Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SessionMaintainController.java =================================================================== diff -u -r65aec4aac4e80981cd4f91951cae556642027139 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SessionMaintainController.java (.../SessionMaintainController.java) (revision 65aec4aac4e80981cd4f91951cae556642027139) +++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SessionMaintainController.java (.../SessionMaintainController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -33,6 +33,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; /** * @author Marcin Cieslak @@ -51,7 +52,7 @@ return "sessionmaintain"; } - @RequestMapping(path = "/delete") + @RequestMapping(path = "/delete", method = RequestMethod.POST) public String delete(HttpServletRequest request) { String login = request.getParameter("login"); if (StringUtils.isNotBlank(login)) { @@ -65,4 +66,4 @@ } return list(request); } -} \ No newline at end of file +} Index: lams_admin/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_admin/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_admin/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_admin/web/user.jsp =================================================================== diff -u -rd3732d9b7ebc78c1b655611268ac8505c5d80ed5 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_admin/web/user.jsp (.../user.jsp) (revision d3732d9b7ebc78c1b655611268ac8505c5d80ed5) +++ lams_admin/web/user.jsp (.../user.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -140,20 +140,25 @@ } - function deletePortrait() { - $("#portraitButton").css('display','none'); - $.ajax({ - url : '/lams/saveportrait/deletePortrait.do', - data : { 'userId' : '' }, - success : function(response) { - if ( response == 'deleted') { - loadPortrait(''); - } else { - alert(""); - } + function deletePortrait() { + $("#portraitButton").css('display','none'); + + $.ajax({ + url : '/lams/saveportrait/deletePortrait.do', + data : { + 'userId': '' , + "": "" + }, + type : 'POST', + success : function(response) { + if ( response == 'deleted') { + loadPortrait(''); + } else { + alert(""); + } + } + }); } - }); - } @@ -162,8 +167,8 @@ ${title}: - - + + @@ -581,4 +586,4 @@ - \ No newline at end of file + Index: lams_admin/web/userChangePass.jsp =================================================================== diff -u -rd3732d9b7ebc78c1b655611268ac8505c5d80ed5 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_admin/web/userChangePass.jsp (.../userChangePass.jsp) (revision d3732d9b7ebc78c1b655611268ac8505c5d80ed5) +++ lams_admin/web/userChangePass.jsp (.../userChangePass.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -85,6 +85,7 @@
+
- \ No newline at end of file + Index: lams_build/build.xml =================================================================== diff -u -r04139fefed984c5d64af1aca268e5a1a1ea008a2 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_build/build.xml (.../build.xml) (revision 04139fefed984c5d64af1aca268e5a1a1ea008a2) +++ lams_build/build.xml (.../build.xml) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -417,14 +417,22 @@ - + + + + + + + + Index: lams_build/conf/j2ee/jboss-deployment-structure.xml =================================================================== diff -u -r03004d7d5f4d220a5042b7417be6b636bb2ab490 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_build/conf/j2ee/jboss-deployment-structure.xml (.../jboss-deployment-structure.xml) (revision 03004d7d5f4d220a5042b7417be6b636bb2ab490) +++ lams_build/conf/j2ee/jboss-deployment-structure.xml (.../jboss-deployment-structure.xml) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -52,6 +52,7 @@ + + + + + csrfguard + /WEB-INF/tlds/security/csrfguard.tld + Index: lams_central/web/addLesson.jsp =================================================================== diff -u -r9091ed8c9bae9a48f88622c0c5031af2a39772dc -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/addLesson.jsp (.../addLesson.jsp) (revision 9091ed8c9bae9a48f88622c0c5031af2a39772dc) +++ lams_central/web/addLesson.jsp (.../addLesson.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,10 +1,7 @@ -<%@ page contentType="text/html; charset=utf-8" language="java"%> -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> + +<%@ include file="/common/taglibs.jsp"%> - @@ -61,7 +58,7 @@
- + @@ -360,4 +357,4 @@ - \ No newline at end of file + Index: lams_central/web/authoring/authoring.jsp =================================================================== diff -u -r9091ed8c9bae9a48f88622c0c5031af2a39772dc -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/authoring/authoring.jsp (.../authoring.jsp) (revision 9091ed8c9bae9a48f88622c0c5031af2a39772dc) +++ lams_central/web/authoring/authoring.jsp (.../authoring.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,12 +1,7 @@ -<%@ page language="java" pageEncoding="UTF-8" contentType="text/html;charset=utf-8"%> -<%@ page import="org.lamsfoundation.lams.util.Configuration"%> -<%@ page import="org.lamsfoundation.lams.util.ConfigurationKeys"%> - -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-core" prefix="c"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> - +<%@ include file="/common/taglibs.jsp"%> +<%@ page import="org.lamsfoundation.lams.util.Configuration" import="org.lamsfoundation.lams.util.ConfigurationKeys" %> + @@ -288,7 +283,9 @@ initContentFolderID = '${contentFolderID}', initLearningDesignID = '${param.learningDesignID}', learningLibraryGroups = ${learningLibraryGroups}, - initAccess = ${access}; + initAccess = ${access}, + csrfTokenName = '', + csrfTokenValue = ''; Index: lams_central/web/authoring/template/tool/assessmcq.jsp =================================================================== diff -u -r4c5a620700d152367d81a3ad8cf1d0f0b94f86ac -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/authoring/template/tool/assessmcq.jsp (.../assessmcq.jsp) (revision 4c5a620700d152367d81a3ad8cf1d0f0b94f86ac) +++ lams_central/web/authoring/template/tool/assessmcq.jsp (.../assessmcq.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,10 +1,6 @@ -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> -<%@ taglib uri="tags-function" prefix="fn" %> +<%@ include file="/common/taglibs.jsp"%> <%@ page import="org.lamsfoundation.lams.authoring.template.web.LdTemplateController"%> - ${questionNumber eq 1 ? "class=\"input required\"" : "class=\"input\""} <%-- Generic MCQ question for assessment. Expects an input of questionNumber, contentFolderID, and creates a text field field question${questionNumber} and three options. Index: lams_central/web/authoring/template/tool/assessment.jsp =================================================================== diff -u -r4c5a620700d152367d81a3ad8cf1d0f0b94f86ac -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/authoring/template/tool/assessment.jsp (.../assessment.jsp) (revision 4c5a620700d152367d81a3ad8cf1d0f0b94f86ac) +++ lams_central/web/authoring/template/tool/assessment.jsp (.../assessment.