Skip to content

Commit

Permalink
Merge pull request #532 from EUSurvey/develop
Browse files Browse the repository at this point in the history 
Version 1.5.3.1
  • Loading branch information
@clam2310
clam2310 authored Jun 10, 2024
2 parents dad2507 + bc8579a commit 8196487
Show file tree
Hide file tree
Showing 111 changed files with 1,771 additions and 1,414 deletions.
26 changes: 13 additions & 13 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,12 @@
<properties>
<java-version>11</java-version>
<org.springframework-version>5.3.20</org.springframework-version>
<org.springframework.security-version>5.7.1</org.springframework.security-version>
<org.springframework.security-version>5.7.5</org.springframework.security-version>
<org.aspectj-version>1.8.8</org.aspectj-version>
<org.slf4j-version>1.7.5</org.slf4j-version>
<version.number>444</version.number>
<svnName>1.1.9</svnName>
<camel.version>2.22.1</camel.version>
<camel.version>2.22.3</camel.version>
<svn.buildNumber.doUpdate>false</svn.buildNumber.doUpdate>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
Expand Down Expand Up @@ -49,7 +49,7 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.5</version>
<version>4.5.13</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
Expand All @@ -59,7 +59,7 @@
<dependency>
<groupId>org.json</groupId>
<artifactId>json</artifactId>
<version>20180130</version>
<version>20230227</version>
</dependency>
<dependency>
<groupId>org.jfree</groupId>
Expand Down Expand Up @@ -91,13 +91,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.54</version>
<version>1.66</version>
</dependency>

<dependency>
<groupId>org.jsoup</groupId>
<artifactId>jsoup</artifactId>
<version>1.8.3</version>
<version>1.14.2</version>
</dependency>

<dependency>
Expand Down Expand Up @@ -179,7 +179,7 @@
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
<version>1.3.3</version>
<version>1.5</version>
</dependency>

<dependency>
Expand All @@ -191,7 +191,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
<version>1.18</version>
<version>1.19</version>
</dependency>

<dependency>
Expand All @@ -203,7 +203,7 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
<version>2.7</version>
</dependency>

<dependency>
Expand Down Expand Up @@ -415,7 +415,7 @@
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.26</version>
<version>8.0.28</version>
<type>jar</type>
<scope>compile</scope>
</dependency>
Expand Down Expand Up @@ -537,19 +537,19 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.9.10</version>
<version>2.12.6</version>
</dependency>

<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.9.10.8</version>
<version>2.12.6.1</version>
</dependency>

<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<version>1.4.8</version>
<version>1.4.9</version>
</dependency>

<dependency>
Expand Down
56 changes: 37 additions & 19 deletions src/main/java/com/ec/survey/controller/BasicController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,16 @@
import java.net.URL;
import java.net.URLConnection;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.Set;

import javax.annotation.Resource;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.ec.survey.model.survey.*;
import com.ec.survey.tools.activity.ActivityRegistry;
import org.apache.catalina.connector.ClientAbortException;
import org.apache.commons.lang3.StringUtils;
Expand Down Expand Up @@ -48,10 +51,6 @@
import com.ec.survey.model.Archive;
import com.ec.survey.model.Draft;
import com.ec.survey.model.administration.User;
import com.ec.survey.model.survey.Element;
import com.ec.survey.model.survey.Matrix;
import com.ec.survey.model.survey.RatingQuestion;
import com.ec.survey.model.survey.Survey;
import com.ec.survey.service.ActivityService;
import com.ec.survey.service.AdministrationService;
import com.ec.survey.service.AnswerExplanationService;
Expand Down Expand Up @@ -157,6 +156,7 @@ public class BasicController implements BeanFactoryAware {
public @Value("${captcha.secret}") String captchasecret;
public @Value("${captcha.serverprefix}") String captchaserverprefix;
public @Value("${captcha.serverprefixtarget}") String captchaserverprefixtarget;
public @Value("${captcha.token:#{null}}") String captchatoken;
public @Value("${ui.enableresponsive}") String enableresponsive;
private @Value("${ecaslogout}") String ecaslogout;
public @Value("${showecas}") String showecas;
Expand Down Expand Up @@ -518,6 +518,36 @@ public Survey editSave(Survey survey, HttpServletRequest request)
}
}

public boolean parseEVoteSurvey(Survey survey) {
boolean passedSC = false;
PossibleAnswer linkedSCAnswer = null;
boolean passedMC = true;

for(Question q : survey.getQuestions()) {
if (q instanceof SingleChoiceQuestion) {
List<PossibleAnswer> pa = ((SingleChoiceQuestion) q).getPossibleAnswers();
for (PossibleAnswer answer : pa) {
if (answer.getTitle().equals("I want to vote")) {
passedSC = true;
linkedSCAnswer = answer;
break;
}
}
} else if (q instanceof MultipleChoiceQuestion) {
MultipleChoiceQuestion mq = ((MultipleChoiceQuestion) q);
if (passedSC && !(mq.getTriggers()).equals(linkedSCAnswer.getId() + ";")) {
passedMC = false;
}
}
}

if (passedSC && passedMC) {
return false;
} else {
return true;
}
}

public ModelAndView basicwelcome(HttpServletRequest request) {
ModelAndView model = new ModelAndView("home/welcome");
model.addObject("page", "welcome");
Expand Down Expand Up @@ -597,31 +627,19 @@ protected boolean checkCaptcha(HttpServletRequest request) {
str = request.getParameter("g-recaptcha-response");
}

String token = request.getParameter("captcha_token");
String id = request.getParameter("captcha_id");
String useaudio = request.getParameter("captcha_useaudio");
String originalcookies = request.getParameter("captcha_original_cookies");

if (token == null) {
String challenge = request.getParameter("recaptcha_challenge_field");
if (challenge != null && challenge.contains("|"))
{
String[] pair = challenge.split("\\|");
id = pair[0];
token = pair[1];
useaudio = pair[2];
}
}

if (str == null || id == null || token == null) {

if (str == null || id == null) {
return false;
}

sessionService.initializeProxy();
URL url = new URL(captchaserverprefixtarget + "validateCaptcha/" + id);
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-jwtString", token);
conn.setRequestProperty("xJwtString", captchatoken);
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");

String[] cookies = originalcookies.split("#");
Expand Down
12 changes: 6 additions & 6 deletions src/main/java/com/ec/survey/controller/ContributionController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -481,16 +481,16 @@ public ModelAndView processSubmit(@PathVariable String code, HttpServletRequest

ModelAndView result = new ModelAndView("thanks", Constants.UNIQUECODE, oldAnswerSet.getUniqueCode());

if (origsurvey.getIsOPC()) {
result.addObject("opcredirection",
origsurvey.getFinalConfirmationLink(opcredirect, oldAnswerSet.getLanguageCode()));
}

result.addObject("runnermode", true);

Form form = new Form(resources, surveyService.getLanguage(oldAnswerSet.getLanguageCode()),
translationService.getActiveTranslationsForSurvey(origsurvey.getId()), contextpath);
form.setSurvey(origsurvey);

if (origsurvey.getIsOPC()) {
result.addObject("opcredirection",
form.getFinalConfirmationLink(opcredirect, oldAnswerSet.getLanguageCode(), oldAnswerSet));
}

if(!origsurvey.getConfirmationPageLink()){
form.getAnswerSets().add(oldAnswerSet);
Expand All @@ -501,7 +501,7 @@ public ModelAndView processSubmit(@PathVariable String code, HttpServletRequest

if (origsurvey.getConfirmationPageLink() != null && origsurvey.getConfirmationPageLink()
&& origsurvey.getConfirmationLink() != null && origsurvey.getConfirmationLink().length() > 0) {
result.addObject("redirect", origsurvey.getFinalConfirmationLink(oldAnswerSet.getLanguageCode()));
result.addObject("redirect", form.getFinalConfirmationLink(oldAnswerSet.getLanguageCode(), oldAnswerSet));
} else if (origsurvey.getEcasSecurity() && request.getParameter("passwordauthenticated") == null
&& oldAnswerSet.getInvitationId() == null) {
result.addObject("asklogout", true);
Expand Down
24 changes: 16 additions & 8 deletions src/main/java/com/ec/survey/controller/DelphiController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -230,21 +230,18 @@ public ResponseEntity<AbstractDelphiGraphData> delphiGraph(HttpServletRequest re
boolean allanswers = request.getSession().getAttribute("results-source-allanswers") != null && (boolean) request.getSession().getAttribute("results-source-allanswers");

