- xwiki-devs@xwiki.org - lists.xwiki.org

[xwiki-devs] Question about start_xwiki_debug.sh

by Leon Wang

Dear XWiki Developers, When I execute start_xwiki_debug.sh, it gives me this: Starting Jetty on port 8080 ... Logs are in the ./xwiki.log file ERROR: transport error 202: bind failed: Address already in use ERROR: JDWP Transport dt_socket failed to initialize, TRANSPORT_INIT(510) JDWP exit error AGENT_ERROR_TRANSPORT_INIT(197): No transports initialized [../../../src/share/back/debugInit.c:690] FATAL ERROR in native method: JDWP No transports initialized, jvmtiError=AGENT_ERROR_TRANSPORT_INIT(197) Aborted However when I executed "start_xwiki.sh", it works. What should I do? Can you give me some suggestions? Also could you please tell me more about debug the XWiki wysiwyg editor? When I try ./start_wysiwyg_noserver.sh, the gwt hosted mode edit gives me "[ERROR] Unable to find 'com/xpn/xwiki/wysiwyg/Wysiwyg.gwt.xml' on your classpath; could be a typo, or maybe you forgot to include a classpath entry for source?". I tried "start_wysiwyg_noserver_debug.sh". It gives me: freeleons@EAS-BEN200-002:~/XWiki_Enterprise_2.1.1$ ./start_wysiwyg_noserver_debug.sh ERROR: transport error 202: bind failed: Address already in use ERROR: JDWP Transport dt_socket failed to initialize, TRANSPORT_INIT(510) JDWP exit error AGENT_ERROR_TRANSPORT_INIT(197): No transports initialized [../../../src/share/back/debugInit.c:690] FATAL ERROR in native method: JDWP No transports initialized, jvmtiError=AGENT_ERROR_TRANSPORT_INIT(197) ./start_wysiwyg_noserver_debug.sh: line 33: 16915 Aborted $JAVA32_HOME/java -Xmx1024m -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,address=5006,suspend=y -cp $APP_DIR/WEB-INF/lib/xwiki-web-wysiwyg-$XE_VERSION.jar:$M2_REPO/com/xpn/xwiki/platform/xwiki-web-wysiwyg/$XE_VERSION/xwiki-web-wysiwyg-$XE_VERSION-sources.jar:$M2_REPO/org/xwiki/platform/xwiki-web-gwt-dom/$XE_VERSION/xwiki-web-gwt-dom-$XE_VERSION.jar:$M2_REPO/org/xwiki/platform/xwiki-web-gwt-user/$XE_VERSION/xwiki-web-gwt-user-$XE_VERSION.jar:$M2_REPO/org/xwiki/platform/xwiki-core-component-api/$XE_VERSION/xwiki-core-component-api-$XE_VERSION.jar:$M2_REPO/com/google/gwt/gwt-incubator/july-14-2009/gwt-incubator-july-14-2009.jar:$M2_REPO/com/smartgwt/smartgwt/1.2/smartgwt-1.2.jar:$M2_REPO/com/google/gwt/gwt-dev/$GWT_VERSION/gwt-dev-$GWT_VERSION-linux.jar:$M2_REPO/com/google/gwt/gwt-user/$GWT_VERSION/gwt-user-$GWT_VERSION.jar com.google.gwt.dev.HostedMode -logLevel WARN -style DETAILED -noserver -port 8080 -startupUrl xwiki/$WYSIWYG_PATH/Wysiwyg.html com.xpn.xwiki.wysiwyg.Wysiwyg freeleons@EAS-BEN200-002:~/XWiki_Enterprise_2.1.1$ Thank you guys in advance! The start_xwiki_debug.sh script is attached for your reference: -------------------------------------------------------------------------------- #!/bin/sh # Ensure that the commands below are always started in the directory where this script is # located. To do this we compute the location of the current script. PRG="$0" while [ -h "$PRG" ]; do ls=`ls -ld "$PRG"` link=`expr "$ls" : '.*-> $.*$$'` if expr "$link" : '/.*' > /dev/null; then PRG="$link" else PRG=`dirname "$PRG"`/"$link" fi done PRGDIR=`dirname "$PRG"` cd "$PRGDIR" JETTY_HOME=jetty JAVA_OPTS=-Xmx300m JAVA_OPTS="$JAVA_OPTS -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005" # The port on which to start Jetty can be passed to this script as the first argument if [ -n "$1" ]; then JETTY_PORT=$1 else JETTY_PORT=8080 fi # For enabling YourKit Profiling. # $3 must the path where Yourkit can find the agent. # For example: "/Applications/YourKit Java Profiler 7.0.11.app/bin/mac" # Note: you must also pass the port as $1 for now till we use getopts. if [ "$2" = "profiler" ]; then JAVA_OPTS="$JAVA_OPTS -agentlib:yjpagent" export DYLD_LIBRARY_PATH="$3" fi echo Starting Jetty on port $JETTY_PORT ... echo Logs are in the $PRGDIR/xwiki.log file # Ensure the logs directory exists as otherwise Jetty reports an error mkdir -p $JETTY_HOME/logs 2>/dev/null # Specify port and key to stop a running Jetty instance JAVA_OPTS="$JAVA_OPTS -DSTOP.KEY=xwiki -DSTOP.PORT=8079" java $JAVA_OPTS -Dfile.encoding=UTF8 -Djetty.port=$JETTY_PORT -Djetty.home=$JETTY_HOME -jar $JETTY_HOME/start.jar -------------------------------------------------------------------------------- Jue Wang

