diff --git a/src/main/java/org/olat/admin/AdminModuleDispatcher.java b/src/main/java/org/olat/admin/AdminModuleDispatcher.java
index ced3c8502198b7220b2c100901eaf1afff4a96ca..9225b47a48859a4f434ba50fd1d84a6fa4f89ea8 100644
--- a/src/main/java/org/olat/admin/AdminModuleDispatcher.java
+++ b/src/main/java/org/olat/admin/AdminModuleDispatcher.java
@@ -47,29 +47,26 @@ import org.olat.core.util.session.UserSessionManager;
*/
public class AdminModuleDispatcher implements Dispatcher {
- private final static String PARAMETER_CMD = "cmd";
- private final static String PARAMETER_MSG = "msg";
- private final static String PARAMETER_MAX_MESSAGE = "maxsessions";
- private final static String PARAMETER_NBR_SESSIONS = "nbrsessions";
- private final static String PARAMETER_SESSIONTIMEOUT ="sec";
+ private static final String PARAMETER_CMD = "cmd";
+ private static final String PARAMETER_MSG = "msg";
+ private static final String PARAMETER_MAX_MESSAGE = "maxsessions";
+ private static final String PARAMETER_NBR_SESSIONS = "nbrsessions";
+ private static final String PARAMETER_SESSIONTIMEOUT ="sec";
- private final static String CMD_SET_MAINTENANCE_MESSAGE = "setmaintenancemessage";
- private final static String CMD_SET_INFO_MESSAGE = "setinfomessage";
- private final static String CMD_SET_LOGIN_BLOCKED = "setloginblocked";
- private final static String CMD_SET_LOGIN_NOT_BLOCKED = "setloginnotblocked";
- private final static String CMD_SET_MAX_SESSIONS = "setmaxsessions";
- private final static String CMD_INVALIDATE_ALL_SESSIONS = "invalidateallsessions";
- private final static String CMD_INVALIDATE_OLDEST_SESSIONS = "invalidateoldestsessions";
- private final static String CMD_SET_SESSIONTIMEOUT = "sessiontimeout";
+ private static final String CMD_SET_MAINTENANCE_MESSAGE = "setmaintenancemessage";
+ private static final String CMD_SET_INFO_MESSAGE = "setinfomessage";
+ private static final String CMD_SET_LOGIN_BLOCKED = "setloginblocked";
+ private static final String CMD_SET_LOGIN_NOT_BLOCKED = "setloginnotblocked";
+ private static final String CMD_SET_MAX_SESSIONS = "setmaxsessions";
+ private static final String CMD_INVALIDATE_ALL_SESSIONS = "invalidateallsessions";
+ private static final String CMD_INVALIDATE_OLDEST_SESSIONS = "invalidateoldestsessions";
+ private static final String CMD_SET_SESSIONTIMEOUT = "sessiontimeout";
-
- /**
- * @see org.olat.core.dispatcher.Dispatcher#execute(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
+
@Override
public void execute(HttpServletRequest request, HttpServletResponse response) {
String cmd = request.getParameter(PARAMETER_CMD);
- if (cmd.equalsIgnoreCase(CMD_SET_MAINTENANCE_MESSAGE) || cmd.equalsIgnoreCase(CMD_SET_INFO_MESSAGE)) {
+ if (CMD_SET_MAINTENANCE_MESSAGE.equalsIgnoreCase(cmd) || CMD_SET_INFO_MESSAGE.equalsIgnoreCase(cmd)) {
handleSetMaintenanceOrInfoMessage(request, response, cmd);
} else {
if (CoreSpringFactory.getImpl(AdminModule.class).checkSessionAdminToken(request)) {
@@ -182,7 +179,4 @@ public class AdminModuleDispatcher implements Dispatcher {
DispatcherModule.sendForbidden(request.getPathInfo(), response);
}
}
-
-
-
}
diff --git a/src/main/java/org/olat/core/gui/components/link/LinkRenderer.java b/src/main/java/org/olat/core/gui/components/link/LinkRenderer.java
index 054876e7a553e6233070e3384a7218ab9f75d46d..7792f1710deffc08849dc4f080c9b63f770327c6 100644
--- a/src/main/java/org/olat/core/gui/components/link/LinkRenderer.java
+++ b/src/main/java/org/olat/core/gui/components/link/LinkRenderer.java
@@ -323,7 +323,9 @@ public class LinkRenderer extends DefaultComponentRenderer {
try(StringOutput href = new StringOutput()) {
LinkPopupSettings popup = link.getPopup();
ubu.buildURI(href, new String[] { VelocityContainer.COMMAND_ID }, new String[] { command }, null, AJAXFlags.MODE_NORMAL);
- sb.append("href=\"javascript:;\" onclick=\"o_openPopUp('").append(href).append("','")
+ boolean hasUrl = StringHelper.containsNonWhitespace(link.getUrl());
+ String hrefUrl = hasUrl ? link.getUrl() : "javascript:;";
