6 Nov
2014
6 Nov
'14
12:38 p.m.
It's also a lot better for performance since it means you groovy code
is built only once when it's registered.
On Thu, Nov 6, 2014 at 12:36 PM, Thomas Mortagne
<thomas.mortagne(a)xwiki.com> wrote:
If you want to stay with Groovy the cleanest is
probably to register
your groovy code logic and data as a script service component and then
call that script service (probably using Velocity) in the page where
the user have view right. The script service is registered once and
the user does not need to have view right of the page that contains it
for it to be executed (once registered it's just a Java Object from
XWiki point of view) so you can restrict access to that page.
See
http://extensions.xwiki.org/xwiki/bin/view/Extension/Create+a+component+usiā¦.
I would recommand to write this script service in Java since it's
easier to regsiter it (it's automatically registered) and also a lot
eaier to test and maintain but your choice.
On Thu, Nov 6, 2014 at 9:57 AM, Bryn Jeffries
<bryn.jeffries(a)sydney.edu.au> wrote:
--
Thomas Mortagne
I've written several scripts in Groovy that I
want to make available to other users, but some of them contain information that I
don't wish people to see (queries giving away schema details, connection passwords for
JDBC/LDAP, etc). As I understand it if a person is able to view a page in which code is
executed they are also able to see the source for that page. That being the case is there
a recommended approach to hiding some details from prying eyes?
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne