Count user defined js , adapt message when js exception (#4776)

* count user defined js and check if user is admin * check user defined script and adapt message on js exception * add no_user_defined_js=1 to url disable user script * add repoAdminLink to lizUrls
3liz · Sep 24, 2024 · 721ce41 · 721ce41
1 parent 2894077
commit 721ce41
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 3 deletions.
diff --git a/assets/src/legacy/map.js b/assets/src/legacy/map.js
@@ -3914,9 +3914,15 @@ window.lizMap = function() {
             })
                 .catch((error) => {
                     console.error(error);
-                    const errorMsg = `
+                    let errorMsg = `
           <p class="error-msg">${lizDict['startup.error']}
-          <br><a href="${globalThis['lizUrls'].basepath}">${lizDict['startup.goToProject']}</a></p>`;
+          <br><a href="${globalThis['lizUrls'].basepath}">${lizDict['startup.goToProject']}</a>`;
+                    if (document.body.dataset.lizmapUserDefinedJsCount > 0 && document.body.dataset.lizmapAdminUser == 1) {
+                        errorMsg += '<br>'+`${lizDict['startup.user_defined_js']}<br>
+                        <a href="${globalThis['lizUrls'].repositoryAdmin}">${lizDict['startup.goToRepositoryAdmin']}</a><br>
+                        <a href="`+ window.location+`&no_user_defined_js=1">${lizDict['startup.projectWithoutJSLink']}</a>`
+                    }
+                    errorMsg += `</p>`;
                     document.getElementById('header').insertAdjacentHTML('afterend', errorMsg);
                 })
                 .finally(() => {

diff --git a/lizmap/modules/view/controllers/lizAjax.classic.php b/lizmap/modules/view/controllers/lizAjax.classic.php
@@ -187,6 +187,9 @@ function f($x)
             $lizUrls['removeCache'] = jUrl::getFull('admin~maps:removeLayerCache');
         }
 
+        if (jAcl2::check('lizmap.admin.access') || jAcl2::check('lizmap.admin.server.information.view')) {
+            $lizUrls['repositoryAdmin'] = jUrl::getFull('admin~maps:index');
+        }
         $content = '<script type="text/javascript" src="'.jUrl::getFull('view~translate:index').'"/>'."\n";
         $content .= '<script type="text/javascript">// <![CDATA['."\n";
         $content .= 'var lizUrls = '.json_encode($lizUrls).";\n";

diff --git a/lizmap/modules/view/controllers/lizMap.classic.php b/lizmap/modules/view/controllers/lizMap.classic.php
@@ -358,12 +358,13 @@ function f($x)
             }
         }
 
+        $countUserJs = 0;
         // Override default theme by themes found in folder media/themes/...
         // Theme name can be 'default' and apply to all projects in a repository
         // or the project name and only apply to it
         // Also if media/themes/default/css is found one directory above repositorie's one
         // it will apply to all repositories
-        if ($lrep->allowUserDefinedThemes()) {
+        if ($lrep->allowUserDefinedThemes() && $this->param('no_user_defined_js') != '1') {
             $repositoryPath = $lrep->getPath();
             $cssArray = array('main', 'map', 'media');
             $themeArray = array('default', $project);
@@ -439,8 +440,10 @@ function f($x)
                                 );
                                 if ($fileExtension == 'js') {
                                     $jsUrls[] = $jsUrl;
+                                    ++$countUserJs;
                                 } elseif ($fileExtension == 'mjs') {
                                     $mjsUrls[] = $jsUrl;
+                                    ++$countUserJs;
                                 } else {
                                     $cssUrls[] = $jsUrl;
                                 }
@@ -466,6 +469,7 @@ function f($x)
                 }
             }
         }
+        $rep->setBodyAttributes(array('data-lizmap-user-defined-js-count' => $countUserJs));
 
         // optionally hide some tools
         // header
@@ -562,6 +566,8 @@ function f($x)
             } elseif ($lproj->projectCountCfgWarnings() >= 1) {
                 $rep->setBodyAttributes(array('data-lizmap-plugin-has-warnings-url' => jUrl::get('admin~qgis_projects:index')));
             }
+            // add body attribute to tell if current user is admin
+            $rep->setBodyAttributes(array('data-lizmap-admin-user' => true));
         }
 
         $rep->body->assign($assign);

diff --git a/lizmap/modules/view/locales/en_US/dictionnary.UTF-8.properties b/lizmap/modules/view/locales/en_US/dictionnary.UTF-8.properties
@@ -1,5 +1,8 @@
 startup.error=An error occurred while loading this map. Some necessary resources may temporarily be unavailable. Please try again later.
+startup.user_defined_js=There's some user defined JavaScript scripts, that can be the cause of this message, try disabling them.
 startup.goToProject=Go back to the home page.
+startup.goToRepositoryAdmin=Go to maps management page
+startup.projectWithoutJSLink=Project with user's scripts disabled
 
 project.has.warnings=The project has some warnings in the QGIS desktop Lizmap plugin which must be fixed.
 project.plugin.outdated.warning=The project has been recently updated in QGIS Desktop, but with an outdated version of the Lizmap plugin. You must upgrade your plugin in QGIS Desktop.