+ sb.append("href=\"").append(hrefUrl).append("\" onclick=\"o_openPopUp('").append(href).append("','")
.append(popup.getTarget()).append("',").append(popup.getWidth())
.append(",").append(popup.getHeight()).append("); return false;\" ");
} catch(IOException e) {
diff --git a/src/main/java/org/olat/core/servlets/StaticServlet.java b/src/main/java/org/olat/core/servlets/StaticServlet.java
index 43b77cdba4a6a288c24c05907ad3ecf8872c75a5..319696843b400967df81ce3b18e1b9a798d1576a 100644
--- a/src/main/java/org/olat/core/servlets/StaticServlet.java
+++ b/src/main/java/org/olat/core/servlets/StaticServlet.java
@@ -107,7 +107,7 @@ public class StaticServlet extends HttpServlet {
// version provided - remove it
int start = pathInfo.indexOf("/", 2);
int end = pathInfo.length();
- if(start <= end) {
+ if(start >= 2 && start <= end) {
String staticRelPath = pathInfo.substring(start, end);
String normalizedRelPath = ServletUtil.normalizePath(staticRelPath);
if (normalizedRelPath == null) {
@@ -170,7 +170,7 @@ public class StaticServlet extends HttpServlet {
}
}
// log as error, file exists but wrongly mapped
- log.warn("File exists but not mapped using version - use StaticMediaDispatch methods to create URL of static files! invalid URI::" + request.getRequestURI());
+ log.warn("File exists but not mapped using version - use StaticMediaDispatch methods to create URL of static files! invalid URI::{}", request.getRequestURI());
}
}
diff --git a/src/main/java/org/olat/course/config/ui/_i18n/LocalStrings_de.properties b/src/main/java/org/olat/course/config/ui/_i18n/LocalStrings_de.properties
index 884dc5b74b4499bc314b6c4dd6dea90da8db9fc1..390c8c5e2d77c1b43b05be503d4d21ebd273b92b 100644
--- a/src/main/java/org/olat/course/config/ui/_i18n/LocalStrings_de.properties
+++ b/src/main/java/org/olat/course/config/ui/_i18n/LocalStrings_de.properties
@@ -26,7 +26,7 @@ chkbx.glossary.inverse.explain=Glossar Menu in Toolbar muss unter "Toolbar" konf
chkbx.glossary.onoff=Glossar
chkbx.search.onoff=Kurssuche
chkbx.menu.onoff=Menu sichtbar f\u00FCr Teilnehmer und Betreuer
-chkbx.participantinfo.onoff=Teilnehmer Infos
+chkbx.participantinfo.onoff=Teilnehmerinfos
chkbx.participantlist.onoff=Teilnehmerliste
chkbx.toolbar.explain=Werkzeuge in Toolbar aktivieren:
chkbx.toolbar.onoff=Toolbar sichtbar f\u00FCr Teilnehmer
diff --git a/src/main/java/org/olat/course/run/CourseRuntimeController.java b/src/main/java/org/olat/course/run/CourseRuntimeController.java
index 8263206fe662a5c9c95ab0227ec7dc145de89c9a..cd939d1abd6c1fe92d992e73c7b7278499528600 100644
--- a/src/main/java/org/olat/course/run/CourseRuntimeController.java
+++ b/src/main/java/org/olat/course/run/CourseRuntimeController.java
@@ -885,6 +885,8 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
if (calendarIsEnabled && userCourseEnv != null) {
calendarLink = LinkFactory.createToolLink("calendar",translate("command.calendar"), this, "o_icon_calendar");
calendarLink.setPopup(new LinkPopupSettings(950, 750, "cal"));
+ calendarLink.setUrl(BusinessControlFactory.getInstance()
+ .getAuthenticatedURLFromBusinessPathStrings(businessPathEntry, "[Calendar:0]"));
calendarLink.setVisible(cc.isCalendarEnabled());
toolbarPanel.addTool(calendarLink);
}
@@ -1316,6 +1318,10 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
if (forumLink != null && forumLink.isVisible()) {
doForum(ureq);
}
+ } else if("Calendar".equalsIgnoreCase(type)) {
+ if (calendarLink != null && calendarLink.isVisible()) {
+ doCalendar(ureq);
+ }
} else if("Documents".equalsIgnoreCase(type)) {
if (documentsLink != null && documentsLink.isVisible()) {
activateSubEntries(ureq, doDocuments(ureq), entries);
@@ -2060,7 +2066,7 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
currentToolCtr = emailCtrl;
} else {
delayedClose = Delayed.email;
- };
+ }
}
private BlogToolController doBlog(UserRequest ureq) {
@@ -2130,6 +2136,27 @@ public class CourseRuntimeController extends RepositoryEntryRuntimeController im
return null;
}
+ /**
+ * Open the calendar as sub-controller.
