Merge branch 'develop' into wicket-10

2024-04-22 09:41:47 +02:00 · 2024-04-22 09:41:47 +02:00 · db0c36234a
commit db0c36234a
parent 42cd644e74 9654fea439
4 changed files with 33 additions and 14 deletions
--- a/owasp.xml
+++ b/owasp.xml
@ -65,4 +65,11 @@
        </notes>
        <cve>CVE-2023-52070</cve>
    </suppress>
    <suppress>
        <notes>
            This is a complete nonsense vulnerability. Some automated tool has
            gone completely bananas.
        </notes>
        <cve>CVE-2024-23076</cve>
    </suppress>
 </suppressions>
--- a/view/src/main/java/se/su/dsv/scipro/components/DisableSubmitButtonsOnSubmit.java
+++ b/view/src/main/java/se/su/dsv/scipro/components/DisableSubmitButtonsOnSubmit.java
@ -7,7 +7,7 @@ import org.apache.wicket.markup.head.OnEventHeaderItem;
 import org.apache.wicket.markup.html.form.Form;
 /**
- * Disables all elements with {@code [type=submit]}
+ * {@link Form} behavior that disables all elements with {@code [type=submit]} when the form is submitted.
 */
 public class DisableSubmitButtonsOnSubmit extends Behavior {
    @Override
@ -21,10 +21,12 @@ public class DisableSubmitButtonsOnSubmit extends Behavior {
    @Override
    public void renderHead(Component component, IHeaderResponse response) {
        super.renderHead(component, response);
-        final String javaScript = "const submitButtons = event.target.querySelectorAll(\"[type=submit]\");\n" +
+        final String javaScript = """
-                                  "for (const button of submitButtons) {\n" +
+                                  const submitButtons = event.target.querySelectorAll("[type=submit]");
-                                  "    button.disabled = true;\n" +
+                                  for (const button of submitButtons) {
-                                  "}\n";
+                                      button.classList.add('disabled');
                                  }
                                  """;
        response.render(OnEventHeaderItem.forComponent(component, "submit", javaScript));
    }
 }
--- a/view/src/main/java/se/su/dsv/scipro/finalthesis/FinalThesisPanel$RevisionPanel.html
+++ b/view/src/main/java/se/su/dsv/scipro/finalthesis/FinalThesisPanel$RevisionPanel.html
@ -5,7 +5,7 @@
    <strong>Status:</strong> <span class="text-danger">REVISION NEEDED</span>
    <div class="help-box">
        <span wicket:id="rejectedDateLabel"></span><br>
-        Your supervisor have decided that you need to revise your final thesis and then upload it again.<br>
+        Your supervisor has decided that you need to revise your final thesis and then upload it again.<br>
        <a href="#" wicket:id="forumLink">Go to the forum to view the reason behind this decision</a>.
    </div>
 </wicket:panel>
--- a/view/src/main/java/se/su/dsv/scipro/project/pages/ProjectDetailsPage.java
+++ b/view/src/main/java/se/su/dsv/scipro/project/pages/ProjectDetailsPage.java
@ -11,7 +11,9 @@ import se.su.dsv.scipro.activityplan.UpcomingActivitiesPanel;
 import se.su.dsv.scipro.checklists.ChecklistOverviewPanel;
 import se.su.dsv.scipro.components.menuhighlighting.MenuHighlightAuthorMyProjects;
 import se.su.dsv.scipro.finalseminar.OverviewSeminarPanel;
 import se.su.dsv.scipro.finalthesis.FinalThesis;
 import se.su.dsv.scipro.finalthesis.FinalThesisPanel;
 import se.su.dsv.scipro.finalthesis.FinalThesisService;
 import se.su.dsv.scipro.group.AuthorGroupPage;
 import se.su.dsv.scipro.group.GroupsOverviewPanel;
 import se.su.dsv.scipro.latestevents.LatestEventsPanel;
@ -42,12 +44,23 @@ public class ProjectDetailsPage extends AbstractProjectDetailsPage implements Me
    public static final String EXTERNAL_RESOURCES = "externalResources";
    public static final String EXTERNAL_LINK = "externalLink";
    private final boolean shouldFillOutSurvey;
    @Inject
    private SurveyService surveyService;
    @Inject
    private FinalThesisService finalThesisService;
    public ProjectDetailsPage(PageParameters pp) {
        super(pp);
        FinalThesis finalThesis = finalThesisService.findByProject(getActiveProject());
        boolean finalThesisIsRejected = (finalThesis != null && finalThesis.isRejected());
        shouldFillOutSurvey = surveyService.shouldFillOutSurvey(getActiveProject(), SciProSession.get().getUser())
                              && !finalThesisIsRejected;
        add(new ExternalResourcesPanel(EXTERNAL_RESOURCES, LambdaModel.of(projectModel, se.su.dsv.scipro.project.Project::getProjectType, se.su.dsv.scipro.project.Project::setProjectType)));
        add(new ExternalLinkPanel(EXTERNAL_LINK, projectModel));
@ -90,7 +103,6 @@ public class ProjectDetailsPage extends AbstractProjectDetailsPage implements Me
            @Override
            protected void onConfigure() {
                super.onConfigure();
                final boolean shouldFillOutSurvey = surveyService.shouldFillOutSurvey(getActiveProject(), SciProSession.get().getUser());
                setVisibilityAllowed(shouldFillOutSurvey);
            }
        });
@ -103,13 +115,11 @@ public class ProjectDetailsPage extends AbstractProjectDetailsPage implements Me
    @Override
    protected void onConfigure() {
        super.onConfigure();
-        if (surveyService.shouldFillOutSurvey(getActiveProject(), SciProSession.get().getUser())) {
+        if (shouldFillOutSurvey && getSession().getMetaData(ProjectFinalSurveyPage.SURVEY_VISITED) == null) {
-            if (getSession().getMetaData(ProjectFinalSurveyPage.SURVEY_VISITED) == null) {
+            getFeedbackMessages().forEach(getSession().getFeedbackMessages()::add);
-                getFeedbackMessages().forEach(getSession().getFeedbackMessages()::add);
+            throw new RestartResponseException(
-                throw new RestartResponseException(
+                    ProjectFinalSurveyPage.class,
-                        ProjectFinalSurveyPage.class,
+                    ProjectFinalSurveyPage.getPageParameters(getActiveProject()));
                        ProjectFinalSurveyPage.getPageParameters(getActiveProject()));
            }
        }
    }