15 years, 5 months

3
2
0 0

[xwiki-devs] [VOTE] New committer Denis Gervalle

by Thomas Mortagne

Hi committers, I would like to propose Denis as a XWiki core committer. Denis is an experimented developer (20 years) and has started developing and selling application (through his companies Softec and eGuilde) using XWiki since version 0.9. He had used fully the XWiki model, in the context of multilingual wikis and farms, and he have therefore a very good knowledge of the oddities of the core in many aspects. Denis is one of the few that knows very well deepest parts of XWiki (even some of the new components). Since he have build large applications over XWiki and works for customers, he also provide good feedback and have strong ideas and proposals to improve our current implementation. However he has been very busy these years and he had initially postpone my wishes to vote him as a commiter in September last year. Now he is more available and we decide to go on. Bugs reports by Denis are verified and usually well documented, often with patches when possible or at least some analysis of the issue. The largest one that I have just applied is XWIKI-4627 "Reduce heap exhaustion during export (and partly import)" (see http://jira.xwiki.org/jira/browse/XWIKI-4627). Some stats: - Issues reported by Denis(62): http://jira.xwiki.org/jira/secure/IssueNavigator.jspa?reset=true&reporterSe… - JIRA comments by Denis (174) and Mails sent by Denis (43): http://xwiki.markmail.org/search/?q=from%3ADenis+Gervalle - Total patches from Denis (19), 10 have been applied: http://xwiki.markmail.org/search/?q=Denis+Gervalle+keywords+patch - Mails mentioning Denis on devs and users mailing lists (192): http://xwiki.markmail.org/search/?q=Denis So, I propose Denis to applies his own patches from now on. Here is my +1. Thanks -- Thomas Mortagne

15 years, 5 months

10
11
0 0

[xwiki-devs] [VOTE] Release XE/XEM 2.2.4

by Thomas Mortagne

Hi devs, I would like to release 2.2.4 release, it mainly fixes too important bugs: * XWIKI-5057 - http://jira.xwiki.org/jira/browse/XWIKI-5057 * XWIKI-5039 - When starting a wiki on a sub wiki page, main wiki main page is broken by statistics module See http://jira.xwiki.org/jira/secure/IssueNavigator.jspa?reset=true&&pid=10010… for more. Here is my +1 Thanks, -- Thomas Mortagne

15 years, 5 months

5
5
0 0

[xwiki-devs] Question About Debugging Wysiwyg

by Leon Wang

Hi Dear XWiki developers, Hi Marius, I follow the instruction about how to debug Wysiwyg, " To debug using XWiki in the backend you have to first start the server (normal or debug, depending if you wish to debug server side code also) and then run the start_wysiwyg_noserver_debug.sh script from the same directory as start_xwiki.sh (copy it there first)." I used the start_xwiki.sh script to start the server. Then I used start_wysiwyg_noserver_debug.sh script try to debug it. However, after execute the script and it says "Listening for transport dt_socket at address: 5006". I use Eclipse Remote Debug connect to the port 5006. Then the Google Web Toolkt Hosted Mode windows will prompt up and it says "Unable to find 'com/xpn/xwiki/wysiwyg/Wysiwyg.gwt.xml' on your classpath; could be a typo, or maybe you forgot to include a classpath entry for source?' I have copied the Wysiwyg folder, which is /com/xpn/xwiki.wysiwyg and Wysiwyg.gwt.xml, to the same folder of the start_wysiwyg_noserver_debug.sh. Is it because Maven gwt project layout and the gwt project layout are different? What should I do? Thank you! Jue Wang

15 years, 5 months

2
1
0 0

[xwiki-devs] Important regression in 2.2.3 release !

by Thomas Mortagne

Hi xwikiers, We just found an important regression in 2.2.3 in the rights management user interface. This bug prevents rights to be correctly saved unless you manually select either groups or users radio button first. See http://www.xwiki.org/xwiki/bin/view/Main/ReleaseNotesXWikiEnterprise223. Work is in progress to fix it, a 2.2.4 will be released ASAP. Really sorry about that :( Thanks -- Thomas Mortagne

