionMethod ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_SELECT_PERMISSIONS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_SELECT_PERMISSIONS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_SELECT_PERMISSIONS, getLocale( ), model ); @@ -870,7 +870,7 @@ public String doSelectPermissions( HttpServletRequest request ) throws AccessDen return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_NO_PERMISSION_SELECTION_METHOD, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_SELECT_PERMISSIONS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_SELECT_PERMISSIONS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -987,7 +987,7 @@ public String getAssignUsers( HttpServletRequest request ) model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); model.put( MARK_PAGINATOR, paginator ); model.put( MARK_NB_ITEMS_PER_PAGE, Integer.toString( _nItemsPerPage ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_ASSIGN_USERS_TO_ROLE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_ASSIGN_USERS_TO_ROLE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_USERS, getLocale( ), model ); @@ -1005,7 +1005,7 @@ public String getAssignUsers( HttpServletRequest request ) */ public String doAssignUsers( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_ASSIGN_USERS_TO_ROLE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_ASSIGN_USERS_TO_ROLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -1042,7 +1042,7 @@ public String doAssignUsers( HttpServletRequest request ) throws AccessDeniedExc */ public String doUnAssignUser( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_ASSIGN_USERS_TO_ROLE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_ASSIGN_USERS_TO_ROLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/role/RoleJspBean.java b/src/java/fr/paris/lutece/portal/web/role/RoleJspBean.java index bf1eec2224..1118a93840 100644 --- a/src/java/fr/paris/lutece/portal/web/role/RoleJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/role/RoleJspBean.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.role; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.rbac.RBACRoleHome; import fr.paris.lutece.portal.business.role.Role; import fr.paris.lutece.portal.business.role.RoleHome; @@ -134,7 +135,8 @@ public String getManagePageRole( HttpServletRequest request ) Map model = new HashMap<>( ); Collection listRoles = RoleHome.findAll( ); - listRoles = AdminWorkgroupService.getAuthorizedCollection( listRoles, getUser( ) ); + User user = getUser( ); + listRoles = AdminWorkgroupService.getAuthorizedCollection( listRoles, user ); Map mapExistRbac = listRoles.stream( ).collect( Collectors.toMap( Role::getRole, x -> RBACRoleHome.checkExistRole( x.getRole( ) ) ) ); model.put( MARK_ROLES_LIST, listRoles ); @@ -160,7 +162,7 @@ public String getCreatePageRole( HttpServletRequest request ) model.put( MARK_DEFAULT_VALUE_WORKGROUP_KEY, AdminWorkgroupService.ALL_GROUPS ); model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_PAGE_ROLE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_PAGE_ROLE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_PAGE_ROLE, getLocale( ), model ); @@ -201,7 +203,7 @@ public String doCreatePageRole( HttpServletRequest request ) throws AccessDenied return AdminMessageService.getMessageUrl( request, MESSAGE_ROLE_EXIST, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_PAGE_ROLE ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_PAGE_ROLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -237,7 +239,7 @@ public String getModifyPageRole( HttpServletRequest request ) model.put( MARK_ROLE, role ); model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_PAGE_ROLE_MODIFY ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_PAGE_ROLE_MODIFY ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_PAGE_ROLE_MODIFY, getLocale( ), model ); @@ -265,7 +267,7 @@ public String doModifyPageRole( HttpServletRequest request ) throws AccessDenied return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_PAGE_ROLE_MODIFY ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_PAGE_ROLE_MODIFY ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -305,7 +307,7 @@ public String getRemovePageRole( HttpServletRequest request ) String strURL = PATH_JSP + JSP_REMOVE_ROLE; Map parameters = new HashMap<>( ); parameters.put( PARAMETER_PAGE_ROLE, request.getParameter( PARAMETER_PAGE_ROLE ) ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_REMOVE_ROLE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_REMOVE_ROLE ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE, new Object [ ] { strPageRole @@ -335,7 +337,7 @@ public String doRemovePageRole( HttpServletRequest request ) throws AccessDenied return AdminMessageService.getMessageUrl( request, MESSAGE_CANNOT_REMOVE_ROLE, args, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_REMOVE_ROLE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_REMOVE_ROLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/search/SearchAdminDashboardComponent.java b/src/java/fr/paris/lutece/portal/web/search/SearchAdminDashboardComponent.java index c481a8f8c7..d764fe06f5 100644 --- a/src/java/fr/paris/lutece/portal/web/search/SearchAdminDashboardComponent.java +++ b/src/java/fr/paris/lutece/portal/web/search/SearchAdminDashboardComponent.java @@ -33,12 +33,14 @@ */ package fr.paris.lutece.portal.web.search; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.rbac.RBAC; import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.dashboard.admin.AdminDashboardComponent; import fr.paris.lutece.portal.service.rbac.RBACService; import fr.paris.lutece.portal.service.search.SearchResourceIdService; import fr.paris.lutece.portal.service.search.SearchService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean; @@ -46,6 +48,7 @@ import java.util.Map; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -63,14 +66,16 @@ public class SearchAdminDashboardComponent extends AdminDashboardComponent public String getDashboardData( AdminUser user, HttpServletRequest request ) { if ( !RBACService.isAuthorized( SearchService.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, SearchResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - user ) ) + ( User ) user ) ) { return EMPTY_STRING; } + ISecurityTokenService securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); + Map model = SearchService.getManageAdvancedParameters( user, request ); model.put( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_DASHBOARD, user.getLocale( ), model ); return template.getHtml( ); diff --git a/src/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBean.java b/src/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBean.java index e78bb858c2..70694a89a9 100644 --- a/src/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBean.java @@ -79,7 +79,7 @@ public String getIndexingProperties( HttpServletRequest request ) HashMap model = new HashMap<>( ); Collection listIndexers = IndexationService.getIndexers( ); model.put( MARK_INDEXERS_LIST, listIndexers ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_INDEXER ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MANAGE_INDEXER ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_INDEXER, getLocale( ), model ); @@ -97,7 +97,7 @@ public String getIndexingProperties( HttpServletRequest request ) */ public String doIndexing( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_INDEXER ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_INDEXER ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/search/SearchJspBean.java b/src/java/fr/paris/lutece/portal/web/search/SearchJspBean.java index 7ac3db27ba..2a285c7308 100644 --- a/src/java/fr/paris/lutece/portal/web/search/SearchJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/search/SearchJspBean.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.search; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.rbac.RBAC; import fr.paris.lutece.portal.business.search.SearchParameterHome; import fr.paris.lutece.portal.service.admin.AccessDeniedException; @@ -41,7 +42,6 @@ import fr.paris.lutece.portal.service.rbac.RBACService; import fr.paris.lutece.portal.service.search.SearchResourceIdService; import fr.paris.lutece.portal.service.search.SearchService; -import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean; import fr.paris.lutece.portal.web.constants.Messages; import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean; @@ -94,13 +94,14 @@ public class SearchJspBean extends AdminFeaturesPageJspBean */ public String doModifyAdvancedParameters( HttpServletRequest request ) throws AccessDeniedException { + User currentUser = getUser( ); if ( !RBACService.isAuthorized( SearchService.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, SearchResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { throw new AccessDeniedException( "User " + getUser( ) + " is not authorized to permission " + SearchResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS ); } - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBean.java b/src/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBean.java index 1c11a21958..ea13d8a69f 100644 --- a/src/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBean.java @@ -152,7 +152,7 @@ public String getCreatePageTemplate( HttpServletRequest request ) setPageTitleProperty( PROPERTY_PAGE_TITLE_CREATE_PAGE_TEMPLATE ); HashMap model = new HashMap<>( ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_PAGE_TEMPLATE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_PAGE_TEMPLATE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_PAGE_TEMPLATE, getLocale( ), model ); @@ -203,7 +203,7 @@ public String doCreatePageTemplate( HttpServletRequest request ) throws AccessDe return AdminMessageService.getMessageUrl( request, MESSAGE_WRONG_IMAGE_EXTENSION, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( multipartRequest, TEMPLATE_CREATE_PAGE_TEMPLATE ) ) + if ( !getSecurityTokenService( ).validate( multipartRequest, TEMPLATE_CREATE_PAGE_TEMPLATE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -237,7 +237,7 @@ public String getModifyPageTemplate( HttpServletRequest request ) HashMap model = new HashMap<>( ); model.put( MARK_PAGE_TEMPLATE, PageTemplateHome.findByPrimaryKey( Integer.parseInt( strId ) ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_PAGE_TEMPLATE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_PAGE_TEMPLATE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_PAGE_TEMPLATE, getLocale( ), model ); @@ -308,7 +308,7 @@ public String doModifyPageTemplate( HttpServletRequest request ) throws AccessDe return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FILE, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( multipartRequest, TEMPLATE_MODIFY_PAGE_TEMPLATE ) ) + if ( !getSecurityTokenService( ).validate( multipartRequest, TEMPLATE_MODIFY_PAGE_TEMPLATE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -378,7 +378,7 @@ public String getConfirmRemovePageTemplate( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( Parameters.PAGE_TEMPLATE_ID, strId ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_DO_REMOVE_PAGE_TEMPLATE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_DO_REMOVE_PAGE_TEMPLATE ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_DELETE_PAGE_TEMPLATE, args, null, JSP_DO_REMOVE_PAGE_TEMPLATE, null, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -394,7 +394,7 @@ public String getConfirmRemovePageTemplate( HttpServletRequest request ) */ public String doRemovePageTemplate( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_DO_REMOVE_PAGE_TEMPLATE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_DO_REMOVE_PAGE_TEMPLATE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/style/StylesJspBean.java b/src/java/fr/paris/lutece/portal/web/style/StylesJspBean.java index 7cea3ad9db..b58f83f371 100644 --- a/src/java/fr/paris/lutece/portal/web/style/StylesJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/style/StylesJspBean.java @@ -184,7 +184,7 @@ public String getCreateStyle( HttpServletRequest request ) Map model = new HashMap<>( ); model.put( MARK_PORTLET_TYPE_LIST, PortletTypeHome.getPortletsTypesList( getLocale( ) ) ); model.put( MARK_PORTAL_COMPONENT_LIST, StyleHome.getPortalComponentList( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_STYLE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_STYLE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_STYLE, getLocale( ), model ); @@ -235,7 +235,7 @@ public String doCreateStyle( HttpServletRequest request ) throws AccessDeniedExc return AdminMessageService.getMessageUrl( request, MESSAGE_CREATE_STYLE_COMPONENT_EXISTS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_STYLE ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_STYLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -270,7 +270,7 @@ public String getModifyStyle( HttpServletRequest request ) model.put( MARK_STYLE, StyleHome.findByPrimaryKey( nStyleId ) ); model.put( MARK_PORTLET_TYPE_LIST, PortletTypeHome.getPortletsTypesList( getLocale( ) ) ); model.put( MARK_PORTAL_COMPONENT_LIST, StyleHome.getPortalComponentList( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_STYLE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_STYLE ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_STYLE, getLocale( ), model ); @@ -310,7 +310,7 @@ public String doModifyStyle( HttpServletRequest request ) throws AccessDeniedExc { return AdminMessageService.getMessageUrl( request, MESSAGE_CREATE_STYLE_COMPONENT_EXISTS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_STYLE ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_STYLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -353,7 +353,7 @@ public String getConfirmRemoveStyle( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( Parameters.STYLESHEET_ID, Integer.toString( styleSheet.getId( ) ) ); parameters.put( Parameters.STYLE_ID, Integer.toString( styleSheet.getStyleId( ) ) ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_DO_REMOVE_STYLESHEET ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_DO_REMOVE_STYLESHEET ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_DELETE_STYLESHEET, args, null, JSP_DO_REMOVE_STYLESHEET, null, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -361,7 +361,7 @@ public String getConfirmRemoveStyle( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( Parameters.STYLE_ID, Integer.toString( nId ) ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_DO_REMOVE_STYLE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_DO_REMOVE_STYLE ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_DELETE_STYLE, JSP_DO_REMOVE_STYLE, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -377,7 +377,7 @@ public String getConfirmRemoveStyle( HttpServletRequest request ) */ public String doRemoveStyle( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_DO_REMOVE_STYLE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_DO_REMOVE_STYLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBean.java b/src/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBean.java index 4255e1c507..f4d03e7918 100644 --- a/src/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBean.java @@ -213,7 +213,7 @@ public String getCreateStyleSheet( HttpServletRequest request ) model.put( MARK_STYLE_LIST, getStyleList( ) ); model.put( MARK_MODE_LIST, ModeHome.getModes( ) ); model.put( MARK_MODE_ID, strModeId ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_STYLESHEET ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_STYLESHEET ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_STYLESHEET, getLocale( ), model ); @@ -239,7 +239,7 @@ public String doCreateStyleSheet( HttpServletRequest request ) throws AccessDeni { return strErrorUrl; } - if ( !SecurityTokenService.getInstance( ).validate( multipartRequest, TEMPLATE_CREATE_STYLESHEET ) ) + if ( !getSecurityTokenService( ).validate( multipartRequest, TEMPLATE_CREATE_STYLESHEET ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -326,7 +326,7 @@ public String getModifyStyleSheet( HttpServletRequest request ) model.put( MARK_STYLE_LIST, getStyleList( ) ); model.put( MARK_MODE_LIST, ModeHome.getModes( ) ); model.put( MARK_STYLESHEET, StyleSheetHome.findByPrimaryKey( nId ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_STYLESHEET ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_STYLESHEET ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_STYLESHEET, getLocale( ), model ); @@ -381,7 +381,7 @@ public String doModifyStyleSheet( HttpServletRequest request ) throws AccessDeni { return strErrorUrl; } - if ( !SecurityTokenService.getInstance( ).validate( multipartRequest, TEMPLATE_MODIFY_STYLESHEET ) ) + if ( !getSecurityTokenService( ).validate( multipartRequest, TEMPLATE_MODIFY_STYLESHEET ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -418,7 +418,7 @@ public String getRemoveStyleSheet( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( Parameters.STYLESHEET_ID, strId ); parameters.put( Parameters.STYLE_ID, stylesheet.getStyleId( ) ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_DO_REMOVE_STYLESHEET ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_DO_REMOVE_STYLESHEET ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_DELETE_STYLESHEET, args, null, JSP_DO_REMOVE_STYLESHEET, null, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -434,7 +434,7 @@ public String getRemoveStyleSheet( HttpServletRequest request ) */ public String doRemoveStyleSheet( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_DO_REMOVE_STYLESHEET ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_DO_REMOVE_STYLESHEET ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/system/CacheJspBean.java b/src/java/fr/paris/lutece/portal/web/system/CacheJspBean.java index f6bbfded3b..41e554a38b 100644 --- a/src/java/fr/paris/lutece/portal/web/system/CacheJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/system/CacheJspBean.java @@ -39,10 +39,11 @@ import fr.paris.lutece.portal.service.i18n.I18nService; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; -import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.portal.web.admin.AdminFeaturesPageJspBean; +import fr.paris.lutece.util.AppInitPropertiesService; import fr.paris.lutece.util.html.HtmlTemplate; import java.util.ArrayList; @@ -52,6 +53,7 @@ import java.util.Map; import jakarta.enterprise.context.SessionScoped; +import jakarta.enterprise.inject.spi.CDI; import jakarta.inject.Named; import jakarta.servlet.http.HttpServletRequest; @@ -94,7 +96,7 @@ public String getManageCaches( HttpServletRequest request ) { HashMap model = new HashMap<>( ); model.put( MARK_SERVICES_LIST, CacheService.getCacheableServicesList( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_CACHES ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MANAGE_CACHES ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_CACHES, getLocale( ), model ); @@ -112,7 +114,8 @@ public String getManageCaches( HttpServletRequest request ) */ public static String doResetCaches( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_CACHES ) ) + ISecurityTokenService securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); + if ( !securityTokenService.validate( request, TEMPLATE_MANAGE_CACHES ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -144,11 +147,11 @@ public static String doResetCaches( HttpServletRequest request ) throws AccessDe */ public String doReloadProperties( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_CACHES ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_CACHES ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); return JSP_MANAGE_CACHES; } @@ -207,7 +210,7 @@ public String getConfirmToggleCache( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( PARAMETER_ID_CACHE, strCacheIndex ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_TOGGLE_CACHE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_TOGGLE_CACHE ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_TOOGLE_CACHE, messageArgs, PROPERTY_MESSAGE_CONFIRM_TOOGLE_CACHE_TITLE, JSP_TOGGLE_CACHE, "", AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -226,7 +229,8 @@ public String getConfirmToggleCache( HttpServletRequest request ) */ public static String doToggleCache( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_TOGGLE_CACHE ) ) + ISecurityTokenService securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); + if ( !securityTokenService.validate( request, JSP_TOGGLE_CACHE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/system/DaemonsJspBean.java b/src/java/fr/paris/lutece/portal/web/system/DaemonsJspBean.java index ccf658b3c9..207cb4a2ee 100644 --- a/src/java/fr/paris/lutece/portal/web/system/DaemonsJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/system/DaemonsJspBean.java @@ -90,7 +90,7 @@ public String getManageDaemons( HttpServletRequest request ) model.put( MARK_LOG_MAX_SIZE, AppPropertiesService.getPropertyInt( PROPERTY_DAEMON_LASTRUNLOG_MAX_SIZE, 30000 ) ); model.put( MARK_DAEMONS_LIST, AppDaemonService.getDaemonEntries( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_DAEMONS, getLocale( ), model ); @@ -168,7 +168,7 @@ public String doDaemonAction( HttpServletRequest request ) throws AccessDeniedEx */ private void assertSecurityToken( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_DAEMONS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_DAEMONS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/system/PluginJspBean.java b/src/java/fr/paris/lutece/portal/web/system/PluginJspBean.java index f6fcfd9cee..76b4a42420 100644 --- a/src/java/fr/paris/lutece/portal/web/system/PluginJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/system/PluginJspBean.java @@ -119,7 +119,7 @@ public String getManagePlugins( HttpServletRequest request ) model.put( MARK_POOLS_LIST, getPoolsList( ) ); model.put( MARK_FILTER_LIST, getPluginTypeFilterList( locale ) ); model.put( MARK_CURRENT_FILTER, ( strPluginTypeFilter != null ) ? strPluginTypeFilter : "" ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_PLUGINS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MANAGE_PLUGINS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_PLUGINS, locale, model ); @@ -151,7 +151,7 @@ public String doInstallPlugin( HttpServletRequest request, ServletContext contex return AdminMessageService.getMessageUrl( request, PROPERTY_PLUGIN_NO_CORE_COMPATIBILITY_MESSAGE, args, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_PLUGINS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_PLUGINS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -182,7 +182,7 @@ public String doInstallPlugin( HttpServletRequest request, ServletContext contex */ public String doUninstallPlugin( HttpServletRequest request, ServletContext context ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_UNINSTALL_PLUGIN ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_UNINSTALL_PLUGIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -215,7 +215,7 @@ public String getConfirmUninstallPlugin( HttpServletRequest request ) String strMessageKey = PROPERTY_PLUGIN_MESSAGE; Map parameters = new HashMap<>( ); parameters.put( PARAM_PLUGIN_NAME, strPluginName ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_UNINSTALL_PLUGIN ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_UNINSTALL_PLUGIN ) ); String strAdminMessageUrl = AdminMessageService.getMessageUrl( request, strMessageKey, JSP_UNINSTALL_PLUGIN, AdminMessage.TYPE_CONFIRMATION, parameters ); @@ -244,7 +244,7 @@ public String getConfirmUninstallPlugin( HttpServletRequest request ) */ public String doModifyPluginPool( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_PLUGINS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_PLUGINS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/system/SecurityHeaderJspBean.java b/src/java/fr/paris/lutece/portal/web/system/SecurityHeaderJspBean.java index 251d9efa2d..8cc82b2d56 100644 --- a/src/java/fr/paris/lutece/portal/web/system/SecurityHeaderJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/system/SecurityHeaderJspBean.java @@ -147,7 +147,7 @@ private HashMap createModelForHeadersList( HttpServletRequest re { HashMap model = new HashMap<>( ); model.put( MARK_SECURITY_HEADERS_LIST, getSecurityHeaderService( ).findAllSorted( getLocale( ) ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_SECURITY_HEADERS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MANAGE_SECURITY_HEADERS ) ); return model; } @@ -193,7 +193,7 @@ private HashMap createModelForHeaderCreation( HttpServletRequest { model.put( MARK_PAGE_CATEGORY_SELECTED, listPageCategories.get( 0 ).getCode( ) ); } - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_SECURITYHEADER ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_SECURITYHEADER ) ); return model; } @@ -217,7 +217,7 @@ public String doCreateSecurityHeader( HttpServletRequest request ) throws Access return AdminMessageService.getMessageUrl( request, strErrors, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_SECURITYHEADER ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_SECURITYHEADER ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -439,7 +439,7 @@ private HashMap createModelForHeaderModification(HttpServletRequ } model.put( MARK_PAGE_CATEGORY_SELECTED, selectedCategory ); model.put( MARK_SECURITY_HEADER, securityHeader ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_SECURITYHEADER ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_SECURITYHEADER ) ); return model; } @@ -463,7 +463,7 @@ public String doModifySecurityHeader( HttpServletRequest request ) throws Access { return AdminMessageService.getMessageUrl( request, strErrors, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_SECURITYHEADER ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_SECURITYHEADER ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -560,7 +560,7 @@ public String getConfirmRemoveSecurityHeader( HttpServletRequest request ) { Map parameters = new HashMap<>( ); parameters.put( PARAMETER_SECURITY_HEADER_ID, request.getParameter( PARAMETER_SECURITY_HEADER_ID ) ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_REMOVE_SECURITY_HEADERS ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_REMOVE_SECURITY_HEADERS ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE, JSP_REMOVE_SECURITY_HEADERS, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -576,7 +576,7 @@ public String getConfirmRemoveSecurityHeader( HttpServletRequest request ) */ public String doRemoveSecurityHeader( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_REMOVE_SECURITY_HEADERS ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_REMOVE_SECURITY_HEADERS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -600,7 +600,7 @@ public String doSecurityHeaderAction( HttpServletRequest request ) throws Access String strAction = request.getParameter( PARAMETER_ACTION ); int nId = Integer.parseInt( request.getParameter( PARAMETER_SECURITY_HEADER_ID ) ); - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MANAGE_SECURITY_HEADERS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MANAGE_SECURITY_HEADERS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/system/SystemJspBean.java b/src/java/fr/paris/lutece/portal/web/system/SystemJspBean.java index 4f49620cc0..2c76211ef8 100644 --- a/src/java/fr/paris/lutece/portal/web/system/SystemJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/system/SystemJspBean.java @@ -46,6 +46,7 @@ import java.util.Map; import jakarta.enterprise.context.SessionScoped; +import jakarta.enterprise.inject.spi.CDI; import jakarta.inject.Named; import jakarta.servlet.ServletContext; import jakarta.servlet.http.HttpServletRequest; @@ -56,6 +57,7 @@ import fr.paris.lutece.portal.service.datastore.LocalizedData; import fr.paris.lutece.portal.service.datastore.LocalizedDataGroup; import fr.paris.lutece.portal.service.i18n.I18nService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.site.properties.SitePropertiesService; import fr.paris.lutece.portal.service.template.AppTemplateService; @@ -236,12 +238,12 @@ public String getFileView( HttpServletRequest request ) * @return The HTML form to update info */ public String getManageProperties( HttpServletRequest request ) - { - Map model = new HashMap<>( ); + { + Map model = new HashMap<>( ); model.put( MARK_PROPERTIES_GROUPS_LIST, SitePropertiesService.getGroups( getLocale( ) ) ); model.put( MARK_WEBAPP_URL, AppPathService.getBaseUrl( request ) ); model.put( MARK_LOCALE, getLocale( ).getLanguage( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_PROPERTIES ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_PROPERTIES ) ); HtmlTemplate templateList = AppTemplateService.getTemplate( TEMPLATE_MODIFY_PROPERTIES, getLocale( ), model ); @@ -261,7 +263,8 @@ public String getManageProperties( HttpServletRequest request ) */ public static String doModifyProperties( HttpServletRequest request, ServletContext context ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_PROPERTIES ) ) + ISecurityTokenService securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); + if ( !securityTokenService.validate( request, TEMPLATE_MODIFY_PROPERTIES ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/user/AdminLoginJspBean.java b/src/java/fr/paris/lutece/portal/web/user/AdminLoginJspBean.java index 1f8fdeeadc..fb30d82654 100644 --- a/src/java/fr/paris/lutece/portal/web/user/AdminLoginJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/user/AdminLoginJspBean.java @@ -49,7 +49,7 @@ import fr.paris.lutece.portal.service.portal.PortalService; import fr.paris.lutece.portal.service.security.AccessLogService; import fr.paris.lutece.portal.service.security.AccessLoggerConstants; -import fr.paris.lutece.portal.service.security.SecurityTokenService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.portal.service.util.AppException; import fr.paris.lutece.portal.service.util.AppHTTPSService; @@ -172,6 +172,9 @@ public class AdminLoginJspBean implements Serializable @Inject private transient AccessLogService _accessLogService; + @Inject + private transient ISecurityTokenService _securityTokenService; + /** * Returns the view of login form * @@ -235,7 +238,7 @@ public String getLogin( HttpServletRequest request, HttpServletResponse response model.put( MARK_FORGOT_PASSWORD_URL, AdminAuthenticationService.getInstance( ).getLostPasswordPageUrl( ) ); model.put( MARK_FORGOT_LOGIN_URL, AdminAuthenticationService.getInstance( ).getLostLoginPageUrl( ) ); model.put( MARK_DO_ADMIN_LOGIN_URL, sbUrl.toString( ) ); - model.put( MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_ADMIN_LOGIN ) ); + model.put( MARK_TOKEN, _securityTokenService.getToken( request, TEMPLATE_ADMIN_LOGIN ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ADMIN_LOGIN, locale, model ); @@ -403,7 +406,7 @@ public String doLogin( HttpServletRequest request ) throws AccessDeniedException { return JSP_URL_ADMIN_LOGIN; } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ADMIN_LOGIN ) ) + if ( !