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,6 +1,4 @@ -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> +<%@ include file="/common/taglibs.jsp"%> <%-- Generic assessment tool page. Expects an input of questionNumber & contentFolderID, and creates a field named assessment${questionNumber} suitable for a essay entry. Question, and hence question.title and question.text are optional and are only populated if QTI is used to start the questions. ${containingDivName} is set if this is being called from a page with multiple sets of assessments, like the Application Exercises for TBL. --%> Index: lams_central/web/authoring/template/tool/mcquestion.jsp =================================================================== diff -u -r4c5a620700d152367d81a3ad8cf1d0f0b94f86ac -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/authoring/template/tool/mcquestion.jsp (.../mcquestion.jsp) (revision 4c5a620700d152367d81a3ad8cf1d0f0b94f86ac) +++ lams_central/web/authoring/template/tool/mcquestion.jsp (.../mcquestion.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,7 +1,4 @@ -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> -<%@ taglib uri="tags-function" prefix="fn" %> +<%@ include file="/common/taglibs.jsp"%> <%@ page import="org.lamsfoundation.lams.authoring.template.web.LdTemplateController"%> <%-- Generic MC question page. Expects an input of questionNumber, contentFolderID, and creates a text field field question${questionNumber} and three options / as many as are need for a QTI import --%> Index: lams_central/web/authoringConfirm.jsp =================================================================== diff -u -r529eefb35bded3cfe968dc9e83e5c32fe192a9a8 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/authoringConfirm.jsp (.../authoringConfirm.jsp) (revision 529eefb35bded3cfe968dc9e83e5c32fe192a9a8) +++ lams_central/web/authoringConfirm.jsp (.../authoringConfirm.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,9 +1,5 @@ -<%@ page language="java" pageEncoding="UTF-8" - contentType="text/html;charset=utf-8"%> -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-core" prefix="c" %> - +<%@ include file="/common/taglibs.jsp"%> Index: lams_central/web/common/taglibs.jsp =================================================================== diff -u -r6cbd849584c40532c6be292f9f009c88cde9439c -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/common/taglibs.jsp (.../taglibs.jsp) (revision 6cbd849584c40532c6be292f9f009c88cde9439c) +++ lams_central/web/common/taglibs.jsp (.../taglibs.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,6 +1,7 @@ <%@ page language="java" errorPage="/error.jsp" pageEncoding="UTF-8" contentType="text/html;charset=utf-8" %> -<%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%@ taglib uri="tags-core" prefix="c" %> +<%@ taglib uri="tags-function" prefix="fn" %> <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams" %> <%@ taglib uri="http://www.springframework.org/tags/form" prefix="form" %> Index: lams_central/web/includes/javascript/authoring/authoringGeneral.js =================================================================== diff -u -r9091ed8c9bae9a48f88622c0c5031af2a39772dc -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/includes/javascript/authoring/authoringGeneral.js (.../authoringGeneral.js) (revision 9091ed8c9bae9a48f88622c0c5031af2a39772dc) +++ lams_central/web/includes/javascript/authoring/authoringGeneral.js (.../authoringGeneral.js) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -347,17 +347,19 @@ if (!title) { return; } - - + var data = { + 'name' : title, + 'parentFolderID' : parentFolder.folderID + }; + data[csrfTokenName] = csrfTokenValue; + $.ajax({ + type : 'POST', cache : false, async : true, url : LAMS_URL + "workspace/createFolder.do", dataType : 'text', - data : { - 'name' : title, - 'parentFolderID' : parentFolder.folderID - }, + data : data, success : function() { ldTreeview.refresh(tree, parentFolder); } @@ -411,16 +413,20 @@ } } + var data = { + 'targetFolderID' : folderNode.folderID, + 'resourceID' : copiedResource.isFolder ? copiedResource.resourceNode.folderID + : copiedResource.resourceNode.learningDesignId , + 'resourceType' : copiedResource.isFolder ? 'Folder' : 'LearningDesign' + }; + data[csrfTokenName] = csrfTokenValue; + $.ajax({ + type : 'POST', cache : false, url : copiedResource.isCut ? LAMS_URL + "workspace/moveResource.do" : LAMS_URL + "workspace/copyResource.do", dataType : 'text', - data : { - 'targetFolderID' : folderNode.folderID, - 'resourceID' : copiedResource.isFolder ? copiedResource.resourceNode.folderID - : copiedResource.resourceNode.learningDesignId , - 'resourceType' : copiedResource.isFolder ? 'Folder' : 'LearningDesign' - }, + data : data, success : function() { if (copiedResource.isCut) { var parent = tree.treeview('getParent', copiedResource.resourceNode); @@ -451,16 +457,18 @@ if (!confirm(LABELS.DELETE_NODE_CONFIRM + ' ' + (isFolder ? LABELS.FOLDER : LABELS.SEQUENCE) + '?')) { return; } - + var data = { + 'resourceID' : isFolder? ldNode.folderID : ldNode.learningDesignId, + 'resourceType' : isFolder ? 'Folder' : 'LearningDesign' + } + data[csrfTokenName] = csrfTokenValue; $.ajax({ + type : 'POST', cache : false, async : true, url : LAMS_URL + "workspace/deleteResource.do", dataType : 'text', - data : { - 'resourceID' : isFolder? ldNode.folderID : ldNode.learningDesignId, - 'resourceType' : isFolder ? 'Folder' : 'LearningDesign' - }, + data : data, success : function() { var parentFolder = tree.treeview('getParent', ldNode); ldTreeview.refresh(tree, parentFolder); @@ -504,17 +512,21 @@ if (!title) { return; } - + + var data = { + 'name' : title, + 'resourceID' : isFolder? ldNode.folderID : ldNode.learningDesignId, + 'resourceType' : isFolder ? 'Folder' : 'LearningDesign' + }; + data[csrfTokenName] = csrfTokenValue; + $.ajax({ + type : 'POST', cache : false, async : true, url : LAMS_URL + "workspace/renameResource.do", dataType : 'text', - data : { - 'name' : title, - 'resourceID' : isFolder? ldNode.folderID : ldNode.learningDesignId, - 'resourceType' : isFolder ? 'Folder' : 'LearningDesign' - }, + data : data, success : function(response) { var parentNode = tree.treeview('getParent', ldNode); ldTreeview.refresh(tree, parentNode); @@ -830,6 +842,7 @@ // tool content ID can be null if the activity had the default content, i.e. was not edited yet if (activity.toolContentID) { $.ajax({ + type : 'POST', cache : false, async : false, url : LAMS_URL + "authoring/copyToolContent.do", @@ -1689,6 +1702,7 @@ } // get LD details $.ajax({ + type : 'POST', async : false, cache : false, url : LAMS_URL + "authoring/openLearningDesign.do", @@ -2842,16 +2856,18 @@ ? 1 : 0; ld.readOnly = readOnly; ld.systemGate = null; + var data = { + 'ld' : JSON.stringify(ld) + }; + data[csrfTokenName] = csrfTokenValue; $.ajax({ type : 'POST', cache : false, async : false, url : LAMS_URL + "authoring/saveLearningDesign.do", dataType : 'json', - data : { - 'ld' : JSON.stringify(ld) - }, + data : data, success : function(response) { layout.ld.folderID = folderID; layout.ld.title = title; @@ -3088,6 +3104,7 @@ // load the thumbnail $.ajax({ + type : 'POST', dataType : 'text', url : LD_THUMBNAIL_URL_BASE + learningDesignID, cache : false, @@ -3263,4 +3280,4 @@ validateName : function(name) { return name && GeneralLib.nameValidator.test(name); } -}; \ No newline at end of file +}; Index: lams_central/web/includes/javascript/authoring/authoringMenu.js =================================================================== diff -u -r9091ed8c9bae9a48f88622c0c5031af2a39772dc -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/includes/javascript/authoring/authoringMenu.js (.../authoringMenu.js) (revision 9091ed8c9bae9a48f88622c0c5031af2a39772dc) +++ lams_central/web/includes/javascript/authoring/authoringMenu.js (.../authoringMenu.js) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -250,8 +250,13 @@ 'modal' : true, 'title' : LABELS.EXPORT_SEQUENCE_DIALOG_TITLE, 'open' : function() { - $('iframe', this).attr('src', LAMS_URL + 'authoring/exportToolContent/export.do?learningDesignID=' - + layout.ld.learningDesignID); + //dynamically create a form and submit it + var exportExcelUrl = LAMS_URL + 'authoring/exportToolContent/export.do?learningDesignID=' + layout.ld.learningDesignID; + var form = $(''); + var hiddenInput = $(''); + form.append(hiddenInput); + $(document.body).append(form); + form.submit(); } }, false) .addClass('smallHeader') Index: lams_central/web/includes/javascript/main.js =================================================================== diff -u -r47f01daecb191d1ca81eaf131b1d063b2bc640b5 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/includes/javascript/main.js (.../main.js) (revision 47f01daecb191d1ca81eaf131b1d063b2bc640b5) +++ lams_central/web/includes/javascript/main.js (.../main.js) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -668,18 +668,18 @@ if (confirm(LABELS.REMOVE_LESSON_CONFIRM1)) { if (confirm(LABELS.REMOVE_LESSON_CONFIRM2)) { $.ajax({ - async : false, url : LAMS_URL + "monitoring/monitoring/removeLesson.do", - data : "lessonID=" + lessonID, - type : "POST", - success : function(json) { + type: "POST", + async : false, + data: $("#csrf-form").serialize() + "&lessonID=" + lessonID, + success: function(json) { if (json.removeLesson == true) { loadOrganisation(); } else { alert(json.removeLesson); - } - } - }); + } + } + }) } } } \ No newline at end of file Index: lams_central/web/includes/javascript/orgGroup.js =================================================================== diff -u -re4805c673344fab0a072211ba0a86c76c7c63b7e -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/includes/javascript/orgGroup.js (.../orgGroup.js) (revision e4805c673344fab0a072211ba0a86c76c7c63b7e) +++ lams_central/web/includes/javascript/orgGroup.js (.../orgGroup.js) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -335,15 +335,18 @@ executeDelete = !lessonMode; if (lessonMode) { + var data = { + 'activityID' : groupingActivityId, + 'groupID' : groupId + }; + data[csrfTokenName] = csrfTokenValue; + $.ajax({ async : false, cache : false, dataType : 'json', url : LAMS_URL + 'monitoring/grouping/removeGroup.do', - data : { - 'activityID' : groupingActivityId, - 'groupID' : groupId - }, + data : data, type : 'POST', success : function(response) { executeDelete = response.result; @@ -367,14 +370,16 @@ var inputEditable = !nameInput.attr('readonly'); // only lesson groups which exist on the server need to have their names changed immediatelly if (lessonMode && groupId && inputEditable) { - var groupName = nameInput.val(); + var data = { + 'groupID' : groupId, + 'name' : nameInput.val()//groupName + }; + data[csrfTokenName] = csrfTokenValue; + $.ajax({ cache : false, url : LAMS_URL + 'monitoring/grouping/changeGroupName.do', - data : { - 'groupID' : groupId, - 'name' : groupName - }, + data : data, type : 'POST' }); } @@ -483,18 +488,20 @@ // name is only needed when creating a new group, i.e. a group which does not have ID yet var groupName = groupId ? null : $('input', groupContainer).val(); var result = false; + var data = { + 'activityID' : groupingActivityId, + 'groupID' : groupId, + 'name' : groupName, + 'members' : userIds ? userIds.join() : null + }; + data[csrfTokenName] = csrfTokenValue; $.ajax({ async : false, cache : false, dataType : 'json', url : LAMS_URL + 'monitoring/grouping/addMembers.do', - data : { - 'activityID' : groupingActivityId, - 'groupID' : groupId, - 'name' : groupName, - 'members' : userIds ? userIds.join() : null - }, + data : data, type : 'POST', success : function(response) { result = response.result; @@ -796,16 +803,20 @@ }, success : function(response) { if (response.isGroupingNameUnique) { + var data = { + 'organisationID' : organisationId, + 'activityID' : groupingActivityId, + 'name' : name + }; + data[csrfTokenName] = csrfTokenValue; + $.ajax({ dataType : 'json', url : LAMS_URL + 'monitoring/grouping/saveAsCourseGrouping.do', + type : 'POST', cache : false, async : false, - data : { - 'organisationID' : organisationId, - 'activityID' : groupingActivityId, - 'name' : name - }, + data : data, success : function(response) { $('#saveAsCourseGroupingDialog').modal('hide'); alert(LABELS.SAVED_SUCCESSFULLY_LABEL); Index: lams_central/web/includes/javascript/outcome.js =================================================================== diff -u -r7ba17e82a4cd08db748536b39aef80a4f1c03027 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/includes/javascript/outcome.js (.../outcome.js) (revision 7ba17e82a4cd08db748536b39aef80a4f1c03027) +++ lams_central/web/includes/javascript/outcome.js (.../outcome.js) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -8,7 +8,8 @@ function removeOutcome(outcomeId) { if (confirm(LABELS.REMOVE_OUTCOME_CONFIRM_LABEL)) { - document.location.href = 'outcomeRemove.do?outcomeId=' + outcomeId; + var f = document.getElementById(outcomeId); + f.submit(); } } @@ -89,4 +90,4 @@ }, 1000); document.location.href = LAMS_URL + 'outcome/' + (isScaleExport ? 'scaleExport' : 'outcomeExport') + '.do?downloadTokenValue=' + token; return false; -} \ No newline at end of file +} Index: lams_central/web/main.jsp =================================================================== diff -u -ra9f95a26e562a58b55c99f2c18e253c151ef457a -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/main.jsp (.../main.jsp) (revision a9f95a26e562a58b55c99f2c18e253c151ef457a) +++ lams_central/web/main.jsp (.../main.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,11 +1,7 @@ -<%@ page contentType="text/html; charset=utf-8" language="java"%> -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> -<%@ taglib uri="tags-function" prefix="fn"%> + +<%@ include file="/common/taglibs.jsp"%> - <fmt:message key="title.lams"/> :: <fmt:message key="index.welcome" /> @@ -332,5 +328,7 @@ + + Index: lams_central/web/outcome/outcomeEdit.jsp =================================================================== diff -u -r7ba17e82a4cd08db748536b39aef80a4f1c03027 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/outcome/outcomeEdit.jsp (.../outcomeEdit.jsp) (revision 7ba17e82a4cd08db748536b39aef80a4f1c03027) +++ lams_central/web/outcome/outcomeEdit.jsp (.../outcomeEdit.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,11 +1,6 @@ -<%@ page contentType="text/html; charset=utf-8" language="java"%> -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> -<%@ taglib uri="tags-function" prefix="fn" %> -<%@ taglib uri="http://www.springframework.org/tags/form" prefix="form" %> - +<%@ include file="/common/taglibs.jsp"%> + @@ -43,8 +38,8 @@ - +
@@ -94,4 +89,4 @@
- \ No newline at end of file + Index: lams_central/web/outcome/outcomeManage.jsp =================================================================== diff -u -r7ba17e82a4cd08db748536b39aef80a4f1c03027 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/outcome/outcomeManage.jsp (.../outcomeManage.jsp) (revision 7ba17e82a4cd08db748536b39aef80a4f1c03027) +++ lams_central/web/outcome/outcomeManage.jsp (.../outcomeManage.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,12 +1,8 @@ -<%@ page contentType="text/html; charset=utf-8" language="java"%> -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> - +<%@ include file="/common/taglibs.jsp"%> - <fmt:message key="index.outcome.manage" /> + <fmt:message key="index.outcome.manage" /> @@ -62,9 +58,9 @@
