From f50fd960272af613c3602d30959ed04241b03cae Mon Sep 17 00:00:00 2001 From: Thusel Date: Wed, 15 Nov 2023 15:56:30 +0100 Subject: [PATCH 1/2] LUT-26660: Fix session error when refreshing a form --- src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java b/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java index 89d2f895a..39edf17f7 100644 --- a/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java +++ b/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java @@ -267,7 +267,7 @@ private void checkMyLuteceAuthentification( Form form, HttpServletRequest reques public synchronized XPage getStepView( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException { String paramInit = request.getParameter( FormsConstants.PARAMETER_INIT ); - if ( FormsConstants.PARAMETER_INIT.equals( paramInit ) ) + if ( Boolean.parseBoolean( paramInit ) ) { init( request ); } @@ -361,7 +361,7 @@ public synchronized XPage getStepView( HttpServletRequest request ) throws SiteM SiteMessageService.setMessage( request, FormsConstants.MESSAGE_ERROR_INACTIVE_FORM, SiteMessage.TYPE_ERROR ); } } - IsRequestComingFromAction = false; + IsRequestComingFromAction = true; XPage xPage = getXPage( TEMPLATE_VIEW_STEP, getLocale( request ), model ); xPage.setTitle( strTitleForm ); xPage.setPathLabel( strPathForm ); @@ -895,6 +895,8 @@ public synchronized XPage doSaveStep( HttpServletRequest request ) throws SiteMe // why are we here as we didn't try to save any backup ? So instead of throwing the error, we redirect. AppLogService.error("FormXPage l 897 : " + MESSAGE_ERROR_TOKEN ); _currentStep = StepHome.findByPrimaryKey(Integer.parseInt(request.getParameter(FormsConstants.PARAMETER_ID_STEP))); + List errorList = new ArrayList<>( ); + _currentStep = FormsResponseUtils.getNextStep( _currentStep.getId( ), errorList, _formResponseManager ); return getStepView( request ); } @@ -1311,6 +1313,7 @@ private void init( HttpServletRequest request ) _stepDisplayTree = null; _breadcrumb = null; _bInactiveStateBypassed = false; + IsRequestComingFromAction = false; FormsAsynchronousUploadHandler.getHandler( ).removeSessionFiles( request.getSession( ) ); } @@ -1326,6 +1329,7 @@ private void init( int nIdForm ) _formResponseManager = null; _stepDisplayTree = null; _breadcrumb = null; + IsRequestComingFromAction = false; } /** From 7f5475c19dd562c56406f15568514c76f6472d41 Mon Sep 17 00:00:00 2001 From: TimotheeHrl Date: Wed, 22 Nov 2023 15:49:53 +0100 Subject: [PATCH 2/2] Lut 26831 : simplify get response from backup --- .../plugins/forms/service/FormService.java | 58 +++++---------- .../plugins/forms/util/FormsConstants.java | 2 + .../forms/web/FormResponseManager.java | 40 ++--------- .../lutece/plugins/forms/web/FormXPage.java | 72 ++++++++----------- webapp/WEB-INF/conf/plugins/forms.properties | 2 + 5 files changed, 59 insertions(+), 115 deletions(-) diff --git a/src/java/fr/paris/lutece/plugins/forms/service/FormService.java b/src/java/fr/paris/lutece/plugins/forms/service/FormService.java index c6806cd30..ac6774cb5 100644 --- a/src/java/fr/paris/lutece/plugins/forms/service/FormService.java +++ b/src/java/fr/paris/lutece/plugins/forms/service/FormService.java @@ -33,51 +33,18 @@ */ package fr.paris.lutece.plugins.forms.service; -import java.util.List; -import java.util.stream.Collectors; - -import javax.inject.Inject; -import javax.servlet.http.HttpServletRequest; - -import org.apache.commons.collections.CollectionUtils; -import org.springframework.transaction.annotation.Transactional; - import fr.paris.lutece.api.user.User; -import fr.paris.lutece.plugins.forms.business.Form; -import fr.paris.lutece.plugins.forms.business.FormDisplay; -import fr.paris.lutece.plugins.forms.business.FormHome; -import fr.paris.lutece.plugins.forms.business.FormMessageHome; -import fr.paris.lutece.plugins.forms.business.FormQuestionResponse; -import fr.paris.lutece.plugins.forms.business.FormQuestionResponseHome; -import fr.paris.lutece.plugins.forms.business.FormResponse; -import fr.paris.lutece.plugins.forms.business.FormResponseHome; -import fr.paris.lutece.plugins.forms.business.FormResponseStep; -import fr.paris.lutece.plugins.forms.business.FormResponseStepHome; -import fr.paris.lutece.plugins.forms.business.Question; -import fr.paris.lutece.plugins.forms.business.Step; -import fr.paris.lutece.plugins.forms.business.StepHome; +import fr.paris.lutece.plugins.forms.business.