Changes for page Attachments

Last modified by Sebastian Marsching on 2024/01/08 23:13
From version 1.1
edited by Sebastian Marsching
on 2022/01/09 00:04
Change comment: Install extension [org.xwiki.platform:xwiki-platform-attachment-ui/13.10.2]
To version 3.1
edited by Sebastian Marsching
on 2022/07/10 15:56
Change comment: Install extension [org.xwiki.platform:xwiki-platform-attachment-ui/14.5]

Summary

Details

Page properties
Content
... ... @@ -79,7 +79,10 @@
79 79   #set ($returnURL = $escapetool.url($doc.getURL('view', $request.queryString)))
80 80   #set ($deleteURL = $targetAttachDocument.getAttachmentURL($attachment.filename, 'delattachment', "xredirect=${returnURL}&form_token=$!{services.csrf.getToken()}") )
81 81   #set ($viewURL = $targetAttachDocument.getAttachmentURL($attachment.filename) )##{'name' : 'download', 'url' : $viewURL, 'rel' : '__blank'}
82 - #set ($selectURL = $targetDocument.getURL(${options.get('docAction')}, "${options.get('classname')}_${options.get('object')}_${options.get('property')}=${attachment.filename}&form_token=$!{services.csrf.getToken()}"))
82 + #set ($selectURL = $targetDocument.getURL(${options.get('docAction')}, $escapetool.url({
83 + "${options.get('classname')}_${options.get('object')}_${options.get('property')}": ${attachment.filename},
84 + 'form_token': $!{services.csrf.getToken()}
85 + })))
83 83   #attachmentPicker_displayEndFrame ([{'name' : 'select', 'url' : $selectURL}, {'name' : 'delete', 'url' : $deleteURL}])
84 84  #end
85 85  
... ... @@ -92,7 +92,9 @@
92 92   *#
93 93  #macro (attachmentPicker_displayStartFrame $boxOptions $currentValue)
94 94   (% class="gallery_attachmentbox $!{boxOptions.cssClass} #if ("$!{boxOptions.value}" == $currentValue) current#{end}" %)(((
95 - (% class="gallery_attachmenttitle" title="$!{boxOptions.value}" %)((($boxOptions.text)))
98 + (% class="gallery_attachmenttitle" title="$services.rendering.escape($!{boxOptions.value}, 'xwiki/2.1')" %)(((
99 + $services.rendering.escape($boxOptions.text, 'xwiki/2.1')
100 + )))
96 96   (% class="gallery_attachmentframe" %)(((
97 97  #end
98 98  
... ... @@ -108,13 +108,13 @@
108 108   ## Compute the attachment reference because there's no getter.
109 109   #set ($attachmentReference = $services.model.createAttachmentReference($attachment.document.documentReference,
110 110   $attachment.filename))
111 - #set ($attachmentStringReference = $services.model.serialize($attachmentReference, 'default'))
116 + #set ($attachmentStringReference = $services.rendering.escape($services.model.serialize($attachmentReference, 'default'), 'xwiki/2.1'))
112 112   #if ($attachment.isImage() && $options.displayImage)
113 113   ## We add the version to the query string in order to invalidate the cache when an image attachment is replaced.
114 114   #set ($queryString = $escapetool.url({'version': $attachment.version}))
115 115   [[[[image:${attachmentStringReference}||width=180 queryString="$queryString"]]>>attach:$attachmentStringReference]]
116 116   #else
117 - * (% class="mime" %){{html wiki=false clean=false}}#mimetypeimg($attachment.getMimeType().toLowerCase() $attachment.getFilename().toLowerCase()){{/html}}(%%) (% class="filename" %)$attachment.getFilename()(% %)
122 + * (% class="mime" %){{html wiki=false clean=false}}#mimetypeimg($attachment.getMimeType().toLowerCase() $attachment.getFilename().toLowerCase()){{/html}}(%%) (% class="filename" %)$services.rendering.escape($attachment.getFilename(), 'xwiki/2.1')(% %)
118 118   * v$attachment.getVersion() (#dynamicsize($attachment.longSize))
119 119   * $services.localization.render('core.viewers.attachments.author', [$!{xwiki.getUserName($attachment.author, false)}]) $services.localization.render('core.viewers.attachments.date', [$!{xwiki.formatDate($attachment.date, 'dd/MM/yyyy hh:mm')}])
120 120   * (% class="buttonwrapper" %)[[${services.localization.render("${translationPrefix}.actions.download")}>>attach:${attachmentStringReference}||title="$services.localization.render("${translationPrefix}.actions.download")" rel="__blank" class="button"]](%%)
XWiki.JavaScriptExtension[0]
Code
... ... @@ -173,10 +173,7 @@
173 173   this.dialog.closeDialog();
174 174   }.bindAsEventListener(this),
175 175   onFailure : function(response) {