- - + + +
@@ -91,4 +87,4 @@
- \ No newline at end of file + Index: lams_central/web/outcome/scaleEdit.jsp =================================================================== diff -u -r7ba17e82a4cd08db748536b39aef80a4f1c03027 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/outcome/scaleEdit.jsp (.../scaleEdit.jsp) (revision 7ba17e82a4cd08db748536b39aef80a4f1c03027) +++ lams_central/web/outcome/scaleEdit.jsp (.../scaleEdit.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,11 +1,6 @@ -<%@ page contentType="text/html; charset=utf-8" language="java"%> -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> -<%@ taglib uri="tags-function" prefix="fn" %> -<%@ taglib uri="http://www.springframework.org/tags/form" prefix="form" %> - +<%@ include file="/common/taglibs.jsp"%> + Index: lams_central/web/outcome/scaleManage.jsp =================================================================== diff -u -r7ba17e82a4cd08db748536b39aef80a4f1c03027 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/outcome/scaleManage.jsp (.../scaleManage.jsp) (revision 7ba17e82a4cd08db748536b39aef80a4f1c03027) +++ lams_central/web/outcome/scaleManage.jsp (.../scaleManage.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,9 +1,6 @@ -<%@ page contentType="text/html; charset=utf-8" language="java"%> -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="tags-core" prefix="c"%> - +<%@ include file="/common/taglibs.jsp"%> + Index: lams_central/web/questions/questionChoice.jsp =================================================================== diff -u -r9846a1d61f34b45ba6db0e6a7daf2a620e607c83 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/questions/questionChoice.jsp (.../questionChoice.jsp) (revision 9846a1d61f34b45ba6db0e6a7daf2a620e607c83) +++ lams_central/web/questions/questionChoice.jsp (.../questionChoice.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,11 +1,6 @@ +<%@ include file="/common/taglibs.jsp"%> -<%@ page language="java" pageEncoding="UTF-8" contentType="text/html;charset=utf-8" %> -<%@ taglib uri="tags-lams" prefix="lams" %> -<%@ taglib uri="tags-fmt" prefix="fmt" %> -<%@ taglib uri="tags-core" prefix="c" %> -<%@ taglib uri="tags-function" prefix="fn" %> - <fmt:message key="title.lams" /> :: <fmt:message key="label.questions.choice.title" /> Index: lams_central/web/questions/questionFile.jsp =================================================================== diff -u -r9846a1d61f34b45ba6db0e6a7daf2a620e607c83 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/questions/questionFile.jsp (.../questionFile.jsp) (revision 9846a1d61f34b45ba6db0e6a7daf2a620e607c83) +++ lams_central/web/questions/questionFile.jsp (.../questionFile.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,8 +1,5 @@ -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> -<%@ taglib uri="http://www.springframework.org/tags/form" prefix="form" %> -<%@ taglib uri="tags-core" prefix="c"%> +<%@ include file="/common/taglibs.jsp"%> <%@ page import="org.lamsfoundation.lams.util.Configuration" %> <%@ page import="org.lamsfoundation.lams.util.ConfigurationKeys" %> <%@ page import="org.lamsfoundation.lams.util.FileValidatorUtil" %> @@ -16,16 +13,16 @@ -div#errorArea { - display: none; -} - - Index: lams_central/web/toolcontent/import.jsp =================================================================== diff -u -raa5d6d2ab7a3d3b7b9fe4e910578c1393bf5ed3d -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_central/web/toolcontent/import.jsp (.../import.jsp) (revision aa5d6d2ab7a3d3b7b9fe4e910578c1393bf5ed3d) +++ lams_central/web/toolcontent/import.jsp (.../import.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,7 +1,5 @@ -<%@ taglib uri="tags-lams" prefix="lams"%> -<%@ taglib uri="tags-core" prefix="c"%> -<%@ taglib uri="tags-fmt" prefix="fmt"%> +<%@ include file="/common/taglibs.jsp"%> <%@ page import="org.lamsfoundation.lams.util.Configuration" %> <%@ page import="org.lamsfoundation.lams.util.ConfigurationKeys" %> <%@ page import="org.lamsfoundation.lams.util.FileValidatorUtil" %> Index: lams_common/src/java/org/lamsfoundation/lams/util/WebUtil.java =================================================================== diff -u -r43d88e533dd5666feeaeab4368982ad8028bfae3 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_common/src/java/org/lamsfoundation/lams/util/WebUtil.java (.../WebUtil.java) (revision 43d88e533dd5666feeaeab4368982ad8028bfae3) +++ lams_common/src/java/org/lamsfoundation/lams/util/WebUtil.java (.../WebUtil.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -404,7 +404,7 @@ * @throws IOException */ public static InputStream getResponseInputStreamFromExternalServer(String urlStr, HashMap params) - throws Exception { + throws IOException { if (!urlStr.contains("?")) { urlStr += "?"; } @@ -419,7 +419,7 @@ URLConnection conn = url.openConnection(); if (!(conn instanceof HttpURLConnection)) { WebUtil.log.error("Fail to connect to external server though url: " + urlStr); - throw new Exception("Fail to connect to external server though url: " + urlStr); + throw new RuntimeException("Fail to connect to external server though url: " + urlStr); } HttpURLConnection httpConn = (HttpURLConnection) conn; @@ -430,7 +430,7 @@ InputStream is = url.openConnection().getInputStream(); if (is == null) { WebUtil.log.error("Fail to fetch data from external server, return InputStream null: " + urlStr); - throw new Exception("Fail to fetch data from external server, return inputStream null: " + urlStr); + throw new RuntimeException("Fail to fetch data from external server, return inputStream null: " + urlStr); } return is; @@ -536,4 +536,4 @@ transformer.transform(domSource, result); return writer.toString(); } -} \ No newline at end of file +} Index: lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/web/controller/GradebookController.java =================================================================== diff -u -r394f403c289f0fd7808c228840bead5c4e7d5d32 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/web/controller/GradebookController.java (.../GradebookController.java) (revision 394f403c289f0fd7808c228840bead5c4e7d5d32) +++ lams_gradebook/src/java/org/lamsfoundation/lams/gradebook/web/controller/GradebookController.java (.../GradebookController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -544,7 +544,6 @@ /** * Gets the average mark for an activity and writes the result in the response */ - @SuppressWarnings("unchecked") @RequestMapping("/getActivityMarkAverage") @ResponseBody public String getActivityMarkAverage(HttpServletRequest request, HttpServletResponse response) throws Exception { @@ -623,4 +622,4 @@ } } -} \ No newline at end of file +} Index: lams_gradebook/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_gradebook/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_gradebook/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_learning/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_learning/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_learning/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_monitoring/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_monitoring/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_monitoring/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/AuthoringController.java =================================================================== diff -u -rdfe56d4e96817b6c39d064b4056799b8334409e2 