Merge pull request #385 from Adobe-Marketing-Cloud/develop

v1.7.0 Release

Author: godanny86

CHANGELOG.md

@@ -4,6 +4,23 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [v1.7.0]
+
+### Fixed
+- 0163: User menu disappears when the profile is aleady loaded in previeous requests
+- 0340/0358: Corrected URL escaping to handle paths/assets file names using extended and unusual characters.
+- 0381: Fixed updating of dynamic service references to multiple share services
+
+### Changed
+- 0359: Expanded org.apache.sling.xss to [1.2.0,3) to support AEM 6.5 (uses version 2.0.1) and removed unneeded legacy acom.adobe.acs.commons.email;resolution:=optional import.
+- 0374: Added ability to add extra or blacklist Metadata Properties from the Metadata Properties DataSource via OSGi configuration
+- 0376: Replaced use of com.adobe.cq.commerce.common.ValueMapDecorator with org.apache.sling.api.wrappers.ValueMapDecorator
+- 0378: Date range filter includes the end date (evaluated at 12:59:59PM)
+
+### Added
+- 0366: Use sharer email as Reply-To when sharing assets via email
+- 0371: Added Horizontal Masonry Card results.
+
 ## [v1.6.12]
 
 ### Fixed

core/pom.xml

@@ -172,7 +172,7 @@
                     <exportScr>true</exportScr>
                     <instructions>
                         <Import-Package>
-                            com.adobe.acs.commons.email;resolution:=optional,
+                            org.apache.sling.xss;version="[1.2,3)",
                             *
                         </Import-Package>
                         <_plugin>org.apache.sling.bnd.models.ModelsScannerPlugin</_plugin>

core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/impl/ActionHelperImpl.java

@@ -22,7 +22,6 @@
 import com.adobe.aem.commons.assetshare.components.actions.ActionHelper;
 import com.adobe.aem.commons.assetshare.configuration.Config;
 import com.adobe.aem.commons.assetshare.content.AssetModel;
-import com.adobe.granite.asset.api.AssetException;
 import com.day.cq.wcm.api.WCMMode;
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.api.request.RequestParameter;
@@ -31,10 +30,6 @@
 import org.osgi.service.component.annotations.Component;
 import org.osgi.service.component.annotations.Reference;
 
-import javax.net.ssl.StandardConstants;
-import java.io.UnsupportedEncodingException;
-import java.net.URLDecoder;
-import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Collection;
 
@@ -50,22 +45,14 @@ public final Collection<AssetModel> getAssetsFromQueryParameter(final SlingHttpS
 
         if (requestParameters != null) {
             for (final RequestParameter requestParameter : requestParameters) {
-                String path = requestParameter.getString();
-
-                try {
-                    path = URLDecoder.decode(path, StandardCharsets.UTF_8.name());
-                } catch (UnsupportedEncodingException ex) {
-                    throw new AssetException("Could not UTF-8 encode the asset path.", requestParameter.getString());
-                }
-
-                final Resource resource = request.getResourceResolver().getResource(path);
+                final Resource resource = request.getResourceResolver().getResource(requestParameter.getString());
                 if (resource != null) {
                     final AssetModel asset = modelFactory.getModelFromWrappedRequest(request, resource, AssetModel.class);
+
                     if (asset != null) {
                         assets.add(asset);
                     }
                 }
-
             }
         }
 

core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/EmailShare.java

@@ -29,6 +29,8 @@ public interface EmailShare extends Share {
 
     String PN_USE_SHARER_NAME_AS_SIGNATURE = "useSharerSignature";
 
+    String PN_USE_SHARER_EMAIL_AS_REPLY_TO = "replyToSharer";
+
     /**
      * For example, in the default ASC Email Share implementation, this is the valuemap for the Email Share Modal Component.
      *

core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/ShareException.java

@@ -26,7 +26,7 @@ public class ShareException extends Exception {
     /**
      * Creates a new ShareException with a custom message.
      *
-     * @param message the exception messsage.
+     * @param message the exception message.
      */
     public ShareException(String message) {
         super(message);
@@ -40,4 +40,15 @@ public ShareException(String message) {
     public ShareException(Exception e) {
         super(e);
     }
+
+    /**
+     * Creates a new ShareException with a custom message.
+     *
+     * @param message the exception message.
+     * @param ex the cause exception
+     */
+    public ShareException(String message, Throwable ex) {
+        super(message, ex);
+    }
+
 }

core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/EmailShareServiceImpl.java

