The GroovyPlugin is a contributed plugin that permits Groovy scripts to be executed directly from a wiki page. If you're a Java programmer, you're also a Groovy programmer, as it's essentially just a script version of Java (with some minoSECURITY WARNINGr changes and quite a few additional features). The plugin also provides an optional (compile-time) feature permitting scripts from a remote web site to be executed locally.
I've listed the Groovy plugin on the Groovy Modules
page on the Groovy wiki, which is also a good place to look for documentation on Groovy scripting and other features.
Please note that installation and/or use of this feature on a public wiki is a security risk. This feature should only be used on a private or intranet wiki where the environment is entirely trusted.
Also see the Security Alert below.
License#
The Groovy plugin is distributed under the Ceryle software license, essentially the Apache 2.0 license. -- MurrayAltheim
Installation#
After putting both the groovy-plugin.jar and groovy-all.jar (the latter distributed by Codehaus) files into $WIKI_HOME/WEB-INF/lib/, you'll have to add the plugin path "org.ceryle.wiki.plugin" to your jspwiki.properties file, e.g.:
jspwiki.plugin.searchPath = existing_path,org.ceryle.wiki.plugin
(where 'existing_path' is any existing search path)
The Groovy plugin has been tested using Groovy version 1.0 JSR-06 and 1.0 RC-01, available from
the Groovy website. You'll want to use the embedded version,
which currently is labeled "groovy-all-vv.jar" where 'vv' is the version.
Compiling#
The distribution jar file includes both the *.java and *.class files for the plugin, so it's possible to recompile as needed.
There are compile-time flags that permit various features:
- PERMIT_HREF (remote scripting feature)
when true, this permits the href parameter to function. This feature is VERY BAD — but not in a Michael Jackson or even George Thorogood kinda way, more in the Big Bad Wolf kinda way. The distribution has this set to 'true'. - CHECK_AUTHENTICATION (check authentication feature)
when true, this only permits the plugin to function when the page is being viewed by an authenticated viewer. The distribution has this set to 'false'.
Parameters#
- debug = 'true' | 'false' .
When true, displays the provided source code and debugging level information. Defaults to false. - href = 'URI' .
When specified, any script content in the plugin is ignored in favour of resolving the provided URI as the script content. This feature is enabled/disabled via a compile-time flag whose current default is true.
Security Alert#
Permitting any kind of scripting on a public wiki is an extreme security risk. Just don't do it. This plugin is really only intended for private wikis, or those whose editor community is entirely trusted. From a Groovy script it's possible for someone to get direct access to your WikiEngine and theoretically your entire JVM. Very Bad.
Tests#
(Note: these tests are not expected to work on the jspwiki.org site.)
Test 1#
[{Groovy println("Hello World!") }]
Plugin insertion failed: Could not find plugin GroovyPlugin insertion failed: Could not find plugin Groovy
Test 2#
[{Groovy debug='true'
for ( i in 0..5 )
print( i + " " )
}]
Plugin insertion failed: Could not find plugin GroovyPlugin insertion failed: Could not find plugin Groovy
Discussion/Troubleshooting#
[...]
Add new attachment
List of attachments
| Kind | Attachment Name | Size | Version | Date Modified | Author | Change note |
|---|---|---|---|---|---|---|
txt |
LICENSE.txt | 2.1 kB | 1 | 11-Dec-2006 06:58 | 210.55.131.59 | |
jar |
groovy-plugin-1.0a12.jar | 24.7 kB | 1 | 11-Dec-2006 06:59 | 210.55.131.59 | first public version |
- Features
- Download
- Documentation
- Templates
- Plugins
- Provider
- Filters
- Support
- FAQ
- Irc Channel
- Mailing List
- Weblog
- Applications
- Getting Involved
- JSPWIKI Testers
Development
Internet Search