ResultFilter filter = null;
User user = sessionService.getCurrentUser(request);
User user = sessionService.getCurrentUser(request, false, false);
if (resultsview) {
if (user != null) {
filter = sessionService.getLastResultFilter(request, user.getId(), survey.getId());
Survey draft = surveyService.getSurveyByShortname(survey.getShortname(), true, user, request, false, true, true, false);
sessionService.upgradePrivileges(draft, user, request);
}
if (allanswers && !survey.isMissingElementsChecked()) {
surveyService.checkAndRecreateMissingElements(survey, filter);
}
}

if (user != null) {
Survey draft = surveyService.getSurveyByShortname(survey.getShortname(), true, user, request, false, true, true, false);
sessionService.upgradePrivileges(draft, user, request);
}


boolean privileged = resultsview && (survey.getOwner().getId().equals(user.getId()) ||
(user.getGlobalPrivileges().get(GlobalPrivilege.FormManagement) == 2) ||
(user.getLocalPrivileges().get(LocalPrivilege.AccessResults) > 0));
Expand Down Expand Up @@ -1526,15 +1523,20 @@ public ResponseEntity<String> delphiDeleteComment(@PathVariable String id, HttpS
public ResponseEntity<String> delphiLikeComment(@PathVariable String id, HttpServletRequest request) {
try {
final int idParsed = Integer.parseInt(id);
final String uniqueCode = request.getParameter("uniqueCode");

final String uniqueCode = request.getParameter("uniqueCode");
final String increaseLike = request.getParameter("increaseLike");

final AnswerComment comment = answerExplanationService.getComment(idParsed);
if (comment == null) {
return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
}

if (comment.getUniqueCode().equals(uniqueCode)) {
//cant like comments/ explanations of own answer sets
return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
}

if (increaseLike.equalsIgnoreCase("true")) {
DelphiCommentLike delphiCommentLike = new DelphiCommentLike(idParsed, uniqueCode);
answerExplanationService.addCommentLike(delphiCommentLike);
Expand Down Expand Up @@ -1563,6 +1565,12 @@ public ResponseEntity<String> delphiLikeExplanation(@PathVariable String id, Htt
return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
}

AnswerSet answerSet = answerService.get(explanation.getAnswerSetId());
if (answerSet.getUniqueCode().equals(uniqueCode)) {
//cant like comments/ explanations of own answer sets
return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
}

if (increaseLike.equalsIgnoreCase("true")) {
DelphiExplanationLike delphiExplanationLike = new DelphiExplanationLike(explanation.getId(), uniqueCode);
answerExplanationService.addExplanationLike(delphiExplanationLike);
Expand Down
14 changes: 4 additions & 10 deletions src/main/java/com/ec/survey/controller/EuCaptchaApiController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,14 +28,12 @@ public class EuCaptchaApiController extends BasicController {
CookieManager cookieManager = new CookieManager();
CookieHandler.setDefault(cookieManager);

URL url = new URL(captchaserverprefixtarget + "captchaImg?locale=" + locale + "&capitalized=" + capitalized);
URL url = new URL(captchaserverprefixtarget + "captchaImg?locale=" + locale + "&captchaLength=8&capitalized=" + capitalized);
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");

String xjwtString = conn.getHeaderField("x-jwtString");
response.setHeader("x-jwtString", xjwtString);

conn.setRequestProperty("xJwtString", captchatoken);

List<String> cookies = conn.getHeaderFields().get("set-cookie");
response.addHeader("original-cookie", cookies == null ? "" : String.join("#", cookies));

Expand All @@ -56,17 +54,13 @@ public class EuCaptchaApiController extends BasicController {
conn.setRequestMethod("GET");
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");

String xjwtString = request.getHeader("x-jwtstring");
conn.setRequestProperty("x-jwtString", xjwtString);
conn.setRequestProperty("xJwtString", captchatoken);

String[] cookies = request.getHeader("original-cookie").split("#");
for (String cookie : cookies) {
conn.addRequestProperty("Cookie", cookie);
}

xjwtString = conn.getHeaderField("x-jwtString");
response.setHeader("x-jwtString", xjwtString);

return readData(conn);
}

Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/ec/survey/controller/HomeController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -813,7 +813,7 @@ public ModelAndView downloadcontributionGet(HttpServletRequest request) throws E
taskExecutor.execute(export);
} else {
AnswerExecutor export = (AnswerExecutor) context.getBean("answerExecutor");
export.init(answerSet, email, sender, serverPrefix);
export.init(answerSet, email, sender, serverPrefix, request.getSession().getAttribute("passwordauthentication") != null);
taskExecutor.execute(export);
}
} else {
Expand Down
Loading

0 comments on commit 8196487

Please sign in to comment.