+ *
+ * @param ureq The user request
+ * @return The calendar controller
+ */
+ private CourseCalendarController doCalendar(UserRequest ureq) {
+ OLATResourceable ores = OresHelper.createOLATResourceableType("Calendar");
+ WindowControl swControl = addToHistory(ureq, ores, null);
+ CourseCalendarController calendarController = new CourseCalendarController(ureq, swControl, getUserCourseEnvironment());
+ pushController(ureq, translate("command.calendar"), calendarController);
+ setActiveTool(calendarLink);
+ currentToolCtr = calendarController;
+ return calendarController;
+ }
+
+ /**
+ * Open the course calendar as popup.
+ *
+ * @param ureq The user request
+ */
private void launchCalendar(UserRequest ureq) {
ControllerCreator ctrlCreator = (lureq, lwControl) -> {
ICourse course = CourseFactory.loadCourse(getRepositoryEntry());
diff --git a/src/main/java/org/olat/modules/webFeed/dispatching/FeedMediaDispatcher.java b/src/main/java/org/olat/modules/webFeed/dispatching/FeedMediaDispatcher.java
index 7e013b8f5547041db116261db0e2a06fccf55379..f45c717b478b869cd958c55d4636dde65df030b6 100644
--- a/src/main/java/org/olat/modules/webFeed/dispatching/FeedMediaDispatcher.java
+++ b/src/main/java/org/olat/modules/webFeed/dispatching/FeedMediaDispatcher.java
@@ -166,7 +166,7 @@ public class FeedMediaDispatcher implements Dispatcher, GenericEventListener {
try {
validatedUriCache.remove(key);
} catch (Exception e) {
- log.info("Cannot remove this key: " + key);
+ log.info("Cannot remove this key: {}", key);
}
}
}
@@ -186,6 +186,11 @@ public class FeedMediaDispatcher implements Dispatcher, GenericEventListener {
} catch(NumberFormatException nfe) {
//
}
+
+ if(requestedPath == null || requestedPath.length() == 0) {
+ DispatcherModule.sendBadRequest(request.getRequestURI(), response);
+ return;
+ }
Path path = null;
try {
diff --git a/src/main/java/org/olat/restapi/repository/course/CoursesWebService.java b/src/main/java/org/olat/restapi/repository/course/CoursesWebService.java
index c0b84c7c3e90f2a39db9a1bf1ba438f77fbba714..668271dea0c88449cef74fa7f0b8195d24d1dbc2 100644
--- a/src/main/java/org/olat/restapi/repository/course/CoursesWebService.java
+++ b/src/main/java/org/olat/restapi/repository/course/CoursesWebService.java
@@ -513,7 +513,7 @@ public class CoursesWebService {
OLATResource originalOres = olatResourceManager.findResourceable(src.getOlatResource());
boolean isAlreadyLocked = handlerFactory.getRepositoryHandler(src).isLocked(originalOres);
LockResult lockResult = handlerFactory.getRepositoryHandler(src).acquireLock(originalOres, ureq.getIdentity());
-
+
if(lockResult == null || (lockResult != null && lockResult.isSuccess()) && !isAlreadyLocked) {
//create new repo entry
String name;
@@ -601,6 +601,8 @@ public class CoursesWebService {
repositoryManager.copyImage(src, preparedEntry);
ICourse course = prepareCourse(preparedEntry, shortTitle, longTitle, courseConfigVO);
handlerFactory.getRepositoryHandler(src).releaseLock(lockResult);
+
+ log.info(Tracing.M_AUDIT, "Create course {} from template {}", preparedEntry, src);
return course;
} else {
log.info("Course locked");
@@ -672,6 +674,7 @@ public class CoursesWebService {
? NodeAccessType.of(nodeAccessType)
: course.getCourseConfig().getNodeAccessType(); // default type
CourseFactory.initNodeAccessType(addedEntry, type);
+ log.info(Tracing.M_AUDIT, "Create course: {}", addedEntry);
return prepareCourse(addedEntry, shortTitle, longTitle, courseConfigVO);
} catch (Exception e) {
throw new WebApplicationException(e);
diff --git a/src/main/java/org/olat/user/ui/admin/lifecycle/UserAdminLifecycleConfigurationController.java b/src/main/java/org/olat/user/ui/admin/lifecycle/UserAdminLifecycleConfigurationController.java
index 1317b8e2eeb8b3f5c03b8d2322e144990f778c13..ea64d3eafcafa35fcc599ed414c1fc90c3501dba 100644
--- a/src/main/java/org/olat/user/ui/admin/lifecycle/UserAdminLifecycleConfigurationController.java
+++ b/src/main/java/org/olat/user/ui/admin/lifecycle/UserAdminLifecycleConfigurationController.java
