From 89c93ce3f01fccb6ea6eeeb7ac63fbf08bcd4d3c Mon Sep 17 00:00:00 2001 From: Domenico Francesco Bruscino Date: Fri, 13 Nov 2020 18:46:56 +0100 Subject: [PATCH] ARTEMIS-2993 Sanitize artemis plugin console components --- .../webapp/plugin/js/components/addresses.js | 10 ++++++---- .../plugin/js/components/connections.js | 10 ++++++---- .../webapp/plugin/js/components/consumers.js | 20 +++++++++++-------- .../webapp/plugin/js/components/producers.js | 15 ++++++++------ .../webapp/plugin/js/components/queues.js | 10 ++++++---- .../webapp/plugin/js/components/sessions.js | 20 +++++++++++-------- 6 files changed, 51 insertions(+), 34 deletions(-) diff --git a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/addresses.js b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/addresses.js index 1ebf072bc9..6aa87c8c5c 100644 --- a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/addresses.js +++ b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/addresses.js @@ -56,7 +56,7 @@ var Artemis; .name; - function AddressesController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, pagination, artemisAddress) { + function AddressesController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, $sanitize, pagination, artemisAddress) { var ctrl = this; ctrl.pagination = pagination; var mbean = Artemis.getBrokerMBean(workspace, jolokia); @@ -116,7 +116,7 @@ var Artemis; { header: 'ID', itemField: 'id' }, { header: 'Name', itemField: 'name' }, { header: 'Routing Types', itemField: 'routingTypes' }, - { header: 'Queue Count', itemField: 'queueCount' , templateFn: function(value, item) { return '' + value + '' }} + { header: 'Queue Count', itemField: 'queueCount' , templateFn: function(value, item) { return '' + $sanitize(value) + '' }} ]; ctrl.refresh = function () { @@ -141,7 +141,8 @@ var Artemis; ctrl.filter.values.value = artemisAddress.address.address; } - selectQueues = function (address) { + selectQueues = function (idx) { + var address = ctrl.addresses[idx].name; Artemis.log.debug("navigating to queues:" + address) artemisAddress.address = { address: address }; $location.path("artemis/artemisQueues"); @@ -201,6 +202,7 @@ var Artemis; var data = JSON.parse(response.value); ctrl.addresses = []; angular.forEach(data["data"], function (value, idx) { + value.idx = idx; ctrl.addresses.push(value); }); ctrl.pagination.page(data["count"]); @@ -211,7 +213,7 @@ var Artemis; ctrl.pagination.load(); } - AddressesController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', 'pagination', 'artemisAddress']; + AddressesController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', '$sanitize', 'pagination', 'artemisAddress']; })(Artemis || (Artemis = {})); \ No newline at end of file diff --git a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/connections.js b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/connections.js index 0983296688..ddf48c5bbf 100644 --- a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/connections.js +++ b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/connections.js @@ -68,7 +68,7 @@ var Artemis; .name; - function ConnectionsController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, pagination, artemisConnection, artemisSession) { + function ConnectionsController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, $sanitize, pagination, artemisConnection, artemisSession) { var ctrl = this; ctrl.pagination = pagination; var mbean = Artemis.getBrokerMBean(workspace, jolokia); @@ -126,13 +126,14 @@ var Artemis; { header: 'Client ID', itemField: 'clientID' }, { header: 'Users', itemField: 'users' }, { header: 'protocol', itemField: 'protocol' }, - { header: 'Session Count', itemField: 'sessionCount', templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Session Count', itemField: 'sessionCount', templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'Remote Address', itemField: 'remoteAddress' }, { header: 'Local Address', itemField: 'localAddress' }, { header: 'Creation Time', itemField: 'creationTime' } ]; - selectSessions = function (connection) { + selectSessions = function (idx) { + var connection = ctrl.connections[idx].connectionID; Artemis.log.debug("navigating to connection:" + connection) artemisConnection.connection = { connectionID: connection }; $location.path("artemis/artemisSessions"); @@ -213,6 +214,7 @@ var Artemis; var data = JSON.parse(response.value); ctrl.connections = []; angular.forEach(data["data"], function (value, idx) { + value.idx = idx; ctrl.connections.push(value); }); ctrl.pagination.page(data["count"]); @@ -223,7 +225,7 @@ var Artemis; ctrl.pagination.load(); } - ConnectionsController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', 'pagination', 'artemisConnection', 'artemisSession']; + ConnectionsController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', '$sanitize', 'pagination', 'artemisConnection', 'artemisSession']; })(Artemis || (Artemis = {})); \ No newline at end of file diff --git a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/consumers.js b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/consumers.js index 876c17b4c6..71b0ff2cf1 100644 --- a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/consumers.js +++ b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/consumers.js @@ -66,7 +66,7 @@ var Artemis; .name; - function ConsumersController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, pagination, artemisConsumer, artemisQueue, artemisAddress, artemisSession) { + function