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/AuthoringController.java (.../AuthoringController.java) (revision dfe56d4e96817b6c39d064b4056799b8334409e2) +++ lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/AuthoringController.java (.../AuthoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -121,7 +121,7 @@ return readDatabaseData(assessmentForm, request, mode); } - @RequestMapping("/definelater") + @RequestMapping(path = "/definelater", method = RequestMethod.POST) public String definelater(@ModelAttribute("assessmentForm") AssessmentForm assessmentForm, HttpServletRequest request) throws ServletException { // update define later flag to true @@ -220,7 +220,7 @@ * etc. */ @SuppressWarnings("unchecked") - @RequestMapping("/updateContent") + @RequestMapping(path = "/updateContent", method = RequestMethod.POST) public String updateContent(@ModelAttribute("assessmentForm") AssessmentForm assessmentForm, HttpServletRequest request) throws Exception { // get back sessionMAP Index: lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/MonitoringController.java =================================================================== diff -u -ra9f95a26e562a58b55c99f2c18e253c151ef457a -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/MonitoringController.java (.../MonitoringController.java) (revision a9f95a26e562a58b55c99f2c18e253c151ef457a) +++ lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/MonitoringController.java (.../MonitoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -73,8 +73,10 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; @@ -212,7 +214,7 @@ return "pages/monitoring/parts/usersummary"; } - @RequestMapping("/saveUserGrade") + @RequestMapping(path = "/saveUserGrade", method = RequestMethod.POST) public void saveUserGrade(HttpServletRequest request, HttpServletResponse response) { if ((request.getParameter(AssessmentConstants.PARAM_NOT_A_NUMBER) == null) @@ -226,10 +228,9 @@ /** * Set Submission Deadline */ - @RequestMapping("/setSubmissionDeadline") + @RequestMapping(path = "/setSubmissionDeadline", method = RequestMethod.POST, produces = MediaType.TEXT_PLAIN_VALUE) @ResponseBody - public String setSubmissionDeadline(HttpServletRequest request, HttpServletResponse response) throws IOException { - + public String setSubmissionDeadline(HttpServletRequest request) { Long contentID = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); Assessment assessment = service.getAssessmentByContentId(contentID); @@ -248,9 +249,7 @@ assessment.setSubmissionDeadline(tzSubmissionDeadline); service.saveOrUpdateAssessment(assessment); - response.setContentType("text/plain;charset=utf-8"); - response.getWriter().print(formattedDate); - return null; + return formattedDate; } /** @@ -513,9 +512,10 @@ /** * Excel Summary Export. */ + @RequestMapping(path = "/exportSummary", method = RequestMethod.POST) @SuppressWarnings("unchecked") - @RequestMapping("/exportSummary") - public String exportSummary(HttpServletRequest request, HttpServletResponse response) throws IOException { + @ResponseStatus(HttpStatus.OK) + public void exportSummary(HttpServletRequest request, HttpServletResponse response) throws IOException { String sessionMapID = request.getParameter(AssessmentConstants.ATTR_SESSION_MAP_ID); String fileName = null; boolean showUserNames = true; @@ -539,7 +539,7 @@ Assessment assessment = service.getAssessmentByContentId(contentId); if (assessment == null) { - return null; + return; } List sheets = service.exportSummary(assessment, sessionDtos, showUserNames); @@ -561,8 +561,6 @@ ServletOutputStream out = response.getOutputStream(); ExcelUtil.createExcel(out, sheets, service.getMessage("label.export.exported.on"), true); - - return null; } @RequestMapping("/statistic") @@ -595,7 +593,7 @@ /** * Allows displaying correct answers to learners */ - @RequestMapping("/discloseCorrectAnswers") + @RequestMapping(path = "/discloseCorrectAnswers", method = RequestMethod.POST) public void discloseCorrectAnswers(HttpServletRequest request, HttpServletResponse response) { Long questionUid = WebUtil.readLongParam(request, "questionUid"); Long toolContentId = WebUtil.readLongParam(request, AssessmentConstants.PARAM_TOOL_CONTENT_ID); @@ -615,7 +613,7 @@ /** * Allows displaying other groups' answers to learners */ - @RequestMapping("/discloseGroupsAnswers") + @RequestMapping(path = "/discloseGroupsAnswers", method = RequestMethod.POST) public void discloseGroupsAnswers(HttpServletRequest request, HttpServletResponse response) { Long questionUid = WebUtil.readLongParam(request, "questionUid"); Long toolContentId = WebUtil.readLongParam(request, AssessmentConstants.PARAM_TOOL_CONTENT_ID); Index: lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/TblMonitoringController.java =================================================================== diff -u -ra9f95a26e562a58b55c99f2c18e253c151ef457a -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/TblMonitoringController.java (.../TblMonitoringController.java) (revision a9f95a26e562a58b55c99f2c18e253c151ef457a) +++ lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/TblMonitoringController.java (.../TblMonitoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -49,7 +49,7 @@ * Shows ira page in case of Assessment activity */ @RequestMapping("iraAssessment") - public String iraAssessment(HttpServletRequest request) throws IOException, ServletException { + public String iraAssessment(HttpServletRequest request) { Long toolContentId = WebUtil.readLongParam(request, "toolContentID"); String[] toolContentIds = new String[] { toolContentId.toString() }; @@ -66,7 +66,7 @@ * Shows ira page in case of Assessment activity */ @RequestMapping("iraAssessmentStudentChoices") - public String iraAssessmentStudentChoices(HttpServletRequest request) throws IOException, ServletException { + public String iraAssessmentStudentChoices(HttpServletRequest request) { Long toolContentId = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); Assessment assessment = assessmentService.getAssessmentByContentId(toolContentId); @@ -169,7 +169,7 @@ * Shows aes page */ @RequestMapping("aes") - public String aes(HttpServletRequest request) throws IOException, ServletException { + public String aes(HttpServletRequest request) { String[] toolContentIds = request.getParameter("assessmentToolContentIds").split(","); String[] activityTitles = request.getParameter("assessmentActivityTitles").split("\\,"); @@ -186,8 +186,7 @@ * Shows ira StudentChoices page */ @RequestMapping("aesStudentChoices") - public String aesStudentChoices(HttpServletRequest request) throws IOException, ServletException { - + public String aesStudentChoices(HttpServletRequest request) { Long toolContentId = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); Assessment assessment = assessmentService.getAssessmentByContentId(toolContentId); Map questionSummaries = assessmentService.getQuestionSummaryForExport(assessment); @@ -297,12 +296,9 @@ /** * Get ModalDialog for Teams tab. - * - * @throws JSONException - * @throws IOException */ @RequestMapping("getModalDialogForTeamsTab") - public String getModalDialogForTeamsTab(HttpServletRequest request) throws IOException { + public String getModalDialogForTeamsTab(HttpServletRequest request) { long toolContentId = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); Long userId = WebUtil.readLongParam(request, AttributeNames.PARAM_USER_ID); Index: lams_tool_assessment/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_assessment/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_assessment/web/pages/authoring/authoring.jsp =================================================================== diff -u -r269c13324c6bb998631af858dc8091ad3102ef78 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/pages/authoring/authoring.jsp (.../authoring.jsp) (revision 269c13324c6bb998631af858dc8091ad3102ef78) +++ lams_tool_assessment/web/pages/authoring/authoring.jsp (.../authoring.