*; import fr.paris.lutece.plugins.forms.business.export.FormExportConfigHome; import fr.paris.lutece.plugins.forms.exception.MaxFormResponseException; import fr.paris.lutece.plugins.forms.service.workflow.IFormWorkflowService; import fr.paris.lutece.plugins.forms.util.FormsConstants; import fr.paris.lutece.plugins.forms.util.FormsResponseUtils; -import fr.paris.lutece.plugins.forms.web.CompositeGroupDisplay; -import fr.paris.lutece.plugins.forms.web.CompositeQuestionDisplay; -import fr.paris.lutece.plugins.forms.web.FormResponseManager; -import fr.paris.lutece.plugins.forms.web.ICompositeDisplay; -import fr.paris.lutece.plugins.forms.web.StepDisplayTree; +import fr.paris.lutece.plugins.forms.web.*; import fr.paris.lutece.plugins.forms.web.admin.MultiviewFormResponseDetailsJspBean; import fr.paris.lutece.plugins.forms.web.entrytype.IEntryDataService; -import fr.paris.lutece.plugins.genericattributes.business.Entry; -import fr.paris.lutece.plugins.genericattributes.business.EntryHome; -import fr.paris.lutece.plugins.genericattributes.business.FieldHome; -import fr.paris.lutece.plugins.genericattributes.business.Response; -import fr.paris.lutece.plugins.genericattributes.business.ResponseHome; -import fr.paris.lutece.plugins.genericattributes.service.entrytype.AbstractEntryTypeFile; -import fr.paris.lutece.plugins.genericattributes.service.entrytype.AbstractEntryTypeGalleryImage; -import fr.paris.lutece.plugins.genericattributes.service.entrytype.AbstractEntryTypeImage; -import fr.paris.lutece.plugins.genericattributes.service.entrytype.EntryTypeServiceManager; -import fr.paris.lutece.plugins.genericattributes.service.entrytype.IEntryTypeService; +import fr.paris.lutece.plugins.genericattributes.business.*; +import fr.paris.lutece.plugins.genericattributes.service.entrytype.*; import fr.paris.lutece.plugins.genericattributes.util.GenericAttributesUtils; import fr.paris.lutece.portal.business.event.ResourceEvent; import fr.paris.lutece.portal.business.file.FileHome; @@ -88,6 +55,13 @@ import fr.paris.lutece.portal.service.spring.SpringContextService; import fr.paris.lutece.portal.service.workgroup.AdminWorkgroupService; import fr.paris.lutece.util.sql.TransactionManager; +import org.apache.commons.collections.CollectionUtils; +import org.springframework.transaction.annotation.Transactional; + +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import java.util.List; +import java.util.stream.Collectors; /** * This is the service class related to the form @@ -465,16 +439,20 @@ private boolean canUserAccessFile( HttpServletRequest request, int nIdForm ) * The form * @param strUserGuid * The user guid + * @param formResponseManager + * * @return the created {@code FormResponseManager} object */ - public FormResponseManager createFormResponseManagerFromBackUp( Form form, String strUserGuid ) + public FormResponseManager createFormResponseManagerFromBackUp( Form form, String strUserGuid, FormResponseManager formResponseManager ) { - FormResponseManager formResponseManager = null; List listFormResponse = FormResponseHome.getFormResponseByGuidAndForm( strUserGuid, form.getId( ), true ); if ( CollectionUtils.isNotEmpty( listFormResponse ) ) { formResponseManager = new FormResponseManager( listFormResponse.get( 0 ) ); - formResponseManager.setIsResponseLoadedFromBackup(true); + } + else if ( formResponseManager != null && CollectionUtils.isEmpty( listFormResponse ) ) + { + return formResponseManager; } else { diff --git a/src/java/fr/paris/lutece/plugins/forms/util/FormsConstants.java b/src/java/fr/paris/lutece/plugins/forms/util/FormsConstants.java index d9f1259e1..19f9231aa 100644 --- a/src/java/fr/paris/lutece/plugins/forms/util/FormsConstants.java +++ b/src/java/fr/paris/lutece/plugins/forms/util/FormsConstants.java @@ -251,6 +251,8 @@ public final class FormsConstants public static final String SEPARATOR_UNDERSCORE = "_"; public static final String SEPARATOR_SEMICOLON = ";"; public static final String END_OF_LINE = "\n"; + public static final String FO_LOGIN_PAGE_PARAMETERS = "forms.frontOffice.loginPage.parameters"; + /** diff --git a/src/java/fr/paris/lutece/plugins/forms/web/FormResponseManager.java b/src/java/fr/paris/lutece/plugins/forms/web/FormResponseManager.java index ed00e8e22..81d128809 100644 --- a/src/java/fr/paris/lutece/plugins/forms/web/FormResponseManager.java +++ b/src/java/fr/paris/lutece/plugins/forms/web/FormResponseManager.java @@ -33,18 +33,18 @@ */ package fr.paris.lutece.plugins.forms.web; -import java.sql.Timestamp; -import java.time.LocalDateTime; -import java.util.