Warn when editing a page requiring specific right

It’s quite easy in XWiki to break something because a page contains an xobject that requires a specific right to properly work, and someone without the proper right saves a new version of that page.
This limitation has been partially solved for the extensions, by displaying a warning message when editing a page that belongs to an extension.

After discussing it with @MichaelHamann I propose to go further by explicitely document the pages that need a specific right to work, using our existing XClass XWiki.RequiredRightClass.
This class is already used in few pages of XWiki Standard to specify that a page requires programming or script right. To my knowledge, it’s purely informative, I have not seen any usage of it in our code, but maybe I just missed it.

I propose that we actually use it, to provide a warning message when a user without the required right edit a page containing this xobject. We could also go a bit further by forcing the add of this xobject in extensions pages containing specific xobjects: e.g. we could fail the build when analyzing our XARs if a page contains a JSX on the wiki scope without the RequiredRightClass xobject.

WDYT?

Yes, that’s my understanding too.

+1

Note that it also means IMO that XWiki.RequiredRightClass should be moved to a class initializer instead of a page provided by the flavor if it becomes much more core.

Why not. But as you said, extension pages already have a “be careful” warning, so not a huge game changer and not sure it worth the effort.

FTR some past discussion: [xwiki-devs] [Proposal] Removal of XWiki.RequiredRightClass page - vinc...@massol.net - org.xwiki.devs - MarkMail

An interesting idea that came out of it:

** There’s no way to force pages requiring PR to add such an XObject and
thus it’s not done consistently

There is an easy way, enforce it and do not provide programming right to
pages that does not explicitely require it using that object.

Interesting, so contrarily to what I said in my proposal, it’s actually used by Admin Tool Application to list the applications needing specific rights.

I’m not a fan of requiring this additional information, but since the alternative is to let users break the wiki by accident (even though there is already some warning, we know from experience that these breakages happen).

+1 in the principle, especially if a we provide static analysis (which feels difficult to do accurately) to warn users when this is missing on the XARs.

+1 from me. Also +1 for not providing programming rights to pages that do not have that object as proposed in this old discussion, I’ve also suggested this in my discussion with @surli. To be a real protection we should also prevent that users can add the object that do not have the right (so a page is not accidentally “upgraded” the next time a user with the right saves the page). My suggestion is also to introduce UX improvements to make it easier to add the right object:

• Provide a way to query XObjects if they require a certain right (with the currently set properties) and use that information to prompt the user to add the required rights object if it doesn’t exist yet.
• Provide a way in the editor to easily set the required rights when adding script macros, e.g., in the page information. This could also be coupled to the introduction of required permissions for macros. If a user has programming rights and inserts a macro that requires programming rights, there would be a prompt to add the required rights object to the page. For a velocity macro, there could possibly even be a checkbox if programming rights shall be used in the script when the user has the permission.

The problem with this is the major retro compatibility breakage it implies.