_securityTokenService.validate( request, TEMPLATE_ADMIN_LOGIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java b/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java index 0570e6b98d..1578e24720 100644 --- a/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/user/AdminUserJspBean.java @@ -46,7 +46,6 @@ import java.util.Map; import jakarta.enterprise.context.SessionScoped; -import jakarta.enterprise.inject.spi.CDI; import jakarta.inject.Inject; import jakarta.inject.Named; import jakarta.servlet.http.HttpServletRequest; @@ -56,6 +55,7 @@ import fr.paris.lutece.portal.business.rbac.RBACRole; import fr.paris.lutece.portal.business.rbac.RBACRoleHome; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.rbac.RBAC; import fr.paris.lutece.portal.business.right.Level; import fr.paris.lutece.portal.business.right.LevelHome; @@ -422,7 +422,7 @@ public String getManageAdminUsers( HttpServletRequest request ) UrlItem url = new UrlItem( strURL ); Collection listUsers = AdminUserHome.findUserList( ); - listUsers = AdminWorkgroupService.getAuthorizedCollection( listUsers, getUser( ) ); + listUsers = AdminWorkgroupService.getAuthorizedCollection( listUsers, ( User ) getUser( ) ); List availableUsers = AdminUserService.getFilteredUsersInterface( listUsers, request, model, url ); List listDisplayUsers = new ArrayList<>( ); @@ -478,9 +478,9 @@ public String getManageAdminUsers( HttpServletRequest request ) } boolean bPermissionAdvancedParameter = RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, - AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, getUser( ) ); + AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, ( User ) getUser( ) ); boolean bPermissionImportExportUsers = RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, - AdminUserResourceIdService.PERMISSION_IMPORT_EXPORT_USERS, getUser( ) ); + AdminUserResourceIdService.PERMISSION_IMPORT_EXPORT_USERS, ( User ) getUser( ) ); model.put( MARK_NB_ITEMS_PER_PAGE, "" + _nItemsPerPage ); model.put( MARK_USER_LEVELS_LIST, filteredLevels ); @@ -610,7 +610,7 @@ public String getCreateAdminUser( HttpServletRequest request ) model.put( MARK_RANDOM_PASSWORD_SIZE, AppPropertiesService.getPropertyInt( PasswordUtil.PROPERTY_PASSWORD_SIZE, PasswordUtil.CONSTANT_DEFAULT_RANDOM_PASSWORD_SIZE ) ); model.put( MARK_MINIMUM_PASSWORD_SIZE, AdminUserService.getIntegerSecurityParameter( AdminUserService.DSKEY_PASSWORD_MINIMUM_LENGTH ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_CREATE_USER ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_CREATE_USER ) ); template = AppTemplateService.getTemplate( TEMPLATE_DEFAULT_CREATE_USER, getLocale( ), model ); } @@ -644,7 +644,7 @@ public String getCreateAdminUser( HttpServletRequest request ) model.put( MARK_LOCALE, getLocale( ) ); model.put( MARK_DEFAULT_VALUE_WORKGROUP_KEY, AdminWorkgroupService.ALL_GROUPS ); model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_CREATE_USER ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_CREATE_USER ) ); } template = AppTemplateService.getTemplate( TEMPLATE_CREATE_USER, getLocale( ), model ); @@ -819,7 +819,7 @@ private String checkParameters( HttpServletRequest request, String strJspUrl ) t return strError; } - if ( !SecurityTokenService.getInstance( ).validate( request, strJspUrl ) ) + if ( !getSecurityTokenService( ).validate( request, strJspUrl ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -902,7 +902,7 @@ public String getModifyAdminUser( HttpServletRequest request ) throws AccessDeni model.put( MARK_LOCALE, getLocale( ) ); model.put( MARK_MAP_LIST_ATTRIBUTE_DEFAULT_VALUES, map ); model.put( MARK_WORKGROUP_KEY_LIST, AdminWorkgroupService.getUserWorkgroups( getUser( ), getLocale( ) ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_MODIFY_USER ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_MODIFY_USER ) ); template = AppTemplateService.getTemplate( strTemplateUrl, getLocale( ), model ); @@ -1086,7 +1086,7 @@ public String getModifyUserPassword( HttpServletRequest request ) throws AccessD model.put( MARK_USER, user ); model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); model.put( MARK_MINIMUM_PASSWORD_SIZE, AdminUserService.getIntegerSecurityParameter( AdminUserService.DSKEY_PASSWORD_MINIMUM_LENGTH ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, PROPERTY_MODIFY_USER_PASSWORD_PAGETITLE ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, PROPERTY_MODIFY_USER_PASSWORD_PAGETITLE ) ); template = AppTemplateService.getTemplate( strTemplateUrl, getLocale( ), model ); @@ -1104,7 +1104,7 @@ public String getModifyUserPassword( HttpServletRequest request ) throws AccessD */ public String doModifyAdminUserPassword( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, PROPERTY_MODIFY_USER_PASSWORD_PAGETITLE ) ) + if ( !getSecurityTokenService( ).validate( request, PROPERTY_MODIFY_USER_PASSWORD_PAGETITLE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -1176,8 +1176,9 @@ public String doModifyAdminUserPassword( HttpServletRequest request ) throws Acc */ public String getImportUsersFromFile( HttpServletRequest request ) { + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { return getManageAdminUsers( request ); } @@ -1194,7 +1195,7 @@ public String getImportUsersFromFile( HttpServletRequest request ) model.put( MARK_CSV_SEPARATOR, strCsvSeparator ); model.put( MARK_CSV_ESCAPE, strCsvEscapeCharacter ); model.put( MARK_ATTRIBUTES_SEPARATOR, strAttributesSeparator ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_IMPORT_USER ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_IMPORT_USER ) ); String strTemplate = _importAdminUserService.getImportFromFileTemplate( ); HtmlTemplate template = AppTemplateService.getTemplate( strTemplate, AdminUserService.getLocale( request ), model ); @@ -1214,9 +1215,10 @@ public String getImportUsersFromFile( HttpServletRequest request ) public DefaultPluginActionResult doImportUsersFromFile( HttpServletRequest request ) throws AccessDeniedException { DefaultPluginActionResult result = new DefaultPluginActionResult( ); + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { result.setHtmlContent( getManageAdminUsers( request ) ); @@ -1247,7 +1249,7 @@ public DefaultPluginActionResult doImportUsersFromFile( HttpServletRequest reque return result; } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_IMPORT_USER ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_IMPORT_USER ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -1290,8 +1292,9 @@ public DefaultPluginActionResult doImportUsersFromFile( HttpServletRequest reque */ public String getExportUsers( HttpServletRequest request ) { + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { return getManageAdminUsers( request ); } @@ -1323,9 +1326,10 @@ public String getExportUsers( HttpServletRequest request ) public DefaultPluginActionResult doExportUsers( HttpServletRequest request, HttpServletResponse response ) throws IOException { DefaultPluginActionResult result = new DefaultPluginActionResult( ); + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_IMPORT_EXPORT_USERS, - getUser( ) ) ) + currentUser ) ) { result.setHtmlContent( getManageAdminUsers( request ) ); @@ -1441,7 +1445,7 @@ public String doConfirmRemoveAdminUser( HttpServletRequest request ) throws Acce String strUrlRemove = JSP_URL_REMOVE_USER; Map parameters = new HashMap<>( ); parameters.put( PARAMETER_USER_ID, strUserId ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_USER ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_REMOVE_USER ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE, new Object [ ] { user.getFirstName( ), user.getLastName( ), user.getAccessCode( ) @@ -1467,7 +1471,7 @@ public String doRemoveAdminUser( HttpServletRequest request ) throws AccessDenie { return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_USER_ERROR_SESSION, AdminMessage.TYPE_ERROR ); } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_USER ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_USER ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -1628,7 +1632,7 @@ public String getModifyAdminUserWorkgroups( HttpServletRequest request ) throws model.put( MARK_CAN_DELEGATE, String.valueOf( bDelegateWorkgroups ) ); model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); model.put( MARK_DEFAULT_MODE_USED, AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_MANAGE_USER_WORKGROUPS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_MANAGE_USER_WORKGROUPS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_USER_WORKGROUPS, getLocale( ), model ); @@ -1703,7 +1707,7 @@ public String getModifyAdminUserRights( HttpServletRequest request ) throws Acce model.put( MARK_SELECT_ALL, bSelectAll ); model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); model.put( MARK_DEFAULT_MODE_USED, AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_MANAGE_USER_RIGHTS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_MANAGE_USER_RIGHTS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_USER_RIGHTS, getLocale( ), model ); @@ -1721,7 +1725,7 @@ public String getModifyAdminUserRights( HttpServletRequest request ) throws Acce */ public String doModifyAdminUserRights( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_MANAGE_USER_RIGHTS ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_MANAGE_USER_RIGHTS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -1849,7 +1853,7 @@ public String getModifyAdminUserRoles( HttpServletRequest request ) throws Acces for ( RBACRole role : RBACRoleHome.findAll( ) ) { - if ( currentUser.isAdmin( ) || RBACService.isUserInRole( currentUser, role.getKey( ) ) ) + if ( currentUser.isAdmin( ) || RBACService.isUserInRole( ( User ) currentUser, role.getKey( ) ) ) { assignableRoleList.add( role ); } @@ -1870,7 +1874,7 @@ public String getModifyAdminUserRoles( HttpServletRequest request ) throws Acces model.put( MARK_ALL_ROLE_LIST, assignableRoleList ); model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); model.put( MARK_DEFAULT_MODE_USED, AdminAuthenticationService.getInstance( ).isDefaultModuleUsed( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_MANAGE_USER_ROLES ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_MANAGE_USER_ROLES ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_USER_ROLES, getLocale( ), model ); @@ -1888,7 +1892,7 @@ public String getModifyAdminUserRoles( HttpServletRequest request ) throws Acces */ public String doModifyAdminUserRoles( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_MANAGE_USER_ROLES ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_MANAGE_USER_ROLES ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -1932,7 +1936,7 @@ public String doModifyAdminUserRoles( HttpServletRequest request ) throws Access */ public String doModifyAdminUserWorkgroups( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_MANAGE_USER_WORKGROUPS ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_MANAGE_USER_WORKGROUPS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -2009,12 +2013,14 @@ private boolean haveCommonWorkgroups( AdminUser user1, AdminUser user2 ) */ public String doModifyDefaultUserParameterValues( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } + + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { throw new AccessDeniedException( CONSTANT_USER_MSG + getUser( ) + CONSTANT_NOT_AUTHORIZED + AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS ); @@ -2047,12 +2053,14 @@ public String doModifyDefaultUserParameterValues( HttpServletRequest request ) t */ public String doModifyDefaultUserSecurityValues( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } + + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { throw new AccessDeniedException( CONSTANT_USER_MSG + getUser( ) + CONSTANT_NOT_AUTHORIZED + AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS ); @@ -2162,15 +2170,16 @@ public String doModifyDefaultUserSecurityValues( HttpServletRequest request ) th */ public String doModifyEmailPattern( HttpServletRequest request ) throws AccessDeniedException { + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { throw new AccessDeniedException( CONSTANT_USER_MSG + getUser( ) + CONSTANT_NOT_AUTHORIZED + AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS ); } if ( PARAMETER_RESET.equals( request.getParameter( PARAMETER_RESET ) ) ) { - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -2181,7 +2190,7 @@ public String doModifyEmailPattern( HttpServletRequest request ) throws AccessDe if ( StringUtils.isNotBlank( strEmailPattern ) ) { - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -2214,12 +2223,14 @@ private String doResetEmailPattern( HttpServletRequest request ) */ public String doInsertRegularExpression( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } + + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { throw new AccessDeniedException( CONSTANT_USER_MSG + getUser( ) + CONSTANT_NOT_AUTHORIZED + AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS ); @@ -2247,12 +2258,14 @@ public String doInsertRegularExpression( HttpServletRequest request ) throws Acc */ public String doRemoveRegularExpression( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } + + User currentUser = getUser( ); if ( !RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - getUser( ) ) ) + currentUser ) ) { throw new AccessDeniedException( CONSTANT_USER_MSG + getUser( ) + CONSTANT_NOT_AUTHORIZED + AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS ); @@ -2279,7 +2292,7 @@ public String doRemoveRegularExpression( HttpServletRequest request ) throws Acc public String getChangeUseAdvancedSecurityParameters( HttpServletRequest request ) { Map parameters = new HashMap<>( 1 ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TOKEN_TECHNICAL_ADMIN ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, TOKEN_TECHNICAL_ADMIN ) ); if ( AdminUserService.getBooleanSecurityParameter( AdminUserService.DSKEY_USE_ADVANCED_SECURITY_PARAMETERS ) ) { @@ -2302,7 +2315,7 @@ public String getChangeUseAdvancedSecurityParameters( HttpServletRequest request */ public String doUseAdvancedSecurityParameters( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -2325,7 +2338,7 @@ public String doUseAdvancedSecurityParameters( HttpServletRequest request ) thro */ public String doRemoveAdvancedSecurityParameters( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -2362,7 +2375,7 @@ public String getChangeFieldAnonymizeAdminUsers( HttpServletRequest request ) model.put( MARK_ATTRIBUTES_LIST, listAttributesText ); model.putAll( AdminUserHome.getAnonymizationStatusUserStaticField( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TOKEN_TECHNICAL_ADMIN ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TOKEN_TECHNICAL_ADMIN ) ); setPageTitleProperty( PROPERTY_MESSAGE_TITLE_CHANGE_ANONYMIZE_USER ); @@ -2386,7 +2399,7 @@ public String doChangeFieldAnonymizeAdminUsers( HttpServletRequest request ) thr { return getAdminDashboardsUrl( request, ANCHOR_ANONYMIZE_USERS ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) + if ( !getSecurityTokenService( ).validate( request, TOKEN_TECHNICAL_ADMIN ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -2443,7 +2456,7 @@ public String getAnonymizeAdminUser( HttpServletRequest request ) String strUrl = JSP_URL_ANONYMIZE_ADMIN_USER; Map parameters = new HashMap<>( ); parameters.put( PARAMETER_USER_ID, strAdminUserId ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_ANONYMIZE_ADMIN_USER ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_ANONYMIZE_ADMIN_USER ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_ANONYMIZE_USER, new Object [ ] { user.getFirstName( ), user.getLastName( ), user.getAccessCode( ) @@ -2475,7 +2488,7 @@ public String doAnonymizeAdminUser( HttpServletRequest request ) throws AccessDe { return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_USER_ERROR_SESSION, AdminMessage.TYPE_ERROR ); } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_ANONYMIZE_ADMIN_USER ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_ANONYMIZE_ADMIN_USER ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -2597,7 +2610,7 @@ public String getModifyAccountLifeTimeEmails( HttpServletRequest request ) model.put( MARK_WEBAPP_URL, AppPathService.getBaseUrl( request ) ); model.put( MARK_LOCALE, getLocale( ) ); model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_MODIFY_ACCOUNT_LIFE_TIME_EMAIL ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_MODIFY_ACCOUNT_LIFE_TIME_EMAIL ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ACCOUNT_LIFE_TIME_EMAIL, getLocale( ), model ); @@ -2615,7 +2628,7 @@ public String getModifyAccountLifeTimeEmails( HttpServletRequest request ) */ public String doModifyAccountLifeTimeEmails( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_MODIFY_ACCOUNT_LIFE_TIME_EMAIL ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_MODIFY_ACCOUNT_LIFE_TIME_EMAIL ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/user/AuthenticationFilter.java b/src/java/fr/paris/lutece/portal/web/user/AuthenticationFilter.java index 51d55ceb34..19e36fa510 100644 --- a/src/java/fr/paris/lutece/portal/web/user/AuthenticationFilter.java +++ b/src/java/fr/paris/lutece/portal/web/user/AuthenticationFilter.java @@ -35,7 +35,6 @@ import java.io.IOException; import java.util.Collection; -import java.util.Enumeration; import java.util.HashSet; import java.util.Set; import java.util.StringTokenizer; diff --git a/src/java/fr/paris/lutece/portal/web/user/UsersAdminDashboardComponent.java b/src/java/fr/paris/lutece/portal/web/user/UsersAdminDashboardComponent.java index 472d143798..43e7feeb0d 100644 --- a/src/java/fr/paris/lutece/portal/web/user/UsersAdminDashboardComponent.java +++ b/src/java/fr/paris/lutece/portal/web/user/UsersAdminDashboardComponent.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.user; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.rbac.RBAC; import fr.paris.lutece.portal.business.right.LevelHome; import fr.paris.lutece.portal.business.user.AdminUser; @@ -41,6 +42,7 @@ import fr.paris.lutece.portal.service.admin.AdminUserService; import fr.paris.lutece.portal.service.dashboard.admin.AdminDashboardComponent; import fr.paris.lutece.portal.service.rbac.RBACService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.template.AppTemplateService; import fr.paris.lutece.portal.service.user.AdminUserResourceIdService; @@ -52,6 +54,7 @@ import java.util.Map; +import jakarta.enterprise.inject.spi.CDI; import jakarta.servlet.http.HttpServletRequest; /** @@ -69,8 +72,9 @@ public class UsersAdminDashboardComponent extends AdminDashboardComponent private static final String MARK_ATTRIBUTES_LIST = "attributes_list"; private static final String MARK_LEVELS_LIST = "levels_list"; - private static final AttributeService _attributeService = AttributeService.getInstance( ); - private static final AttributeTypeService _attributeTypeService = AttributeTypeService.getInstance( ); + private static final AttributeService _attributeService = CDI.current( ).select( AttributeService.class ).get( ); + private static final AttributeTypeService _attributeTypeService = CDI.current( ).select( AttributeTypeService.class ).get( ); + private static final ISecurityTokenService _securityTokenService = CDI.current( ).select( ISecurityTokenService.class ).get( ); /** * @@ -80,13 +84,14 @@ public class UsersAdminDashboardComponent extends AdminDashboardComponent public String getDashboardData( AdminUser user, HttpServletRequest request ) { if ( RBACService.isAuthorized( AdminUser.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, AdminUserResourceIdService.PERMISSION_MANAGE_ADVANCED_PARAMETERS, - user ) ) + ( User ) user ) ) { List listAttributes = _attributeService.getAllAttributesWithoutFields( user.getLocale( ) ); List listAttributeTypes = _attributeTypeService.getAttributeTypes( user.getLocale( ) ); + + Map model = AdminUserService.getManageAdvancedParameters( user ); - model.put( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + model.put( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); model.put( MARK_ATTRIBUTES_LIST, listAttributes ); model.put( MARK_ATTRIBUTE_TYPES_LIST, listAttributeTypes ); model.put( MARK_LEVELS_LIST, LevelHome.getLevelsList( ) ); diff --git a/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBean.java b/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBean.java index 3ff533fddc..d08a81e5a8 100644 --- a/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBean.java @@ -125,7 +125,7 @@ public String getCreateAttributeField( HttpServletRequest request ) HtmlTemplate template; Map model = new HashMap<>( ); model.put( MARK_ATTRIBUTE, attribute ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_ATTRIBUTE_FIELD ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_ATTRIBUTE_FIELD ) ); template = AppTemplateService.getTemplate( TEMPLATE_CREATE_ATTRIBUTE_FIELD, getLocale( ), model ); @@ -161,7 +161,7 @@ public String doCreateAttributeField( HttpServletRequest request ) throws Access return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_ATTRIBUTE_FIELD ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_ATTRIBUTE_FIELD ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -202,7 +202,7 @@ public String getModifyAttributeField( HttpServletRequest request ) Map model = new HashMap<>( ); model.put( MARK_ATTRIBUTE_FIELD, attributeField ); model.put( MARK_ATTRIBUTE, attribute ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_ATTRIBUTE_FIELD ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_ATTRIBUTE_FIELD ) ); template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_ATTRIBUTE_FIELD, getLocale( ), model ); @@ -240,7 +240,7 @@ public String doModifyAttributeField( HttpServletRequest request ) throws Access return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_ATTRIBUTE_FIELD ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_ATTRIBUTE_FIELD ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -274,7 +274,7 @@ public String doConfirmRemoveAttributeField( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( PARAMETER_ID_ATTRIBUTE, strIdAttribute ); parameters.put( PARAMETER_ID_FIELD, strIdField ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_ATTRIBUTE_FIELD ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_REMOVE_ATTRIBUTE_FIELD ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_ATTRIBUTE_FIELD, JSP_URL_REMOVE_ATTRIBUTE_FIELD, AdminMessage.TYPE_CONFIRMATION, parameters ); @@ -294,7 +294,7 @@ public String doRemoveAttributeField( HttpServletRequest request ) throws Access String strIdAttribute = request.getParameter( PARAMETER_ID_ATTRIBUTE ); String strIdField = request.getParameter( PARAMETER_ID_FIELD ); - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_ATTRIBUTE_FIELD ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_ATTRIBUTE_FIELD ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -332,7 +332,7 @@ public String doMoveUpAttributeField( HttpServletRequest request ) throws Access IAttribute attribute = _attributeService.getAttributeWithFields( nIdAttribute, getLocale( ) ); List listAttributeFields = attribute.getListAttributeFields( ); - if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateModifyAttribute( ) ) ) + if ( !getSecurityTokenService( ).validate( request, attribute.getTemplateModifyAttribute( ) ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -385,7 +385,7 @@ public String doMoveDownAttributeField( HttpServletRequest request ) throws Acce IAttribute attribute = _attributeService.getAttributeWithFields( nIdAttribute, getLocale( ) ); List listAttributeFields = attribute.getListAttributeFields( ); - if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateModifyAttribute( ) ) ) + if ( !getSecurityTokenService( ).validate( request, attribute.getTemplateModifyAttribute( ) ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBean.java b/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBean.java index 163d608782..cd89fbf8f6 100644 --- a/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBean.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.user.attribute; +import java.lang.reflect.InvocationTargetException; import java.util.HashMap; import java.util.Iterator; import java.util.List; @@ -112,9 +113,9 @@ public String getCreateAttribute( HttpServletRequest request ) try { - attribute = (IAttribute) Class.forName( strAttributeTypeClassName ).newInstance( ); + attribute = (IAttribute) Class.forName( strAttributeTypeClassName ).getDeclaredConstructor().newInstance( ); } - catch( IllegalAccessException | InstantiationException | ClassNotFoundException e ) + catch( IllegalAccessException | InstantiationException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } @@ -131,7 +132,7 @@ public String getCreateAttribute( HttpServletRequest request ) HtmlTemplate template; Map model = new HashMap<>( ); model.put( MARK_ATTRIBUTE_TYPE, attribute.getAttributeType( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateCreateAttribute( ) ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, attribute.getTemplateCreateAttribute( ) ) ); template = AppTemplateService.getTemplate( attribute.getTemplateCreateAttribute( ), getLocale( ), model ); @@ -159,9 +160,9 @@ public String doCreateAttribute( HttpServletRequest request ) throws AccessDenie try { - attribute = (IAttribute) Class.forName( strAttributeTypeClassName ).newInstance( ); + attribute = (IAttribute) Class.forName( strAttributeTypeClassName ).getDeclaredConstructor().newInstance( ); } - catch( IllegalAccessException | InstantiationException | ClassNotFoundException e ) + catch( IllegalAccessException | InstantiationException | ClassNotFoundException | InvocationTargetException | NoSuchMethodException e ) { AppLogService.error( e.getMessage( ), e ); } @@ -178,7 +179,7 @@ public String doCreateAttribute( HttpServletRequest request ) throws AccessDenie { return strError; } - if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateCreateAttribute( ) ) ) + if ( !getSecurityTokenService( ).validate( request, attribute.getTemplateCreateAttribute( ) ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -218,7 +219,7 @@ public String getModifyAttribute( HttpServletRequest request ) Map model = new HashMap<>( ); model.put( MARK_ATTRIBUTE, attribute ); model.put( MARK_ATTRIBUTE_FIELDS_LIST, attribute.getListAttributeFields( ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) ); template = AppTemplateService.getTemplate( attribute.getTemplateModifyAttribute( ), getLocale( ), model ); @@ -257,7 +258,7 @@ public String doModifyAttribute( HttpServletRequest request ) throws AccessDenie { return strError; } - if ( !SecurityTokenService.getInstance( ).validate( request, attribute.getTemplateModifyAttribute( ) ) ) + if ( !getSecurityTokenService( ).validate( request, attribute.getTemplateModifyAttribute( ) ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -287,7 +288,7 @@ public String doConfirmRemoveAttribute( HttpServletRequest request ) Map parameters = new HashMap<>( ); parameters.put( PARAMETER_ID_ATTRIBUTE, strIdAttribute ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_ATTRIBUTE ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_REMOVE_ATTRIBUTE ) ); return AdminMessageService.getMessageUrl( request, PROPERTY_MESSAGE_CONFIRM_REMOVE_ATTRIBUTE, JSP_URL_REMOVE_ATTRIBUTE, AdminMessage.TYPE_CONFIRMATION, parameters ); @@ -308,7 +309,7 @@ public String doRemoveAttribute( HttpServletRequest request ) throws AccessDenie if ( StringUtils.isNotBlank( strIdAttribute ) && StringUtils.isNumeric( strIdAttribute ) ) { - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_ATTRIBUTE ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_ATTRIBUTE ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -334,7 +335,7 @@ public String doMoveUpAttribute( HttpServletRequest request ) throws AccessDenie if ( StringUtils.isNotBlank( strIdAttribute ) && StringUtils.isNumeric( strIdAttribute ) ) { - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -381,7 +382,7 @@ public String doMoveDownAttribute( HttpServletRequest request ) throws AccessDen if ( StringUtils.isNotBlank( strIdAttribute ) && StringUtils.isNumeric( strIdAttribute ) ) { - if ( !SecurityTokenService.getInstance( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) + if ( !getSecurityTokenService( ).validate( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBean.java b/src/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBean.java index 840a5719a2..56cf17457c 100644 --- a/src/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBean.java @@ -48,6 +48,7 @@ import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang3.StringUtils; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.right.Level; import fr.paris.lutece.portal.business.right.LevelHome; import fr.paris.lutece.portal.business.user.AdminUser; @@ -169,9 +170,10 @@ public String getManageWorkgroups( HttpServletRequest request ) HashMap model = new HashMap<>( ); - if ( !getUser( ).isAdmin( ) ) + AdminUser currentUser = getUser( ); + if ( !currentUser.isAdmin( ) ) { - listFilteredWorkgroups = (List) AdminWorkgroupService.getAuthorizedCollection( listFilteredWorkgroups, getUser( ) ); + listFilteredWorkgroups = (List) AdminWorkgroupService.getAuthorizedCollection( listFilteredWorkgroups, ( User ) currentUser ); } // SORT @@ -244,7 +246,7 @@ public String getCreateWorkgroup( HttpServletRequest request ) setPageTitleProperty( PROPERTY_CREATE_WORKGROUP_PAGETITLE ); Map model = new HashMap<>( 1 ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_WORKGROUP ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_WORKGROUP ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_WORKGROUP, getLocale( ), model ); @@ -286,7 +288,7 @@ public String doCreateWorkgroup( HttpServletRequest request ) throws AccessDenie { return AdminMessageService.getMessageUrl( request, MESSAGE_WORKGROUP_ACCENTUATED_CHARACTER, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_WORKGROUP ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_WORKGROUP ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -313,7 +315,7 @@ public String getConfirmRemoveWorkgroup( HttpServletRequest request ) String strUrlRemove = JSP_URL_REMOVE_WORKGROUP; Map parameters = new HashMap<>( ); parameters.put( PARAMETER_WORKGROUP_KEY, strWorkgroupKey ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_URL_REMOVE_WORKGROUP ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_URL_REMOVE_WORKGROUP ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE, strUrlRemove, AdminMessage.TYPE_CONFIRMATION, parameters ); } @@ -346,7 +348,7 @@ public String doRemoveWorkgroup( HttpServletRequest request ) throws AccessDenie return AdminMessageService.getMessageUrl( request, MESSAGE_CANNOT_REMOVE_WORKGROUP, args, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_URL_REMOVE_WORKGROUP ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_URL_REMOVE_WORKGROUP ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -378,7 +380,7 @@ public String getModifyWorkgroup( HttpServletRequest request ) HashMap model = new HashMap<>( ); model.put( MARK_WORKGROUP, workgroup ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_WORKGROUP ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_WORKGROUP ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_WORKGROUP, getLocale( ), model ); return getAdminPage( template.getHtml( ) ); @@ -402,7 +404,7 @@ public String doModifyWorkgroup( HttpServletRequest request ) throws AccessDenie { return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP ); } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_WORKGROUP ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_WORKGROUP ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -519,7 +521,7 @@ public String getAssignUsers( HttpServletRequest request ) model.put( MARK_ITEM_NAVIGATOR, _itemNavigator ); model.put( MARK_PAGINATOR, paginator ); model.put( MARK_NB_ITEMS_PER_PAGE, Integer.toString( _nItemsPerPage ) ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_ASSIGN_USERS ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_ASSIGN_USERS ) ); HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_ASSIGN_USERS, getLocale( ), model ); @@ -537,7 +539,7 @@ public String getAssignUsers( HttpServletRequest request ) */ public String doAssignUsers( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -574,7 +576,7 @@ public String doAssignUsers( HttpServletRequest request ) throws AccessDeniedExc */ public String doUnAssignUser( HttpServletRequest request ) throws AccessDeniedException { - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_ASSIGN_USERS ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/portal/web/xsl/XslExportAdminDashboardComponent.java b/src/java/fr/paris/lutece/portal/web/xsl/XslExportAdminDashboardComponent.java index 1e8e99ab91..ced78b6383 100644 --- a/src/java/fr/paris/lutece/portal/web/xsl/XslExportAdminDashboardComponent.java +++ b/src/java/fr/paris/lutece/portal/web/xsl/XslExportAdminDashboardComponent.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.xsl; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.rbac.RBAC; import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.business.xsl.XslExport; @@ -68,11 +69,11 @@ public String getDashboardData( AdminUser user, HttpServletRequest request ) List listXslExport = XslExportHome.getList( ); model.put( MARK_PERMISSION_CREATE, - RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_CREATE, user ) ); + RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_CREATE, ( User ) user ) ); model.put( MARK_PERMISSION_MODIFY, - RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_MODIFY, user ) ); + RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_MODIFY, ( User ) user ) ); model.put( MARK_PERMISSION_DELETE, - RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_DELETE, user ) ); + RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_DELETE, ( User ) user ) ); model.put( MARK_XSL_EXPORT_LIST, listXslExport ); diff --git a/src/java/fr/paris/lutece/portal/web/xsl/XslExportJspBean.java b/src/java/fr/paris/lutece/portal/web/xsl/XslExportJspBean.java index 32cd019a83..feed87225a 100644 --- a/src/java/fr/paris/lutece/portal/web/xsl/XslExportJspBean.java +++ b/src/java/fr/paris/lutece/portal/web/xsl/XslExportJspBean.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.xsl; +import fr.paris.lutece.api.user.User; import fr.paris.lutece.portal.business.file.File; import fr.paris.lutece.portal.business.file.FileHome; import fr.paris.lutece.portal.business.physicalfile.PhysicalFile; @@ -170,9 +171,10 @@ public String getCreateXslExport( HttpServletRequest request ) throws AccessDeni } model.put( MARK_LIST_PLUGINS, refListPlugins ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_XSL_EXPORT ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_CREATE_XSL_EXPORT ) ); - if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_CREATE, getUser( ) ) ) + User currentUser = getUser( ); + if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_CREATE, currentUser ) ) { throw new AccessDeniedException( MESSAGE_PERMISSION_DENIED ); } @@ -198,7 +200,8 @@ public String doCreateXslExport( HttpServletRequest request ) throws AccessDenie XslExport xslExport = new XslExport( ); String strError = getXslExportData( request, xslExport ); - if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_CREATE, getUser( ) ) ) + User currentUser = getUser( ); + if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_CREATE, currentUser ) ) { throw new AccessDeniedException( MESSAGE_PERMISSION_DENIED ); } @@ -208,7 +211,7 @@ public String doCreateXslExport( HttpServletRequest request ) throws AccessDenie return strError; } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_CREATE_XSL_EXPORT ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_CREATE_XSL_EXPORT ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -234,7 +237,8 @@ public String doCreateXslExport( HttpServletRequest request ) throws AccessDenie */ public String getModifyXslExport( HttpServletRequest request ) throws AccessDeniedException { - if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_MODIFY, getUser( ) ) ) + User currentUser = getUser( ); + if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_MODIFY, currentUser ) ) { throw new AccessDeniedException( MESSAGE_PERMISSION_DENIED ); } @@ -266,7 +270,7 @@ public String getModifyXslExport( HttpServletRequest request ) throws AccessDeni } model.put( MARK_LIST_PLUGINS, refListPlugins ); - model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_XSL_EXPORT ) ); + model.put( SecurityTokenService.MARK_TOKEN, getSecurityTokenService( ).getToken( request, TEMPLATE_MODIFY_XSL_EXPORT ) ); setPageTitleProperty( PROPERTY_MODIFY_XSL_EXPORT_TITLE ); @@ -286,7 +290,8 @@ public String getModifyXslExport( HttpServletRequest request ) throws AccessDeni */ public String doModifyXslExport( HttpServletRequest request ) throws AccessDeniedException { - if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_MODIFY, getUser( ) ) ) + User currentUser = getUser( ); + if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_MODIFY, currentUser ) ) { throw new AccessDeniedException( MESSAGE_PERMISSION_DENIED ); } @@ -302,7 +307,7 @@ public String doModifyXslExport( HttpServletRequest request ) throws AccessDenie { return strError; } - if ( !SecurityTokenService.getInstance( ).validate( request, TEMPLATE_MODIFY_XSL_EXPORT ) ) + if ( !getSecurityTokenService( ).validate( request, TEMPLATE_MODIFY_XSL_EXPORT ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } @@ -345,7 +350,8 @@ public String doModifyXslExport( HttpServletRequest request ) throws AccessDenie */ public String getConfirmRemoveXslExport( HttpServletRequest request ) throws AccessDeniedException { - if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_DELETE, getUser( ) ) ) + User currentUser = getUser( ); + if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_DELETE, currentUser ) ) { throw new AccessDeniedException( MESSAGE_PERMISSION_DENIED ); } @@ -354,7 +360,7 @@ public String getConfirmRemoveXslExport( HttpServletRequest request ) throws Acc Map parameters = new HashMap<>( ); parameters.put( PARAMETER_ID_XSL_EXPORT, strIdXslExport ); - parameters.put( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, JSP_DO_REMOVE_XSL_EXPORT ) ); + parameters.put( SecurityTokenService.PARAMETER_TOKEN, getSecurityTokenService( ).getToken( request, JSP_DO_REMOVE_XSL_EXPORT ) ); return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE_XSL_EXPORT, JSP_DO_REMOVE_XSL_EXPORT, AdminMessage.TYPE_CONFIRMATION, parameters ); @@ -371,11 +377,12 @@ public String getConfirmRemoveXslExport( HttpServletRequest request ) throws Acc */ public String doRemoveXslExport( HttpServletRequest request ) throws AccessDeniedException { - if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_DELETE, getUser( ) ) ) + User currentUser = getUser( ); + if ( !RBACService.isAuthorized( XslExport.RESOURCE_TYPE, RBAC.WILDCARD_RESOURCES_ID, XslExportResourceIdService.PERMISSION_DELETE, currentUser ) ) { throw new AccessDeniedException( MESSAGE_PERMISSION_DENIED ); } - if ( !SecurityTokenService.getInstance( ).validate( request, JSP_DO_REMOVE_XSL_EXPORT ) ) + if ( !getSecurityTokenService( ).validate( request, JSP_DO_REMOVE_XSL_EXPORT ) ) { throw new AccessDeniedException( ERROR_INVALID_TOKEN ); } diff --git a/src/java/fr/paris/lutece/util/pool/PoolManager.java b/src/java/fr/paris/lutece/util/pool/PoolManager.java index cba906c29b..fbcebce4f9 100644 --- a/src/java/fr/paris/lutece/util/pool/PoolManager.java +++ b/src/java/fr/paris/lutece/util/pool/PoolManager.java @@ -208,7 +208,7 @@ private ConnectionService getConnectionService( Map htParamsPool { String strConnectionService = htParamsPool.get( key + ".poolservice" ); - cs = (ConnectionService) Class.forName( strConnectionService ).newInstance( ); + cs = (ConnectionService) Class.forName( strConnectionService ).getDeclaredConstructor( ).newInstance( ); } catch( NullPointerException nullEx ) { diff --git a/src/java/fr/paris/lutece/util/string/StringUtil.java b/src/java/fr/paris/lutece/util/string/StringUtil.java index f8ee27fe57..8a245be5c0 100644 --- a/src/java/fr/paris/lutece/util/string/StringUtil.java +++ b/src/java/fr/paris/lutece/util/string/StringUtil.java @@ -36,11 +36,9 @@ import fr.paris.lutece.portal.service.util.AppLogService; import fr.paris.lutece.portal.service.util.AppPropertiesService; -import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; -import java.io.InputStreamReader; import java.text.Normalizer; import java.util.zip.GZIPInputStream; import java.util.zip.GZIPOutputStream; diff --git a/src/test/java/fr/paris/lutece/portal/service/admin/ImportAdminUserServiceTest.java b/src/test/java/fr/paris/lutece/portal/service/admin/ImportAdminUserServiceTest.java index a7d8ce096a..2a09e7d272 100644 --- a/src/test/java/fr/paris/lutece/portal/service/admin/ImportAdminUserServiceTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/admin/ImportAdminUserServiceTest.java @@ -42,11 +42,16 @@ import fr.paris.lutece.portal.business.user.AdminUserHome; import fr.paris.lutece.portal.business.user.authentication.LuteceDefaultAdminUser; import fr.paris.lutece.portal.service.csv.CSVMessageDescriptor; +import fr.paris.lutece.portal.service.user.attribute.AttributeService; import fr.paris.lutece.portal.service.util.AppPathService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; public class ImportAdminUserServiceTest extends LuteceTestCase { + @Inject + private AttributeService _attributeService; + @Test public void testReadLineOfCSVFileForPassword( ) { @@ -60,7 +65,7 @@ public void testReadLineOfCSVFileForPassword( ) "", // datelastlogin }; - ImportAdminUserService importAdminuser = new DefaultImportAdminUserService( ); + ImportAdminUserService importAdminuser = new DefaultImportAdminUserService( _attributeService ); MockHttpServletRequest request = new MockHttpServletRequest( ); List messages = importAdminuser.readLineOfCSVFile( lineData, 1, AdminUserService.getLocale( request ), AppPathService.getBaseUrl( request ) ); diff --git a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerTest.java b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerTest.java index b305662cbc..5032f2ffc1 100644 --- a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerTest.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.daemon; +import java.lang.reflect.InvocationTargetException; import java.util.concurrent.BlockingQueue; import java.util.concurrent.BrokenBarrierException; import java.util.concurrent.ExecutorService; @@ -106,7 +107,7 @@ private void testEnqueueCoalesce(boolean shouldThrow) { } - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally diff --git a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithCachedThreadPoolExecutorTest.java b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithCachedThreadPoolExecutorTest.java index ae347b49d0..a1ab49d145 100644 --- a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithCachedThreadPoolExecutorTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithCachedThreadPoolExecutorTest.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.daemon; +import java.lang.reflect.InvocationTargetException; import java.util.concurrent.BlockingQueue; import java.util.concurrent.BrokenBarrierException; import java.util.concurrent.ExecutorService; @@ -102,7 +103,7 @@ private void testEnqueueWhileRunning(boolean shouldThrow) executingDaemon.waitForCompletion(); executingDaemon.go(); executingDaemon.waitForCompletion(); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally @@ -163,7 +164,7 @@ private void testShutdown(boolean shouldThrow) scheduler.shutdown(); assertEquals(1, testDaemon.getStopCallNumber()); assertEquals(1, testDaemon2.getStopCallNumber()); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally diff --git a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithForkJoinPoolTest.java b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithForkJoinPoolTest.java index 8196d02e97..76c53b92e3 100644 --- a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithForkJoinPoolTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithForkJoinPoolTest.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.daemon; +import java.lang.reflect.InvocationTargetException; import java.util.concurrent.BlockingQueue; import java.util.concurrent.BrokenBarrierException; import java.util.concurrent.ExecutorService; @@ -99,7 +100,7 @@ private void testShutdownWhileRunning(boolean shouldThrow) Thread.sleep(10L); // leave some time to the daemon to exit // executing daemons assertEquals(1, testDaemon.getStopCallNumber()); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally diff --git a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithSingleThreadExecutorTest.java b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithSingleThreadExecutorTest.java index 8eb82d8376..437a7b05ce 100644 --- a/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithSingleThreadExecutorTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/daemon/DaemonSchedulerWithSingleThreadExecutorTest.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.daemon; +import java.lang.reflect.InvocationTargetException; import java.time.Duration; import java.time.Instant; import java.util.concurrent.BlockingQueue; @@ -95,7 +96,7 @@ private void testEnqueue(boolean shouldThrow) testDaemon.go(250L, TimeUnit.MILLISECONDS); testDaemon.waitForCompletion(); assertTrue(testDaemon.hasRun()); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally @@ -147,7 +148,7 @@ private void testEnqueueDelay(boolean shouldThrow) assertTrue(500L <= Duration.between(start, Instant.now()).toMillis()); testDaemon.waitForCompletion(); assertTrue(testDaemon.hasRun()); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally @@ -168,7 +169,8 @@ private void testEnqueueDelay(boolean shouldThrow) */ @Test public void testEnqueueDelayIllegalState() - throws ClassNotFoundException, InstantiationException, IllegalAccessException, InterruptedException, BrokenBarrierException, TimeoutException + throws ClassNotFoundException, InstantiationException, IllegalAccessException, InterruptedException, BrokenBarrierException, TimeoutException, + InvocationTargetException, NoSuchMethodException { String strMethodName = new Object() { @@ -236,7 +238,7 @@ private void testSchedule(boolean shouldThrow) assertTrue(1000L <= Duration.between(start, Instant.now()).toMillis()); testDaemon.waitForCompletion(); assertTrue(testDaemon.hasRun()); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally @@ -288,7 +290,7 @@ private void testScheduleDelay(boolean shouldThrow) assertTrue(500L <= Duration.between(start, Instant.now()).toMillis()); testDaemon.waitForCompletion(); assertTrue(testDaemon.hasRun()); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally @@ -345,7 +347,7 @@ private void testScheduleTwice(boolean shouldThrow) assertTrue(1000L <= timeForSecondRun, "Second run was " + timeForSecondRun + "ms after start"); testDaemon.waitForCompletion(); assertTrue(testDaemon.hasRun()); - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally @@ -438,7 +440,7 @@ private void testUnSchedule(boolean shouldThrow) { // OK } - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally @@ -503,7 +505,7 @@ private void testUnScheduleWhileRunning(boolean shouldThrow) { // OK } - } catch (InterruptedException | BrokenBarrierException | TimeoutException e) + } catch (InterruptedException | BrokenBarrierException | TimeoutException | InvocationTargetException | NoSuchMethodException e ) { fail(e.getMessage()); } finally diff --git a/src/test/java/fr/paris/lutece/portal/service/daemon/TestDaemon.java b/src/test/java/fr/paris/lutece/portal/service/daemon/TestDaemon.java index 3c72c59ae0..ea0b2f7416 100644 --- a/src/test/java/fr/paris/lutece/portal/service/daemon/TestDaemon.java +++ b/src/test/java/fr/paris/lutece/portal/service/daemon/TestDaemon.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.daemon; +import java.lang.reflect.InvocationTargetException; import java.util.concurrent.BrokenBarrierException; import java.util.concurrent.CyclicBarrier; import java.util.concurrent.TimeUnit; @@ -134,7 +135,7 @@ public int getStopCallNumber( ) * @param name daemon id * @return a new entry */ - static DaemonEntry makeDaemonEntry(String name) throws ClassNotFoundException, InstantiationException, IllegalAccessException + static DaemonEntry makeDaemonEntry(String name) throws ClassNotFoundException, InstantiationException, IllegalAccessException, InvocationTargetException, NoSuchMethodException { DaemonEntry entry = new DaemonEntry(); entry.setId(name); diff --git a/src/test/java/fr/paris/lutece/portal/service/event/LuteceUserEventManagerTest.java b/src/test/java/fr/paris/lutece/portal/service/event/LuteceUserEventManagerTest.java index ed9bde9b26..b1afe192a3 100644 --- a/src/test/java/fr/paris/lutece/portal/service/event/LuteceUserEventManagerTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/event/LuteceUserEventManagerTest.java @@ -33,8 +33,6 @@ */ package fr.paris.lutece.portal.service.event; -import java.util.function.Consumer; - import org.junit.jupiter.api.Test; import fr.paris.lutece.portal.business.event.LuteceUserEvent; @@ -42,6 +40,9 @@ import fr.paris.lutece.portal.service.security.MokeLuteceAuthentication; import fr.paris.lutece.portal.service.security.MokeLuteceUser; import fr.paris.lutece.test.LuteceTestCase; +import jakarta.enterprise.context.ApplicationScoped; +import jakarta.enterprise.event.Observes; +import jakarta.enterprise.inject.spi.CDI; /** * DatastoreService Test @@ -60,16 +61,8 @@ public void test( ) MokeLuteceUser user = new MokeLuteceUser( USER_NAME, new MokeLuteceAuthentication( ) ); - // listener consumer function - Consumer myfuncion = (LuteceUserEvent event) -> { - DatastoreService.setDataValue( KEY1, NEW_VALUE ); - }; - - // register listener - LuteceUserEventManager.getInstance( ).register( "mylistener" , myfuncion ); - - // noptify an event - LuteceUserEventManager.getInstance( ).notifyListeners( new LuteceUserEvent( user, LuteceUserEvent.EventType.LOGIN_SUCCESSFUL ) ); + // notify an event + CDI.current( ).getBeanManager( ).getEvent( ).fire( new LuteceUserEvent( user, LuteceUserEvent.EventType.LOGIN_SUCCESSFUL ) ); // check if the datastore value has been changed String strValue = DatastoreService.getDataValue( KEY1, VALUE_DEFAULT ); @@ -77,4 +70,13 @@ public void test( ) DatastoreService.removeData( KEY1 ); } + + @ApplicationScoped + public static class LuteceUserEventObserver { + + public void processLuteceEvent( @Observes LuteceUserEvent event ) + { + DatastoreService.setDataValue( KEY1, NEW_VALUE ); + } + } } diff --git a/src/test/java/fr/paris/lutece/portal/service/portal/PortalMenuServiceTest.java b/src/test/java/fr/paris/lutece/portal/service/portal/PortalMenuServiceTest.java index 04f78daf3e..66ce203135 100644 --- a/src/test/java/fr/paris/lutece/portal/service/portal/PortalMenuServiceTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/portal/PortalMenuServiceTest.java @@ -55,9 +55,9 @@ import fr.paris.lutece.portal.service.security.LuteceUser; import fr.paris.lutece.portal.service.security.MokeLuteceAuthentication; import fr.paris.lutece.portal.service.security.SecurityService; -import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import fr.paris.lutece.util.AppInitPropertiesService; import jakarta.inject.Inject; import jakarta.servlet.http.HttpServletRequest; @@ -252,7 +252,7 @@ private void restoreAuthentication( boolean status ) throws IOException, LuteceI OutputStream os = new FileOutputStream( luteceProperties ); props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); os.close( ); - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); SecurityService.init( ); } } @@ -274,7 +274,7 @@ private boolean enableAuthentication( ) throws IOException, LuteceInitException OutputStream os = new FileOutputStream( luteceProperties ); props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); os.close( ); - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); SecurityService.init( ); } diff --git a/src/test/java/fr/paris/lutece/portal/service/search/LuceneSearchEngineTest.java b/src/test/java/fr/paris/lutece/portal/service/search/LuceneSearchEngineTest.java index 9e55097807..e98deffc78 100644 --- a/src/test/java/fr/paris/lutece/portal/service/search/LuceneSearchEngineTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/search/LuceneSearchEngineTest.java @@ -60,9 +60,9 @@ import fr.paris.lutece.portal.service.security.LuteceUser; import fr.paris.lutece.portal.service.security.MokeLuteceAuthentication; import fr.paris.lutece.portal.service.security.SecurityService; -import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import fr.paris.lutece.util.AppInitPropertiesService; import jakarta.inject.Inject; /** @@ -274,7 +274,7 @@ private void restoreAuthentication( boolean status ) throws IOException, LuteceI OutputStream os = new FileOutputStream( luteceProperties ); props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); os.close( ); - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); SecurityService.init( ); } } @@ -297,7 +297,7 @@ private boolean enableAuthentication( ) throws IOException, LuteceInitException OutputStream os = new FileOutputStream( luteceProperties ); props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); os.close( ); - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); SecurityService.init( ); } diff --git a/src/test/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrarTest.java b/src/test/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrarTest.java index 27d63e91db..9640882b95 100644 --- a/src/test/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrarTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/user/menu/AdminUserMenuItemProviderRegistrarTest.