ConsumersController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, $sanitize, pagination, artemisConsumer, artemisQueue, artemisAddress, artemisSession) { var ctrl = this; ctrl.pagination = pagination; var mbean = Artemis.getBrokerMBean(workspace, jolokia); @@ -128,13 +128,13 @@ var Artemis; }; ctrl.tableColumns = [ { header: 'ID', itemField: 'id' }, - { header: 'Session', itemField: 'session' , templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Session', itemField: 'session' , templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'Client ID', itemField: 'clientID' }, { header: 'Protocol', itemField: 'protocol' }, - { header: 'Queue', itemField: 'queue', templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Queue', itemField: 'queue', templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'queueType', itemField: 'queueType' }, { header: 'Filter', itemField: 'filter' }, - { header: 'Address', itemField: 'address' , templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Address', itemField: 'address' , templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'Remote Address', itemField: 'remoteAddress' }, { header: 'Local Address', itemField: 'localAddress' }, { header: 'Creation Time', itemField: 'creationTime' } @@ -166,19 +166,22 @@ var Artemis; ctrl.filter.values.value = artemisConsumer.consumer.sessionID; } - selectQueue = function (queue) { + selectQueue = function (idx) { + var queue = ctrl.consumers[idx].queue; Artemis.log.debug("navigating to queue:" + queue) artemisQueue.queue = { queue: queue }; $location.path("artemis/artemisQueues"); }; - selectAddress = function (address) { + selectAddress = function (idx) { + var address = ctrl.consumers[idx].address; Artemis.log.debug("navigating to address:" + address) artemisAddress.address = { address: address }; $location.path("artemis/artemisAddresses"); }; - selectSession = function (session) { + selectSession = function (idx) { + var session = ctrl.consumers[idx].session; Artemis.log.debug("navigating to session:" + session) artemisSession.session = { session: session }; $location.path("artemis/artemisSessions"); @@ -232,6 +235,7 @@ var Artemis; var data = JSON.parse(response.value); ctrl.consumers = []; angular.forEach(data["data"], function (value, idx) { + value.idx = idx; ctrl.consumers.push(value); }); ctrl.pagination.page(data["count"]); @@ -242,7 +246,7 @@ var Artemis; ctrl.pagination.load(); } - ConsumersController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', 'pagination', 'artemisConsumer', 'artemisQueue', 'artemisAddress', 'artemisSession']; + ConsumersController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', '$sanitize', 'pagination', 'artemisConsumer', 'artemisQueue', 'artemisAddress', 'artemisSession']; })(Artemis || (Artemis = {})); \ No newline at end of file diff --git a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/producers.js b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/producers.js index 0df9432685..428cd4d889 100644 --- a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/producers.js +++ b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/producers.js @@ -53,7 +53,7 @@ var Artemis; .name; - function ProducersController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, pagination, artemisProducer, artemisAddress, artemisSession) { + function ProducersController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, $sanitize, pagination, artemisProducer, artemisAddress, artemisSession) { var ctrl = this; ctrl.pagination = pagination; var mbean = Artemis.getBrokerMBean(workspace, jolokia); @@ -101,11 +101,11 @@ var Artemis; }; ctrl.tableColumns = [ { header: 'ID', itemField: 'id' }, - { header: 'Session', itemField: 'session' , templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Session', itemField: 'session' , templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'Client ID', itemField: 'clientID' }, { header: 'Protocol', itemField: 'protocol' }, { header: 'User', itemField: 'user' }, - { header: 'Address', itemField: 'address', templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Address', itemField: 'address', templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'Remote Address', itemField: 'remoteAddress' }, { header: 'Local Address', itemField: 'localAddress' } ]; @@ -129,13 +129,15 @@ var Artemis; ctrl.pagination.load(); }; - selectAddress = function (address) { + selectAddress = function (idx) { + var address = ctrl.producers[idx].address; Artemis.log.debug("navigating to address:" + address) artemisAddress.address = { address: address }; $location.path("artemis/artemisAddresses"); }; - selectSession = function (session) { + selectSession = function (idx) { + var session = ctrl.producers[idx].session; Artemis.log.debug("navigating to session:" + session) artemisSession.session = { session: session }; $location.path("artemis/artemisSessions"); @@ -178,6 +180,7 @@ var Artemis; var data = JSON.parse(response.value); ctrl.producers = []; angular.forEach(data["data"], function (value, idx) { + value.idx = idx; ctrl.producers.push(value); }); ctrl.pagination.page(data["count"]); @@ -188,7 +191,7 @@ var Artemis; ctrl.pagination.load(); } - ProducersController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', 'pagination', 'artemisProducer', 'artemisAddress', 'artemisSession']; + ProducersController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', '$sanitize', 'pagination', 'artemisProducer', 'artemisAddress', 'artemisSession']; })(Artemis || (Artemis = {})); \ No newline at end of file diff --git a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/queues.js