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -47,8 +47,9 @@ - + Index: lams_tool_assessment/web/pages/monitoring/monitoring.jsp =================================================================== diff -u -r6b89d0c84a5695fb1ad02d5525eb240a9f4d3134 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/pages/monitoring/monitoring.jsp (.../monitoring.jsp) (revision 6b89d0c84a5695fb1ad02d5525eb240a9f4d3134) +++ lams_tool_assessment/web/pages/monitoring/monitoring.jsp (.../monitoring.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -27,7 +27,7 @@ lams: '', submissionDeadline: '${submissionDeadline}', submissionDateString: '${submissionDateString}', - setSubmissionDeadlineUrl: '', + setSubmissionDeadlineUrl: '?', toolContentID: '${param.toolContentID}', messageNotification: '', messageRestrictionSet: '', Index: lams_tool_assessment/web/pages/monitoring/parts/questionsummary.jsp =================================================================== diff -u -r6b89d0c84a5695fb1ad02d5525eb240a9f4d3134 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/pages/monitoring/parts/questionsummary.jsp (.../questionsummary.jsp) (revision 6b89d0c84a5695fb1ad02d5525eb240a9f4d3134) +++ lams_tool_assessment/web/pages/monitoring/parts/questionsummary.jsp (.../questionsummary.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -80,7 +80,7 @@ ], multiselect: false, caption: "${sessionDto.sessionName}", - cellurl: '', + cellurl: '&', cellEdit: true, beforeEditCell: function (rowid,name,val,iRow,iCol){ previousCellValue = val; Index: lams_tool_assessment/web/pages/monitoring/parts/usersummary.jsp =================================================================== diff -u -r6b89d0c84a5695fb1ad02d5525eb240a9f4d3134 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/pages/monitoring/parts/usersummary.jsp (.../usersummary.jsp) (revision 6b89d0c84a5695fb1ad02d5525eb240a9f4d3134) +++ lams_tool_assessment/web/pages/monitoring/parts/usersummary.jsp (.../usersummary.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -62,7 +62,7 @@ {name:'grade', index:'grade', width:80, sorttype:"float", editable:true, editoptions: {size:4, maxlength: 4}, align:"right", classes: 'vertical-align' } ], multiselect: false, - cellurl: '', + cellurl: '&', cellEdit: true, beforeEditCell: function (rowid,name,val,iRow,iCol){ previousCellValue = val; Index: lams_tool_assessment/web/pages/monitoring/summary.jsp =================================================================== diff -u -r670dd8e248dc4705c92031c79d05a99559e35024 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/pages/monitoring/summary.jsp (.../summary.jsp) (revision 670dd8e248dc4705c92031c79d05a99559e35024) +++ lams_tool_assessment/web/pages/monitoring/summary.jsp (.../summary.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -112,7 +112,7 @@ ], multiselect: false, - cellurl: '', + cellurl: '&', cellEdit: true, afterEditCell: function (rowid,name,val,iRow,iCol){ oldValue = eval(val); @@ -213,7 +213,8 @@ // ajax calls to disclose correct/groups answers correctButton.click(function(){ $.ajax({ - 'url' : 'monitoring/discloseCorrectAnswers.do', + type: 'POST', + 'url' : 'monitoring/discloseCorrectAnswers.do?', 'data' : { 'questionUid' : questionUidSelect.val(), 'toolContentID' : '${sessionMap.assessment.contentId}' @@ -226,7 +227,8 @@ groupsButton.click(function(){ $.ajax({ - 'url' : 'monitoring/discloseGroupsAnswers.do', + type: 'POST', + 'url' : 'monitoring/discloseGroupsAnswers.do?', 'data' : { 'questionUid' : questionUidSelect.val(), 'toolContentID' : '${sessionMap.assessment.contentId}' @@ -242,7 +244,8 @@ var option = $(this), questionUid = option.val(); $.ajax({ - 'url' : 'monitoring/discloseCorrectAnswers.do', + type: 'POST', + 'url' : 'monitoring/discloseCorrectAnswers.do?', 'data' : { 'questionUid' : questionUid, 'toolContentID' : '${sessionMap.assessment.contentId}' @@ -262,7 +265,8 @@ var option = $(this), questionUid = option.val(); $.ajax({ - 'url' : 'monitoring/discloseGroupsAnswers.do', + type: 'POST', + 'url' : 'monitoring/discloseGroupsAnswers.do?', 'data' : { 'questionUid' : questionUid, 'toolContentID' : '${sessionMap.assessment.contentId}' @@ -295,10 +299,7 @@ } function exportSummary() { - var url = ""; - var reqIDVar = new Date(); - var param = "?sessionMapID=${sessionMapID}&reqID="+reqIDVar.getTime(); - url = url + param; + var url = "?&sessionMapID=${sessionMapID}&reqID="+(new Date()).getTime(); return downloadFile(url, 'messageArea_Busy', '', 'messageArea', 'btn-disable-on-submit'); }; Index: lams_tool_assessment/web/pages/tblmonitoring/assessmentStudentChoices.jsp =================================================================== diff -u -r218884f2db7184187d2c65f87284984991321ccd -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/pages/tblmonitoring/assessmentStudentChoices.jsp (.../assessmentStudentChoices.jsp) (revision 218884f2db7184187d2c65f87284984991321ccd) +++ lams_tool_assessment/web/pages/tblmonitoring/assessmentStudentChoices.jsp (.../assessmentStudentChoices.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -9,7 +9,13 @@ Index: lams_tool_assessment/web/pages/tblmonitoring/iraAssessmentStudentChoices.jsp =================================================================== diff -u -r218884f2db7184187d2c65f87284984991321ccd -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_assessment/web/pages/tblmonitoring/iraAssessmentStudentChoices.jsp (.../iraAssessmentStudentChoices.jsp) (revision 218884f2db7184187d2c65f87284984991321ccd) +++ lams_tool_assessment/web/pages/tblmonitoring/iraAssessmentStudentChoices.jsp (.../iraAssessmentStudentChoices.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -2,7 +2,13 @@ <% pageContext.setAttribute("newLineChar", "\r\n"); %> Index: lams_tool_chat/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_chat/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_chat/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_daco/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_daco/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_daco/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_doku/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_doku/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_doku/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_forum/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_forum/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_forum/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_gmap/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_gmap/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_gmap/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_images/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_images/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_images/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_imscc/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_imscc/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_imscc/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/McController.java =================================================================== diff -u -rbb0f9854016a8e3380c17cbfed58cd6d02a8f54c -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/McController.java (.../McController.java) (revision bb0f9854016a8e3380c17cbfed58cd6d02a8f54c) +++ lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/McController.java (.../McController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -91,7 +91,26 @@ @RequestMapping("/authoring") public String execute(@ModelAttribute McAuthoringForm mcAuthoringForm, HttpServletRequest request) { + ToolAccessMode mode = WebUtil.readToolAccessModeAuthorDefaulted(request); + return readDatabaseData(mcAuthoringForm, request, mode); + } + + /** + * Set the defineLater flag so that learners cannot use content while we are editing. This flag is released when + * updateContent is called. + */ + @RequestMapping(path = "/definelater", method = RequestMethod.POST) + public String definelater(@ModelAttribute McAuthoringForm mcAuthoringForm, HttpServletRequest request) { + String strToolContentID = request.getParameter(AttributeNames.PARAM_TOOL_CONTENT_ID); + mcService.setDefineLater(strToolContentID, true); + return readDatabaseData(mcAuthoringForm, request, ToolAccessMode.TEACHER); + } + + /** + * Common method for "unspecified" and "defineLater" + */ + private String readDatabaseData(McAuthoringForm mcAuthoringForm, HttpServletRequest request, ToolAccessMode mode) { SessionMap sessionMap = new SessionMap<>(); request.getSession().setAttribute(sessionMap.getSessionID(), sessionMap); String sessionMapId = sessionMap.getSessionID(); @@ -101,14 +120,8 @@ sessionMap.put(AttributeNames.PARAM_CONTENT_FOLDER_ID, contentFolderID); String strToolContentID = request.getParameter(AttributeNames.PARAM_TOOL_CONTENT_ID); sessionMap.put(AttributeNames.PARAM_TOOL_CONTENT_ID, strToolContentID); - ToolAccessMode mode = WebUtil.readToolAccessModeAuthorDefaulted(request); sessionMap.put(AttributeNames.ATTR_MODE, mode); - // request is from monitoring module - if (mode.isTeacher()) { - mcService.setDefineLater(strToolContentID, true); - } - if ((strToolContentID == null) || (strToolContentID.equals(""))) { return "McErrorBox"; } @@ -155,7 +168,7 @@ /** * submits content into the tool database */ - @RequestMapping("/submitAllContent") + @RequestMapping(path = "/submitAllContent", method = RequestMethod.POST) public String submitAllContent(@ModelAttribute McAuthoringForm mcAuthoringForm, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { Index: lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/McMonitoringController.java =================================================================== diff -u -r4dfbbc90e3d414eaf3f4282a3a38b4ec741384d7 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/McMonitoringController.java (.../McMonitoringController.java) (revision 4dfbbc90e3d414eaf3f4282a3a38b4ec741384d7) +++ lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/McMonitoringController.java (.../McMonitoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -72,6 +72,7 @@ import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.util.HtmlUtils; @@ -264,9 +265,8 @@ /** * downloadMarks */ - @RequestMapping("/downloadMarks") + @RequestMapping(path = "/downloadMarks", method = RequestMethod.POST) public String downloadMarks(HttpServletRequest request, HttpServletResponse response) throws IOException { - Long toolContentID = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID, false); McContent mcContent = mcService.getMcContent(new Long(toolContentID)); @@ -315,10 +315,9 @@ /** * Set Submission Deadline */ - @RequestMapping(path = "/setSubmissionDeadline", produces = MediaType.TEXT_PLAIN_VALUE) + @RequestMapping(path = "/setSubmissionDeadline", method = RequestMethod.POST, produces = MediaType.TEXT_PLAIN_VALUE) @ResponseBody public String setSubmissionDeadline(HttpServletRequest request) { - Long contentID = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); McContent mcContent = mcService.getMcContent(contentID); @@ -336,6 +335,7 @@ } mcContent.setSubmissionDeadline(tzSubmissionDeadline); mcService.updateMc(mcContent); + return formattedDate; } @@ -476,7 +476,7 @@ return responseJSON.toString(); } - @RequestMapping("/saveUserMark") + @RequestMapping(path = "/saveUserMark", method = RequestMethod.POST) public String saveUserMark(HttpServletRequest request) { if ((request.getParameter(McAppConstants.PARAM_NOT_A_NUMBER) == null) Index: lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/TblMonitoringController.java =================================================================== diff -u -rda1abc0b860ba2d8731b856007edd061fd87f0b1 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/TblMonitoringController.java (.../TblMonitoringController.java) (revision da1abc0b860ba2d8731b856007edd061fd87f0b1) +++ lams_tool_lamc/src/java/org/lamsfoundation/lams/tool/mc/web/controller/TblMonitoringController.java (.../TblMonitoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -35,7 +35,6 @@ */ @RequestMapping("/iraMcq") public String iraMcq(HttpServletRequest request) { - long toolContentId = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); McContent mcContent = mcService.getMcContent(toolContentId); @@ -58,7 +57,6 @@ */ @RequestMapping("/mcqStudentChoices") public String mcqStudentChoices(HttpServletRequest request) { - long toolContentId = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); McContent mcContent = mcService.getMcContent(toolContentId); @@ -113,7 +111,6 @@ */ @RequestMapping("/getModalDialogForTeamsTab") public String getModalDialogForTeamsTab(HttpServletRequest request) { - long toolContentId = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); Long userId = WebUtil.readLongParam(request, AttributeNames.PARAM_USER_ID); Index: lams_tool_lamc/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_lamc/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_lamc/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_lamc/web/authoring/AuthoringTabsHolder.jsp =================================================================== diff -u -r3ec7cbf6d6a62b79ba7e4334d770721f8867e999 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_lamc/web/authoring/AuthoringTabsHolder.jsp (.../AuthoringTabsHolder.jsp) (revision 3ec7cbf6d6a62b79ba7e4334d770721f8867e999) +++ lams_tool_lamc/web/authoring/AuthoringTabsHolder.jsp (.../AuthoringTabsHolder.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -75,8 +75,8 @@ - + @@ -106,4 +106,4 @@ - \ No newline at end of file + Index: lams_tool_lamc/web/tblmonitoring/mcqStudentChoices.jsp =================================================================== diff -u -r9ca39edffd0c57ba7deeb38316f5a0f7b0d8fe44 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_lamc/web/tblmonitoring/mcqStudentChoices.jsp (.../mcqStudentChoices.jsp) (revision 9ca39edffd0c57ba7deeb38316f5a0f7b0d8fe44) +++ lams_tool_lamc/web/tblmonitoring/mcqStudentChoices.jsp (.../mcqStudentChoices.