15 years, 6 months

2
3
0 0

[xwiki-devs] Google Gadgets Integration - Status & Request for Feedback

by Anamaria Stoica

Hi devs, I wanted to show you what work has been done until now on the Google Gadgets Integration, talk a bit about the next steps and ask for feedback. I put up the gadgets work on the incubator, so you can take a quick look. Mostly I'm interested in the minimum subset of features and changes that I need to make in order to have something worth integrating in a future release. Macro Directory: (for all Wiki Macros and Java Macros) http://incubator.myxwiki.org/xwiki/bin/view/Macros/ Macro Description Page: http://incubator.myxwiki.org/xwiki/bin/view/Macros/Macro?id=wc99 Dashboard Macro Test: http://incubator.myxwiki.org/xwiki/bin/view/MacrosTest/DashboardTest The dashboard example contains 3 macros imported from Panels, like Last Members, My Recent Modifications and Blog Categories, and 1 macro imported from a Google Gadget: World Clocks. (I named it w99) Import Google Gadget as Macro Form: http://incubator.myxwiki.org/xwiki/bin/view/Macros/GoogleGadgetsImport WYSIWYG Integration: - easily edit all Google Gadget Macros parameters/user preferences (if inserted alone on the page) - if a macro is inside the Dashboard macro, you don't have access to editing its parameters. Ideally, in the future this kind of interaction would be nice to have: http://incubator.myxwiki.org/xwiki/bin/view/Mockups/GadgetsIntegrationPropo… (Test both of the above here: http://incubator.myxwiki.org/xwiki/bin/view/MacrosTest/DashboardTest) I'm planning to work next on: - AJAX requests to update dashboard state after each drag&drop action (modify the content of the dashboard to reflect the new order of the gadgets - Add Thumbnail and Screenshots support for Macros - Nice UI for Dashboard and Macros Directory (already asked Caty for help here) More work after that: - Add Macros(Gadgets) to a Dashboard (either from the Directory and/or through WYSIWYG editor) - Convert all Panels to Wiki Macros (Question here: What happens with the panel headers? Do I transform them into headings like in the Last Members, My Recent Modifications, Blog Categories examples? If so, how would they be placed on the side, in the empty shell containers to keep looking like they do now? ( http://incubator.myxwiki.org/xwiki/bin/view/Mockups/GadgetsIntegrationPropo… or http://incubator.myxwiki.org/xwiki/bin/view/Mockups/GadgetsIntegrationPropo… ?) - Create types for Wiki Macro parameters: boolean, enum, (int), string (very inconvenient right now for enum types for gadgets with a lot of options -- e.g. see time zone parameters (up_tz1) for World Clock macro --> problem would be nicely solved with a Select) - Allow custom number of columns for Dashboard Questions: - Should dashboard cells have titles? If so, what happens to the titles of Panel origin Macros? (see discussion a little more above) - Is the current syntax of dashboards OK? {{dashboard}} 1 {{members/}} 1 {{myrecentmodifications/}} 2 {{blogcategories/}} 3 {{wc99 title='Another Clock Gadget' w='280' h='280' up_tz1name='Bucharest' up_tz2name='Paris' up_tz1='RO' up_tz2='FR'/}} {{/dashboard}} , where each line represents a cell, the first number being the column number, one blank space and the the content of the cell. For a given column, the order of appearance is important, being treated as a stack (one cell above another). * Keep in mind: - the lines need to be easily update by many AJAX requests issued at each Drag&Drop on the dashboard (both their order, and also the column numbers) - content available in wiki editor - currently does not allow multiple lines for one cell (would a lot more complicated for the AJAX updates) - currently has no title - do we need a title?? SVN: - https://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-gadgets/ (Java Components) - https://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/gadgets/ (XAR) Thanks for the feedback, Anamaria

15 years, 6 months

4
6
0 0

Re: [xwiki-devs] [xwiki-users] XWiki Logo Challenge

by Giuseppe Vallarelli

I appreciate: - Proposal 7 by Sorana Secu, it communicates the idea of collaboration(see X) - I don't like the choice of colours. - Proposal 15 by Vishal Battula, it communicates a feeling of joy and it's easy to remember. - I like the font and colour choices made by Ecaterina(proposal 1-2). I think that the idea of collaboration is suggested by the word Wiki, then my vote goes to Proposal 15 but I think we can adopt the font and colours picked by Ecaterina, if it's possible to make a merge :D. Giuseppe.

15 years, 6 months

1
0
0 0

[xwiki-devs] [ANN] XWiki Office 1.1 RC1 Released

by Florin Ciubotaru

The XWiki development team is pleased to announce the release of XWiki Office 1.1 RC1 Go grab it athttp://www.xwiki.org/xwiki/bin/view/Main/Download#HXWiki20Office All active XOffice 1.1 instances will be automatically updated to the current RC1 version. Main changes from version 1.1 M2: * document compare and conflict resolution * more consistent document versioning * more bug fixes For more information about this release see the release notes at: http://www.xwiki.org/xwiki/bin/view/Main/ReleaseNotesXOffice11RC1 For more information about XOffice visit: http://xoffice.xwiki.org/xwiki/bin/view/Main/WebHome Thanks -The XWiki dev team

15 years, 6 months

1
0
0 0

Re: [xwiki-devs] [Proposal] XWiki.org horizontal navigation + home page

by Giuseppe Vallarelli

Hi all :), I'm following this discussion about XWiki homepage redesign. I have to say that I like much the second proposal made by Ecaterina here.<http://incubator.myxwiki.org/xwiki/bin/view/Improvements/XWikiOrgProposal2>I want to give just an idea for the "fat" footer, I don't know if this has been discussed but I think (imho) that fat footer should be displayed when a user want more information about (community, project, or something else) I think an example explains better, look at kde.org if you want more information about some topic in the tab bar, you go with cursor there and it shows more details; as vincent said it seems like a duplication of information in the upper part, and footer. I found this resoruce about web design that could be useful: webStyleGuide<http://www.webstyleguide.com/wsg3/index.html> . Giuseppe.

15 years, 6 months

1
0
0 0

[xwiki-devs] [Proposal] XWiki.org horizontal navigation + home page

by Vincent Massol

Hi there, I'd like to start a overhaul of the xwiki.org home page + a first level navigation overhaul. Today: * Home page = list the different products * First level nav = the ecosystem panel Problems: * We now have a single product: XE and all the others are actually modules that plugin into the main products. Hence we shouldn't focus on other products so much IMO. * I'd like to view xwiki.org as a forge of projects. Today our top level projects are the ones listed here: http://svn.xwiki.org/svnroot/xwiki/ * The main page should be more dynamic and show some news and activity instead of being static * People are confused by the top level navigation vs the second level one because they both use panels and it's not easy to differentiate them Proposal: * Use a horizontal top level navigation with the following items (from left to right): - Overview or Home (the main page) - Platform - Projects (when clicked will list all top level projects) - We could have the list of subproject available as submenu items too (as it's done on http://jboss.org/) - Support (when clicked will explain the various ways to get support including mailing list/forum, irc/jabber, FAQ & listing companies offering commercial support) - Contribute or Community (when clicked we'll get dev.xwiki.org) - Playground This means that the panels on the right will become the second level navigation and the content will depend completely on where you are on the site. * Have some facilities links in the header on the right: - News - Downloads (as a visible button maybe) * On the home page: - Have a nice diagram of the xwiki platform that shows how XE, XE modules are positioned on the platform so that people understand right away that xwiki is a collaborative web dev platform - Have a Highlight box with XE so that users looking for a full- fledged wiki can quickly see it and click on it + maybe one featured screenshot of an entry from the References page that would be different every time the page is refreshed (this could encourage people to add references + provide a link to the references directly) - Have a Featured project box and list 3-4 featured projects (XE, XEM, XEclipse, XOffice for ex to start with) - Have some news: -- latest 5 blog post titles -- latest 5 code zone additions (all snippet, plugins, macro, apps, etc included) -- latest 5 mailing list threads subjects (with links to our nabble forum) We could not have any second level navigation for the home page in order to have more space for displaying the elements above. WDYT? If/when we're ok in term of content maybe Cati (or anyone interested) could provide some mockups of what it could look like. Thanks -Vincent PS: Let's not get bogged down with details at this point. I think what's important is to make progress and refine later on. What's important is that we agree on the broad lines at this stage.

15 years, 6 months

10
49
0 0

[xwiki-devs] Escape string assigned to a JavaScript variable from Velocity

by Marius Dumitru Florea

Hi devs, I have this code: var content = '$content'; I need to escape the string before it is written to the response because otherwise the JavaScript code can be easily messed up. Is there any utility function/macro in the platform that I can use for this purpose? I couldn't find anything so I wrote a small velocity macro: #** * Escapes the given velocity string before it is assigned to a JavaScipt variable. * The following characters are escaped: \, ", ' and \n. * * @param $string the string to be escaped for JavaScript *# #macro(escapeForJavaScript $string)$!{string.replace('\', '\\').replace('"', '\"').replace("'", "\'").replace("\u000D\u000A", "\u000A").replace("\u000A", '\n')}#end This code can be optimized in Java by traversing the string only once. Should I add a $util.escapeForJS method or the velocity macro to the platform? Thanks, Marius

15 years, 6 months

2
2
0 0

Re: [xwiki-devs] [xwiki-notifications] r27933 - in enterprise/trunk/distribution-test/wysiwyg-tests/src/test/it/com/xpn/xwiki/it/selenium: . framework

by Sergiu Dumitriu

On 03/25/2010 07:07 PM, mflorea (SVN) wrote: > Author: mflorea > Date: 2010-03-25 19:07:15 +0100 (Thu, 25 Mar 2010) > New Revision: 27933 > > Modified: > enterprise/trunk/distribution-test/wysiwyg-tests/src/test/it/com/xpn/xwiki/it/selenium/StandardFeaturesTest.java > enterprise/trunk/distribution-test/wysiwyg-tests/src/test/it/com/xpn/xwiki/it/selenium/framework/AbstractWysiwygTestCase.java > Log: > XWIKI-5036: WYSIWYG editor doesn't display when creating a document named #"&?\194?\167-_\ > > > Modified: enterprise/trunk/distribution-test/wysiwyg-tests/src/test/it/com/xpn/xwiki/it/selenium/StandardFeaturesTest.java > =================================================================== > --- enterprise/trunk/distribution-test/wysiwyg-tests/src/test/it/com/xpn/xwiki/it/selenium/StandardFeaturesTest.java 2010-03-25 18:06:41 UTC (rev 27932) > +++ enterprise/trunk/distribution-test/wysiwyg-tests/src/test/it/com/xpn/xwiki/it/selenium/StandardFeaturesTest.java 2010-03-25 18:07:15 UTC (rev 27933) > @@ -635,4 +635,21 @@ > switchToSource(); > assertSourceText("x"); > } > + > + /** > + * @see XWIKI-5036: WYSIWYG editor doesn't display when creating a document named #"&§-_\ > + */ > + public void testEditPageWithSpecialSymbolsInName() > + { > + clickEditCancelEdition(); > + clickLinkWithLocator("tmCreatePage"); > + waitPage(); All source files should contain only ASCII chars. § is not ASCII, IIRC it's \u00A7 > + setFieldValue("page", "#\"&§-_\\"); > + getSelenium().click("//input[@value = 'Create']"); > + waitPage(); > + waitForEditorToLoad(); > + typeText("This is a test"); > + clickEditPreview(); > + assertTextPresent("This is a test"); > + } > } > -- Sergiu Dumitriu http://purl.org/net/sergiu/