@@ -170,7 +170,7 @@ public class UserAdminLifecycleConfigurationController extends FormBasicControll
private TranslationBundle initForm(String labelI18nKey, String textI18nKey, FormItemContainer formLayout) {
String text = translate(textI18nKey);
StaticTextElement viewEl = uifactory.addStaticTextElement("view." + counter++, labelI18nKey, text, formLayout);
- FormLink translationLink = uifactory.addFormLink("translate." + counter++, "translate", null, formLayout, Link.LINK);
+ FormLink translationLink = uifactory.addFormLink("translate." + counter++, "translation.edit", null, formLayout, Link.LINK);
TranslationBundle bundle = new TranslationBundle(textI18nKey, labelI18nKey, viewEl, translationLink);
translationLink.setUserObject(bundle);
return bundle;
diff --git a/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_de.properties b/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_de.properties
index e99014d6e61dc661ff7733e6bdd4ea479b926e54..0ba110225427eb127104ca8438a14168d7db7bbc 100644
--- a/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_de.properties
+++ b/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_de.properties
@@ -29,10 +29,10 @@ mail.before.deletion.body.label=Text Benachrichtigung
mail.before.deletion.subject=Konto wird gel\u00F6scht
mail.before.deletion.subject.label=Betreff Benachrichtigung
notification.noNews=Seit diesem Datum haben sich keine neue Benutzer angemeldet
-num.day.before.mail.deactivation=Anzhal Tage vor Mailbenachrichtigung
-num.day.before.mail.deletion=Anzhal Tage vor Mailbenachrichtigung
-num.inactive.day.deactivation=Anzhal Tage vor Deaktivierung
-num.inactive.day.deletion=Anzhal Tage vor L\u00F6schung
+num.day.before.mail.deactivation=Anzahl Tage vor Mailbenachrichtigung
+num.day.before.mail.deletion=Anzahl Tage vor Mailbenachrichtigung
+num.inactive.day.deactivation=Anzahl Tage vor Deaktivierung
+num.inactive.day.deletion=Anzahl Tage vor L\u00F6schung
overview.inactive.user=Deaktivierte Benutzer
overview.ready.to.delete.user=Bereits zu l\u00F6schen
overview.ready.to.inactivate.user=Benutzer ohne Aktivit\u00E4t
@@ -48,3 +48,4 @@ table.name.firstName=Vorname
table.name.lastName=Nachname
translate=\u00DCbersetzen
translate.title=\u00DCbersetzen "{0}"
+translation.edit=Bearbeiten
diff --git a/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_en.properties b/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_en.properties
index 7f56d05f424f5392d13d7a47f1fafb8117ee2b14..91e6d033147065696d7a176eaf037f59d4aa2118 100644
--- a/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_en.properties
+++ b/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_en.properties
@@ -48,3 +48,4 @@ table.name.firstName=Name
table.name.lastName=Last name
translate=Translate
translate.title=Translate "{0}"
+translation.edit=Edit
diff --git a/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_fr.properties b/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_fr.properties
index 012d00978b109b3cbf59d7b9ee67163b82453441..18c3706979345bcc8f89532943be0a3e3646a8a5 100644
--- a/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_fr.properties
+++ b/src/main/java/org/olat/user/ui/admin/lifecycle/_i18n/LocalStrings_fr.properties
@@ -48,3 +48,4 @@ table.name.firstName=Pr\u00E9nom
table.name.lastName=Nom
translate=Traduire
translate.title=Traduire "{0}"
+translation.edit=Éditer
diff --git a/src/main/webapp-tomcat/WEB-INF/web.xml b/src/main/webapp-tomcat/WEB-INF/web.xml
index f04c3db9f495858d4ec3cf4ff0a8e9d9fa3c55e3..fdb67bd02e09fb42f345f3ed64c2765f37d891e3 100644
--- a/src/main/webapp-tomcat/WEB-INF/web.xml
+++ b/src/main/webapp-tomcat/WEB-INF/web.xml
@@ -264,4 +264,13 @@
<exception-type>java.lang.Throwable</exception-type>
<location>/errors/error.html</location>
</error-page>
+
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name><strong>restricted methods</strong></web-resource-name>
+ <url-pattern>/*</url-pattern>
+ <http-method>TRACE</http-method>
+ </web-resource-collection>
+ <auth-constraint />
+ </security-constraint>
</web-app>