Re: [xwiki-users] How programming rights works in xwiki?

On 02/01/2012 06:37 AM, Edo Beutler wrote: Going further, without Programming Rights, scripts are limited to a strict set of APIs. It's practically "sandboxed" to a safe set of objects and methods that offer a limited functionality, respecting access rights. With Programming Rights you can execute a broader range of methods and you gain access to internal objects. From Velocity scripts you are still limited to a slightly larger number of objects, but you can access any data in the wiki without being restricted by access rights. But with Programming Rights you gain access to other scripting languages, not just Velocity, such as Groovy or Python, which allow access to any Java class/object/method, which lets you do stuff like System.exit(), connect to other databases, access the filesystem, execute other programs on the server. In Groovy you can write new classes, but you can't (easily) override existing classes. If you want to change existing Java code, you should compile your own .jar starting from the sources, modify them according to your needs, and then replacing the original jar with your modified version. Still, it's usually a bad practice to change existing classes. Most of the services offered by the platform can be changed to other implementations. For example, you shouldn't change XWikiAuthServiceImpl directly, but create a new class that inherits it, implement checkAuth (or any other method you want to override) as you want, compile it into a jar, then all you have to do is edit xwiki.cfg and set the name of your class in: xwiki.authentication.authclass=com.your.company.MyCustomAuthService -- Sergiu Dumitriu http://purl.org/net/sergiu/