15 years, 6 months

2
1
0 0

[xwiki-devs] [ANN] XWiki Enterprise 2.3 Milestone 1 Released

by Jean-Vincent Drean

The XWiki development team is pleased to announce the release of XWiki Enterprise 2.3 Milestone 1. Go grab it at http://www.xwiki.org/xwiki/bin/view/Main/Download This is first milestone of the XWiki Enterprise 2.3 version. Main changes from 2.2.3: * New annotation feature * New color theme editor * Anonymous commenting with captcha * Lots of bugs fixes For more information see the Release notes at: http://www.xwiki.org/xwiki/bin/view/Main/ReleaseNotesXWikiEnterprise23M1 Thanks -The XWiki dev team

15 years, 6 months

1
0
0 0

[xwiki-devs] [VOTE] Introduce wiki related events

by Thomas Mortagne

Hi devs, Currently it's not really possible to know that a wiki as been deleted (there is possible hack based on wiki descriptor but it's not more than a hack). The direct issue with that is that anyone having a document based cache can't update it. One good example is Lucene, if you delete a wiki you will still have the related page in the Lucene index. It also means in a cluster that other instances will not know a wiki has been deleted and you can still find pages of this wiki in the documents cache of the other instances. I propose to create a WikiCreatedEvent (to be consistent, and we could use that to do some wiki initialization tasks) and WikiDeletedEvent events. WDYT ? Here is my +1. The related jira issue is http://jira.xwiki.org/jira/browse/XWIKI-3966 -- Thomas Mortagne

15 years, 6 months

5
6
0 0

[xwiki-devs] [Contrib] Added xwiki-portlet project to contrib/sandbox

by Marius Dumitru Florea

Hi devs, I just added a new project, xwiki-portlet, to contrib/sandbox. Its final target is to handle the integration of an XWiki Enterprise instance inside a JSR286 compatible portal. My current approach is to dispatch portlet requests from a portlet (DispatchPortlet) to an XWiki Enterprise instance running on the same context path. I use a servlet filter to catch these requests on the servlet side and to adjust them. I'm rewriting the XWiki URLs from the response, if content type is text/html, into portlet URLs so that the user can navigate through XWiki pages without leaving the portal. XWiki URLs are mapped to portlet URLs (action/render/resource) through configuration (e.g. /bin/download/ prefix is mapped to a resource request type). The current code is not well documented and there are no tests. It's more or less a proof of concept. I'm still investigating if the current approach covers all the use cases. In order to be able to fully integrate XWiki into a portal we must rewrite some of XWiki's UI to ensure it is isolated from the rest of the portal when in portlet mode. This implies: * making sure the CSS doesn't affect content outside of the XWiki container (the container needs to be defined) * namespacing HTML element ids * namespacing JavaScript global variables The last two points are required to allow two instances of the XWiki portlet to be present on the same portal page and have different state. Thanks, Marius

15 years, 6 months

1
0
0 0

[xwiki-devs] [VOTE] Release XE 2.3 Milestone 1

by Jean-Vincent Drean

Hi, Since it is now stable, I'd like to release XE 2.3 Milestone 1 tomorrow morning. Here's my +1. ps: there's one last functional test failing which will be fixed in a few minutes. Thanks. JV.

15 years, 6 months

5
4
0 0

[xwiki-devs] [Proposal] Add APIs to get and save document in the security context of the author of the script which called the function.

by Caleb James DeLisle

I'd like to make this change: Add to xwiki.api.Document saveAsAuthor() saveAsAuthor(String comment) saveAsAuthor(String connent, String isMinorEdit) deleteAsAuthor() Add to xwiki.api.XWiki getDocumentAsAuthor(DocumentReference reference) getDocumentAsAuthor(String fullName) I created an issue for it and posted a patch http://jira.xwiki.org/jira/browse/XWIKI-5041 http://jira.xwiki.org/jira/secure/attachment/16920/XWIKI-4952-CommentAddAct… The context user is momentarily switched to the content author of the document in the context before doing the action. I think the script editor should be responsible for the api method calls because they can only be called from script. I also see a lot of potential benefit in allowing a script to manipulate documents which it's viewers cannot save. I think this will reduce the amount of pages requiring programming rights. WDYT? Caleb

15 years, 6 months

2
2
0 0

Re: [xwiki-devs] [xwiki-notifications] r27821 - platform/core/branches/xwiki-core-2.2/xwiki-rendering/xwiki-rendering-api

by Sergiu Dumitriu

On 03/23/2010 04:36 PM, tmortagne (SVN) wrote: > Author: tmortagne > Date: 2010-03-23 16:36:20 +0100 (Tue, 23 Mar 2010) > New Revision: 27821 > > Modified: > platform/core/branches/xwiki-core-2.2/xwiki-rendering/xwiki-rendering-api/pom.xml > Log: > XWIKI-4984: Header ids are always the same ("H") with Chinese or any other language without any ASCII character. > * missing direct dependency > > Modified: platform/core/branches/xwiki-core-2.2/xwiki-rendering/xwiki-rendering-api/pom.xml > =================================================================== > --- platform/core/branches/xwiki-core-2.2/xwiki-rendering/xwiki-rendering-api/pom.xml 2010-03-23 15:35:43 UTC (rev 27820) > +++ platform/core/branches/xwiki-core-2.2/xwiki-rendering/xwiki-rendering-api/pom.xml 2010-03-23 15:36:20 UTC (rev 27821) > @@ -39,6 +39,11 @@ > <artifactId>commons-lang</artifactId> > </dependency> > <dependency> > +<groupId>commons-httpclient</groupId> > +<artifactId>commons-httpclient</artifactId> The version is not needed, it's defined in the root pom. Not specifying it here will make it easier to upgrade in the future. > +<version>3.1</version> > +</dependency> > +<dependency> > <groupId>org.xwiki.platform</groupId> > <artifactId>xwiki-core-xml</artifactId> > <version>${pom.version}</version> -- Sergiu Dumitriu http://purl.org/net/sergiu/

15 years, 6 months

2
1
0 0

[xwiki-devs] [Vote] Use scpexe instead of scp for maven deployments

by Florin Ciubotaru

Hi, We're now setting up the windows build agent for hudson. In order to make deployments from windows machines we need to switch the protocol from scp to scpexe. The local machines needs to declare the ssh and scp tools configuration in maven's settings.xml. Windows tools like putty and pscp are not properly configured when the protocol is set to scp. The deployment protocol is specified in our parrent pom. Eg: <distributionManagement> <site> <id>maven.xwiki.org</id> <url>scp://maven.xwiki.org/home/maven/public_html/site</url> </site> <repository> <id>maven.xwiki.org</id> <name>XWiki Maven2 Remote Repository for Releases</name> <url>scp://maven.xwiki.org/home/maven/public_html/releases</url> </repository> <snapshotRepository> <id>maven.xwiki.org</id> <name>XWiki Maven2 Development Repository for Snapshots</name> <url>scp://maven.xwiki.org/home/maven/public_html/snapshots</url> </snapshotRepository> </distributionManagement> WDYT about changing this? Thanks, Florin Ciubotaru

15 years, 6 months

5
13
0 0

Re: [xwiki-devs] [xwiki-notifications] r27798 - platform/web/trunk/standard/src/main/webapp/resources/uicomponents/widgets/validation

by Sergiu Dumitriu

On 03/23/2010 05:19 AM, cjdelisle (SVN) wrote: > Author: cjdelisle > Date: 2010-03-23 05:19:38 +0100 (Tue, 23 Mar 2010) > New Revision: 27798 > > Modified: > platform/web/trunk/standard/src/main/webapp/resources/uicomponents/widgets/validation/livevalidation.css > Log: > XWIKI-5038: With Toucan skin, LiveValidation borders cause text below a field to shift when field is clicked on. - Removed field borders from stylesheet. This change means that upgrading to a future version will be harder. So, the question is: Do we override the style in our own skins, causing bigger files, but keeping it simple to upgrade in the future, or do we fully adopt LiveValidation and hack it as much as we want, improving it even further? Personally I vote for the second. > > Modified: platform/web/trunk/standard/src/main/webapp/resources/uicomponents/widgets/validation/livevalidation.css > =================================================================== > --- platform/web/trunk/standard/src/main/webapp/resources/uicomponents/widgets/validation/livevalidation.css 2010-03-23 00:30:42 UTC (rev 27797) > +++ platform/web/trunk/standard/src/main/webapp/resources/uicomponents/widgets/validation/livevalidation.css 2010-03-23 04:19:38 UTC (rev 27798) > @@ -10,20 +10,4 @@ > .LV_invalid { > color:#CC0000; > } > - > -.LV_valid_field, > -input.LV_valid_field:hover, > -input.LV_valid_field:active, > -textarea.LV_valid_field:hover, > -textarea.LV_valid_field:active { > - border: 1px solid #00CC00; > -} > - > -.LV_invalid_field, > -input.LV_invalid_field:hover, > -input.LV_invalid_field:active, > -textarea.LV_invalid_field:hover, > -textarea.LV_invalid_field:active { > - border: 1px solid #CC0000; > -} > -- Sergiu Dumitriu http://purl.org/net/sergiu/

15 years, 6 months

2
2
0 0

[xwiki-devs] [Proposal] Add api to allow scripts choose with the permission of their author.