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.service.user.menu; +import java.lang.reflect.InvocationTargetException; import java.util.List; import org.junit.jupiter.api.BeforeEach; @@ -56,7 +57,7 @@ protected void setUp( ) throws Exception _instance.setBeanName( "junit" ); } @Test - public void testSetClassName( ) throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException + public void testSetClassName( ) throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { _instance.setClassName( TestAdminUserMenuItemProvider.class.getName( ) ); _instance.registerAdminUserMenuItemProvider( ); @@ -68,7 +69,7 @@ public void testSetClassName( ) throws InstantiationException, IllegalAccessExce } @Test public void testSetClassNameProviderAlreadySetDirectly( ) - throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException + throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { _instance.setProvider( new TestAdminUserMenuItemProvider( ) ); try @@ -83,7 +84,7 @@ public void testSetClassNameProviderAlreadySetDirectly( ) } @Test public void testSetClassNameProviderAlreadySetByClassName( ) - throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException + throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { _instance.setClassName( TestAdminUserMenuItemProvider.class.getName( ) ); try @@ -124,7 +125,7 @@ public void testSetProviderProviderAlreadySetDirectly( ) } @Test public void testSetProviderProviderAlreadySetByClassName( ) - throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException + throws InstantiationException, IllegalAccessException, IllegalStateException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { _instance.setClassName( TestAdminUserMenuItemProvider.class.getName( ) ); try diff --git a/src/test/java/fr/paris/lutece/portal/service/util/AppPathServiceTest.java b/src/test/java/fr/paris/lutece/portal/service/util/AppPathServiceTest.java index a08cde7fa7..63ad968d4a 100644 --- a/src/test/java/fr/paris/lutece/portal/service/util/AppPathServiceTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/util/AppPathServiceTest.java @@ -33,11 +33,12 @@ */ package fr.paris.lutece.portal.service.util; -import java.io.FileInputStream; import java.io.IOException; +import java.io.InputStream; import org.junit.jupiter.api.Test; +import fr.paris.lutece.plugins.resource.loader.ResourceNotFoundException; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; import fr.paris.lutece.util.ReferenceList; @@ -85,20 +86,20 @@ public void testGetPath( ) * Test of getResourceAsStream method, of class fr.paris.lutece.portal.service.util.AppPathService. */ @Test - public void testGetResourceAsStream( ) throws IOException + public void testGetResourceAsStream( ) throws IOException, ResourceNotFoundException { System.out.println( "getResourceAsStream" ); String strPath = FRAGMENT_END_PATH_CONF; String strFilename = "lutece.properties"; - FileInputStream fis = AppPathService.getResourceAsStream( strPath, strFilename ); - assertNotNull( fis ); + InputStream is = AppPathService.getResourceStream( strPath, strFilename ); + assertNotNull( is ); // Don't forget to close the file input stream - if ( fis != null ) + if ( is != null ) { - fis.close( ); + is.close( ); } } diff --git a/src/test/java/fr/paris/lutece/portal/service/util/CryptoServiceTest.java b/src/test/java/fr/paris/lutece/portal/service/util/CryptoServiceTest.java index 56c3855679..9299bef49b 100644 --- a/src/test/java/fr/paris/lutece/portal/service/util/CryptoServiceTest.java +++ b/src/test/java/fr/paris/lutece/portal/service/util/CryptoServiceTest.java @@ -48,6 +48,7 @@ import fr.paris.lutece.portal.service.datastore.DatastoreService; import fr.paris.lutece.test.LuteceTestCase; +import fr.paris.lutece.util.AppInitPropertiesService; public class CryptoServiceTest extends LuteceTestCase { @@ -98,7 +99,7 @@ private void removeLegacyKey( ) throws IOException, FileNotFoundException { props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); } - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); } private void setLegacyKey( final String strLegacyKey ) throws IOException, FileNotFoundException @@ -114,7 +115,7 @@ private void setLegacyKey( final String strLegacyKey ) throws IOException, FileN { props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); } - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); } @Test public void testHmacSHA256( ) diff --git a/src/test/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBeanTest.java index 51fb1f7271..01adee9ae9 100644 --- a/src/test/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/admin/AdminMenuJspBeanTest.java @@ -56,6 +56,7 @@ import fr.paris.lutece.portal.service.i18n.I18nService; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.portal.web.constants.Messages; @@ -79,6 +80,7 @@ public class AdminMenuJspBeanTest extends LuteceTestCase private @Inject IPasswordFactory passwordFactory; private @Inject IAdminUserDAO adminUserDAO; private @Inject AdminMenuJspBean instance; + private @Inject ISecurityTokenService _securityTokenService; AdminUser _user = new AdminUser( ); @@ -126,7 +128,7 @@ public void testDoChangeLanguage( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( PARAMETER_LANGUAGE, TEST_LANGUAGE ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, LanguageAdminUserMenuItemProvider.TEMPLATE ) ); + _securityTokenService.getToken( request, LanguageAdminUserMenuItemProvider.TEMPLATE ) ); getUser( request ); AdminUserUtils.registerAdminUser( request, _user ); @@ -144,7 +146,7 @@ public void testDoChangeLanguageInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( PARAMETER_LANGUAGE, TEST_LANGUAGE ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, LanguageAdminUserMenuItemProvider.TEMPLATE ) + "b" ); + _securityTokenService.getToken( request, LanguageAdminUserMenuItemProvider.TEMPLATE ) + "b" ); getUser( request ); AdminUserUtils.registerAdminUser( request, _user ); @@ -314,7 +316,7 @@ public void testDoModifyDefaultAdminUserPassword( ) throws AccessDeniedException request.addParameter( Parameters.NEW_PASSWORD, password + "_mod" ); request.addParameter( Parameters.CONFIRM_NEW_PASSWORD, password + "_mod" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/modify_password_default_module.html" ) ); + _securityTokenService.getToken( request, "admin/user/modify_password_default_module.html" ) ); instance.doModifyDefaultAdminUserPassword( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -352,7 +354,7 @@ public void testDoModifyDefaultAdminUserPasswordInvalidToken( ) throws AccessDen request.addParameter( Parameters.NEW_PASSWORD, password + "_mod" ); request.addParameter( Parameters.CONFIRM_NEW_PASSWORD, password + "_mod" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/modify_password_default_module.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/user/modify_password_default_module.html" ) + "b" ); try { instance.doModifyDefaultAdminUserPassword( request ); @@ -405,7 +407,7 @@ public void testDoModifyAccessibilityMode( ) throws AccessDeniedException { MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AccessibilityModeAdminUserMenuItemProvider.TEMPLATE ) ); + _securityTokenService.getToken( request, AccessibilityModeAdminUserMenuItemProvider.TEMPLATE ) ); getUser( request ); AdminUserUtils.registerAdminUser( request, _user ); @@ -427,7 +429,7 @@ public void testDoModifyAccessibilityModeInvalidToken( ) throws AccessDeniedExce { MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AccessibilityModeAdminUserMenuItemProvider.TEMPLATE ) + "b" ); + _securityTokenService.getToken( request, AccessibilityModeAdminUserMenuItemProvider.TEMPLATE ) + "b" ); getUser( request ); AdminUserUtils.registerAdminUser( request, _user ); diff --git a/src/test/java/fr/paris/lutece/portal/web/admin/AdminPageJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/admin/AdminPageJspBeanTest.java index 315385f1b2..d17e30ffa6 100644 --- a/src/test/java/fr/paris/lutece/portal/web/admin/AdminPageJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/admin/AdminPageJspBeanTest.java @@ -70,6 +70,7 @@ import fr.paris.lutece.portal.service.page.IPageService; import fr.paris.lutece.portal.service.page.PageResourceIdService; import fr.paris.lutece.portal.service.portal.PortalService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.constants.Parameters; import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest; @@ -86,6 +87,7 @@ public class AdminPageJspBeanTest extends LuteceTestCase private AdminPageJspBean _bean; private AdminUser _adminUser; private @Inject IPageService pageService; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -152,7 +154,7 @@ private AdminUser getAdminUser( ) */ private void removeUser( AdminUser user ) { - Map roles = user.getRoles( ); + Map roles = user.getUserRoles( ); for ( String roleKey : roles.keySet( ) ) { RBACHome.removeForRoleKey( roleKey ); @@ -276,7 +278,7 @@ public void testDoRemovePage( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( Parameters.PAGE_ID, Integer.toString( _page.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePage.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePage.jsp" ) ); _bean.doRemovePage( request ); assertFalse( PageHome.checkPageExist( _page.getId( ) ) ); } @@ -301,7 +303,7 @@ public void testDoRemovePageInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( Parameters.PAGE_ID, Integer.toString( _page.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePage.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePage.jsp" ) + "b" ); try { _bean.doRemovePage( request ); @@ -354,7 +356,7 @@ public void testDoModifyPage( ) throws AccessDeniedException, FileUploadSizeExce Integer.toString( _page.getParentPageId( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_property.html" ) + _securityTokenService.getToken( request, "admin/site/admin_page_block_property.html" ) } ); _bean.doModifyPage( new MultipartHttpServletRequest( request, Collections.emptyMap( ), parameters ) ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -393,7 +395,7 @@ public void testDoModifyPagePageDataError( ) throws AccessDeniedException, FileU Integer.toString( _page.getParentPageId( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_property.html" ) + _securityTokenService.getToken( request, "admin/site/admin_page_block_property.html" ) } ); _bean.doModifyPage( new MultipartHttpServletRequest( request, Collections.emptyMap( ), parameters ) ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -433,7 +435,7 @@ public void testDoModifyPageInexistentParentPage( ) throws AccessDeniedException "567894535" } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_property.html" ) + _securityTokenService.getToken( request, "admin/site/admin_page_block_property.html" ) } ); _bean.doModifyPage( new MultipartHttpServletRequest( request, Collections.emptyMap( ), parameters ) ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -475,7 +477,7 @@ public void testDoModifyPagePictureError( ) throws AccessDeniedException, FileUp "update_image" } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_property.html" ) + _securityTokenService.getToken( request, "admin/site/admin_page_block_property.html" ) } ); Map>> fileItems = new HashMap<>( ); List> items = new ArrayList<>( ); @@ -524,7 +526,7 @@ public void testDoModifyPageInvalidToken( ) throws AccessDeniedException, FileUp Integer.toString( _page.getParentPageId( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_property.html" ) + "b" + _securityTokenService.getToken( request, "admin/site/admin_page_block_property.html" ) + "b" } ); try { @@ -609,7 +611,7 @@ public void testDoModifyPageUpdateDateError( ) throws AccessDeniedException, Fil Integer.toString( _page.getParentPageId( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_property.html" ) + _securityTokenService.getToken( request, "admin/site/admin_page_block_property.html" ) } ); parameters.put( Parameters.PARAMETER_DISPLAY_UPDATE_DATE, new String [ ] { Boolean.toString( _page.getDisplayDateUpdate( ) ) @@ -675,7 +677,7 @@ public void testDoCreateChildPage( ) throws AccessDeniedException, FileUploadSiz "01/01/2017" } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_childpage.html" ) + _securityTokenService.getToken( request, "admin/site/admin_page_block_childpage.html" ) } ); Collection children = PageHome.getChildPages( _page.getId( ) ); @@ -728,7 +730,7 @@ public void testDoCreateChildPageInvalidToken( ) throws AccessDeniedException, F Integer.toString( _page.getParentPageId( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/site/admin_page_block_childpage.html" ) + "b" + _securityTokenService.getToken( request, "admin/site/admin_page_block_childpage.html" ) + "b" } ); Collection children = PageHome.getChildPages( _page.getId( ) ); assertNotNull( children ); diff --git a/src/test/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBeanTest.java index b007fa551b..f36f561aed 100644 --- a/src/test/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/admin/AdminPagePortletJspBeanTest.java @@ -60,6 +60,7 @@ import fr.paris.lutece.portal.service.message.SiteMessageException; import fr.paris.lutece.portal.service.portlet.PortletRemovalListenerService; import fr.paris.lutece.portal.service.portlet.PortletResourceIdService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.RemovalListener; import fr.paris.lutece.portal.web.constants.Parameters; @@ -67,6 +68,7 @@ import fr.paris.lutece.test.mocks.MockHttpServletRequest; import fr.paris.lutece.util.ReferenceItem; import fr.paris.lutece.util.ReferenceList; +import jakarta.inject.Inject; import jakarta.servlet.http.HttpServletRequest; /** @@ -77,6 +79,8 @@ public class AdminPagePortletJspBeanTest extends LuteceTestCase /** status request parameter */ private static final String PORTLET_STATUS = "status"; + + private @Inject ISecurityTokenService _securityTokenService; /** * Test when no parameter given @@ -288,7 +292,7 @@ public void testDoModifyPortletStatusNoParam( ) throws AccessDeniedException AdminPagePortletJspBean bean = new AdminPagePortletJspBean( ); MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); String url = bean.doModifyPortletStatus( request ); assertNotNull( url ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -308,7 +312,7 @@ public void testDoModifyPortletStatusNoStatusParam( ) throws AccessDeniedExcepti AdminPagePortletJspBean bean = new AdminPagePortletJspBean( ); MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); request.addParameter( Parameters.PORTLET_ID, "1" ); String url = bean.doModifyPortletStatus( request ); assertNotNull( url ); @@ -330,7 +334,7 @@ public void testDoModifyPortletStatusNoPortletParam( ) throws AccessDeniedExcept MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( PORTLET_STATUS, Integer.toString( Portlet.STATUS_PUBLISHED ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); String url = bean.doModifyPortletStatus( request ); assertNotNull( url ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -353,7 +357,7 @@ public void testDoModifyPortletStatusInvalidStatus( ) throws AccessDeniedExcepti try { request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); request.addParameter( Parameters.PORTLET_ID, Integer.toString( portlet.getId( ) ) ); request.addParameter( PORTLET_STATUS, "999999999" ); String url = bean.doModifyPortletStatus( request ); @@ -380,7 +384,7 @@ public void testDoModifyPortletStatusInvalidPortletID( ) throws AccessDeniedExce AdminPagePortletJspBean bean = new AdminPagePortletJspBean( ); MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); request.addParameter( Parameters.PORTLET_ID, "NOT_NUMERIC" ); request.addParameter( PORTLET_STATUS, Integer.toString( Portlet.STATUS_PUBLISHED ) ); String url = bean.doModifyPortletStatus( request ); @@ -405,7 +409,7 @@ public void testDoModifyPortletStatusInexistantPortletID( ) throws AccessDeniedE try { request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); request.addParameter( Parameters.PORTLET_ID, "31415925" ); request.addParameter( PORTLET_STATUS, Integer.toString( Portlet.STATUS_PUBLISHED ) ); String url = bean.doModifyPortletStatus( request ); @@ -432,7 +436,7 @@ public void testDoModifyPortletStatusNoRight( ) try { request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); request.addParameter( Parameters.PORTLET_ID, Integer.toString( portlet.getId( ) ) ); request.addParameter( PORTLET_STATUS, Integer.toString( Portlet.STATUS_PUBLISHED ) ); AdminUserUtils.registerAdminUser( request, new AdminUser( ) ); @@ -468,7 +472,7 @@ public void testDoModifyPortletStatus( ) throws AccessDeniedException int nNewStatus = nStatus == Portlet.STATUS_PUBLISHED ? Portlet.STATUS_UNPUBLISHED : Portlet.STATUS_PUBLISHED; user = getAdminUser( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) ); request.addParameter( Parameters.PORTLET_ID, Integer.toString( portlet.getId( ) ) ); request.addParameter( PORTLET_STATUS, Integer.toString( nNewStatus ) ); AdminUserUtils.registerAdminUser( request, user ); @@ -559,7 +563,7 @@ public void testDoModifyPortletStatusInvalidCSRFToken( ) throws AccessDeniedExce int nNewStatus = nStatus == Portlet.STATUS_PUBLISHED ? Portlet.STATUS_UNPUBLISHED : Portlet.STATUS_PUBLISHED; user = getAdminUser( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/site/DoModifyPortletStatus.jsp" ) + "b" ); request.addParameter( Parameters.PORTLET_ID, Integer.toString( portlet.getId( ) ) ); request.addParameter( PORTLET_STATUS, Integer.toString( nNewStatus ) ); AdminUserUtils.registerAdminUser( request, user ); @@ -842,7 +846,7 @@ public void testDoRemovePortletNoParam( ) throws AccessDeniedException AdminPagePortletJspBean bean = new AdminPagePortletJspBean( ); MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); String url = bean.doRemovePortlet( request ); assertNotNull( url ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -862,7 +866,7 @@ public void testDoRemovePortletInvalidPortletID( ) throws AccessDeniedException AdminPagePortletJspBean bean = new AdminPagePortletJspBean( ); MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); request.addParameter( Parameters.PORTLET_ID, "NOT_NUMERIC" ); String url = bean.doRemovePortlet( request ); assertNotNull( url ); @@ -887,7 +891,7 @@ public void testDoRemovePortletInexistantPortletID( ) throws AccessDeniedExcepti { request.addParameter( Parameters.PORTLET_ID, "31415925" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); String url = bean.doRemovePortlet( request ); assertNotNull( url ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -913,7 +917,7 @@ public void testDoRemovePortletNoRight( ) { request.addParameter( Parameters.PORTLET_ID, Integer.toString( portlet.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); AdminUserUtils.registerAdminUser( request, new AdminUser( ) ); bean.doRemovePortlet( request ); fail( "Should not have been able to modify the portlet" ); @@ -946,7 +950,7 @@ public void testDoRemovePortlet( ) throws AccessDeniedException user = getAdminUser( ); request.addParameter( Parameters.PORTLET_ID, Integer.toString( portlet.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) ); AdminUserUtils.registerAdminUser( request, user ); String url = bean.doRemovePortlet( request ); assertNotNull( url ); @@ -1033,7 +1037,7 @@ public void testDoRemovePortletInvalidCSRFToken( ) throws AccessDeniedException user = getAdminUser( ); request.addParameter( Parameters.PORTLET_ID, Integer.toString( portlet.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/site/DoRemovePortlet.jsp" ) + "b" ); AdminUserUtils.registerAdminUser( request, user ); bean.doRemovePortlet( request ); fail( "Should have thrown" ); @@ -1087,7 +1091,7 @@ private AdminUser getAdminUser( ) */ private void removeUser( AdminUser user ) { - Map roles = user.getRoles( ); + Map roles = user.getUserRoles( ); for ( String roleKey : roles.keySet( ) ) { RBACHome.removeForRoleKey( roleKey ); diff --git a/src/test/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBeanTest.java index 7493c7718a..a586996d84 100644 --- a/src/test/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/dashboard/AdminDashboardJspBeanTest.java @@ -49,6 +49,7 @@ import fr.paris.lutece.portal.service.admin.AdminAuthenticationService; import fr.paris.lutece.portal.service.admin.PasswordResetException; import fr.paris.lutece.portal.service.dashboard.admin.IAdminDashboardComponent; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; @@ -65,6 +66,8 @@ public class AdminDashboardJspBeanTest extends LuteceTestCase @Inject private AdminDashboardJspBean instance; private IAdminDashboardComponent _dashboard; + @Inject + private ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -131,7 +134,7 @@ public void testDoMoveAdminDashboard( ) throws AccessDeniedException request.setParameter( "dashboard_order", "-1" ); request.setParameter( "dashboard_column", "-1" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) ); + _securityTokenService.getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) ); instance.doMoveAdminDashboard( request ); @@ -153,7 +156,7 @@ public void testDoMoveAdminDashboardInvalidToken( ) throws AccessDeniedException request.setParameter( "dashboard_order", "-1" ); request.setParameter( "dashboard_column", "-1" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) + "b" ); + _securityTokenService.getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) + "b" ); try { @@ -212,7 +215,7 @@ public void testDoReorderColumn( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "column", Integer.toString( nZone ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) ); + _securityTokenService.getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) ); instance.doReorderColumn( request ); @@ -238,7 +241,7 @@ public void testDoReorderColumnInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "column", Integer.toString( nZone ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) + "b" ); + _securityTokenService.getToken( request, "/admin/dashboard/admin/manage_dashboards.html" ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBeanTest.java index 7f0584ae23..3f3bb36dca 100644 --- a/src/test/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/dashboard/DashboardJspBeanTest.java @@ -52,6 +52,7 @@ import fr.paris.lutece.portal.service.admin.PasswordResetException; import fr.paris.lutece.portal.service.dashboard.DashboardService; import fr.paris.lutece.portal.service.dashboard.IDashboardComponent; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; @@ -64,6 +65,10 @@ public class DashboardJspBeanTest extends LuteceTestCase private DashboardJspBean _instance; private IDashboardComponent _dashboard; private int _nZone; + @Inject + private ISecurityTokenService _securityTokenService; + @Inject + private DashboardService _dashboardService; @BeforeEach protected void setUp( ) throws Exception @@ -71,7 +76,7 @@ protected void setUp( ) throws Exception _dashboard = new TestDashboardComponent( ); _dashboard.setName( getRandomName( ) ); _dashboard.setRight( "ALL" ); - _nZone = DashboardService.getInstance( ).getColumnCount( ); + _nZone = _dashboardService.getColumnCount( ); _dashboard.setZone( _nZone ); DashboardFactory.registerDashboardComponent( _dashboard ); DashboardHome.create( _dashboard ); @@ -114,7 +119,7 @@ public void testdoMoveDashboard( ) throws AccessDeniedException request.setParameter( "dashboard_order", "-1" ); request.setParameter( "dashboard_column", "-1" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/manage_dashboards.html" ) ); + _securityTokenService.getToken( request, "/admin/dashboard/manage_dashboards.html" ) ); _instance.doMoveDashboard( request ); @@ -136,7 +141,7 @@ public void testdoMoveDashboardInvalidToken( ) throws AccessDeniedException request.setParameter( "dashboard_order", "-1" ); request.setParameter( "dashboard_column", "-1" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/manage_dashboards.html" ) + "b" ); + _securityTokenService.getToken( request, "/admin/dashboard/manage_dashboards.html" ) + "b" ); try { @@ -195,7 +200,7 @@ public void testDoReorderColumn( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "column", Integer.toString( nZone ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/manage_dashboards.html" ) ); + _securityTokenService.getToken( request, "/admin/dashboard/manage_dashboards.html" ) ); _instance.doReorderColumn( request ); @@ -221,7 +226,7 @@ public void testDoReorderColumnInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "column", Integer.toString( nZone ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "/admin/dashboard/manage_dashboards.html" ) + "b" ); + _securityTokenService.getToken( request, "/admin/dashboard/manage_dashboards.html" ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBeanTest.java index 5f0ff53c88..ac881273e8 100644 --- a/src/test/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/editor/EditorChoiceLutecePanelJspBeanTest.java @@ -41,15 +41,18 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.editor.RichTextEditorService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; public class EditorChoiceLutecePanelJspBeanTest extends LuteceTestCase { private EditorChoiceLutecePanelJspBean _instance; private String _boDefaultEditor; private String _foDefaultEditor; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -75,7 +78,7 @@ public void testDoUpdateBackOfficeEditor( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "editor_back_office", strBOEditor ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) ); + _securityTokenService.getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) ); _instance.doUpdateBackOfficeEditor( request ); assertEquals( strBOEditor, RichTextEditorService.getBackOfficeDefaultEditor( ) ); @@ -90,7 +93,7 @@ public void testDoUpdateBackOfficeEditorInvalidToken( ) throws AccessDeniedExcep MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "editor_back_office", strBOEditor ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) + "b" ); try { _instance.doUpdateBackOfficeEditor( request ); @@ -131,7 +134,7 @@ public void testDoUpdateFrontOfficeEditor( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "editor_front_office", strFOEditor ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) ); + _securityTokenService.getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) ); _instance.doUpdateFrontOfficeEditor( request ); assertEquals( strFOEditor, RichTextEditorService.getFrontOfficeDefaultEditor( ) ); @@ -146,7 +149,7 @@ public void testDoUpdateFrontOfficeEditorInvalidToken( ) throws AccessDeniedExce MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "editor_front_office", strFOEditor ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/dashboard/admin/editor_dashboard.html" ) + "b" ); try { _instance.doUpdateFrontOfficeEditor( request ); diff --git a/src/test/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBeanTest.java index 1fbf771b33..3568bd8829 100644 --- a/src/test/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/features/ExternalFeaturesJspBeanTest.java @@ -50,11 +50,13 @@ import fr.paris.lutece.portal.service.admin.PasswordResetException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.AppLogService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; public class ExternalFeaturesJspBeanTest extends LuteceTestCase { @@ -74,6 +76,7 @@ public class ExternalFeaturesJspBeanTest extends LuteceTestCase private static final boolean IS_EXTERNAL_FEATURE = true; private Right _right; private FeatureGroup _featureGroup; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -162,7 +165,7 @@ public void testDoModifyExternalFeature( ) throws AccessDeniedException instance.getModifyExternalFeature( request ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/modify_external_feature.html" ) ); + _securityTokenService.getToken( request, "admin/features/modify_external_feature.html" ) ); instance.doModifyExternalFeature( request ); Right right = RightHome.findByPrimaryKey( _right.getId( ) ); @@ -201,7 +204,7 @@ public void testDoModifyExternalFeatureInvalidToken( ) throws AccessDeniedExcept instance.getModifyExternalFeature( request ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/modify_external_feature.