@@ -39,13 +39,16 @@
 import com.adobe.granite.security.user.UserProperties;
 import com.adobe.granite.security.user.UserPropertiesManager;
 import com.day.cq.commons.Externalizer;
+import com.day.cq.dam.api.Asset;
 import com.day.cq.dam.commons.util.DamUtil;
+import com.day.text.Text;
 import org.apache.commons.lang3.ArrayUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.jackrabbit.api.security.user.Authorizable;
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.api.SlingHttpServletResponse;
 import org.apache.sling.api.resource.Resource;
+import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.api.resource.ValueMap;
 import org.apache.sling.api.scripting.SlingBindings;
 import org.apache.sling.models.factory.ModelFactory;
@@ -111,13 +114,14 @@ public boolean accepts(final SlingHttpServletRequest request) {
 
     @Override
     public final void share(final SlingHttpServletRequest request, final SlingHttpServletResponse response, final ValueMap shareParameters) throws ShareException {
-    	
+
         /** Work around for regression issue introduced in AEM 6.4 **/
         SlingBindings bindings = new SlingBindings();
         //intentionally setting the second argument to 'null' since there is no SlingScript to pass in
         bindings.setSling( new ScriptHelper(bundleContext, null, request, response));
         request.setAttribute(SlingBindings.class.getName(), bindings);
-        
+        UserProperties userProperties = getUserProperties(request);
+
         final EmailShare emailShare = request.adaptTo(EmailShare.class);
 
         shareParameters.putAll(xssProtectUserData(emailShare.getUserData()));
@@ -126,10 +130,12 @@ public final void share(final SlingHttpServletRequest request, final SlingHttpSe
         shareParameters.putAll(emailShare.getConfiguredData());
 
         // Except for signature which we may or may  not want to use from configured data, depending on flags in configured data
-        try {
-            shareParameters.put(SIGNATURE, getSignature(request));
-        } catch (RepositoryException e) {
-            throw new ShareException("Could not obtain user display name for " + request.getResourceResolver().getUserID());
+        shareParameters.put(SIGNATURE, getSignature(emailShare, userProperties));
+
+        // set reply to address, if any
+        String replyToAddress = getReplyToAddress(emailShare, userProperties);
+        if (StringUtils.isNotEmpty(replyToAddress)) {
+            shareParameters.put(EmailService.REPLY_TO, replyToAddress);
         }
 
         share(request.adaptTo(Config.class), shareParameters, StringUtils.defaultIfBlank(emailShare.getEmailTemplatePath(), cfg.emailTemplate()));
@@ -138,14 +144,12 @@ public final void share(final SlingHttpServletRequest request, final SlingHttpSe
     private final void share(final Config config, final ValueMap shareParameters, final String emailTemplatePath) throws ShareException {
         final String[] emailAddresses = StringUtils.split(shareParameters.get(EMAIL_ADDRESSES, ""), ",");
         final String[] assetPaths = Arrays.stream(shareParameters.get(ASSET_PATHS, ArrayUtils.EMPTY_STRING_ARRAY))
-                .map(path -> {
-                    try {
-                        return URLDecoder.decode(path, StandardCharsets.UTF_8.name());
-                    } catch (UnsupportedEncodingException e) {
-                        log.warn("Could not decode path [ {} ] as UTF-8; Using path as is,.", path);
-                        return path;
-                    }
-                }).filter(StringUtils::isNotBlank)
+                .filter(StringUtils::isNotBlank)
+                .map(path -> config.getResourceResolver().getResource(path))
+                .filter(Objects::nonNull)
+                .map(DamUtil::resolveToAsset)
+                .filter(Objects::nonNull)
+                .map(Asset::getPath)
                 .toArray(String[]::new);
 
         // Check to ensure the minimum set of e-mail parameters are provided; Throw exception if not.
@@ -154,7 +158,7 @@ private final void share(final Config config, final ValueMap shareParameters, fi
         } else if (ArrayUtils.isEmpty(assetPaths)) {
             throw new ShareException("At least one asset is required to share");
         }
-       
+
         // Convert provided params to <String, String>; anything that needs to be accessed in its native type should be accessed and manipulated via shareParameters.get(..)
         final Map<String, String> emailParameters = new HashMap<String, String>();
         for (final String key : shareParameters.keySet()) {
@@ -179,13 +183,18 @@ private final String getAssetLinkListHtml(final Config config, final String[] as
             if (assetResource != null && DamUtil.isAsset(assetResource)) {
                 final AssetModel asset = modelFactory.getModelFromWrappedRequest(config.getRequest(), assetResource, AssetModel.class);
 