by Caleb James DeLisle

Right now a script which is saved with programming access is allowed to do things which the viewer (who executes it) is not allowed to do. I would like to extend this to scripts which do not have programming access. Use case example: A page where the viewer can submit an email address to be put on a mailing list. The page needs to be able to save the email address to a list but the viewer should not be able to directly edit (or view) the list. I would like to add to xwiki.api.Context: void setScriptUser(String) String getScriptUser() (These names are the best I could think of, suggestions would be great) the input can be either "viewer", "author" or "default" and it stores this in the XWikiContext If the value is set to author, hasAccessLevel will return an access check on the author, not the viewer. When includeForm is called, or the include macro is invoked, the only explicit change is that changes made by the called document will be reset when the include ends. If scrips are set to run with author's permissions: If DocumentA includes documentB, documentB executes with documentB's author's permissions. If DocumentA includes _in context_ documentB, documentB executes with documentA's author's permissions. When include of documentB ends, scriptUser is set back to the value which documentA left it at. I think this will help us achieve the goal of no documents with programming rights in the XE xar file. WDYT? Caleb

15 years, 6 months

4
16
0 0

[xwiki-devs] Don't want the TODO Class and its clone share data entries

by jackyork

I have Todo class installed. The Todo class is downloaded from xwiki.org. By default it is shared by everyone. Now our department wants a public TODO for everyone and a "private" TODO for each group at our department. I cloned the TODO class to in every space. But I found if I input an entry in SpaceA.Todo, all other SpaceX.Todo show this entry. How to keep the entry in SpaceA.Todo only and not to share it among all clones? -- View this message in context: http://n2.nabble.com/Don-t-want-the-TODO-Class-and-its-clone-share-data-ent… Sent from the XWiki- Dev mailing list archive at Nabble.com.

15 years, 6 months

1
1
0 0

[xwiki-devs] PropertyClass questions

by Hugh Hulme

Hi, me again :) Firstly, thank you for your help so far - it is hugely appreciated. On to the question: I searched xwiki.org for PropertyClass and found only release notes. I'm looking for a way to determine if a value has been entered into a text field, so that I can omit the entire section from the sheet if it's empty. First I guessed that there would be a length() property on a string, but was unsuccessful. Then I guessed from the VTL Reference & User Guide that I might be able to use size(), if a string was actually a char[], but was disappointed. Any clues? Thanks again, - Hugh