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/modify_external_feature.html" ) + "b" ); try { instance.doModifyExternalFeature( request ); @@ -294,7 +297,7 @@ public void testDoCreateExternalFeature( ) throws PasswordResetException, Access request.setParameter( "externalFeature", "false" ); request.setParameter( "documentationUrl", strRandom ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/create_external_feature.html" ) ); + _securityTokenService.getToken( request, "admin/features/create_external_feature.html" ) ); instance.doCreateExternalFeature( request ); @@ -346,7 +349,7 @@ public void testDoCreateExternalFeatureInvalidToken( ) throws PasswordResetExcep request.setParameter( "externalFeature", "false" ); request.setParameter( "documentationUrl", strRandom ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/create_external_feature.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/create_external_feature.html" ) + "b" ); try { @@ -436,7 +439,7 @@ public void testDoRemoveExternalFeature( ) throws PasswordResetException, Access instance.init( request, ExternalFeaturesJspBean.RIGHT_EXTERNAL_FEATURES_MANAGEMENT ); instance.getRemoveExternalFeature( request ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/features/DoRemoveExternalFeature.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/features/DoRemoveExternalFeature.jsp" ) ); instance.doRemoveExternalFeature( request ); Right right = RightHome.findByPrimaryKey( TEST_EXTERNAL_FEATURE_ID ); @@ -454,7 +457,7 @@ public void testDoRemoveExternalFeatureInvalidToken( ) throws PasswordResetExcep instance.init( request, ExternalFeaturesJspBean.RIGHT_EXTERNAL_FEATURES_MANAGEMENT ); instance.getRemoveExternalFeature( request ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/features/DoRemoveExternalFeature.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/features/DoRemoveExternalFeature.jsp" ) + "b" ); try { instance.doRemoveExternalFeature( request ); diff --git a/src/test/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBeanTest.java index 878773825a..c0d469f00f 100644 --- a/src/test/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/features/FeaturesGroupJspBeanTest.java @@ -50,6 +50,7 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean; @@ -69,6 +70,7 @@ public class FeaturesGroupJspBeanTest extends LuteceTestCase private FeatureGroup featureGroup; private Right right; private @Inject IRightDAO rightDAO; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach @@ -114,7 +116,7 @@ public void testDoDispatchFeature( ) throws AccessDeniedException request.addParameter( "group_name", featureGroup.getId( ) ); request.addParameter( "order_id", Integer.toString( stored.getOrder( ) + 1 ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); instance.doDispatchFeature( request ); stored = RightHome.findByPrimaryKey( right.getId( ) ); @@ -134,7 +136,7 @@ public void testDoDispatchFeatureInvalidToken( ) throws AccessDeniedException request.addParameter( "group_name", featureGroup.getId( ) ); request.addParameter( "order_id", Integer.toString( stored.getOrder( ) + 1 ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/dispatch_features.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/dispatch_features.html" ) + "b" ); try { @@ -217,7 +219,7 @@ public void testDoCreateGroup( ) throws AccessDeniedException request.addParameter( "group_description", strGroupName ); request.addParameter( "group_order", "1" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); try { @@ -244,7 +246,7 @@ public void testDoCreateGroupInvalidToken( ) throws AccessDeniedException request.addParameter( "group_description", strGroupName ); request.addParameter( "group_order", "1" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/create_group.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/create_group.html" ) + "b" ); try { @@ -309,7 +311,7 @@ public void testDoModifyGroup( ) throws AccessDeniedException request.addParameter( "group_description", strGroupName ); request.addParameter( "group_order", Integer.toString( featureGroup.getOrder( ) + 1 ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); instance.doModifyGroup( request ); FeatureGroup group = FeatureGroupHome.findByPrimaryKey( featureGroup.getId( ) ); @@ -329,7 +331,7 @@ public void testDoModifyGroupInvalidToken( ) throws AccessDeniedException request.addParameter( "group_description", strGroupName ); request.addParameter( "group_order", Integer.toString( featureGroup.getOrder( ) + 1 ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/modify_group.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/modify_group.html" ) + "b" ); try { @@ -401,7 +403,7 @@ public void testDoRemoveGroup( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( PARAMETER_GROUP_ID, featureGroup.getId( ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); instance.doRemoveGroup( request ); assertNull( FeatureGroupHome.findByPrimaryKey( featureGroup.getId( ) ) ); @@ -413,7 +415,7 @@ public void testDoRemoveGroupInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( PARAMETER_GROUP_ID, featureGroup.getId( ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/features/DoRemoveGroup.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/features/DoRemoveGroup.jsp" ) + "b" ); try { @@ -449,7 +451,7 @@ public void testDoDispatchFeatureGroup( ) throws AccessDeniedException request.addParameter( "group_id", featureGroup.getId( ) ); request.addParameter( "order_id", Integer.toString( featureGroup.getOrder( ) + 1 ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); instance.doDispatchFeatureGroup( request ); FeatureGroup stored = FeatureGroupHome.findByPrimaryKey( featureGroup.getId( ) ); @@ -464,7 +466,7 @@ public void testDoDispatchFeatureGroupInvalidToken( ) throws AccessDeniedExcepti request.addParameter( "group_id", featureGroup.getId( ) ); request.addParameter( "order_id", Integer.toString( featureGroup.getOrder( ) + 1 ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/manage_groups.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/manage_groups.html" ) + "b" ); try { @@ -513,7 +515,7 @@ public void testDoReinitFeatures( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "group_id", featureGroup.getId( ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); instance.doReinitFeatures( request ); stored = RightHome.findByPrimaryKey( right.getId( ) ); @@ -535,7 +537,7 @@ public void testDoReinitFeaturesInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "group_id", featureGroup.getId( ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/dispatch_features.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/dispatch_features.html" ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/features/LevelsJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/features/LevelsJspBeanTest.java index f0be77c518..4dc2647951 100644 --- a/src/test/java/fr/paris/lutece/portal/web/features/LevelsJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/features/LevelsJspBeanTest.java @@ -45,11 +45,13 @@ import fr.paris.lutece.portal.business.right.LevelHome; import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.admin.AccessDeniedException; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.portal.web.constants.Parameters; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * LevelsJspBeanTest Test Class @@ -63,6 +65,7 @@ public class LevelsJspBeanTest extends LuteceTestCase private static final String TEST_LEVEL_ID = "0"; // administrator level_right private MockHttpServletRequest request; private LevelsJspBean instance; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -93,7 +96,7 @@ public void testDoCreateLevel( ) throws AccessDeniedException { final String name = getRandomName( ); request.setParameter( "level_name", name ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_LEVEL ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_CREATE_LEVEL ) ); LevelHome.getLevelsList( ).forEach( level -> { assertFalse( name.equals( level.getName( ) ) ); @@ -119,7 +122,7 @@ public void testDoCreateLevelInvalidToken( ) throws AccessDeniedException { final String name = getRandomName( ); request.setParameter( "level_name", name ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_LEVEL ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_CREATE_LEVEL ) + "b" ); LevelHome.getLevelsList( ).forEach( level -> { assertFalse( name.equals( level.getName( ) ) ); @@ -206,7 +209,7 @@ public void testDoModifyLevel( ) throws AccessDeniedException LevelHome.create( level ); request.setParameter( Parameters.LEVEL_ID, Integer.toString( level.getId( ) ) ); request.setParameter( Parameters.LEVEL_NAME, name + "_mod" ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_LEVEL ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MODIFY_LEVEL ) ); try { assertEquals( name, LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) ); @@ -227,7 +230,7 @@ public void testDoModifyLevelInvalidToken( ) throws AccessDeniedException LevelHome.create( level ); request.setParameter( Parameters.LEVEL_ID, Integer.toString( level.getId( ) ) ); request.setParameter( Parameters.LEVEL_NAME, name + "_mod" ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_LEVEL ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MODIFY_LEVEL ) + "b" ); try { assertEquals( name, LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) ); diff --git a/src/test/java/fr/paris/lutece/portal/web/features/RightJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/features/RightJspBeanTest.java index d027e2d37c..0b19d0206f 100644 --- a/src/test/java/fr/paris/lutece/portal/web/features/RightJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/features/RightJspBeanTest.java @@ -46,14 +46,17 @@ import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.business.user.AdminUserHome; import fr.paris.lutece.portal.service.admin.AccessDeniedException; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; public class RightJspBeanTest extends LuteceTestCase { private Right right; private RightJspBean bean; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -78,7 +81,7 @@ public void testDoAssignUsers( ) throws AccessDeniedException AdminUser user = AdminUserHome.findUserByLogin( "admin" ); request.setParameter( "available_users_list", Integer.toString( user.getUserId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/assign_users_right.html" ) ); + _securityTokenService.getToken( request, "admin/features/assign_users_right.html" ) ); assertFalse( AdminUserHome.getRightsListForUser( user.getUserId( ) ).keySet( ).contains( right.getId( ) ) ); bean.doAssignUsers( request ); @@ -92,7 +95,7 @@ public void testDoAssignUsersInvalidToken( ) throws AccessDeniedException AdminUser user = AdminUserHome.findUserByLogin( "admin" ); request.setParameter( "available_users_list", Integer.toString( user.getUserId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/assign_users_right.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/assign_users_right.html" ) + "b" ); assertFalse( AdminUserHome.getRightsListForUser( user.getUserId( ) ).keySet( ).contains( right.getId( ) ) ); try @@ -134,7 +137,7 @@ public void testDoUnAssignUser( ) throws AccessDeniedException request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.setParameter( "anchor", "anchor" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/assign_users_right.html" ) ); + _securityTokenService.getToken( request, "admin/features/assign_users_right.html" ) ); assertTrue( AdminUserHome.getRightsListForUser( user.getUserId( ) ).keySet( ).contains( right.getId( ) ) ); try @@ -157,7 +160,7 @@ public void testDoUnAssignUserInvalidToken( ) throws AccessDeniedException request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.setParameter( "anchor", "anchor" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/features/assign_users_right.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/features/assign_users_right.html" ) + "b" ); assertTrue( AdminUserHome.getRightsListForUser( user.getUserId( ) ).keySet( ).contains( right.getId( ) ) ); try diff --git a/src/test/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBeanTest.java index f4ba6f553d..747e1de420 100644 --- a/src/test/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/mailinglist/MailingListJspBeanTest.java @@ -48,15 +48,18 @@ import fr.paris.lutece.portal.service.mailinglist.AdminMailingListService; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; public class MailingListJspBeanTest extends LuteceTestCase { private MailingList mailingList; private MailingListJspBean bean; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -97,7 +100,7 @@ public void testDoAddUsers( ) throws AccessDeniedException request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( "role", AdminMailingListService.ALL_ROLES ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/add_users.html" ) ); + _securityTokenService.getToken( request, "admin/mailinglist/add_users.html" ) ); MailingListUsersFilter filter = new MailingListUsersFilter( ); filter.setRole( AdminMailingListService.ALL_ROLES ); @@ -116,7 +119,7 @@ public void testDoAddUsersInvalidToken( ) throws AccessDeniedException request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( "role", AdminMailingListService.ALL_ROLES ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/add_users.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/mailinglist/add_users.html" ) + "b" ); MailingListUsersFilter filter = new MailingListUsersFilter( ); filter.setRole( AdminMailingListService.ALL_ROLES ); @@ -163,7 +166,7 @@ public void testDoCreateMailingList( ) throws AccessDeniedException request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( "description", name ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/create_mailinglist.html" ) ); + _securityTokenService.getToken( request, "admin/mailinglist/create_mailinglist.html" ) ); MailingListHome.findAll( ).forEach( mailingList -> { assertFalse( name.equals( mailingList.getName( ) ) ); @@ -193,7 +196,7 @@ public void testDoCreateMailingListInvalidToken( ) throws AccessDeniedException request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( "description", name ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/create_mailinglist.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/mailinglist/create_mailinglist.html" ) + "b" ); MailingListHome.findAll( ).forEach( mailingList -> { assertFalse( name.equals( mailingList.getName( ) ) ); @@ -265,7 +268,7 @@ public void testDoDeleteFilter( ) throws AccessDeniedException request.setParameter( "role", AdminMailingListService.ALL_ROLES ); request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/modify_mailinglist.html" ) ); + _securityTokenService.getToken( request, "admin/mailinglist/modify_mailinglist.html" ) ); assertEquals( 1, MailingListHome.findByPrimaryKey( mailingList.getId( ) ).getFilters( ).size( ) ); bean.doDeleteFilter( request ); @@ -286,7 +289,7 @@ public void testDoDeleteFilterInvalidToken( ) throws AccessDeniedException request.setParameter( "role", AdminMailingListService.ALL_ROLES ); request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/modify_mailinglist.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/mailinglist/modify_mailinglist.html" ) + "b" ); assertEquals( 1, MailingListHome.findByPrimaryKey( mailingList.getId( ) ).getFilters( ).size( ) ); try @@ -334,7 +337,7 @@ public void testDoModifyMailingList( ) throws AccessDeniedException request.setParameter( "description", mailingList.getDescription( ) + "_mod" ); request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/modify_mailinglist.html" ) ); + _securityTokenService.getToken( request, "admin/mailinglist/modify_mailinglist.html" ) ); MailingList storedMailling = MailingListHome.findByPrimaryKey( mailingList.getId( ) ); assertEquals( mailingList.getName( ), storedMailling.getName( ) ); @@ -355,7 +358,7 @@ public void testDoModifyMailingListInvalidToken( ) throws AccessDeniedException request.setParameter( "description", mailingList.getDescription( ) + "_mod" ); request.setParameter( "workgroup", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/mailinglist/modify_mailinglist.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/mailinglist/modify_mailinglist.html" ) + "b" ); MailingList storedMailling = MailingListHome.findByPrimaryKey( mailingList.getId( ) ); assertEquals( mailingList.getName( ), storedMailling.getName( ) ); @@ -415,7 +418,7 @@ public void testDoRemoveMailingList( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "id_mailinglist", Integer.toString( mailingList.getId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/mailinglist/DoRemoveMailingList.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/mailinglist/DoRemoveMailingList.jsp" ) ); assertNotNull( MailingListHome.findByPrimaryKey( mailingList.getId( ) ) ); bean.doRemoveMailingList( request ); @@ -427,7 +430,7 @@ public void testDoRemoveMailingListInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "id_mailinglist", Integer.toString( mailingList.getId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/mailinglist/DoRemoveMailingList.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/mailinglist/DoRemoveMailingList.jsp" ) + "b" ); assertNotNull( MailingListHome.findByPrimaryKey( mailingList.getId( ) ) ); try diff --git a/src/test/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBeanTest.java index ecf2739531..9cb60bc9fa 100644 --- a/src/test/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/rbac/RoleManagementJspBeanTest.java @@ -51,10 +51,12 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * StyleSheetJspBean Test Class @@ -64,6 +66,7 @@ public class RoleManagementJspBeanTest extends LuteceTestCase { private static final String PARAMETER_ROLE_KEY = "role_key"; private static final String PARAMETER_RBAC_ID = "rbac_id"; + private @Inject ISecurityTokenService _securityTokenService; /** * Test of getManageRoles method, of class fr.paris.lutece.portal.web.rbac.RoleManagementJspBean. @@ -111,7 +114,7 @@ public void testDoCreateRole( ) throws AccessDeniedException final String roleName = getRandomName( ); request.setParameter( "role_key", roleName ); request.setParameter( "role_description", roleName ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/rbac/create_role.html" ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/rbac/create_role.html" ) ); try { assertFalse( RBACRoleHome.checkExistRole( roleName ) ); @@ -132,7 +135,7 @@ public void testDoCreateRoleInvalidToken( ) throws AccessDeniedException request.setParameter( "role_key", roleName ); request.setParameter( "role_description", roleName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/rbac/create_role.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/rbac/create_role.html" ) + "b" ); try { assertFalse( RBACRoleHome.checkExistRole( roleName ) ); @@ -190,7 +193,7 @@ public void testDoModifyRole( ) throws AccessDeniedException request.setParameter( "role_key_previous", role.getKey( ) ); request.setParameter( "role_description", role.getKey( ) + "_mod" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/rbac/view_role_description.html" ) ); + _securityTokenService.getToken( request, "admin/rbac/view_role_description.html" ) ); try { RBACRole stored = RBACRoleHome.findByPrimaryKey( role.getKey( ) ); @@ -217,7 +220,7 @@ public void testDoModifyRoleInvalidToken( ) throws AccessDeniedException request.setParameter( "role_key_previous", role.getKey( ) ); request.setParameter( "role_description", role.getKey( ) + "_mod" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/rbac/view_role_description.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/rbac/view_role_description.html" ) + "b" ); try { RBACRole stored = RBACRoleHome.findByPrimaryKey( role.getKey( ) ); @@ -296,7 +299,7 @@ public void testDoRemoveRole( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "role_key", role.getKey( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/rbac/DoRemoveRole.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/rbac/DoRemoveRole.jsp" ) ); try { assertTrue( RBACRoleHome.checkExistRole( role.getKey( ) ) ); @@ -319,7 +322,7 @@ public void testDoRemoveRoleInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "role_key", role.getKey( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/rbac/DoRemoveRole.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/rbac/DoRemoveRole.jsp" ) + "b" ); try { assertTrue( RBACRoleHome.checkExistRole( role.getKey( ) ) ); @@ -395,7 +398,7 @@ public void testDoRemoveControlFromRole( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "rbac_id", Integer.toString( rBAC.getRBACId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/rbac/DoRemoveControlFromRole.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/rbac/DoRemoveControlFromRole.jsp" ) ); try { Collection rbacs = RBACHome.findResourcesByCode( role.getKey( ) ); @@ -445,7 +448,7 @@ public void testDoRemoveControlFromRoleInvalidToken( ) throws AccessDeniedExcept MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "rbac_id", Integer.toString( rBAC.getRBACId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/rbac/DoRemoveControlFromRole.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/rbac/DoRemoveControlFromRole.jsp" ) + "b" ); try { Collection rbacs = RBACHome.findResourcesByCode( role.getKey( ) ); @@ -539,7 +542,7 @@ public void testDoAssignUsers( ) throws AccessDeniedException { RoleManagementJspBean bean = new RoleManagementJspBean( ); MockHttpServletRequest request = new MockHttpServletRequest( ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "AssignUsersRole.jsp" ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "AssignUsersRole.jsp" ) ); Collection users = AdminUserHome.findUserList( ); for ( AdminUser user : users ) { @@ -574,7 +577,7 @@ public void testDoAssignUsersInvalidToken( ) throws AccessDeniedException { RoleManagementJspBean bean = new RoleManagementJspBean( ); MockHttpServletRequest request = new MockHttpServletRequest( ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "AssignUsersRole.jsp" ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "AssignUsersRole.jsp" ) + "b" ); Collection users = AdminUserHome.findUserList( ); for ( AdminUser user : users ) { @@ -660,7 +663,7 @@ public void testDoSelectPermissions( ) throws AccessDeniedException request.setParameter( "select_permissions", "all" ); request.setParameter( "resource_type", Page.RESOURCE_TYPE ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/rbac/select_permissions.html" ) ); + _securityTokenService.getToken( request, "admin/rbac/select_permissions.html" ) ); try { Collection rbacs = RBACHome.findResourcesByCode( role.getKey( ) ); @@ -693,7 +696,7 @@ public void testDoSelectPermissionsInvalidToken( ) throws AccessDeniedException request.setParameter( "select_permissions", "all" ); request.setParameter( "resource_type", Page.RESOURCE_TYPE ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/rbac/select_permissions.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/rbac/select_permissions.html" ) + "b" ); try { Collection rbacs = RBACHome.findResourcesByCode( role.getKey( ) ); @@ -758,7 +761,7 @@ public void testDoUnAssignUser( ) throws AccessDeniedException request.setParameter( "role_key", role.getKey( ) ); request.setParameter( "id_user", Integer.toString( userId ) ); request.setParameter( "anchor", "anchor" ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "AssignUsersRole.jsp" ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "AssignUsersRole.jsp" ) ); try { assertTrue( AdminUserHome.hasRole( user, role.getKey( ) ) ); @@ -786,7 +789,7 @@ public void testDoUnAssignUserInvalidToken( ) throws AccessDeniedException request.setParameter( "role_key", role.getKey( ) ); request.setParameter( "id_user", Integer.toString( userId ) ); request.setParameter( "anchor", "anchor" ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "AssignUsersRole.jsp" ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "AssignUsersRole.jsp" ) + "b" ); try { assertTrue( AdminUserHome.hasRole( user, role.getKey( ) ) ); diff --git a/src/test/java/fr/paris/lutece/portal/web/role/RoleJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/role/RoleJspBeanTest.java index 553f8be003..9411baa759 100644 --- a/src/test/java/fr/paris/lutece/portal/web/role/RoleJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/role/RoleJspBeanTest.java @@ -48,18 +48,21 @@ import fr.paris.lutece.portal.service.i18n.I18nService; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; import fr.paris.lutece.util.ReferenceItem; import fr.paris.lutece.util.ReferenceList; +import jakarta.inject.Inject; public class RoleJspBeanTest extends LuteceTestCase { private static final String PARAMETER_PAGE_ROLE = "role"; private RoleJspBean bean; private Role role; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -128,7 +131,7 @@ public void testDoCreatePageRole( ) throws AccessDeniedException request.setParameter( "role_description", name ); request.setParameter( "workgroup_key", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/role/create_page_role.html" ) ); + _securityTokenService.getToken( request, "admin/role/create_page_role.html" ) ); assertNull( RoleHome.findByPrimaryKey( name ) ); try @@ -154,7 +157,7 @@ public void testDoCreatePageRoleInvalidToken( ) throws AccessDeniedException request.setParameter( "role_description", name ); request.setParameter( "workgroup_key", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/role/create_page_role.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/role/create_page_role.html" ) + "b" ); assertNull( RoleHome.findByPrimaryKey( name ) ); try @@ -203,7 +206,7 @@ public void testDoModifyPageRole( ) throws AccessDeniedException request.setParameter( "role_description", role.getRoleDescription( ) + "_mod" ); request.setParameter( "workgroup_key", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/role/modify_page_role.html" ) ); + _securityTokenService.getToken( request, "admin/role/modify_page_role.html" ) ); assertEquals( role.getRoleDescription( ), RoleHome.findByPrimaryKey( role.getRole( ) ).getRoleDescription( ) ); bean.doModifyPageRole( request ); @@ -217,7 +220,7 @@ public void testDoModifyPageRoleInvalidtoken( ) throws AccessDeniedException request.setParameter( "role_description", role.getRoleDescription( ) + "_mod" ); request.setParameter( "workgroup_key", AdminWorkgroupService.ALL_GROUPS ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/role/modify_page_role.