*; -import java.util.stream.Collectors; import fr.paris.lutece.plugins.forms.business.*; -import fr.paris.lutece.portal.service.util.AppLogService; -import org.apache.commons.collections.CollectionUtils; - import fr.paris.lutece.plugins.forms.service.EntryServiceManager; import fr.paris.lutece.plugins.forms.util.FormsConstants; import fr.paris.lutece.plugins.forms.validation.IValidator; import fr.paris.lutece.plugins.genericattributes.business.GenericAttributeError; +import fr.paris.lutece.portal.service.util.AppLogService; +import org.apache.commons.collections.CollectionUtils; + +import java.sql.Timestamp; +import java.util.ArrayList; +import java.util.List; +import java.util.stream.Collectors; /** * @@ -55,8 +55,6 @@ public class FormResponseManager { private final List _listValidatedStep; private final FormResponse _formResponse; - private boolean _bIsResponseLoadedFromBackup = false; - private boolean _isBackupResponseAlreadyInitiated = false; /** * Constructor * @@ -153,35 +151,11 @@ public Timestamp getFormResponseUpdateDate() } return updateDate; } - public void setFormResponseUpdateDate(Timestamp updateDate) { FormResponse formResponse = getFormResponse(); formResponse.setUpdate(updateDate); } - /** - * Give a boolean indicating that indicates if view (getViewStep) has been initialized from backup - * So with _isBackupResponseAlreadyInitiated and _bIsResponseLoadedFromBackup we can deduce if it's the first time the getViewStep is loaded with the backup response - * - * @return a boolean indicating that indicates if view has been initialized from backup - */ - public Boolean getIsBackupResponseAlreadyInitiated() { - return _isBackupResponseAlreadyInitiated; - } - public void setBackupResponseAlreadyInitiated(Boolean isBackupResponseAlreadyInitiated) { - _isBackupResponseAlreadyInitiated = isBackupResponseAlreadyInitiated; - } - /** - * Gives a boolean indicating if the response is loaded from backup - * - * @return a boolean indicating if the response is loaded from backup - */ - public Boolean getIsResponseLoadedFromBackup () { - return _bIsResponseLoadedFromBackup; - } - public void setIsResponseLoadedFromBackup (Boolean bIsResponseLoadedFromBackup) { - _bIsResponseLoadedFromBackup = bIsResponseLoadedFromBackup; - } /** * Initializes the steps order diff --git a/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java b/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java index 39edf17f7..9f10f95bf 100644 --- a/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java +++ b/src/java/fr/paris/lutece/plugins/forms/web/FormXPage.java @@ -33,20 +33,7 @@ */ package fr.paris.lutece.plugins.forms.web; -import java.sql.Timestamp; -import java.time.LocalDateTime; -import java.util.*; -import java.util.stream.Collectors; - -import javax.servlet.http.HttpServletRequest; - import fr.paris.lutece.plugins.forms.business.*; -import fr.paris.lutece.plugins.genericattributes.business.ResponseHome; -import fr.paris.lutece.portal.service.util.AppLogService; -import org.apache.commons.fileupload.FileItem; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.lang3.math.NumberUtils; - import fr.paris.lutece.plugins.forms.exception.FormNotFoundException; import fr.paris.lutece.plugins.forms.exception.MaxFormResponseException; import fr.paris.lutece.plugins.forms.exception.QuestionValidationException; @@ -77,6 +64,7 @@ import fr.paris.lutece.portal.service.security.SecurityTokenService; import fr.paris.lutece.portal.service.security.UserNotSignedException; import