b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/queues.js index 71b74088e3..1df3af8b09 100644 --- a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/queues.js +++ b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/queues.js @@ -56,7 +56,7 @@ var Artemis; .name; - function QueuesController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, pagination, artemisQueue, artemisAddress) { + function QueuesController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, $sanitize, pagination, artemisQueue, artemisAddress) { var ctrl = this; ctrl.pagination = pagination; var mbean = Artemis.getBrokerMBean(workspace, jolokia); @@ -128,7 +128,7 @@ var Artemis; { header: 'Name', itemField: 'name' }, { header: 'Routing Types', itemField: 'routingTypes' }, { header: 'Queue Count', itemField: 'queueCount' }, - { header: 'Address', itemField: 'address' , templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Address', itemField: 'address' , templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'Routing Type', itemField: 'routingType' }, { header: 'Filter', itemField: 'filter' }, { header: 'Durable', itemField: 'durable' }, @@ -186,7 +186,8 @@ var Artemis; function navigateToQueuesOps(action, item) { $location.path("artemis/operations").search({"tab": "artemis", "nid": getQueuesNid(item, $location)}); }; - selectAddress = function (address) { + selectAddress = function (idx) { + var address = ctrl.queues[idx].address; Artemis.log.debug("navigating to address:" + address) artemisAddress.address = { address: address }; $location.path("artemis/artemisAddresses"); @@ -239,6 +240,7 @@ var Artemis; var data = JSON.parse(response.value); ctrl.queues = []; angular.forEach(data["data"], function (value, idx) { + value.idx = idx; ctrl.queues.push(value); }); ctrl.pagination.page(data["count"]); @@ -249,7 +251,7 @@ var Artemis; ctrl.pagination.load(); } - QueuesController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', 'pagination', 'artemisQueue', 'artemisAddress']; + QueuesController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', '$sanitize', 'pagination', 'artemisQueue', 'artemisAddress']; })(Artemis || (Artemis = {})); \ No newline at end of file diff --git a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/sessions.js b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/sessions.js index 8abfab9aea..1e033f4686 100644 --- a/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/sessions.js +++ b/artemis-hawtio/artemis-plugin/src/main/webapp/plugin/js/components/sessions.js @@ -67,7 +67,7 @@ var Artemis; .name; - function SessionsController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, pagination, artemisConnection, artemisSession, artemisConsumer, artemisProducer) { + function SessionsController($scope, workspace, jolokia, localStorage, artemisMessage, $location, $timeout, $filter, $sanitize, pagination, artemisConnection, artemisSession, artemisConsumer, artemisProducer) { var ctrl = this; ctrl.pagination = pagination; var mbean = Artemis.getBrokerMBean(workspace, jolokia); @@ -127,10 +127,10 @@ var Artemis; }; ctrl.tableColumns = [ { header: 'ID', itemField: 'id' }, - { header: 'Connection', itemField: 'connectionID', templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Connection', itemField: 'connectionID', templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'User', itemField: 'user' }, - { header: 'Consumer Count', itemField: 'consumerCount', templateFn: function(value, item) { return '' + value + '' }}, - { header: 'Producer Count', itemField: 'producerCount', templateFn: function(value, item) { return '' + value + '' }}, + { header: 'Consumer Count', itemField: 'consumerCount', templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, + { header: 'Producer Count', itemField: 'producerCount', templateFn: function(value, item) { return '' + $sanitize(value) + '' }}, { header: 'Creation Time', itemField: 'creationTime' } ]; @@ -155,19 +155,22 @@ var Artemis; ctrl.pagination.load(); }; - selectConnection = function (connection) { + selectConnection = function (idx) { + var connection = ctrl.sessions[idx].connectionID; Artemis.log.debug("navigating to connection:" + connection) artemisSession.session = { connectionID: connection }; $location.path("artemis/artemisConnections"); }; - selectConsumers = function (session) { + selectConsumers = function (idx) { + var session = ctrl.sessions[idx].id; Artemis.log.debug("navigating to consumers:" + session) artemisConsumer.consumer = { sessionID: session }; $location.path("artemis/artemisConsumers"); }; - selectProducers = function (session) { + selectProducers = function (idx) { + var session = ctrl.sessions[idx].id; Artemis.log.debug("navigating to producers:" + session) artemisProducer.producer = { sessionID: session }; $location.path("artemis/artemisProducers"); @@ -235,6 +238,7 @@ var Artemis; var data = JSON.parse(response.value); ctrl.sessions = []; angular.forEach(data["data"], function (value, idx) { + value.idx = idx; ctrl.sessions.push(value); }); ctrl.pagination.page(data["count"]); @@ -245,7 +249,7 @@ var Artemis; ctrl.pagination.load(); } - SessionsController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', 'pagination', 'artemisConnection', 'artemisSession', 'artemisConsumer', 'artemisProducer']; + SessionsController.$inject = ['$scope', 'workspace', 'jolokia', 'localStorage', 'artemisMessage', '$location', '$timeout', '$filter', '$sanitize', 'pagination', 'artemisConnection', 'artemisSession', 'artemisConsumer', 'artemisProducer']; })(Artemis || (Artemis = {})); \ No newline at end of file