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/role/modify_page_role.html" ) + "b" ); assertEquals( role.getRoleDescription( ), RoleHome.findByPrimaryKey( role.getRole( ) ).getRoleDescription( ) ); try @@ -254,7 +257,7 @@ public void testDoRemovePageRole( ) throws AccessDeniedException { MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "role", role.getRole( ) ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "DoRemovePageRole.jsp" ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "DoRemovePageRole.jsp" ) ); assertNotNull( RoleHome.findByPrimaryKey( role.getRole( ) ) ); bean.doRemovePageRole( request ); @@ -265,7 +268,7 @@ public void testDoRemovePageRoleInvalidToken( ) throws AccessDeniedException { MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "role", role.getRole( ) ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "DoRemovePageRole.jsp" ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "DoRemovePageRole.jsp" ) + "b" ); assertNotNull( RoleHome.findByPrimaryKey( role.getRole( ) ) ); try diff --git a/src/test/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBeanTest.java index 917fbc228d..6920a006f9 100644 --- a/src/test/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/search/SearchIndexationJspBeanTest.java @@ -48,10 +48,12 @@ import fr.paris.lutece.portal.service.message.SiteMessageException; import fr.paris.lutece.portal.service.search.IndexationService; import fr.paris.lutece.portal.service.search.SearchIndexer; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * SearchIndexationJspBean Test Class @@ -61,6 +63,7 @@ public class SearchIndexationJspBeanTest extends LuteceTestCase { private TestSearchIndexer testIndexer; private Boolean bIndexDaemonInitialState; + private @Inject ISecurityTokenService _securityTokenService; private static final class TestSearchIndexer implements SearchIndexer { @@ -168,7 +171,7 @@ public void testDoIndexing( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); SearchIndexationJspBean instance = new SearchIndexationJspBean( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/search/manage_search_indexation.html" ) ); + _securityTokenService.getToken( request, "admin/search/manage_search_indexation.html" ) ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), SearchIndexationJspBean.RIGHT_INDEXER ); instance.init( request, SearchIndexationJspBean.RIGHT_INDEXER ); @@ -181,7 +184,7 @@ public void testDoIndexingInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); SearchIndexationJspBean instance = new SearchIndexationJspBean( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/search/manage_search_indexation.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/search/manage_search_indexation.html" ) + "b" ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), SearchIndexationJspBean.RIGHT_INDEXER ); instance.init( request, SearchIndexationJspBean.RIGHT_INDEXER ); diff --git a/src/test/java/fr/paris/lutece/portal/web/search/SearchJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/search/SearchJspBeanTest.java index fe80d0a357..c77146ea5a 100644 --- a/src/test/java/fr/paris/lutece/portal/web/search/SearchJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/search/SearchJspBeanTest.java @@ -50,6 +50,7 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean; @@ -57,6 +58,7 @@ import fr.paris.lutece.test.mocks.MockHttpServletRequest; import fr.paris.lutece.util.ReferenceItem; import fr.paris.lutece.util.ReferenceList; +import jakarta.inject.Inject; public class SearchJspBeanTest extends LuteceTestCase { @@ -68,6 +70,7 @@ public class SearchJspBeanTest extends LuteceTestCase private static final String PARAMETER_TYPE_FILTER = "type_filter"; private SearchJspBean _bean; private ReferenceList _origSearchParameters; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -145,7 +148,7 @@ public void testDoModifyAdvancedParameters( ) throws AccessDeniedException AdminUserUtils.registerAdminUserWithRigth( request, user, "CORE_SEARCH_MANAGEMENT" ); _bean.init( request, "CORE_SEARCH_MANAGEMENT" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); _bean.doModifyAdvancedParameters( request ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -226,7 +229,7 @@ public void testDoModifyAdvancedParametersInvalidToken( ) throws AccessDeniedExc AdminUserUtils.registerAdminUserWithRigth( request, user, "CORE_SEARCH_MANAGEMENT" ); _bean.init( request, "CORE_SEARCH_MANAGEMENT" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/search/manage_advanced_parameters.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/search/manage_advanced_parameters.html" ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBeanTest.java index 2face3aeba..6816f2ab97 100644 --- a/src/test/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/style/PageTemplatesJspBeanTest.java @@ -56,12 +56,14 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.portal.web.constants.Parameters; import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * PageTemplatesJspBeanTest Test Class @@ -72,6 +74,7 @@ public class PageTemplatesJspBeanTest extends LuteceTestCase private static final String TEST_PAGE_TEMPLATE_ID = "1"; // Page template one column private MockHttpServletRequest request; private PageTemplatesJspBean instance; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -115,7 +118,7 @@ public void testDoCreatePageTemplate( ) throws AccessDeniedException, IOExceptio desc } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/style/create_page_template.html" ) + _securityTokenService.getToken( request, "admin/style/create_page_template.html" ) } ); DiskFileItemFactory fileItemFactory = DiskFileItemFactory.builder( ).get( ); Map>> files = new HashMap<>( ); @@ -152,7 +155,7 @@ public void testDoCreatePageTemplateInvalidToken( ) throws AccessDeniedException desc } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/style/create_page_template.html" ) + "b" + _securityTokenService.getToken( request, "admin/style/create_page_template.html" ) + "b" } ); DiskFileItemFactory fileItemFactory = DiskFileItemFactory.builder( ).get( ); Map>> files = new HashMap<>( ); @@ -254,7 +257,7 @@ public void testDoModifyPageTemplate( ) throws AccessDeniedException desc + "mod" } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/style/modify_page_template.html" ) + _securityTokenService.getToken( request, "admin/style/modify_page_template.html" ) } ); MultipartHttpServletRequest multipartRequest = new MultipartHttpServletRequest( request, Collections.emptyMap( ), parameters ); try @@ -284,7 +287,7 @@ public void testDoModifyPageTemplateInvalidToken( ) throws AccessDeniedException desc + "mod" } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/style/modify_page_template.html" ) + "b" + _securityTokenService.getToken( request, "admin/style/modify_page_template.html" ) + "b" } ); MultipartHttpServletRequest multipartRequest = new MultipartHttpServletRequest( request, Collections.emptyMap( ), parameters ); try @@ -358,7 +361,7 @@ public void testDoRemovePageTemplate( ) throws AccessDeniedException request.addParameter( Parameters.PAGE_TEMPLATE_ID, Integer.toString( pageTemplate.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/style/DoRemovePageTemplate.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/style/DoRemovePageTemplate.jsp" ) ); try { instance.doRemovePageTemplate( request ); @@ -381,7 +384,7 @@ public void testDoRemovePageTemplateInvalidToken( ) throws AccessDeniedException request.addParameter( Parameters.PAGE_TEMPLATE_ID, Integer.toString( pageTemplate.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/style/DoRemovePageTemplate.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/style/DoRemovePageTemplate.jsp" ) + "b" ); try { instance.doRemovePageTemplate( request ); diff --git a/src/test/java/fr/paris/lutece/portal/web/style/StylesJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/style/StylesJspBeanTest.java index a4679003d0..b8e50ca514 100644 --- a/src/test/java/fr/paris/lutece/portal/web/style/StylesJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/style/StylesJspBeanTest.java @@ -50,11 +50,13 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.portal.web.constants.Parameters; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * StylesJspBeanTest Test Class @@ -64,6 +66,7 @@ public class StylesJspBeanTest extends LuteceTestCase { private StylesJspBean instance; private Style style; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -134,7 +137,7 @@ public void testDoCreateStyle( ) throws AccessDeniedException request.addParameter( Parameters.STYLE_NAME, name ); String portalComponantId = "1"; request.addParameter( Parameters.PORTAL_COMPONENT, portalComponantId ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/style/create_style.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/style/create_style.html" ) ); try { instance.doCreateStyle( request ); @@ -160,7 +163,7 @@ public void testDoCreateStyleInvalidToken( ) throws AccessDeniedException String portalComponantId = "1"; request.addParameter( Parameters.PORTAL_COMPONENT, portalComponantId ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/style/create_style.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/style/create_style.html" ) + "b" ); try { instance.doCreateStyle( request ); @@ -231,7 +234,7 @@ public void testDoModifyStyle( ) throws AccessDeniedException request.addParameter( Parameters.STYLE_ID, Integer.toString( nStyleId ) ); request.addParameter( Parameters.PORTAL_COMPONENT, Integer.toString( style.getPortalComponentId( ) ) ); request.addParameter( Parameters.STYLE_NAME, style.getDescription( ) + "_mod" ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/style/modify_style.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/style/modify_style.html" ) ); instance.doModifyStyle( request ); AdminMessage message = AdminMessageService.getMessage( request ); assertNull( message ); @@ -249,7 +252,7 @@ public void testDoModifyStyleInvalidToken( ) throws AccessDeniedException request.addParameter( Parameters.PORTAL_COMPONENT, Integer.toString( style.getPortalComponentId( ) ) ); request.addParameter( Parameters.STYLE_NAME, style.getDescription( ) + "_mod" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/style/modify_style.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/style/modify_style.html" ) + "b" ); try { instance.doModifyStyle( request ); @@ -317,7 +320,7 @@ public void testGetConfirmRemoveStyleWithStyleSheet( ) throws AccessDeniedExcept MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( Parameters.STYLE_ID, Integer.toString( style.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/style/DoRemoveStyle.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/style/DoRemoveStyle.jsp" ) ); instance.getConfirmRemoveStyle( request ); AdminMessage message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -342,7 +345,7 @@ public void testDoRemoveStyle( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( Parameters.STYLE_ID, Integer.toString( style.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/style/DoRemoveStyle.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/style/DoRemoveStyle.jsp" ) ); instance.doRemoveStyle( request ); assertNull( StyleHome.findByPrimaryKey( style.getId( ) ) ); } @@ -352,7 +355,7 @@ public void testDoRemoveStyleInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( Parameters.STYLE_ID, Integer.toString( style.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/style/DoRemoveStyle.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/style/DoRemoveStyle.jsp" ) + "b" ); try { instance.doRemoveStyle( request ); diff --git a/src/test/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBeanTest.java index 1337b6233a..09a8627d9b 100644 --- a/src/test/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/stylesheet/StyleSheetJspBeanTest.java @@ -58,12 +58,14 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.portal.web.constants.Parameters; import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * StyleSheetJspBean Test Class @@ -75,6 +77,7 @@ public class StyleSheetJspBeanTest extends LuteceTestCase private StyleSheetJspBean instance; private Style style; private StyleSheet stylesheet; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -159,7 +162,7 @@ public void testDoCreateStyleSheet( ) throws IOException, AccessDeniedException "0" } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/stylesheet/create_stylesheet.html" ) + _securityTokenService.getToken( request, "admin/stylesheet/create_stylesheet.html" ) } ); Map>> multipartFiles = new HashMap<>( ); List> items = new ArrayList<>( ); @@ -197,7 +200,7 @@ public void testDoCreateStyleSheetInvalidToken( ) throws IOException, AccessDeni "0" } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/stylesheet/create_stylesheet.html" ) + "b" + _securityTokenService.getToken( request, "admin/stylesheet/create_stylesheet.html" ) + "b" } ); Map>> multipartFiles = new HashMap<>( ); List> items = new ArrayList<>( ); @@ -301,7 +304,7 @@ public void testDoModifyStyleSheet( ) throws AccessDeniedException, IOException Integer.toString( stylesheet.getModeId( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/stylesheet/modify_stylesheet.html" ) + _securityTokenService.getToken( request, "admin/stylesheet/modify_stylesheet.html" ) } ); Map>> multipartFiles = new HashMap<>( ); List> items = new ArrayList<>( ); @@ -338,7 +341,7 @@ public void testDoModifyStyleSheetInvalidToken( ) throws AccessDeniedException, Integer.toString( stylesheet.getModeId( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/stylesheet/modify_stylesheet.html" ) + "b" + _securityTokenService.getToken( request, "admin/stylesheet/modify_stylesheet.html" ) + "b" } ); Map>> multipartFiles = new HashMap<>( ); List> items = new ArrayList<>( ); @@ -430,7 +433,7 @@ public void testDoRemoveStyleSheet( ) throws AccessDeniedException request.addParameter( Parameters.STYLESHEET_ID, Integer.toString( stylesheet.getId( ) ) ); request.addParameter( Parameters.STYLE_ID, Integer.toString( style.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/style/DoRemoveStyleSheet.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/style/DoRemoveStyleSheet.jsp" ) ); instance.doRemoveStyleSheet( request ); assertNull( StyleSheetHome.findByPrimaryKey( stylesheet.getId( ) ) ); @@ -442,7 +445,7 @@ public void testDoRemoveStyleSheetInvalidToken( ) throws AccessDeniedException request.addParameter( Parameters.STYLESHEET_ID, Integer.toString( stylesheet.getId( ) ) ); request.addParameter( Parameters.STYLE_ID, Integer.toString( style.getId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/style/DoRemoveStyleSheet.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/style/DoRemoveStyleSheet.jsp" ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/system/CacheJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/system/CacheJspBeanTest.java index 0260f15b6e..3fe6feb93e 100644 --- a/src/test/java/fr/paris/lutece/portal/web/system/CacheJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/system/CacheJspBeanTest.java @@ -56,6 +56,7 @@ import fr.paris.lutece.portal.service.i18n.I18nService; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; @@ -70,6 +71,7 @@ public class CacheJspBeanTest extends LuteceTestCase { private @Inject TestResetCacheObserver resetCacheObserver; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach private void resetObserver() { @@ -104,7 +106,7 @@ public void testDoResetCaches( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), CacheJspBean.RIGHT_CACHE_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_caches.html" ) ); + _securityTokenService.getToken( request, "admin/system/manage_caches.html" ) ); CacheJspBean.doResetCaches( request ); assertEquals( "Not all AbstractCacheableService were reset", registeredListener, resetCacheObserver.getCallCount( ) ); } @@ -118,7 +120,7 @@ public void testDoResetCachesInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), CacheJspBean.RIGHT_CACHE_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_caches.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/system/manage_caches.html" ) + "b" ); try { CacheJspBean.doResetCaches( request ); @@ -171,7 +173,7 @@ public void testDoResetCachesOneCache( ) throws AccessDeniedException AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), CacheJspBean.RIGHT_CACHE_MANAGEMENT ); request.addParameter( "id_cache", Integer.toString( cacheIndex ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_caches.html" ) ); + _securityTokenService.getToken( request, "admin/system/manage_caches.html" ) ); CacheJspBean.doResetCaches( request ); assertEquals( "Only one cache should have been reset", 1, resetCacheObserver.getCallCount( ) ); assertEquals( "The target cache should have been reset", 1, resetCacheObserver.getCallCount( cacheName ) ); @@ -199,7 +201,7 @@ public void testDoResetCachesOneCacheInvalidToken( ) throws AccessDeniedExceptio AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), CacheJspBean.RIGHT_CACHE_MANAGEMENT ); request.addParameter( "id_cache", Integer.toString( cacheIndex ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_caches.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/system/manage_caches.html" ) + "b" ); try { CacheJspBean.doResetCaches( request ); @@ -261,7 +263,7 @@ public void testDoToggleCache( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "id_cache", Integer.toString( cacheIndex ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/system/DoToggleCache.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/system/DoToggleCache.jsp" ) ); try { assertTrue( CacheService.getCacheableServicesList( ).get( cacheIndex ).isCacheEnable( ) ); @@ -290,7 +292,7 @@ public void testDoToggleCacheInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "id_cache", Integer.toString( cacheIndex ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/system/DoToggleCache.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/system/DoToggleCache.jsp" ) + "b" ); try { assertTrue( CacheService.getCacheableServicesList( ).get( cacheIndex ).isCacheEnable( ) ); @@ -397,7 +399,7 @@ public void testDoReloadProperties( ) throws AccessDeniedException, IOException MockHttpServletRequest request = new MockHttpServletRequest( ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), CacheJspBean.RIGHT_CACHE_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_caches.html" ) ); + _securityTokenService.getToken( request, "admin/system/manage_caches.html" ) ); CacheJspBean instance = new CacheJspBean( ); instance.doReloadProperties( request ); @@ -426,7 +428,7 @@ public void testDoReloadPropertiesInvalidToken( ) throws AccessDeniedException, MockHttpServletRequest request = new MockHttpServletRequest( ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), CacheJspBean.RIGHT_CACHE_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_caches.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/system/manage_caches.html" ) + "b" ); CacheJspBean instance = new CacheJspBean( ); try diff --git a/src/test/java/fr/paris/lutece/portal/web/system/DaemonsJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/system/DaemonsJspBeanTest.java index cb7c5df2f0..7b6ad34fab 100644 --- a/src/test/java/fr/paris/lutece/portal/web/system/DaemonsJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/system/DaemonsJspBeanTest.java @@ -54,12 +54,15 @@ import fr.paris.lutece.portal.service.daemon.DaemonEntry; import fr.paris.lutece.portal.service.daemon.TestDaemon; import fr.paris.lutece.portal.service.datastore.DatastoreService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.AppLogService; import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import fr.paris.lutece.util.AppInitPropertiesService; +import jakarta.inject.Inject; public class DaemonsJspBeanTest extends LuteceTestCase { @@ -70,6 +73,7 @@ public class DaemonsJspBeanTest extends LuteceTestCase private DaemonEntry _entry; private String origMaxInitialStartDelay; private TestDaemon _testDaemon; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -103,7 +107,7 @@ private String setInitialStartDelay( ) throws FileNotFoundException, IOException { props.store( out, "junit" ); } - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); return orig; } @@ -154,7 +158,7 @@ private void restoreInitialStartDelay( String orig ) throws FileNotFoundExceptio { props.store( out, "junit" ); } - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); } @Test public void testDoDaemonActionStart( ) throws InterruptedException, BrokenBarrierException, TimeoutException, AccessDeniedException @@ -165,7 +169,7 @@ public void testDoDaemonActionStart( ) throws InterruptedException, BrokenBarrie MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "action", "START" ); request.setParameter( "daemon", JUNIT_DAEMON ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); lReadyTime = System.nanoTime( ); bean.doDaemonAction( request ); // Daemon should run periodically with interval of 1s @@ -196,7 +200,7 @@ public void testDoDaemonActionStartInvalidToken( ) throws InterruptedException, MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "action", "START" ); request.setParameter( "daemon", JUNIT_DAEMON ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); try { bean.doDaemonAction( request ); // Daemon should run periodically with interval of 1s @@ -257,7 +261,7 @@ public void testDoDaemonActionStop( ) throws InterruptedException, BrokenBarrier MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "action", "STOP" ); request.setParameter( "daemon", JUNIT_DAEMON ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); bean.doDaemonAction( request ); assertFalse( _entry.isRunning( ) ); try @@ -285,7 +289,7 @@ public void testDoDaemonActionStopInvalidToken( ) throws InterruptedException, B MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "action", "STOP" ); request.setParameter( "daemon", JUNIT_DAEMON ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); try { bean.doDaemonAction( request ); @@ -345,7 +349,7 @@ public void testDoDaemonActionRun( ) throws InterruptedException, BrokenBarrierE request.setParameter( "action", "RUN" ); // Manually do 1 run of the // daemon now request.setParameter( "daemon", JUNIT_DAEMON ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); lReadyTime = System.nanoTime( ); bean.doDaemonAction( request ); @@ -377,7 +381,7 @@ public void testDoDaemonActionRunInvalidToken( ) throws InterruptedException, Br request.setParameter( "action", "RUN" ); // Manually do 1 run of the // daemon now request.setParameter( "daemon", JUNIT_DAEMON ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); try { @@ -448,7 +452,7 @@ public void testDoDaemonActionUpdateInterval( ) throws AccessDeniedException request.setParameter( "action", "UPDATE_INTERVAL" ); request.setParameter( "daemon", JUNIT_DAEMON ); request.setParameter( "interval", Long.toString( lTestInterval ) ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) ); bean.doDaemonAction( request ); assertEquals( lTestInterval, _entry.getInterval( ) ); } @@ -460,7 +464,7 @@ public void testDoDaemonActionUpdateIntervalInvalidToken( ) throws AccessDeniedE request.setParameter( "action", "UPDATE_INTERVAL" ); request.setParameter( "daemon", JUNIT_DAEMON ); request.setParameter( "interval", Long.toString( lTestInterval ) ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, TEMPLATE_MANAGE_DAEMONS ) + "b" ); try { bean.doDaemonAction( request ); diff --git a/src/test/java/fr/paris/lutece/portal/web/system/PluginJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/system/PluginJspBeanTest.java index 7c9e559fa9..0342023598 100644 --- a/src/test/java/fr/paris/lutece/portal/web/system/PluginJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/system/PluginJspBeanTest.java @@ -48,11 +48,13 @@ import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; import fr.paris.lutece.portal.service.plugin.PluginService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.AppPathService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * PluginJspBean Test Class @@ -66,6 +68,7 @@ public class PluginJspBeanTest extends LuteceTestCase private static final String PARAM_DB_POOL_NAME = "db_pool_name"; private static final String PATH_PLUGIN = "path.plugins"; private PluginJspBean instance; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -109,7 +112,7 @@ public void testDoInstallPlugin( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "plugin_name", PLUGIN_NAME ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_plugins.html" ) ); + _securityTokenService.getToken( request, "admin/system/manage_plugins.html" ) ); instance.doInstallPlugin( request, request.getServletContext( ) ); assertTrue( PluginService.isPluginEnable( PLUGIN_NAME ) ); } @@ -120,7 +123,7 @@ public void testDoInstallPluginInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "plugin_name", PLUGIN_NAME ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_plugins.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/system/manage_plugins.html" ) + "b" ); try { instance.doInstallPlugin( request, request.getServletContext( ) ); @@ -155,7 +158,7 @@ public void testDoModifyPluginPool( ) throws AccessDeniedException request.addParameter( "plugin_name", PLUGIN_NAME ); request.addParameter( PARAM_DB_POOL_NAME, "junit" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_plugins.html" ) ); + _securityTokenService.getToken( request, "admin/system/manage_plugins.html" ) ); instance.doModifyPluginPool( request ); assertEquals( "junit", PluginService.getPlugin( PLUGIN_NAME ).getDbPoolName( ) ); } @@ -167,7 +170,7 @@ public void testDoModifyPluginPoolInvalidToken( ) throws AccessDeniedException request.addParameter( "plugin_name", PLUGIN_NAME ); request.addParameter( PARAM_DB_POOL_NAME, "junit" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/manage_plugins.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/system/manage_plugins.html" ) + "b" ); try { instance.doModifyPluginPool( request ); @@ -214,7 +217,7 @@ public void testDoUninstallPlugin( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "plugin_name", PLUGIN_NAME ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/system/DoUninstallPlugin.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/system/DoUninstallPlugin.jsp" ) ); instance.doUninstallPlugin( request, request.getServletContext( ) ); assertFalse( PluginService.isPluginEnable( PLUGIN_NAME ) ); } @@ -226,7 +229,7 @@ public void testDoUninstallPluginInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( "plugin_name", PLUGIN_NAME ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/system/DoUninstallPlugin.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/system/DoUninstallPlugin.jsp" ) + "b" ); try { instance.doUninstallPlugin( request, request.getServletContext( ) ); diff --git a/src/test/java/fr/paris/lutece/portal/web/system/SystemJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/system/SystemJspBeanTest.java index 7cb4d3dc7e..eca5c79202 100644 --- a/src/test/java/fr/paris/lutece/portal/web/system/SystemJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/system/SystemJspBeanTest.java @@ -40,10 +40,12 @@ import fr.paris.lutece.portal.business.user.AdminUser; import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.datastore.DatastoreService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; /** * SystemJspBean Test Class @@ -58,6 +60,7 @@ public class SystemJspBeanTest extends LuteceTestCase private static final String PARAMETER_FILE_VALUE = "config.properties"; private MockHttpServletRequest request; private SystemJspBean instance; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -115,7 +118,7 @@ public void testDoModifyProperties( ) throws AccessDeniedException final String origValue = DatastoreService.getDataValue( property, "" ); request.setParameter( property, origValue + "_mod" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/modify_properties.html" ) ); + _securityTokenService.getToken( request, "admin/system/modify_properties.html" ) ); try { @@ -134,7 +137,7 @@ public void testDoModifyPropertiesInvalidToken( ) throws AccessDeniedException final String origValue = DatastoreService.getDataValue( property, "" ); request.setParameter( property, origValue + "_mod" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/system/modify_properties.