diff --git a/all/pom.xml b/all/pom.xml index 4b182b2b4..8718d9153 100644 --- a/all/pom.xml +++ b/all/pom.xml @@ -184,7 +184,7 @@ com.adobe.aem aemanalyser-maven-plugin - 1.4.20 + 1.5.8 aem-analyser diff --git a/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/ShareService.java b/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/ShareService.java index a55df0a2e..c5310fdf5 100644 --- a/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/ShareService.java +++ b/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/ShareService.java @@ -43,7 +43,7 @@ public interface ShareService { * * @param request the request that provides context of which Asset Share instance the request is coming to. * @param response the response - * @param shareParameters a <String, Object> map or parameters; This is initially constructed from the request.getParameterMap() but can be augmented in the ShareService implementationa s needed. + * @param shareParameters a <String, Object> map or parameters; This is initially constructed from the request.getParameterMap() but can be augmented in the ShareService implementation as needed. * @throws ShareException is thrown if an error occurs with sharing (required share params are missing) or with the sharing initiation itself. */ void share(SlingHttpServletRequest request, SlingHttpServletResponse response, ValueMap shareParameters) throws ShareException; diff --git a/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/EmailShareServiceImpl.java b/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/EmailShareServiceImpl.java index 80aa869b6..6b9761a25 100644 --- a/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/EmailShareServiceImpl.java +++ b/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/EmailShareServiceImpl.java @@ -52,6 +52,7 @@ import org.apache.sling.api.resource.ResourceResolver; import org.apache.sling.api.resource.ValueMap; import org.apache.sling.api.scripting.SlingBindings; +import org.apache.sling.api.wrappers.ValueMapDecorator; import org.apache.sling.models.factory.ModelFactory; import org.apache.sling.scripting.core.ScriptHelper; import org.apache.sling.xss.XSSAPI; @@ -66,6 +67,7 @@ import org.slf4j.LoggerFactory; import javax.jcr.RepositoryException; +import javax.jcr.Value; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; @@ -116,6 +118,8 @@ public boolean accepts(final SlingHttpServletRequest request) { @Override public final void share(final SlingHttpServletRequest request, final SlingHttpServletResponse response, final ValueMap shareParameters) throws ShareException { + final ValueMap unprotectedShareParameters = new ValueMapDecorator(new HashMap<>()); + unprotectedShareParameters.putAll(shareParameters); /** Work around for regression issue introduced in AEM 6.4 **/ SlingBindings bindings = new SlingBindings(); @@ -127,10 +131,11 @@ public final void share(final SlingHttpServletRequest request, final SlingHttpSe final EmailShare emailShare = request.adaptTo(EmailShare.class); shareParameters.putAll(xssProtectUserData(emailShare.getUserData())); - //shareParameters.putAll(emailShare.getUserData()); + unprotectedShareParameters.putAll(emailShare.getUserData()); // Configured data supersedes user data shareParameters.putAll(emailShare.getConfiguredData()); + unprotectedShareParameters.putAll(emailShare.getConfiguredData()); // Except for signature which we may or may not want to use from configured data, depending on flags in configured data shareParameters.put(SIGNATURE, getSignature(emailShare, userProperties)); @@ -141,12 +146,13 @@ public final void share(final SlingHttpServletRequest request, final SlingHttpSe shareParameters.put(EmailService.REPLY_TO, replyToAddress); } - share(request.adaptTo(Config.class), shareParameters, StringUtils.defaultIfBlank(emailShare.getEmailTemplatePath(), cfg.emailTemplate())); + share(request.adaptTo(Config.class), unprotectedShareParameters, shareParameters, StringUtils.defaultIfBlank(emailShare.getEmailTemplatePath(), cfg.emailTemplate())); } - private final void share(final Config config, final ValueMap shareParameters, final String emailTemplatePath) throws ShareException { - final String[] emailAddresses = StringUtils.split(shareParameters.get(EMAIL_ADDRESSES, ""), ","); - final String[] assetPaths = Arrays.stream(shareParameters.get(ASSET_PATHS, ArrayUtils.EMPTY_STRING_ARRAY)) + private final void share(final Config config, final ValueMap unprotectedShareParameters, final ValueMap shareParameters, final String emailTemplatePath) throws ShareException { + final String[] emailAddresses = StringUtils.split(unprotectedShareParameters.get(EMAIL_ADDRESSES, ""), ","); + + final String[] assetPaths = Arrays.stream(unprotectedShareParameters.get(ASSET_PATHS, ArrayUtils.EMPTY_STRING_ARRAY)) .filter(StringUtils::isNotBlank) .map(path -> config.getResourceResolver().getResource(path)) .filter(Objects::nonNull) @@ -155,6 +161,10 @@ private final void share(final Config config, final ValueMap shareParameters, fi .map(Asset::getPath) .toArray(String[]::new); + if (log.isDebugEnabled()) { + log.debug("Sharing [ {} ] to [ {} ]", StringUtils.join(unprotectedShareParameters.get(ASSET_PATHS, ArrayUtils.EMPTY_STRING_ARRAY), ", "), StringUtils.join(emailAddresses, ", ")); + } + // Check to ensure the minimum set of e-mail parameters are provided; Throw exception if not. if (emailAddresses == null || emailAddresses.length == 0) { throw new ShareException("At least one e-mail address is required to share"); @@ -163,7 +173,7 @@ private final void share(final Config config, final ValueMap shareParameters, fi } // Convert provided params to ; anything that needs to be accessed in its native type should be accessed and manipulated via shareParameters.get(..) - final Map emailParameters = new HashMap(); + final Map emailParameters = new HashMap<>(); for (final String key : shareParameters.keySet()) { emailParameters.put(key, shareParameters.get(key, String.class)); } @@ -288,7 +298,6 @@ private boolean isValidUser(SlingHttpServletRequest request) { private Map xssProtectUserData(Map dirtyUserData) { Map cleanUserData = new HashMap(); for (final Map.Entry entry : dirtyUserData.entrySet()) { - if (entry.getValue() instanceof String[]) { cleanUserData.put(entry.getKey(), xssCleanData((String[]) entry.getValue())); } else if (entry.getValue() instanceof String) { diff --git a/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/ShareServlet.java b/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/ShareServlet.java index 4fb4c5c2c..f180b5c17 100644 --- a/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/ShareServlet.java +++ b/core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/ShareServlet.java @@ -82,7 +82,7 @@ private final void share(SlingHttpServletRequest request, SlingHttpServletRespon try { shareService.share(request, response, // Make map write-able - new ValueMapDecorator(new HashMap(request.getParameterMap()))); + new ValueMapDecorator(new HashMap<>(request.getParameterMap()))); counter.incrementAndGet(); } catch (ShareException e) { if (log.isErrorEnabled()) { @@ -96,7 +96,7 @@ private final void share(SlingHttpServletRequest request, SlingHttpServletRespon if (counter.get() == 0) { defaultShareService.share(request, response, // Make map write-able - new ValueMapDecorator(new HashMap(request.getParameterMap()))); + new ValueMapDecorator(new HashMap<>(request.getParameterMap()))); } } catch (ShareException ex) { log.error("Unable to share assets from Asset Share Commons", ex); diff --git a/pom.xml b/pom.xml index 10d1479fd..7a9921e12 100644 --- a/pom.xml +++ b/pom.xml @@ -72,7 +72,7 @@ 6.5.7.0003 - 2022.9.8722.20220912T101352Z-220800 + 2023.3.11382.20230315T073850Z-230200 2.17.14 1.9.0 v13.7.0 @@ -107,7 +107,7 @@ org.apache.maven.plugins maven-release-plugin - 3.0.0-M6 + 3.0.0 asset-share-commons-@{project.version} [maven-scm] : @@ -121,7 +121,7 @@ org.apache.maven.release maven-release-oddeven-policy - 3.0.0-M7 + 3.0.0 @@ -254,7 +254,7 @@ Bundle-DocURL: https://opensource.adobe.com/asset-share-commons/ org.apache.maven.plugins maven-resources-plugin - 3.2.0 + 3.3.1 @@ -462,7 +462,7 @@ Bundle-DocURL: https://opensource.adobe.com/asset-share-commons/ maven-javadoc-plugin - 3.4.1 + 3.5.0 ${project.build.sourceEncoding} @@ -546,7 +546,7 @@ Bundle-DocURL: https://opensource.adobe.com/asset-share-commons/ org.owasp dependency-check-maven - 7.1.1 + 8.2.1 true diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/action-buttons/action-buttons.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/action-buttons/action-buttons.html index b51d6c842..46a680709 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/action-buttons/action-buttons.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/action-buttons/action-buttons.html @@ -16,11 +16,11 @@ ~ limitations under the License. */--> -
diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/editor-links/editor-links.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/editor-links/editor-links.html index 47d5aa2e2..6bf2949f9 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/editor-links/editor-links.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/editor-links/editor-links.html @@ -16,11 +16,12 @@ ~ limitations under the License. */--> - + data-sly-test.ready="${editorLinks.ready}" + >