15 years, 6 months

3
4
0 0

Re: [xwiki-devs] [foaf-protocols] DNSSEC update and client side certificates

by Story Henry

Thanks a lot Dan for the feedback. It is very helpful for us to understand where things are going on the DNS front, as this is a core technology we are building on. Here is how I see the DNSSEC and the foaf+ssl stories converging. DNSSEC solves the DNS security problem in a delegated fashion. As you say it is a bootstrapper. As it is deployed the trust we can have in domain names, and hence in URLs will grow dramatically. Not only will we be sure that we are talking to the right machine (ip address to be correct), but it will be easier for people to deploy secure endpoints such as https. Foaf+SSL builds on that to create a web of trust for agents. It is worth considering the difference between foaf+ssl and PGP, since you mention it below. PGP ties the identifier (an email address usually) to a public key. There is not 1 PGP keyserver: there are many. These need to be synchronised somehow, and can easily get out of date. If you feel like your private key has fallen in the wrong hands, you need to notify all key servers. Furthermore your PGP web of trust is completely public. People can 20 years later look at the relations of who signed whose key to determine who knew whom. And there is no way of removing a relationship. FOAF+SSL on the other hand ties a public key to a WebId (a URL), which is tied to a machine via DNS and soon DNSSEC. The key server is the web, which is based on the internet, which is based on DNS. So we get all the good properties of DNS. If your private key is compromised, you just need to update the information at your WebId, and remove the public key information there. Updating the foaf+ssl key server is as easy as updating a web page - and this is even more true now that the RDFa spec has been blessed by the W3C. So one of my WebIds is http://bblfish.net/#hjs, which tied to a web page. Secondly you can protect who can see the relations in your web of trust. You could allow only friends to have access to your friend relations using HTTP access control. If you discover that someone you thought was trustworthy no longer is, you can just remove them from your Foaf profile. Again that is as simple as editing a web page. (try hunting down all the people whose PGP profile you signed :-) So FOAF+SSL gives us a web of trust but built on the most powerful naming system (key server) in existence: the web. The web is built on DNS, which is has 25 years of successful delegation, and with DNSSEC will give us another century :-) Even better foaf+ssl uses X.509 which thanks to your work is going to end up being secure. Even better we don't rely on the CA signing part of X.509 which was used to 'secure' servers, and so we don't suffer from the race to the bottom you describe so well in your talks. In any case CA's never really attempted to certify people. That would have been practically and legally infeasible. So it seems to me that FOAF+SSL and DNSSEC are perfectly complementary. Of course we still have to prove our case, and we have work to do building a lot more cool demos to show how it can work... This is what we are buisy doing now. Thanks again for your very helpful feedback. Sincerely, Henry Story On 20 Mar 2010, at 23:17, Dan Kaminsky wrote: > My critiques against X.509 come down to the fact that it's just not a > very good way to delegate trust. The roots are all equal and the > constraints don't work reliably. > > DNS has 25 years of successful delegation. It has one root and it's > constraint system is very well designed. DNSSEC simply inherits this, > and adds crypto. > > There is a significant question for DNSSEC, which is what do we put in > DNS now that we have a way to bootstrap trust? > > Certs? > Cert fingerprints? > Public keys? > Public key fingerprints? > > There are arguments for each. I'm leaning towards cert fingerprints > right now, but haven't entirely decided. DNS is not a high bandwidth > channel, it's a bootstrapper. So that's a constraint. Keeping > appcompat with existing X.509 architectures -- making DNSSEC an > exclusionary 'uber-root' -- has serious value too. > > One thing I should make clear is I see value to the CA's. > Specifically, EV is the only way I see to overlay a closed, branded > namespace on top of DNS. This is a big deal. > > The thing I want to make clear is that I am not a big fan of > distributed trust systems. I tend to see them unable to scale. I am > however even less a fan of tightly centralized trust systems. The > central provider doesn't even need to be malicious, just overburdened. > PGP doesn't work, not with web of trust and not with keyservers whose > records are constantly getting out of date. > > Delegation works well, but only if the root of the delegation is > trustworthy. Well, the corollary to so many things breaking if DNS is > hacked, is that we really, really invest a lot of trust in the root > already. You guys know the old quote, a CA is only as strong as the > money it refuses to take? > > The root, as an element of be state system, is an element of the > system that makes money itself. It's bureaucratic as all get out and > this is not a bug, but a feature. Its intransigence is a useful > defensive bulwark with no peer. > > > > > On Mar 20, 2010, at 2:44 PM, Henry Story <henry.story(a)gmail.com> wrote: > >> Hi, >> >> Here are two issues with X509 that were hindrances for a solution >> like foaf+ssl to be deployed, but which can and are being fixed: >> >> 1. Client Side Certificate selection >> ------------------------------------ >> >> Browsers currently do a very bad job of allowing the user to choose >> his certificate (Safari being the absolute worse). As a result I >> posted "Firefox Hackers Needed" >> >> http://bit.ly/cQ5f48 >> >> earlier this week. @snej who is working at Google put up a picture >> of a solution for this in Chrome using a foaf+ssl certificate >> created by http://webid.myxwiki.org/ >> >> http://bit.ly/azCXTU >> >> Vote for it! >> >> 2. Server side certificates >> --------------------------- >> >> One factor that people mention often with foaf+ssl is that the >> server has to have his own certificate. This means registration with >> a CA which is costly and tedious and it does not really solve the >> problems of server authentication as Dan Kaminsky shows ruthlessly >> in "Black Ops of PKI" http://bit.ly/4Uwb2K . >> >> To summarise his talk, server security is in a double bind: >> >> 1- Dan Kaminsky's DNS poisoning attack which is very well explained >> by Rick Van Rein's presentation "Cracking Internet: the urgency of >> DNSSEC" ( http://bit.ly/2darr8 view with FFox > 3.5 as it uses ogg >> video) means that a DNS easily be hacked in 6 weeks, and a lot of >> money poured into the wrong people's pockets. So there is a >> financial incentive to break DNS. >> >> 2. The solution of using https with X.509 public key cryptography's >> backing cannot work because there is a race to the bottom in the way >> CA's issue certificates. For enough money it is not that difficult >> to become God and to pretend you are anyone. >> >> Given the above DNSsec has become urgent enough, that it is being >> deployed. >> >> - verisign will put .com in July http://bit.ly/dyd54E >> - .org will be available in June http://bit.ly/abEJ28 >> - .gov went dnssec in March 2009 http://bit.ly/bH27b0 >> - The root will be signed July 2010 http://bit.ly/9YQMDJ >> - a map of dnssec deployment http://www.xelerance.com/dnssec/ >> >> So listening to Dan Kaminsky you would think that he is against >> X509. Well certainly it could be improved a lot, but he is not quite >> as negative as one may think. X.509 with DNSsec seems to be >> something he thinks can work. >> >> What he told me after his CCC and HAR talks and what you can see in >> the last few minutes of the HAR talk "X509 considered Harmful" http://bit.ly/2darr8 >> is that once DNS is secure one could put the X509 (self signed >> even) certs into the DNS records. This would bypass the need for >> CAs. [ I hope I understood him correctly ]. I am not sure what needs >> to be done to make this possible with the browser vendors, but it >> would massively improve security on the web. >> >> As a result I have fait that the global situation on the internet >> will only make foaf+ssl solutions easier and more secure to deploy, >> enabling a completely distributed social network to emerge, free and >> without the spying, as Eben Moglen author of the GPL said so well >> recently http://bit.ly/brQmJz >> >> Henry >> >> >> Social Web Architect >> http://bblfish.net/

15 years, 6 months

2
1
0 0

[xwiki-devs] XE 2.3M1 release preparation

by Vincent Massol

Hi, We've slipped badly for the 2.3M1 release (my fault for not monitoring it closely enough). It was planned on the 8th of March and we're the 15th already (one week delay). The other problem is that we don't have what we had imagined would go in 2.3M1 (color theme improvement for ex). Right now there are lots of changes but nothing really user-noticeable. So I'd suggest the following: * Delay by a few days in order to be able to include: - color theme improvement. Sergiu you need to tell us if that's doable and for when. - captcha on comments. Caleb, let us know if that's all done or if there's need for more testing/development. Bonus: - Anca, will it be possible to have annotations released for 2.3M1 (ie now)? How much more time would you need? Thanks -Vincent

15 years, 6 months

7
21
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

xwiki-devs