176 - var failureReason = response.statusText;
177 - if (response.statusText == '' /* No response */ || response.status == 12031 /* In IE */) {
178 - failureReason = 'Server not responding';
179 - }
176 + var failureReason = response.statusText || 'Server not responding';
180 180   if (targetElement._x_notif) {
181 181   targetElement._x_notif.replace(new XWiki.widgets.Notification("$services.localization.render('core.widgets.confirmationBox.notification.failed')" + failureReason, "error"));
182 182   } else {
... ... @@ -183,9 +183,6 @@
183 183   new XWiki.widgets.Notification(this.interactionParameters.failureMessageText + failureReason, "error");
184 184   }
185 185   },
186 - on1223 : function(response) {
187 - response.request.options.onSuccess(response);
188 - },
189 189   on0 : function(response) {
190 190   response.request.options.onFailure(response);
191 191   },
XWiki.StyleSheetExtension[0]
Code
... ... @@ -140,9 +140,6 @@
140 140   ## Make this box twice as large as the others
141 141   width: ${uploadBoxSize}px;
142 142  }
143 -* html .gallery_upload {
144 - width: ${mathtool.add($uploadBoxSize, 2)}px;
145 -}
146 146  .gallery_upload, .gallery_upload:hover {
147 147   background-color: $theme.backgroundSecondaryColor;
148 148  }
XWiki.WikiMacroClass[0]
Macro code
... ... @@ -45,9 +45,18 @@
45 45   #set ($displayImage = false)
46 46  #end
47 47  #if ($displayImage)
48 - #set ($alt = "$!{xcontext.macro.params.alternateText}")
49 - #set ($width = "$!{xcontext.macro.params.width}")
50 - #set ($height = "$!{xcontext.macro.params.height}")
48 + #set ($alt = '')
49 + #set ($width = '')
50 + #set ($height = '')
51 + #if ($xcontext.macro.params.alternateText)
52 + #set ($alt = "$services.rendering.escape($!{xcontext.macro.params.alternateText}, 'xwiki/2.1')")
53 + #end
54 + #if ($xcontext.macro.params.width)
55 + #set ($width = "$services.rendering.escape($!{xcontext.macro.params.width}, 'xwiki/2.1')")
56 + #end
57 + #if ($xcontext.macro.params.height)
58 + #set ($height = "$services.rendering.escape($!{xcontext.macro.params.height}, 'xwiki/2.1')")
59 + #end
51 51   #set ($imageParams = '')
52 52   #if ("${width}" != '')
53 53   #set($imageParams = "$!{imageParams} width=${width}")
... ... @@ -112,9 +112,9 @@
112 112   #set ($attachmentResource = '')
113 113   #end
114 114   #if ($displayImage)
115 - (% class="$!{cssClass}#if (!$attachment) hidden#end" %)(((#if ("$!{attachmentResource}" != '' || $forceElement)#if($withLink)[[#end[[image:${attachmentResource}$!{imageParams}]]#if($withLink)>>attach:${attachmentResource}||rel=lightbox]]#{end}#end)))##
124 + (% class="$!{cssClass}#if (!$attachment) hidden#end" %)(((#if ("$!{attachmentResource}" != '' || $forceElement)#if($withLink)[[#end[[image:$services.rendering.escape(${attachmentResource}, 'xwiki/2.1')$!{imageParams}]]#if($withLink)>>attach:$services.rendering.escape(${attachmentResource},'xwiki/2.1')||rel=lightbox]]#{end}#end)))##
116 116   #else
117 - (% class="$!{cssClass}" %)#if ("$!{attachmentResource}" != '' || $forceElement)#if ($withLink)[[attach:${attachmentResource}||rel=__blank]]#{else}(% class="displayed" %)#if($targetPermView)$!{attachmentName}#{else}Access Denied#{end}(% %)#{end}#end(%%)##
126 + (% class="$!{cssClass}" %)#if ("$!{attachmentResource}" != '' || $forceElement)#if ($withLink)[[attach:${attachmentResource}||rel=__blank]]#{else}(% class="displayed" %)#if($targetPermView)$services.rendering.escape($!{attachmentName}, 'xwiki/2.1')#{else}Access Denied#{end}(% %)#{end}#end(%%)##
118 118   #end
119 119  #end
120 120  
... ... @@ -137,8 +137,9 @@
137 137   #if ($hasTargetDoc)
138 138   #set ($queryString.targetdocname = $targetdoc.fullName)
139 139   #end
140 - (% class="buttonwrapper" %)[[$buttontext>>${xcontext.macro.doc.fullName}||queryString="$escapetool.url($queryString)"
141 - class="attachment-picker-start button" title="$buttontext"]](%%)##
149 + #set ($linkLabel = $services.rendering.escape($services.rendering.escape($buttontext, 'xwiki/2.1'), 'xwiki/2.1'))
150 + (% class="buttonwrapper" %)[[$linkLabel>>${xcontext.macro.doc.fullName}||queryString="$escapetool.url($queryString)"
151 + class="attachment-picker-start button" title="$services.rendering.escape($buttontext, 'xwiki/2.1')"]](%%)##
142 142   #end
143 143  #end
144 144  {{/velocity}}