${properties['label'] @ i18n}

diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/image/image.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/image/image.html index 36c1326c2..c3bb68591 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/image/image.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/image/image.html @@ -16,9 +16,9 @@ ~ limitations under the License. */--> - +
diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/metadata/metadata.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/metadata/metadata.html index 066c08a14..103917364 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/metadata/metadata.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/metadata/metadata.html @@ -16,11 +16,11 @@ ~ limitations under the License. */--> -
diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/renditions/renditions.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/renditions/renditions.html index 34ecf4a71..406cd8c11 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/renditions/renditions.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/renditions/renditions.html @@ -16,11 +16,11 @@ ~ limitations under the License. */--> -
diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/tags/tags.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/tags/tags.html index dd03b3b38..5382bc520 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/tags/tags.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/tags/tags.html @@ -16,10 +16,10 @@ ~ limitations under the License. */--> -
diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/title/title.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/title/title.html index 386ad3f38..056b5889a 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/title/title.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/title/title.html @@ -16,10 +16,10 @@ ~ limitations under the License. */--> -

diff --git a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/video/video.html b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/video/video.html index 4b9d9106c..65ec48ced 100644 --- a/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/video/video.html +++ b/ui.apps/src/main/content/jcr_root/apps/asset-share-commons/components/details/video/video.html @@ -16,9 +16,9 @@ ~ limitations under the License. */--> -