+                // Unescape else gets double-escaped and the link breaks
                 String url = assetDetailsResolver.getFullUrl(config, asset);
 
                 if (StringUtils.isBlank(url)) {
                     log.warn("Could not determine an Asset Details page path for asset at [ {} ]", assetPath);
                     continue;
                 }
 
+                // Unescape the URL since externalizer also escapes, resulting in a breaking, double-escaped URLs
+                // This is required since assetDetailsResolver.getFullUrl(config, asset) performs its own escaping.
+                url =  Text.unescape(url);
+
                 if (isAuthor()) {
                     url = externalizer.authorLink(config.getResourceResolver(), url);
                 } else {
@@ -209,29 +218,64 @@ public boolean isAuthor() {
         return slingSettingsService.getRunModes().contains("author");
     }
 
-    private String getSignature(final SlingHttpServletRequest request) throws RepositoryException {
-        if (request == null) {
-            return cfg.signature();
+    private String getSignature(final EmailShare emailShare, final UserProperties userProperties) throws ShareException {
+        boolean useSharerDisplayNameAsSignature = emailShare.getProperties().get(EmailShareImpl.PN_USE_SHARER_NAME_AS_SIGNATURE, false);
+
+        if (useSharerDisplayNameAsSignature && userProperties != null) {
+            try {
+              return StringUtils.trimToNull(userProperties.getDisplayName());
+            }
+            catch (RepositoryException ex) {
+              throw new ShareException("Could not obtain user display name for '" + userProperties.getAuthorizableID() + "'", ex);
+            }
         }
 
-        final EmailShare emailShare = request.adaptTo(EmailShare.class);
+        return StringUtils.defaultIfBlank(emailShare.getConfiguredData().get(EmailShareImpl.PN_SIGNATURE, String.class), cfg.signature());
+    }
 
-        boolean useSharerDisplayNameAsSignature = emailShare.getProperties().get(EmailShareImpl.PN_USE_SHARER_NAME_AS_SIGNATURE, false);
+    private String getReplyToAddress(final EmailShare emailShare, final UserProperties userProperties) throws ShareException {
+        boolean replyToSharer = emailShare.getProperties().get(EmailShare.PN_USE_SHARER_EMAIL_AS_REPLY_TO, false);
+        if (replyToSharer && userProperties != null) {
 
-        if (useSharerDisplayNameAsSignature) {
-            final String currentUser = request.getResourceResolver().getUserID();
-            if (!"anonymous".equalsIgnoreCase(currentUser) && !"admin".equalsIgnoreCase(currentUser)) {
-                final UserPropertiesManager upm = request.getResourceResolver().adaptTo(UserPropertiesManager.class);
-                final Authorizable authorizable = request.getResourceResolver().adaptTo(Authorizable.class);
-                final UserProperties userProperties = upm.getUserProperties(authorizable, "profile");
+          try {
+            return userProperties.getProperty(UserProperties.EMAIL);
+          }
+          catch (RepositoryException ex) {
+            throw new ShareException("Could not obtain email address for '" + userProperties.getAuthorizableID() + "'", ex);
+          }
+      }
 
-                if (userProperties != null) {
-                    return StringUtils.trimToNull(userProperties.getDisplayName());
-                }
-            }
+      return null;
+    }
+
+    private UserProperties getUserProperties(SlingHttpServletRequest request) {
+        if(!isValidUser(request)) {
+            return null;
         }
 
-        return StringUtils.defaultIfBlank(emailShare.getConfiguredData().get(EmailShareImpl.PN_SIGNATURE, String.class), cfg.signature());
+        ResourceResolver resolver = request.getResourceResolver();
+        final UserPropertiesManager upm = resolver.adaptTo(UserPropertiesManager.class);
+        final Authorizable authorizable = resolver.adaptTo(Authorizable.class);
+
+        try {
+            return upm.getUserProperties(authorizable, "profile");
+        }
+        catch (RepositoryException ex) {
+            log.warn("Cannot get user profile properties of user '{}'", resolver.getUserID());
+            return null;
+        }
+    }
+
+    private boolean isValidUser(SlingHttpServletRequest request) {
+        if (request == null) {
+            return false;
+        }
+
+        final String currentUser = request.getResourceResolver().getUserID();
+        boolean anonymous = StringUtils.equalsIgnoreCase(currentUser, "anonymous");
+        boolean admin = StringUtils.equalsIgnoreCase(currentUser, "admin");
+
+        return (!anonymous && !admin);
     }
 