fr.paris.lutece.portal.service.spring.SpringContextService; +import fr.paris.lutece.portal.service.util.AppLogService; import fr.paris.lutece.portal.service.util.AppPathService; import fr.paris.lutece.portal.service.util.AppPropertiesService; import fr.paris.lutece.portal.util.mvc.commons.annotations.Action; @@ -87,7 +75,15 @@ import fr.paris.lutece.portal.web.upload.MultipartHttpServletRequest; import fr.paris.lutece.portal.web.xpages.XPage; import fr.paris.lutece.util.url.UrlItem; -import org.apache.james.mime4j.dom.datetime.DateTime; +import org.apache.commons.fileupload.FileItem; +import org.apache.commons.lang3.StringUtils; +import org.apache.commons.lang3.math.NumberUtils; + +import javax.servlet.http.HttpServletRequest; +import java.sql.Timestamp; +import java.time.LocalDateTime; +import java.util.*; +import java.util.stream.Collectors; /** * @@ -143,7 +139,6 @@ public class FormXPage extends MVCApplication private static final String MARK_FORM_LIST = "form_list"; private static final String MARK_DISPLAY_CAPTCHA = "display_captcha"; private static final String MARK_CAPTCHA = "captcha"; - // Other private static FormService _formService = SpringContextService.getBean( FormService.BEAN_NAME ); private ICaptchaSecurityService _captchaSecurityService = new CaptchaSecurityService( ); @@ -153,7 +148,8 @@ public class FormXPage extends MVCApplication private StepDisplayTree _stepDisplayTree; private IBreadcrumb _breadcrumb; private boolean _bInactiveStateBypassed; - private boolean IsRequestComingFromAction = false; + private Boolean isRequestFromLoginPage = false; + /** * Return the default XPage with the list of all available Form @@ -312,9 +308,6 @@ public synchronized XPage getStepView( HttpServletRequest request ) throws SiteM { _breadcrumb = SpringContextService.getBean( form.getBreadcrumbName( ) ); } - if(_formResponseManager != null && !_formResponseManager.getIsBackupResponseAlreadyInitiated() && _formResponseManager.getIsResponseLoadedFromBackup()) { - _formResponseManager.setBackupResponseAlreadyInitiated(true); - } initFormResponseManager( request, form ); if ( _formResponseManager.getFormResponse( ).isFromSave( ) ) { @@ -361,7 +354,6 @@ public synchronized XPage getStepView( HttpServletRequest request ) throws SiteM SiteMessageService.setMessage( request, FormsConstants.MESSAGE_ERROR_INACTIVE_FORM, SiteMessage.TYPE_ERROR ); } } - IsRequestComingFromAction = true; XPage xPage = getXPage( TEMPLATE_VIEW_STEP, getLocale( request ), model ); xPage.setTitle( strTitleForm ); xPage.setPathLabel( strPathForm ); @@ -451,7 +443,6 @@ private void getFormStepModel( Form form, HttpServletRequest request, Map buildModelForSummary( Form form, HttpServletRequest @Action( value = ACTION_SAVE_FORM_RESPONSE ) public synchronized XPage doSaveFormResponse( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException, AccessDeniedException { - IsRequestComingFromAction = true; // CSRF Token control if ( !SecurityTokenService.getInstance( ).validate( request, ACTION_SAVE_FORM_RESPONSE ) ) { @@ -696,7 +683,6 @@ public synchronized XPage doSaveFormResponse( HttpServletRequest request ) throw @Action( value = ACTION_SAVE_FORM_RESPONSE_SUMMARY ) public synchronized XPage doSaveFormResponseSummary( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException, AccessDeniedException { - IsRequestComingFromAction = true; // CSRF Token control if ( !SecurityTokenService.getInstance( ).validate( request, ACTION_SAVE_FORM_RESPONSE ) ) { @@ -936,7 +922,6 @@ public synchronized XPage doSaveStep( HttpServletRequest request ) throws SiteMe errorList.stream( ).collect( Collectors.joining( ) ) }, null, null, null, SiteMessage.TYPE_ERROR, null, getViewFullUrl( VIEW_STEP ) ); } - IsRequestComingFromAction = true; return getStepView( request ); } @@ -964,7 +949,6 @@ private boolean isCaptchaKO( HttpServletRequest request, boolean needValidation @Action( value = ACTION_SAVE_FOR_BACKUP ) public synchronized XPage doSaveForBackup( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException, AccessDeniedException { - IsRequestComingFromAction = true; // CSRF Token control if ( !SecurityTokenService.getInstance( ).validate( request, ACTION_SAVE_FORM_RESPONSE ) ) { @@ -1012,7 +996,6 @@ public synchronized XPage doSaveForBackup( HttpServletRequest request ) throws S _formService.saveFormForBackup( formResponse ); _formResponseManager.setFormResponseUpdateDate( formResponse.getUpdateStatus( ) ); - _formResponseManager.setIsResponseLoadedFromBackup(false); _formService.saveFormForBackup(formResponse); } return getStepView( request ); @@ -1034,7 +1017,6 @@ public synchronized XPage doSaveForBackup( HttpServletRequest request ) throws S @Action( value = ACTION_RESET_BACKUP ) public synchronized XPage doResetBackup( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException, AccessDeniedException { - IsRequestComingFromAction = true; // CSRF Token control if ( !SecurityTokenService.getInstance( ).validate( request, ACTION_SAVE_FORM_RESPONSE ) ) { @@ -1078,8 +1060,6 @@ public synchronized XPage doResetBackup( HttpServletRequest request ) throws Sit @Action( value = ACTION_ADD_ITERATION ) public synchronized XPage doAddIteration( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException { - IsRequestComingFromAction = true; - try { boolean bSessionLost = isSessionLost( ); @@ -1122,8 +1102,6 @@ public synchronized XPage doAddIteration( HttpServletRequest request ) throws Si @Action( value = ACTION_REMOVE_ITERATION ) public synchronized XPage doRemoveIteration( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException { - IsRequestComingFromAction = true; - try { boolean bSessionLost = isSessionLost( ); @@ -1166,7 +1144,6 @@ public synchronized XPage doRemoveIteration( HttpServletRequest request ) throws @Action( value = ACTION_UPLOAD ) public synchronized XPage doSynchronousUploadDocument( HttpServletRequest request ) throws SiteMessageException, UserNotSignedException { - IsRequestComingFromAction = true; boolean bSessionLost = isSessionLost( ); if ( bSessionLost ) @@ -1248,21 +1225,34 @@ public synchronized XPage doSynchronousUploadDocument( HttpServletRequest reques return getStepView( request ); } - + /* + * Check if the request is from a login page + */ + private void isRequestFromALoginPage (HttpServletRequest request) + { + String urlFromRequestReferer = request.getHeader("referer"); + // get property from forms.frontoffice.loginPage.parameters + String AUTH_PROVIDER = AppPropertiesService.getProperty(FormsConstants.FO_LOGIN_PAGE_PARAMETERS); + if (urlFromRequestReferer != null && urlFromRequestReferer.contains(AUTH_PROVIDER)) + { + isRequestFromLoginPage = true; + } + } private void initFormResponseManager( HttpServletRequest request, Form form ) { LuteceUser user = SecurityService.getInstance( ).getRegisteredUser( request ); - - if ( _formResponseManager == null || !_formResponseManager.getIsResponseLoadedFromBackup() && !IsRequestComingFromAction) + isRequestFromALoginPage(request); + if ( _formResponseManager == null || isRequestFromLoginPage) { if ( user != null && form.isBackupEnabled() ) { - _formResponseManager = _formService.createFormResponseManagerFromBackUp( form, user.getName( ) ); + _formResponseManager = _formService.createFormResponseManagerFromBackUp( form, user.getName( ), _formResponseManager ); } else { _formResponseManager = new FormResponseManager( form ); } + isRequestFromLoginPage = false; } } @@ -1313,7 +1303,6 @@ private void init( HttpServletRequest request ) _stepDisplayTree = null; _breadcrumb = null; _bInactiveStateBypassed = false; - IsRequestComingFromAction = false; FormsAsynchronousUploadHandler.getHandler( ).removeSessionFiles( request.getSession( ) ); } @@ -1329,7 +1318,6 @@ private void init( int nIdForm ) _formResponseManager = null; _stepDisplayTree = null; _breadcrumb = null; - IsRequestComingFromAction = false; } /** diff --git a/webapp/WEB-INF/conf/plugins/forms.properties b/webapp/WEB-INF/conf/plugins/forms.properties index c12db5e29..f31701dd6 100644 --- a/webapp/WEB-INF/conf/plugins/forms.properties +++ b/webapp/WEB-INF/conf/plugins/forms.properties @@ -37,3 +37,5 @@ forms.publicdashboard.question.isPublished=true # Export field list forms.entryTypeGeolocation.export.fields=address + +forms.frontOffice.loginPage.parameters=page=mylutece&action=login&auth_provider=mylutece-database \ No newline at end of file