Skip to Content
Last modified by Super Admin on 2026/03/22 00:39
From version Icon 20.1 Icon
edited by Super Admin
on 2026/03/09 00:01
Change comment: There is no comment for this version
To version Icon 32.1 Icon
edited by XWikiGuest
on 2026/03/18 03:51
Change comment: There is no comment for this version

Summary

Details

Icon Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.superadmin
1 +XWiki.XWikiGuest
Content
... ... @@ -27,7 +27,9 @@
27 27   ## ページをプログラム的に作成
28 28   #set($newDoc = $xwiki.getDocument($targetPage))
29 29   ## SchoolTemplateのコンテンツを参照として設定(テンプレートの include)
30 - $newDoc.setContent('{{include reference="SeitokaiCode.SchoolTemplate" /}}')
30 + ## author="target" により、SchoolTemplateの作者(superadmin)の権限でVelocityを実行
31 + ## これがないと学校ページの作者(一般ユーザー)のscript権限が必要になりエラーになる
32 + $newDoc.setContent('{{include reference="SeitokaiCode.SchoolTemplate" author="target" /}}')
31 31   $newDoc.setTitle($schoolName)
32 32   $newDoc.setParent('Schools.WebHome')
33 33   ## SchoolClassオブジェクトを追加して初期値を設定
... ... @@ -35,16 +35,6 @@
35 35   #set($newObj = $newDoc.getObject('SeitokaiCode.SchoolClass', $objNum))
36 36   $newObj.set('schoolCode', $schoolCode)
37 37   $newObj.set('schoolName', $schoolName)
38 - ## 現在の年度を初期値として設定(4月始まり)
39 - #set($now = $datetool.date)
40 - #set($currentYear = $datetool.format('yyyy', $now))
41 - #set($currentMonth = $mathtool.toInteger($datetool.format('MM', $now)))
42 - #if($currentMonth >= 4)
43 - #set($fiscalYear = $currentYear)
44 - #else
45 - #set($fiscalYear = $mathtool.sub($mathtool.toInteger($currentYear), 1).toString())
46 - #end
47 - $newObj.set('fiscalYear', $fiscalYear)
48 48   $newDoc.saveWithProgrammingRights('学校ページを新規作成')
49 49   ## 作成後にビューにリダイレクト
50 50   $response.sendRedirect($xwiki.getURL($targetPage, 'view'))
... ... @@ -87,7 +87,7 @@
87 87   <div id="selectedSchoolInfo" class="selected-school-info"></div>
88 88   <div id="selectedSchoolCode" class="selected-school-code"></div>
89 89   </div>
90 - <button type="button" onclick="clearSelection()" class="btn-change-school">変更</button>
82 + <button type="button" onclick="clearSelection()" class="btn-change-school">選択解除</button>
91 91   </div>
92 92   </div>
93 93   </div>
... ... @@ -116,6 +116,13 @@
116 116  
117 117  <script>
118 118  (function() {
111 + // XSSエスケープ関数
112 + function escapeHtml(s) {
113 + var div = document.createElement('div');
114 + div.appendChild(document.createTextNode(s));
115 + return div.innerHTML;
116 + }
117 +
119 119   // 学校マスターデータをJSON APIから取得
120 120   var schools = [];
121 121   var schoolsLoaded = false;
... ... @@ -122,7 +122,8 @@
122 122  
123 123   // schools.json をロード(XWiki添付ファイルとして配置)
124 124   // 配置先: SeitokaiCode.SchoolMasterData の添付ファイル
125 - fetch('/rest/wikis/xwiki/spaces/SeitokaiCode/pages/SchoolMasterData/attachments/schools.json')
124 + var restBase = '$request.contextPath/rest/wikis/xwiki';
125 + fetch(restBase + '/spaces/SeitokaiCode/pages/SchoolMasterData/attachments/schools.json')
126 126   .then(function(r) { return r.json(); })
127 127   .then(function(data) { schools = data; schoolsLoaded = true; })
128 128   .catch(function() {
... ... @@ -159,11 +159,11 @@
159 159   var li = document.createElement('li');
160 160   li.className = 'search-result-item';
161 161   li.innerHTML =
162 - '<div class="search-result-name">' + s.name + '</div>' +
162 + '<div class="search-result-name">' + escapeHtml(s.name) + '</div>' +
163 163   '<div class="search-result-info">' +
164 - s.pref + ' ' + s.city + ' ・ ' + s.type + '(' + s.est + ')' +
164 + escapeHtml(s.pref) + ' ' + escapeHtml(s.city) + ' ・ ' + escapeHtml(s.type) + '(' + escapeHtml(s.est) + ')' +
165 165   '</div>' +
166 - '<div class="search-result-code">' + s.code + '</div>';
166 + '<div class="search-result-code">' + escapeHtml(s.code) + '</div>';
167 167   li.onclick = function() { selectSchool(s); };
168 168   resultsList.appendChild(li);
169 169   });
... ... @@ -189,13 +189,13 @@
189 189  
190 190   // 重複チェック(XWikiにページが存在するか確認)
191 191   var targetPage = 'Schools.' + school.code + '.WebHome';
192 - fetch('/rest/wikis/xwiki/spaces/Schools/spaces/' + school.code + '/pages/WebHome')
192 + fetch(restBase + '/spaces/Schools/spaces/' + school.code + '/pages/WebHome')
193 193   .then(function(r) {
194 194   if (r.ok) {
195 195   // 既存ページあり
196 196   document.getElementById('duplicateWarning').style.display = 'block';
197 197   document.getElementById('duplicateLink').href =
198 - '/bin/view/Schools/' + school.code + '/';
198 + '$request.contextPath/bin/Schools/' + school.code + '/';
199 199   document.getElementById('submitArea').style.display = 'none';
200 200   } else {
201 201   // 新規作成OK
... ... @@ -250,6 +250,15 @@
250 250   selectedIdx = -1;
251 251   }
252 252   });
253 +
254 + // 送信時ローディング
255 + var csForm = document.getElementById('createSchoolForm');
256 + if (csForm) {
257 + csForm.addEventListener('submit', function() {
258 + var btn = csForm.querySelector('button[type="submit"]');
259 + if (btn) { btn.disabled = true; btn.innerHTML = '<span class="btn-spinner"></span> 作成中...'; }
260 + });
261 + }
253 253  })();
254 254  </script>
255 255  {{/html}}