     /**
@@ -248,7 +292,7 @@ private Map<String, Object> xssProtectUserData(Map<String, Object> dirtyUserData
                 cleanUserData.put(entry.getKey(), xssCleanData((String[]) entry.getValue()));
             } else if (entry.getValue() instanceof String) {
                 cleanUserData.put(entry.getKey(), xssCleanData((String) entry.getValue()));
-            }   
+            }
         }
 
         return cleanUserData;

core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/impl/ShareServlet.java

@@ -56,7 +56,7 @@ public class ShareServlet extends SlingAllMethodsServlet {
     private ShareService defaultShareService;
 
     @Reference(policyOption = ReferencePolicyOption.GREEDY)
-    private transient Collection<ShareService> shareServices;
+    private volatile Collection<ShareService> volatileShareServices;
 
     @Override
     protected final void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response)
@@ -74,6 +74,7 @@ private final void share(SlingHttpServletRequest request, SlingHttpServletRespon
         final AtomicInteger counter = new AtomicInteger(0);
 
         // Call all accepting ShareService implementations
+        final Collection<ShareService> shareServices = this.volatileShareServices;
         shareServices.stream()
                 .filter(Objects::nonNull)
                 .filter(shareService -> shareService.accepts(request))
@@ -100,4 +101,4 @@ private final void share(SlingHttpServletRequest request, SlingHttpServletRespon
             response.setStatus(SlingHttpServletResponse.SC_INTERNAL_SERVER_ERROR);
         }
     }
-}
+}

core/src/main/java/com/adobe/aem/commons/assetshare/components/actions/share/package-info.java

@@ -17,7 +17,7 @@
  *
  */
 
-@Version("2.0.0")
+@Version("2.1.0")
 package com.adobe.aem.commons.assetshare.components.actions.share;
 
 import org.osgi.annotation.versioning.Version;

core/src/main/java/com/adobe/aem/commons/assetshare/components/details/impl/ImageImpl.java

@@ -23,6 +23,7 @@
 import com.adobe.aem.commons.assetshare.content.AssetModel;
 import com.adobe.aem.commons.assetshare.util.MimeTypeHelper;
 import com.day.cq.dam.api.Rendition;
+import com.day.text.Text;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.api.resource.Resource;
@@ -33,6 +34,8 @@
 import org.apache.sling.models.annotations.injectorspecific.OSGiService;
 import org.apache.sling.models.annotations.injectorspecific.Self;
 import org.apache.sling.models.annotations.injectorspecific.ValueMapValue;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import javax.annotation.PostConstruct;
 import java.net.URLDecoder;
@@ -45,6 +48,7 @@
         defaultInjectionStrategy = DefaultInjectionStrategy.OPTIONAL
 )
 public class ImageImpl extends AbstractEmptyTextComponent implements Image {
+    private static final Logger log = LoggerFactory.getLogger(ImageImpl.class);
     protected static final String RESOURCE_TYPE = "asset-share-commons/components/details/image";
 
     @Self
@@ -101,7 +105,8 @@ public String getSrc() {
             }
         }
 
-        return src;
+        src = StringUtils.replace(src, "%20", " ");
+        return Text.escapePath(src);
     }
 
     @Override
@@ -110,7 +115,7 @@ public String getAlt() {
     }
 
     @Override
-    public String getFallback() { return fallbackSrc; }
+    public String getFallback() { return Text.escapePath(fallbackSrc); }
 
     @Override
     public boolean isEmpty() {

core/src/main/java/com/adobe/aem/commons/assetshare/components/details/impl/RenditionsImpl.java

@@ -26,6 +26,7 @@
 import com.adobe.cq.wcm.core.components.models.form.OptionItem;
 import com.adobe.cq.wcm.core.components.models.form.Options;
 import com.day.cq.dam.commons.util.UIHelper;
+import com.day.text.Text;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.commons.mime.MimeTypeService;
@@ -155,7 +156,7 @@ public RenditionImpl(String label, com.day.cq.dam.api.Rendition assetRendition,
             this.label = label;
             this.size = UIHelper.getSizeLabel(assetRendition.getSize());
             this.mimeType = assetRendition.getMimeType();
-            this.path = assetRendition.getPath();
+            this.path = Text.escapePath(assetRendition.getPath());
             this.name = assetRendition.getName();
             this.exists = exists;
             this.licensed = licensed;