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/system/modify_properties.html" ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/user/AdminLoginJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/user/AdminLoginJspBeanTest.java index b477de8cb7..16d5efc48f 100644 --- a/src/test/java/fr/paris/lutece/portal/web/user/AdminLoginJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/user/AdminLoginJspBeanTest.java @@ -52,6 +52,7 @@ import fr.paris.lutece.portal.service.i18n.I18nService; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.util.AppException; import fr.paris.lutece.portal.web.constants.Messages; @@ -70,6 +71,7 @@ public class AdminLoginJspBeanTest extends LuteceTestCase private @Inject IPasswordFactory passwordFactory; private @Inject IAdminUserDAO adminUserDAO; private @Inject AdminLoginJspBean bean; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach public void setUp( ) throws Exception @@ -97,7 +99,7 @@ public void testDoLogin( ) throws Exception { MockHttpServletRequest request = new MockHttpServletRequest( ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/admin_login.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/admin_login.html" ) ); bean.doLogin( request ); AdminMessage message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -105,14 +107,14 @@ public void testDoLogin( ) throws Exception request = new MockHttpServletRequest( ); request.addParameter( Parameters.ACCESS_CODE, "admin" ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/admin_login.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/admin_login.html" ) ); bean.doLogin( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); assertEquals( I18nService.getLocalizedString( Messages.MESSAGE_AUTH_FAILURE, Locale.FRENCH ), message.getText( Locale.FRENCH ) ); request = new MockHttpServletRequest( ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/admin_login.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/admin_login.html" ) ); request.addParameter( Parameters.ACCESS_CODE, "admin" ); request.addParameter( Parameters.PASSWORD, "adminadmin" ); bean.doLogin( request ); @@ -142,7 +144,7 @@ public void testDoLoginBadCSRFToken( ) throws Exception { MockHttpServletRequest request = new MockHttpServletRequest( ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/admin_login.html" ) + "b" ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/admin_login.html" ) + "b" ); request.addParameter( Parameters.ACCESS_CODE, "admin" ); request.addParameter( Parameters.PASSWORD, "adminadmin" ); try @@ -160,7 +162,7 @@ public void testDoLoginDisabledLuteceUser( ) throws Exception { MockHttpServletRequest request = new MockHttpServletRequest( ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/admin_login.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/admin_login.html" ) ); request.addParameter( Parameters.ACCESS_CODE, "lutece" ); request.addParameter( Parameters.PASSWORD, "adminadmin" ); bean.doLogin( request ); @@ -173,7 +175,7 @@ public void testDoLoginDisabledRedacUser( ) throws Exception { MockHttpServletRequest request = new MockHttpServletRequest( ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/admin_login.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/admin_login.html" ) ); request.addParameter( Parameters.ACCESS_CODE, "redac" ); request.addParameter( Parameters.PASSWORD, "adminadmin" ); bean.doLogin( request ); @@ -186,7 +188,7 @@ public void testDoLoginDisabledValidUser( ) throws Exception { MockHttpServletRequest request = new MockHttpServletRequest( ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "admin/admin_login.html" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "admin/admin_login.html" ) ); request.addParameter( Parameters.ACCESS_CODE, "valid" ); request.addParameter( Parameters.PASSWORD, "adminadmin" ); bean.doLogin( request ); diff --git a/src/test/java/fr/paris/lutece/portal/web/user/AdminUserJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/user/AdminUserJspBeanTest.java index 3440e41aa7..4f5e17c84d 100644 --- a/src/test/java/fr/paris/lutece/portal/web/user/AdminUserJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/user/AdminUserJspBeanTest.java @@ -68,6 +68,7 @@ import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; import fr.paris.lutece.portal.service.regularexpression.RegularExpressionService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.security.UserNotSignedException; import fr.paris.lutece.portal.service.template.DatabaseTemplateService; @@ -81,6 +82,7 @@ import fr.paris.lutece.test.ReflectionTestUtils; import fr.paris.lutece.test.mocks.MockHttpServletRequest; import fr.paris.lutece.util.password.IPasswordFactory; +import jakarta.enterprise.inject.spi.CDI; import jakarta.inject.Inject; import jakarta.servlet.http.HttpServletRequest; @@ -89,12 +91,13 @@ public class AdminUserJspBeanTest extends LuteceTestCase public static final String RIGHT_CORE_USERS_MANAGEMENT = "CORE_USERS_MANAGEMENT"; private @Inject IPasswordFactory passwordFactory; private @Inject AdminUserJspBean bean; + private @Inject ISecurityTokenService _securityTokenService; @Test public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDeniedException, UserNotSignedException { MockHttpServletRequest request = new MockHttpServletRequest( ); - request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + request.setParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.doCreateAdminUser( request ); AdminMessage message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -106,7 +109,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request = new MockHttpServletRequest( ); request.addParameter( "access_code", randomUserName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -116,7 +119,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "access_code", randomUserName ); request.addParameter( "last_name", randomUserName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -127,7 +130,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "last_name", randomUserName ); request.addParameter( "first_name", randomUserName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -139,7 +142,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "first_name", randomUserName ); request.addParameter( "email", " " ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -151,7 +154,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "first_name", randomUserName ); request.addParameter( "email", randomUserName + "@lutece.fr" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -164,7 +167,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "first_name", randomUserName ); request.addParameter( "email", "admin@lutece.fr" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -178,7 +181,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "user_level", "0" ); request.getSession( true ).setAttribute( "lutece_admin_user", getLevel1AdminUserWithCORE_USERS_MANAGEMENTRight( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); @@ -193,7 +196,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "user_level", "0" ); request.getSession( true ).setAttribute( "lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); @@ -209,7 +212,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "first_password", randomUserName ); request.getSession( true ).setAttribute( "lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); @@ -225,7 +228,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "first_password", randomUserName ); request.getSession( true ).setAttribute( "lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); @@ -244,7 +247,7 @@ public void testDoCreateAdminUser( ) throws PasswordResetException, AccessDenied request.addParameter( "language", "fr" ); // NPE if absent request.getSession( true ).setAttribute( "lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doCreateAdminUser( request ); message = AdminMessageService.getMessage( request ); @@ -282,7 +285,7 @@ public void testDoCreateAdminUserInvalidToken( ) throws PasswordResetException, request.addParameter( "language", "fr" ); // NPE if absent request.getSession( true ).setAttribute( "lutece_admin_user", getLevel0AdminUserWithCORE_USERS_MANAGEMENTRight( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/CreateUser.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/CreateUser.jsp" ) + "b" ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doCreateAdminUser( request ); fail( "Should have thrown" ); @@ -382,7 +385,7 @@ public void testDoModifyAdminUser( ) throws AccessDeniedException, UserNotSigned AdminAuthenticationService.getInstance( ).registerUser( request, AdminUserHome.findUserByLogin( "admin" ) ); request.addParameter( "id_user", Integer.toString( userToModify.getUserId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); AdminMessage message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -395,7 +398,7 @@ public void testDoModifyAdminUser( ) throws AccessDeniedException, UserNotSigned request.addParameter( "id_user", Integer.toString( userToModify.getUserId( ) ) ); request.addParameter( "access_code", modifiedName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -407,7 +410,7 @@ public void testDoModifyAdminUser( ) throws AccessDeniedException, UserNotSigned request.addParameter( "access_code", modifiedName ); request.addParameter( "last_name", modifiedName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -420,7 +423,7 @@ public void testDoModifyAdminUser( ) throws AccessDeniedException, UserNotSigned request.addParameter( "last_name", modifiedName ); request.addParameter( "first_name", modifiedName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -434,7 +437,7 @@ public void testDoModifyAdminUser( ) throws AccessDeniedException, UserNotSigned request.addParameter( "first_name", modifiedName ); request.addParameter( "email", " " ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -448,7 +451,7 @@ public void testDoModifyAdminUser( ) throws AccessDeniedException, UserNotSigned request.addParameter( "first_name", modifiedName ); request.addParameter( "email", modifiedName + "@lutece.fr" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -463,7 +466,7 @@ public void testDoModifyAdminUser( ) throws AccessDeniedException, UserNotSigned request.addParameter( "first_name", modifiedName ); request.addParameter( "email", "admin@lutece.fr" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); message = AdminMessageService.getMessage( request ); assertNotNull( message ); @@ -492,7 +495,7 @@ public void testDoModifyAdminUserSuccess( ) throws AccessDeniedException, UserNo request.addParameter( "language", Locale.KOREA.toString( ) ); request.addParameter("user_level", "0"); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) ); bean.doModifyAdminUser( request ); AdminMessage message = AdminMessageService.getMessage( request ); assertNull( message ); @@ -561,7 +564,7 @@ public void testDoModifyAdminUserInvalidToken( ) throws AccessDeniedException, U request.addParameter( "status", Integer.toString( AdminUser.NOT_ACTIVE_CODE ) ); request.addParameter( "language", Locale.KOREA.toString( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyUser.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyUser.jsp" ) + "b" ); bean.doModifyAdminUser( request ); fail( "Should have thrown " ); } @@ -617,7 +620,7 @@ public void testDoUseAdvancedSecurityParametersDoNotChangePassword( ) throws Acc bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); bean.doUseAdvancedSecurityParameters( request ); admin = AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( 1 ); assertTrue( admin.getPassword( ).check( "adminadmin" ) ); @@ -748,7 +751,7 @@ public void testDoModifyAdminUserPassword( ) throws AccessDeniedException, UserN assertFalse( AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( user.getUserId( ) ).getPassword( ).check( password ) ); request.setParameter( "first_password", password ); request.setParameter( "second_password", password ); - request.setParameter( "token", SecurityTokenService.getInstance( ).getToken( request, "portal.users.modify_user_password.pageTitle" ) ); + request.setParameter( "token", _securityTokenService.getToken( request, "portal.users.modify_user_password.pageTitle" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); String url = bean.doModifyAdminUserPassword( request ); assertEquals( "ManageUsers.jsp", url ); @@ -771,7 +774,7 @@ public void testDoModifyAdminUserPasswordNotFound( ) throws AccessDeniedExceptio request.setParameter( "id_user", Integer.toString( Integer.MIN_VALUE ) ); request.setParameter( "first_password", password ); request.setParameter( "second_password", password ); - request.setParameter( "token", SecurityTokenService.getInstance( ).getToken( request, "portal.users.modify_user_password.pageTitle" ) ); + request.setParameter( "token", _securityTokenService.getToken( request, "portal.users.modify_user_password.pageTitle" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doModifyAdminUserPassword( request ); fail( "should have thrown" ); @@ -797,7 +800,7 @@ public void testDoModifyAdminUserPasswordNoFirst( ) throws AccessDeniedException String password = "CHANGEDCHANGED"; assertFalse( AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( user.getUserId( ) ).getPassword( ).check( password ) ); request.setParameter( "second_password", password ); - request.setParameter( "token", SecurityTokenService.getInstance( ).getToken( request, "portal.users.modify_user_password.pageTitle" ) ); + request.setParameter( "token", _securityTokenService.getToken( request, "portal.users.modify_user_password.pageTitle" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doModifyAdminUserPassword( request ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -819,7 +822,7 @@ public void testDoModifyAdminUserPasswordNoSecond( ) throws AccessDeniedExceptio { AdminAuthenticationService.getInstance( ).registerUser( request, user ); request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); - request.setParameter( "token", SecurityTokenService.getInstance( ).getToken( request, "portal.users.modify_user_password.pageTitle" ) ); + request.setParameter( "token", _securityTokenService.getToken( request, "portal.users.modify_user_password.pageTitle" ) ); String password = "CHANGEDCHANGED"; assertFalse( AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( user.getUserId( ) ).getPassword( ).check( password ) ); request.setParameter( "first_password", password ); @@ -848,7 +851,7 @@ public void testDoModifyAdminUserPasswordDifferentSecond( ) throws AccessDeniedE assertFalse( AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( user.getUserId( ) ).getPassword( ).check( password ) ); request.setParameter( "first_password", password ); request.setParameter( "second_password", password + "-" ); - request.setParameter( "token", SecurityTokenService.getInstance( ).getToken( request, "portal.users.modify_user_password.pageTitle" ) ); + request.setParameter( "token", _securityTokenService.getToken( request, "portal.users.modify_user_password.pageTitle" ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doModifyAdminUserPassword( request ); AdminMessage message = AdminMessageService.getMessage( request ); @@ -870,7 +873,7 @@ public void testDoModifyAdminUserPasswordWeak( ) throws AccessDeniedException, U { AdminAuthenticationService.getInstance( ).registerUser( request, user ); request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); - request.setParameter( "token", SecurityTokenService.getInstance( ).getToken( request, "portal.users.modify_user_password.pageTitle" ) ); + request.setParameter( "token", _securityTokenService.getToken( request, "portal.users.modify_user_password.pageTitle" ) ); String password = "W"; assertFalse( AdminUserHome.findLuteceDefaultAdminUserByPrimaryKey( user.getUserId( ) ).getPassword( ).check( password ) ); request.setParameter( "first_password", password ); @@ -965,7 +968,7 @@ public void testDoModifyAdminUserRights( ) throws AccessDeniedException, UserNot request.addParameter( "right", right.getId( ) ); } request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ManageUserRights.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ManageUserRights.jsp" ) ); bean.doModifyAdminUserRights( request ); assertNull( AdminMessageService.getMessage( request ) ); AdminUser stored = AdminUserHome.findByPrimaryKey( user.getUserId( ) ); @@ -1004,7 +1007,7 @@ public void testDoModifyAdminUserRightsInvalidToken( ) throws AccessDeniedExcept request.addParameter( "right", right.getId( ) ); } request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ManageUserRights.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/ManageUserRights.jsp" ) + "b" ); bean.doModifyAdminUserRights( request ); fail( "Should have thrown" ); } @@ -1094,7 +1097,7 @@ public void testDoModifyAdminUserRoles( ) throws AccessDeniedException, UserNotS request.addParameter( "roles", role.getRole( ) ); } request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ManageUserRoles.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ManageUserRoles.jsp" ) ); bean.doModifyAdminUserRoles( request ); assertNull( AdminMessageService.getMessage( request ) ); AdminUser stored = AdminUserHome.findByPrimaryKey( user.getUserId( ) ); @@ -1127,7 +1130,7 @@ public void testDoModifyAdminUserRolesInvladidToken( ) throws AccessDeniedExcept request.addParameter( "roles", role.getRole( ) ); } request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ManageUserRoles.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/ManageUserRoles.jsp" ) + "b" ); bean.doModifyAdminUserRoles( request ); fail( "Should have thrown" ); } @@ -1198,7 +1201,7 @@ public void testDoModifyAdminUserWorkgroups( ) throws AccessDeniedException, Use request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.setParameter( "workgroup", workgroup.getKey( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ManageUserWorkgroups.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ManageUserWorkgroups.jsp" ) ); bean.doModifyAdminUserWorkgroups( request ); assertNull( AdminMessageService.getMessage( request ) ); assertTrue( AdminWorkgroupHome.isUserInWorkgroup( user, workgroup.getKey( ) ) ); @@ -1232,7 +1235,7 @@ public void testDoModifyAdminUserWorkgroupsInvalidToken( ) throws AccessDeniedEx request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.setParameter( "workgroup", workgroup.getKey( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ManageUserWorkgroups.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/ManageUserWorkgroups.jsp" ) + "b" ); bean.doModifyAdminUserWorkgroups( request ); fail( "Should have thrown" ); } @@ -1320,7 +1323,7 @@ public void testDoAnonymizeAdminUser( ) throws AccessDeniedException, UserNotSig { request.addParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/DoAnonymizeAdminUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/DoAnonymizeAdminUser.jsp" ) ); bean.doAnonymizeAdminUser( request ); assertNull( AdminMessageService.getMessage( request ) ); AdminUser stored = AdminUserHome.findByPrimaryKey( user.getUserId( ) ); @@ -1343,7 +1346,7 @@ public void testDoAnonymizeAdminUserInvalidToken( ) throws AccessDeniedException { request.addParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/DoAnonymizeAdminUser.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/DoAnonymizeAdminUser.jsp" ) + "b" ); bean.doAnonymizeAdminUser( request ); fail( "Should have thrown" ); } @@ -1398,7 +1401,7 @@ public void testDoChangeFieldAnonymizeAdminUsers( ) throws AccessDeniedException assertTrue( entry.getValue( ) ); } request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); bean.doChangeFieldAnonymizeAdminUsers( request ); for ( Entry entry : AdminUserHome.getAnonymizationStatusUserStaticField( ).entrySet( ) ) { @@ -1425,7 +1428,7 @@ public void testDoChangeFieldAnonymizeAdminUsersInvalidToken( ) throws AccessDen assertTrue( entry.getValue( ) ); } request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/field_anonymize_admin_user.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/user/field_anonymize_admin_user.html" ) + "b" ); bean.doChangeFieldAnonymizeAdminUsers( request ); fail( "Should have thrown" ); } @@ -1502,7 +1505,7 @@ public void testDoRemoveAdminUser( ) throws AccessDeniedException, UserNotSigned { request.addParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/DoRemoveUser.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/DoRemoveUser.jsp" ) ); AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doRemoveAdminUser( request ); @@ -1524,7 +1527,7 @@ public void testDoRemoveAdminUserInvalidToken( ) throws AccessDeniedException, U { request.addParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/DoRemoveUser.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/DoRemoveUser.jsp" ) + "b" ); AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); bean.doRemoveAdminUser( request ); @@ -1569,7 +1572,7 @@ public void testDoRemoveAdminUserNoToken( ) throws AccessDeniedException, UserNo public void testDoImportUsersFromFile( ) throws AccessDeniedException, UserNotSignedException, IOException { MockHttpServletRequest request = new MockHttpServletRequest( ); - request.addParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ImportUser.jsp" ) ); + request.addParameter( SecurityTokenService.PARAMETER_TOKEN, _securityTokenService.getToken( request, "jsp/admin/user/ImportUser.jsp" ) ); AdminUser user = getUserToModify( ); AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); @@ -1613,7 +1616,7 @@ public void testDoImportUsersFromFileInvalidToken( ) throws AccessDeniedExceptio { MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ImportUser.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/ImportUser.jsp" ) + "b" ); AdminUser user = getUserToModify( ); AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); @@ -1700,7 +1703,7 @@ public void testDoInsertRegularExpression( ) throws AccessDeniedException, UserN AdminAuthenticationService.getInstance( ).registerUser( request, user ); request.setParameter( "id_expression", "1" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); try { @@ -1720,7 +1723,7 @@ public void testDoInsertRegularExpressionInvalidToken( ) throws AccessDeniedExce AdminAuthenticationService.getInstance( ).registerUser( request, user ); request.setParameter( "id_expression", "1" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); try { @@ -1772,7 +1775,7 @@ public void testDoModifyAccountLifeTimeEmails( ) throws AccessDeniedException request.setParameter( "email_subject", "junit" ); request.setParameter( "email_body", "junit" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/ModifyAccountLifeTimeEmails.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/ModifyAccountLifeTimeEmails.jsp" ) ); try { bean.doModifyAccountLifeTimeEmails( request ); @@ -1799,7 +1802,7 @@ public void testDoModifyAccountLifeTimeEmailsInvalidToken( ) request.setParameter( "email_subject", "junit" ); request.setParameter( "email_body", "junit" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) + "b" ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) + "b" ); try { bean.doModifyAccountLifeTimeEmails( request ); @@ -1864,7 +1867,7 @@ public void testDoModifyDefaultUserParameterValues( ) throws AccessDeniedExcepti request.setParameter( "notify_user", "false" ); request.setParameter( "language", Locale.CANADA_FRENCH.toString( ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); try { bean.doModifyDefaultUserParameterValues( request ); @@ -1899,7 +1902,7 @@ public void testDoModifyDefaultUserParameterValuesInvalidToken( ) throws AccessD request.setParameter( "notify_user", "false" ); request.setParameter( "language", Locale.CANADA_FRENCH.toString( ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); try { bean.doModifyDefaultUserParameterValues( request ); @@ -1981,7 +1984,7 @@ public void testDoModifyDefaultUserSecurityValues( ) throws AccessDeniedExceptio AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); request.setParameter( "force_change_password_reinit", origForceChangePasswordReinit ? Boolean.FALSE.toString( ) : Boolean.TRUE.toString( ) ); request.setParameter( "password_minimum_length", Integer.toString( origPasswordMinimumLength + 1 ) ); request.setParameter( "reset_token_validity", Integer.toString( origResetTokenValidity + 1 ) ); @@ -2049,7 +2052,7 @@ public void testDoModifyDefaultUserSecurityValuesInvalidToken( ) throws AccessDe AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); request.setParameter( "force_change_password_reinit", origForceChangePasswordReinit ? Boolean.FALSE.toString( ) : Boolean.TRUE.toString( ) ); request.setParameter( "password_minimum_length", Integer.toString( origPasswordMinimumLength + 1 ) ); request.setParameter( "reset_token_validity", Integer.toString( origResetTokenValidity + 1 ) ); @@ -2177,7 +2180,7 @@ public void testDoModifyEmailPattern( ) throws PasswordResetException, AccessDen AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); request.setParameter( "is_email_pattern_set_manually", Boolean.FALSE.toString( ) ); request.setParameter( "email_pattern", origEmailPattern + "b" ); try @@ -2231,7 +2234,8 @@ private static boolean isEmailPatternSetManually( ) { boolean bIsSetManually = true; - if ( RegularExpressionService.getInstance( ).isAvailable( ) ) + RegularExpressionService regularExpressionService = CDI.current( ).select( RegularExpressionService.class ).get( ); + if ( regularExpressionService.isAvailable( ) ) { String emailPatternVerifyBy = DefaultUserParameterHome.findByKey( AdminUserService.DSKEY_EMAIL_PATTERN_VERIFY_BY ); @@ -2254,7 +2258,7 @@ public void testDoModifyEmailPatternInvalidToken( ) throws PasswordResetExceptio AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); request.setParameter( "is_email_pattern_set_manually", Boolean.FALSE.toString( ) ); request.setParameter( "email_pattern", origEmailPattern + "b" ); try @@ -2284,7 +2288,7 @@ public void testDoModifyEmailPatternNoToken( ) throws PasswordResetException, Ac AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); request.setParameter( "is_email_pattern_set_manually", Boolean.FALSE.toString( ) ); request.setParameter( "email_pattern", origEmailPattern + "b" ); try @@ -2368,7 +2372,7 @@ public void testDoRemoveAdvancedSecurityParameters( ) throws AccessDeniedExcepti bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); bean.doRemoveAdvancedSecurityParameters( request ); assertFalse( AdminUserService.getBooleanSecurityParameter( AdminUserService.DSKEY_USE_ADVANCED_SECURITY_PARAMETERS ) ); } @@ -2394,7 +2398,7 @@ public void testDoRemoveAdvancedSecurityParametersInvalidToken( ) throws AccessD MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); bean.doRemoveAdvancedSecurityParameters( request ); fail( "should have thrown" ); } @@ -2455,7 +2459,7 @@ public void testDoUseAdvancedSecurityParameters( ) throws AccessDeniedException, bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); bean.doUseAdvancedSecurityParameters( request ); assertTrue( AdminUserService.getBooleanSecurityParameter( AdminUserService.DSKEY_USE_ADVANCED_SECURITY_PARAMETERS ) ); } @@ -2481,7 +2485,7 @@ public void testDoUseAdvancedSecurityParametersInvalidToken( ) throws AccessDeni MockHttpServletRequest request = new MockHttpServletRequest( ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); bean.doUseAdvancedSecurityParameters( request ); fail( "should have thrown" ); } @@ -2541,7 +2545,7 @@ public void testDoRemoveRegularExpression( ) throws AccessDeniedException, UserN bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.setParameter( "id_expression", "1" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); assertNotNull( bean.doRemoveRegularExpression( request ) ); } finally @@ -2561,7 +2565,7 @@ public void testDoRemoveRegularExpressionInvalidToken( ) throws AccessDeniedExce bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.setParameter( "id_expression", "1" ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); bean.doRemoveRegularExpression( request ); // FIXME not really testing this plugin-regularexpression is not there fail( "Should have thrown" ); } @@ -2613,7 +2617,7 @@ public void testDoModifyEmailPatternReset( ) throws PasswordResetException, Acce AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); request.setParameter( "reset", "reset" ); bean.doModifyEmailPattern( request ); assertEquals( origEmailPattern, getEmailPattern( ) ); @@ -2640,7 +2644,7 @@ public void testDoModifyEmailPatternResetInvalidToken( ) throws PasswordResetExc AdminAuthenticationService.getInstance( ).registerUser( request, user ); bean.init( request, RIGHT_CORE_USERS_MANAGEMENT ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); + _securityTokenService.getToken( request, "ManageAdvancedParameters.jsp" ) + "b" ); request.setParameter( "reset", "reset" ); bean.doModifyEmailPattern( request ); fail( "Should have thrown" ); diff --git a/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBeanTest.java index 55f29e699e..e7e105385f 100644 --- a/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeFieldJspBeanTest.java @@ -54,6 +54,7 @@ import fr.paris.lutece.portal.service.admin.PasswordResetException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.user.attribute.AttributeService; import fr.paris.lutece.portal.service.user.attribute.AttributeTypeService; @@ -68,6 +69,7 @@ public class AttributeFieldJspBeanTest extends LuteceTestCase private Map _attributes; private @Inject AttributeService _attributeService; private @Inject AttributeTypeService _attributeTypeService; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -76,7 +78,7 @@ protected void setUp( ) throws Exception List types = _attributeTypeService.getAttributeTypes( Locale.FRANCE ); for ( AttributeType type : types ) { - IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).newInstance( ); + IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).getDeclaredConstructor().newInstance( ); String strName = getRandomName( ); attribute.setTitle( strName ); attribute.setHelpMessage( strName ); @@ -138,7 +140,7 @@ private void testDoRemoveAttributeField( IAttribute attribute ) throws AccessDen request.addParameter( "id_attribute", Integer.toString( attribute.getIdAttribute( ) ) ); request.addParameter( "id_field", Integer.toString( attribute.getListAttributeFields( ).get( 0 ).getIdField( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/attribute/DoRemoveAttributeField.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/attribute/DoRemoveAttributeField.jsp" ) ); instance.doRemoveAttributeField( request ); @@ -162,7 +164,7 @@ private void testDoRemoveAttributeFieldInvalidToken( IAttribute attribute ) thro request.addParameter( "id_attribute", Integer.toString( attribute.getIdAttribute( ) ) ); request.addParameter( "id_field", Integer.toString( attribute.getListAttributeFields( ).get( 0 ).getIdField( ) ) ); request.addParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/attribute/DoRemoveAttributeField.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/attribute/DoRemoveAttributeField.jsp" ) + "b" ); try { @@ -241,7 +243,7 @@ private void testDoCreateAttributeField( IAttribute attribute ) throws AccessDen request.setParameter( "title", strName ); request.setParameter( "value", strName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/attribute/create_attribute_field.html" ) ); + _securityTokenService.getToken( request, "admin/user/attribute/create_attribute_field.html" ) ); instance.doCreateAttributeField( request ); @@ -269,7 +271,7 @@ private void testDoCreateAttributeFieldInvalidToken( IAttribute attribute ) thro request.setParameter( "title", strName ); request.setParameter( "value", strName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/attribute/create_attribute_field.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/user/attribute/create_attribute_field.html" ) + "b" ); try { @@ -356,7 +358,7 @@ private void testDoModifyAttributeField( IAttribute attribute ) throws AccessDen request.setParameter( "title", strName ); request.setParameter( "value", strName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/attribute/modify_attribute_field.html" ) ); + _securityTokenService.getToken( request, "admin/user/attribute/modify_attribute_field.html" ) ); instance.doModifyAttributeField( request ); @@ -385,7 +387,7 @@ private void testDoModifyAttributeFieldInvalidToken( IAttribute attribute ) thro request.setParameter( "title", strName ); request.setParameter( "value", strName ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/attribute/modify_attribute_field.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/user/attribute/modify_attribute_field.html" ) + "b" ); try { @@ -456,7 +458,7 @@ private void testdoMoveDownAttributeField( IAttribute attribute ) throws AccessD request.setParameter( "id_attribute", Integer.toString( attribute.getIdAttribute( ) ) ); request.setParameter( "id_field", Integer.toString( attributeField.getIdField( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) ); + _securityTokenService.getToken( request, attribute.getTemplateModifyAttribute( ) ) ); instance.doMoveDownAttributeField( request ); @@ -489,7 +491,7 @@ private void testdoMoveDownAttributeFieldInvalidToken( IAttribute attribute ) th request.setParameter( "id_attribute", Integer.toString( attribute.getIdAttribute( ) ) ); request.setParameter( "id_field", Integer.toString( attributeField.getIdField( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) + "b" ); + _securityTokenService.getToken( request, attribute.getTemplateModifyAttribute( ) ) + "b" ); try { @@ -563,7 +565,7 @@ private void testdoMoveUpAttributeField( IAttribute attribute ) throws AccessDen request.setParameter( "id_attribute", Integer.toString( attribute.getIdAttribute( ) ) ); request.setParameter( "id_field", Integer.toString( attributeField.getIdField( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) ); + _securityTokenService.getToken( request, attribute.getTemplateModifyAttribute( ) ) ); instance.doMoveUpAttributeField( request ); @@ -596,7 +598,7 @@ private void testdoMoveUpAttributeFieldInvalidToken( IAttribute attribute ) thro request.setParameter( "id_attribute", Integer.toString( attribute.getIdAttribute( ) ) ); request.setParameter( "id_field", Integer.toString( attributeField.getIdField( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) + "b" ); + _securityTokenService.getToken( request, attribute.getTemplateModifyAttribute( ) ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBeanTest.java index caa16efe40..d9b78f4bab 100644 --- a/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/user/attribute/AttributeJspBeanTest.java @@ -33,6 +33,7 @@ */ package fr.paris.lutece.portal.web.user.attribute; +import java.lang.reflect.InvocationTargetException; import java.math.BigInteger; import java.security.SecureRandom; import java.util.ArrayList; @@ -54,6 +55,7 @@ import fr.paris.lutece.portal.service.admin.PasswordResetException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.user.attribute.AttributeService; import fr.paris.lutece.portal.service.user.attribute.AttributeTypeService; @@ -69,6 +71,7 @@ public class AttributeJspBeanTest extends LuteceTestCase private @Inject AttributeJspBean instance; private @Inject AttributeService _attributeService; private @Inject AttributeTypeService _attributeTypeService; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -77,7 +80,7 @@ protected void setUp( ) throws Exception List types = _attributeTypeService.getAttributeTypes( Locale.FRANCE ); for ( AttributeType type : types ) { - IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).newInstance( ); + IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).getDeclaredConstructor().newInstance( ); attribute.setTitle( getRandomName( ) ); attribute.setHelpMessage( attribute.getTitle( ) ); List listAttributeFields = new ArrayList<>( ); @@ -121,7 +124,7 @@ private void testGetCreateAttribute( AttributeType type ) throws PasswordResetEx } @Test public void testDoCreateAttribute( ) - throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException + throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { List types = _attributeTypeService.getAttributeTypes( Locale.FRANCE ); for ( AttributeType type : types ) @@ -131,16 +134,16 @@ public void testDoCreateAttribute( ) } private void testDoCreateAttribute( AttributeType type ) - throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException + throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "attribute_type_class_name", type.getClassName( ) ); String strTitle = getRandomName( ); request.setParameter( "title", strTitle ); request.setParameter( "width", "5" ); - IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).newInstance( ); + IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).getDeclaredConstructor().newInstance( ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateCreateAttribute( ) ) ); + _securityTokenService.getToken( request, attribute.getTemplateCreateAttribute( ) ) ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), "CORE_USERS_MANAGEMENT" ); @@ -160,7 +163,7 @@ private void testDoCreateAttribute( AttributeType type ) } @Test public void testDoCreateAttributeInvalidToken( ) - throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException + throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { List types = _attributeTypeService.getAttributeTypes( Locale.FRANCE ); for ( AttributeType type : types ) @@ -170,16 +173,16 @@ public void testDoCreateAttributeInvalidToken( ) } private void testDoCreateAttributeInvalidToken( AttributeType type ) - throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException + throws PasswordResetException, AccessDeniedException, InstantiationException, IllegalAccessException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException { MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "attribute_type_class_name", type.getClassName( ) ); String strTitle = getRandomName( ); request.setParameter( "title", strTitle ); request.setParameter( "width", "5" ); - IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).newInstance( ); + IAttribute attribute = (IAttribute) Class.forName( type.getClassName( ) ).getDeclaredConstructor().newInstance( ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateCreateAttribute( ) ) + "b" ); + _securityTokenService.getToken( request, attribute.getTemplateCreateAttribute( ) ) + "b" ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), "CORE_USERS_MANAGEMENT" ); @@ -287,7 +290,7 @@ private void testDoModifyAttribute( AttributeType type ) request.setParameter( "width", "5" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) ); + _securityTokenService.getToken( request, attribute.getTemplateModifyAttribute( ) ) ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), "CORE_USERS_MANAGEMENT" ); @@ -321,7 +324,7 @@ private void testDoModifyAttributeInvalidToken( AttributeType type ) request.setParameter( "width", "5" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, attribute.getTemplateModifyAttribute( ) ) + "b" ); + _securityTokenService.getToken( request, attribute.getTemplateModifyAttribute( ) ) + "b" ); AdminUserUtils.registerAdminUserWithRigth( request, new AdminUser( ), "CORE_USERS_MANAGEMENT" ); @@ -398,7 +401,7 @@ public void testDoRemoveAttribute( ) throws AccessDeniedException int idAttribute = _attributes.values( ).stream( ).findFirst( ).orElseThrow( IllegalStateException::new ).getIdAttribute( ); request.setParameter( "id_attribute", Integer.toString( idAttribute ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/attribute/DoRemoveAttribute.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/user/attribute/DoRemoveAttribute.jsp" ) ); instance.doRemoveAttribute( request ); @@ -413,7 +416,7 @@ public void testDoRemoveAttributeInvalidToken( ) throws AccessDeniedException int idAttribute = _attributes.values( ).stream( ).findFirst( ).orElseThrow( IllegalStateException::new ).getIdAttribute( ); request.setParameter( "id_attribute", Integer.toString( idAttribute ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/user/attribute/DoRemoveAttribute.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/user/attribute/DoRemoveAttribute.jsp" ) + "b" ); try @@ -462,7 +465,7 @@ public void testDoMoveDownAttribute( ) throws PasswordResetException, AccessDeni request.setParameter( "id_attribute", Integer.toString( nIdAttribute ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); instance.doMoveDownAttribute( request ); @@ -486,7 +489,7 @@ public void testDoMoveDownAttributeInvalidToken( ) throws PasswordResetException request.setParameter( "id_attribute", Integer.toString( nIdAttribute ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/attribute/manage_attributes.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/user/attribute/manage_attributes.html" ) + "b" ); try { @@ -544,7 +547,7 @@ public void testDoMoveUpAttribute( ) throws PasswordResetException, AccessDenied request.setParameter( "id_attribute", Integer.toString( nIdAttribute ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); + _securityTokenService.getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) ); instance.doMoveUpAttribute( request ); @@ -568,7 +571,7 @@ public void testDoMoveUpAttributeInvalidToken( ) throws PasswordResetException, request.setParameter( "id_attribute", Integer.toString( nIdAttribute ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/user/attribute/manage_attributes.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/user/attribute/manage_attributes.html" ) + "b" ); try { diff --git a/src/test/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBeanTest.java index 1caf9345df..e4e7465a00 100644 --- a/src/test/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/workgroup/AdminWorkgroupJspBeanTest.java @@ -48,15 +48,18 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; public class AdminWorkgroupJspBeanTest extends LuteceTestCase { private AdminWorkgroup adminWorkgroup; private AdminWorkgroupJspBean bean; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -82,7 +85,7 @@ public void testDoAssignUsers( ) throws AccessDeniedException AdminUser user = AdminUserHome.findUserByLogin( "admin" ); request.setParameter( "list_users", Integer.toString( user.getUserId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/assign_users_workgroup.html" ) ); + _securityTokenService.getToken( request, "admin/workgroup/assign_users_workgroup.html" ) ); assertFalse( AdminWorkgroupHome.isUserInWorkgroup( user, adminWorkgroup.getKey( ) ) ); bean.doAssignUsers( request ); @@ -96,7 +99,7 @@ public void testDoAssignUsersInvalidToken( ) throws AccessDeniedException AdminUser user = AdminUserHome.findUserByLogin( "admin" ); request.setParameter( "list_users", Integer.toString( user.getUserId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/assign_users_workgroup.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/workgroup/assign_users_workgroup.html" ) + "b" ); assertFalse( AdminWorkgroupHome.isUserInWorkgroup( user, adminWorkgroup.getKey( ) ) ); try @@ -151,7 +154,7 @@ public void testDoCreateWorkgroup( ) throws AccessDeniedException request.setParameter( "workgroup_key", key ); request.setParameter( "workgroup_description", key ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/create_workgroup.html" ) ); + _securityTokenService.getToken( request, "admin/workgroup/create_workgroup.html" ) ); assertFalse( AdminWorkgroupHome.checkExistWorkgroup( key ) ); bean.init( request, "CORE_WORKGROUPS_MANAGEMENT" ); @@ -170,7 +173,7 @@ public void testDoCreateWorkgroupInvalidToken( ) throws AccessDeniedException request.setParameter( "workgroup_key", key ); request.setParameter( "workgroup_description", key ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/create_workgroup.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/workgroup/create_workgroup.html" ) + "b" ); assertFalse( AdminWorkgroupHome.checkExistWorkgroup( key ) ); bean.init( request, "CORE_WORKGROUPS_MANAGEMENT" ); @@ -217,7 +220,7 @@ public void testDoModifyWorkgroup( ) throws AccessDeniedException request.setParameter( "workgroup_key", adminWorkgroup.getKey( ) ); request.setParameter( "workgroup_description", adminWorkgroup.getDescription( ) + "_mod" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/modify_workgroup.html" ) ); + _securityTokenService.getToken( request, "admin/workgroup/modify_workgroup.html" ) ); assertEquals( adminWorkgroup.getKey( ), adminWorkgroup.getDescription( ) ); bean.doModifyWorkgroup( request ); @@ -230,7 +233,7 @@ public void testDoModifyWorkgroupInvalidToken( ) throws AccessDeniedException request.setParameter( "workgroup_key", adminWorkgroup.getKey( ) ); request.setParameter( "workgroup_description", adminWorkgroup.getDescription( ) + "_mod" ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/modify_workgroup.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/workgroup/modify_workgroup.html" ) + "b" ); assertEquals( adminWorkgroup.getKey( ), adminWorkgroup.getDescription( ) ); try @@ -281,7 +284,7 @@ public void testDoRemoveWorkgroup( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "workgroup_key", adminWorkgroup.getKey( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/workgroup/DoRemoveWorkgroup.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/workgroup/DoRemoveWorkgroup.jsp" ) ); assertTrue( AdminWorkgroupHome.checkExistWorkgroup( adminWorkgroup.getKey( ) ) ); bean.doRemoveWorkgroup( request ); @@ -293,7 +296,7 @@ public void testDoRemoveWorkgroupInvalidToken( ) throws AccessDeniedException MockHttpServletRequest request = new MockHttpServletRequest( ); request.setParameter( "workgroup_key", adminWorkgroup.getKey( ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/workgroup/DoRemoveWorkgroup.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/workgroup/DoRemoveWorkgroup.jsp" ) + "b" ); assertTrue( AdminWorkgroupHome.checkExistWorkgroup( adminWorkgroup.getKey( ) ) ); try @@ -333,7 +336,7 @@ public void testDoUnAssignUser( ) throws AccessDeniedException request.setParameter( "workgroup_key", adminWorkgroup.getKey( ) ); request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/assign_users_workgroup.html" ) ); + _securityTokenService.getToken( request, "admin/workgroup/assign_users_workgroup.html" ) ); assertTrue( AdminWorkgroupHome.isUserInWorkgroup( user, adminWorkgroup.getKey( ) ) ); bean.doUnAssignUser( request ); @@ -349,7 +352,7 @@ public void testDoUnAssignUserInvalidToken( ) throws AccessDeniedException request.setParameter( "workgroup_key", adminWorkgroup.getKey( ) ); request.setParameter( "id_user", Integer.toString( user.getUserId( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "admin/workgroup/assign_users_workgroup.html" ) + "b" ); + _securityTokenService.getToken( request, "admin/workgroup/assign_users_workgroup.html" ) + "b" ); assertTrue( AdminWorkgroupHome.isUserInWorkgroup( user, adminWorkgroup.getKey( ) ) ); try diff --git a/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppCycleTest.java b/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppCycleTest.java index d8bb43e5b7..02d379d4b6 100644 --- a/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppCycleTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppCycleTest.java @@ -51,9 +51,9 @@ import fr.paris.lutece.portal.service.page.IPageService; import fr.paris.lutece.portal.service.portal.PortalService; import fr.paris.lutece.portal.service.util.AppLogService; -import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import fr.paris.lutece.util.AppInitPropertiesService; import jakarta.enterprise.inject.spi.CDI; import jakarta.inject.Inject; @@ -125,7 +125,7 @@ private void setRootPageId( int nRootPageId ) throws IOException { props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); } - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); } private void removePageQuietly( int nPageId ) diff --git a/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppTest.java b/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppTest.java index 081f92522e..ef7efc7175 100644 --- a/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/xpages/SiteMapAppTest.java @@ -58,9 +58,9 @@ import fr.paris.lutece.portal.service.security.LuteceUser; import fr.paris.lutece.portal.service.security.MokeLuteceAuthentication; import fr.paris.lutece.portal.service.security.SecurityService; -import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import fr.paris.lutece.util.AppInitPropertiesService; import jakarta.enterprise.inject.spi.CDI; import jakarta.inject.Inject; import jakarta.servlet.http.HttpServletRequest; @@ -271,7 +271,7 @@ private void restoreAuthentication( boolean status ) throws IOException, LuteceI OutputStream os = new FileOutputStream( luteceProperties ); props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); os.close( ); - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); SecurityService.init( ); } } @@ -293,7 +293,7 @@ private boolean enableAuthentication( ) throws IOException, LuteceInitException OutputStream os = new FileOutputStream( luteceProperties ); props.store( os, "saved for junit " + this.getClass( ).getCanonicalName( ) ); os.close( ); - AppPropertiesService.reloadAll( ); + AppInitPropertiesService.reloadAll( ); SecurityService.init( ); } diff --git a/src/test/java/fr/paris/lutece/portal/web/xsl/XslExportJspBeanTest.java b/src/test/java/fr/paris/lutece/portal/web/xsl/XslExportJspBeanTest.java index b96de2ea86..77dbff5214 100644 --- a/src/test/java/fr/paris/lutece/portal/web/xsl/XslExportJspBeanTest.java +++ b/src/test/java/fr/paris/lutece/portal/web/xsl/XslExportJspBeanTest.java @@ -62,16 +62,19 @@ import fr.paris.lutece.portal.service.admin.AccessDeniedException; import fr.paris.lutece.portal.service.message.AdminMessage; import fr.paris.lutece.portal.service.message.AdminMessageService; +import fr.paris.lutece.portal.service.security.ISecurityTokenService; import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.web.admin.AdminUserUtils; import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest; import fr.paris.lutece.test.LuteceTestCase; import fr.paris.lutece.test.mocks.MockHttpServletRequest; +import jakarta.inject.Inject; public class XslExportJspBeanTest extends LuteceTestCase { private XslExportJspBean _instance; private XslExport _xslExport; + private @Inject ISecurityTokenService _securityTokenService; @BeforeEach protected void setUp( ) throws Exception @@ -135,7 +138,7 @@ public void testDoCreateXslExport( ) throws AccessDeniedException, IOException randomName } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/xsl/create_xsl_export.html" ) + _securityTokenService.getToken( request, "admin/xsl/create_xsl_export.html" ) } ); Map>> multipartFiles = new HashMap<>( ); List> fileItems = new ArrayList<>( ); @@ -177,7 +180,7 @@ public void testDoCreateXslExportInvalidToken( ) throws AccessDeniedException, I randomName } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/xsl/create_xsl_export.html" ) + "b" + _securityTokenService.getToken( request, "admin/xsl/create_xsl_export.html" ) + "b" } ); Map>> multipartFiles = new HashMap<>( ); List> fileItems = new ArrayList<>( ); @@ -288,7 +291,7 @@ public void testDoModifyXslExport( ) throws AccessDeniedException Integer.toString( _xslExport.getIdXslExport( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/xsl/modify_xsl_export.html" ) + _securityTokenService.getToken( request, "admin/xsl/modify_xsl_export.html" ) } ); Map>> multipartFiles = new HashMap<>( ); @@ -324,7 +327,7 @@ public void testDoModifyXslExportInvalidToken( ) throws AccessDeniedException Integer.toString( _xslExport.getIdXslExport( ) ) } ); parameters.put( SecurityTokenService.PARAMETER_TOKEN, new String [ ] { - SecurityTokenService.getInstance( ).getToken( request, "admin/xsl/modify_xsl_export.html" ) + "b" + _securityTokenService.getToken( request, "admin/xsl/modify_xsl_export.html" ) + "b" } ); Map>> multipartFiles = new HashMap<>( ); @@ -409,7 +412,7 @@ public void testDoRemoveXslExport( ) throws AccessDeniedException request.setParameter( "id_xsl_export", Integer.toString( _xslExport.getIdXslExport( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/xsl/DoRemoveXslExport.jsp" ) ); + _securityTokenService.getToken( request, "jsp/admin/xsl/DoRemoveXslExport.jsp" ) ); _instance.init( request, XslExportJspBean.RIGHT_MANAGE_XSL_EXPORT ); _instance.doRemoveXslExport( request ); @@ -427,7 +430,7 @@ public void testDoRemoveXslExportInvalidToken( ) throws AccessDeniedException request.setParameter( "id_xsl_export", Integer.toString( _xslExport.getIdXslExport( ) ) ); request.setParameter( SecurityTokenService.PARAMETER_TOKEN, - SecurityTokenService.getInstance( ).getToken( request, "jsp/admin/xsl/DoRemoveXslExport.jsp" ) + "b" ); + _securityTokenService.getToken( request, "jsp/admin/xsl/DoRemoveXslExport.jsp" ) + "b" ); _instance.init( request, XslExportJspBean.RIGHT_MANAGE_XSL_EXPORT ); try diff --git a/src/test/java/fr/paris/lutece/util/sql/DAOUtilTest.java b/src/test/java/fr/paris/lutece/util/sql/DAOUtilTest.java index 715ed0a32d..37c8d51ebe 100644 --- a/src/test/java/fr/paris/lutece/util/sql/DAOUtilTest.java +++ b/src/test/java/fr/paris/lutece/util/sql/DAOUtilTest.java @@ -54,14 +54,26 @@ public class DAOUtilTest extends LuteceTestCase @Test public void testDAOUtil_str( ) { - DAOUtil daoUtil = new DAOUtil( SQL_INSERT ); - doTest( daoUtil, false ); + try ( DAOUtil daoUtil = new DAOUtil( SQL_INSERT ) ) + { + doTest( daoUtil, false ); + } + catch( Exception e ) + { + fail( ); + } } @Test public void testDAOUtil_str_int( ) { - DAOUtil daoUtil = new DAOUtil( SQL_INSERT, Statement.RETURN_GENERATED_KEYS ); - doTest( daoUtil, true ); + try ( DAOUtil daoUtil = new DAOUtil( SQL_INSERT, Statement.RETURN_GENERATED_KEYS ) ) + { + doTest( daoUtil, true ); + } + catch( Exception e ) + { + fail( ); + } } @Test public void testDAOUtil_str_plugin( ) @@ -70,8 +82,14 @@ public void testDAOUtil_str_plugin( ) p.setName( "core" ); // DAOUtil.DEFAULT_MODULE_NAME p.setConnectionService( AppConnectionService.getDefaultConnectionService( ) ); - DAOUtil daoUtil = new DAOUtil( SQL_INSERT, p ); - doTest( daoUtil, false ); + try ( DAOUtil daoUtil = new DAOUtil( SQL_INSERT, p ) ) + { + doTest( daoUtil, false ); + } + catch( Exception e ) + { + fail( ); + } } @Test public void testDAOUtil_str_int_plugin( ) @@ -80,8 +98,14 @@ public void testDAOUtil_str_int_plugin( ) p.setName( "core" ); // DAOUtil.DEFAULT_MODULE_NAME p.setConnectionService( AppConnectionService.getDefaultConnectionService( ) ); - DAOUtil daoUtil = new DAOUtil( SQL_INSERT, Statement.RETURN_GENERATED_KEYS, p ); - doTest( daoUtil, true ); + try ( DAOUtil daoUtil = new DAOUtil( SQL_INSERT, Statement.RETURN_GENERATED_KEYS, p ) ) + { + doTest( daoUtil, true ); + } + catch( Exception e ) + { + fail( ); + } } private void doTest( DAOUtil daoUtil, boolean hasGeneratedKey )