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -1,7 +1,13 @@ <%@ include file="/common/taglibs.jsp"%> Index: lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaAuthoringConditionController.java =================================================================== diff -u -r35ebea0b2dfa2e0323f604242035c2d7e5a299dd -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaAuthoringConditionController.java (.../QaAuthoringConditionController.java) (revision 35ebea0b2dfa2e0323f604242035c2d7e5a299dd) +++ lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaAuthoringConditionController.java (.../QaAuthoringConditionController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -51,6 +51,7 @@ import org.springframework.util.MultiValueMap; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; /** * Auxiliary action in author mode. It contains operations with QaCondition. The @@ -127,7 +128,7 @@ * @return * @throws ServletException */ - @RequestMapping(value = "/saveOrUpdateCondition") + @RequestMapping(path = "/saveOrUpdateCondition", method = RequestMethod.POST) private String saveOrUpdateCondition(@ModelAttribute("QaConditionForm") QaConditionForm QaConditionForm, HttpServletRequest request) { @@ -164,7 +165,7 @@ * @param request * @return */ - @RequestMapping("/removeCondition") + @RequestMapping(path = "/removeCondition", method = RequestMethod.POST) private String removeCondition(HttpServletRequest request) { // get back sessionMAP @@ -433,4 +434,4 @@ return errorMap; } -} \ No newline at end of file +} Index: lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaAuthoringController.java =================================================================== diff -u -r33aeeae9d9764b3411e04a48ee165e526c240f44 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaAuthoringController.java (.../QaAuthoringController.java) (revision 33aeeae9d9764b3411e04a48ee165e526c240f44) +++ lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaAuthoringController.java (.../QaAuthoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -105,7 +105,27 @@ public String execute(@ModelAttribute("authoringForm") QaAuthoringForm form, HttpServletRequest request, @RequestParam Long toolContentID) throws IOException, ServletException { ToolAccessMode mode = WebUtil.readToolAccessModeAuthorDefaulted(request); + return readDatabaseData(form, request, mode); + } + + /** + * Set the defineLater flag so that learners cannot use content while we are editing. This flag is released when + * updateContent is called. + */ + @RequestMapping(path = "/definelater", method = RequestMethod.POST) + public String definelater(@ModelAttribute("authoringForm") QaAuthoringForm form, + HttpServletRequest request) { + Long toolContentID = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); + qaService.setDefineLater(toolContentID, true); + return readDatabaseData(form, request, ToolAccessMode.TEACHER); + } + + /** + * Common method for "unspecified" and "defineLater" + */ + private String readDatabaseData(QaAuthoringForm form, HttpServletRequest request, ToolAccessMode mode) { + Long toolContentID = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); String contentFolderID = WebUtil.readStrParam(request, AttributeNames.PARAM_CONTENT_FOLDER_ID); form.setContentFolderID(contentFolderID); @@ -135,10 +155,6 @@ qaQuestions.clear(); qaQuestions.addAll(qa.getQaQueContents()); - // request is from monitoring module - if (mode.isTeacher()) { - qaService.setDefineLater(toolContentID, true); - } request.setAttribute(AttributeNames.ATTR_MODE, mode.toString()); //process conditions @@ -169,7 +185,7 @@ * @throws InvocationTargetException * @throws IllegalAccessException */ - @RequestMapping("/submitAllContent") + @RequestMapping(path = "/submitAllContent", method = RequestMethod.POST) public String submitAllContent(@ModelAttribute("authoringForm") QaAuthoringForm form, HttpServletRequest request) throws IOException, ServletException, IllegalAccessException, InvocationTargetException, NoSuchMethodException { @@ -487,7 +503,7 @@ /** * removes a question from the questions map */ - @RequestMapping("/removeQuestion") + @RequestMapping(path = "/removeQuestion", method = RequestMethod.POST) public String removeQuestion(@ModelAttribute("newQuestionForm") QaAuthoringForm form, HttpServletRequest request) throws IOException, ServletException { SessionMap sessionMap = getSessionMap(form, request); Index: lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaMonitoringController.java =================================================================== diff -u -rc4e8969c8dd14ae2428a6cfd6bb941dfe5cf479a -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaMonitoringController.java (.../QaMonitoringController.java) (revision c4e8969c8dd14ae2428a6cfd6bb941dfe5cf479a) +++ lams_tool_laqa/src/java/org/lamsfoundation/lams/tool/qa/web/controller/QaMonitoringController.java (.../QaMonitoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -54,16 +54,16 @@ import org.lamsfoundation.lams.tool.qa.model.QaUsrResp; import org.lamsfoundation.lams.tool.qa.service.IQaService; import org.lamsfoundation.lams.tool.qa.util.QaSessionComparator; -import org.lamsfoundation.lams.tool.qa.web.form.QaMonitoringForm; import org.lamsfoundation.lams.usermanagement.dto.UserDTO; import org.lamsfoundation.lams.util.DateUtil; import org.lamsfoundation.lams.util.WebUtil; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.util.HtmlUtils; @@ -82,25 +82,17 @@ @Autowired private IQaService qaService; - @RequestMapping("/") - public String unspecified() throws IOException, ServletException, ToolException { - return null; - } - @RequestMapping("/monitoring") - private String execute(@ModelAttribute("qaMonitoringForm") QaMonitoringForm qaMonitoringForm, - HttpServletRequest request) throws IOException, ServletException { + private String execute(HttpServletRequest request) throws ServletException { String contentFolderID = WebUtil.readStrParam(request, AttributeNames.PARAM_CONTENT_FOLDER_ID); - qaMonitoringForm.setContentFolderID(contentFolderID); + request.setAttribute(AttributeNames.PARAM_CONTENT_FOLDER_ID, contentFolderID); String strToolContentID = request.getParameter(AttributeNames.PARAM_TOOL_CONTENT_ID); if ((strToolContentID == null) || (strToolContentID.length() == 0)) { throw new ServletException("No Tool Content ID found"); } - qaMonitoringForm.setToolContentID(strToolContentID); - String toolContentID = qaMonitoringForm.getToolContentID(); - QaContent qaContent = qaService.getQaContent(new Long(toolContentID).longValue()); + QaContent qaContent = qaService.getQaContent(new Long(strToolContentID).longValue()); if (qaContent == null) { throw new ServletException("Data not initialised in Monitoring"); } @@ -137,7 +129,7 @@ } request.setAttribute(LIST_ALL_GROUPS_DTO, groupDTOs); - // setting up the advanced summary for LDEV-1662 + // setting up the advanced summary request.setAttribute(QaAppConstants.ATTR_CONTENT, qaContent); boolean isGroupedActivity = qaService.isGroupedActivity(qaContent.getQaContentId()); @@ -229,17 +221,10 @@ /** * Set Submission Deadline - * - * @param mapping - * @param form - * @param request - * @param response - * @return - * @throws IOException */ - @RequestMapping("/setSubmissionDeadline") - public String setSubmissionDeadline(HttpServletRequest request, HttpServletResponse response) throws IOException { - + @RequestMapping(path = "/setSubmissionDeadline", method = RequestMethod.POST, produces = MediaType.TEXT_PLAIN_VALUE) + @ResponseBody + public String setSubmissionDeadline(HttpServletRequest request) { Long contentID = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); QaContent content = qaService.getQaContent(contentID); @@ -260,9 +245,7 @@ content.setSubmissionDeadline(tzSubmissionDeadline); qaService.saveOrUpdateQaContent(content); - response.setContentType("text/plain;charset=utf-8"); - response.getWriter().print(formattedDate); - return null; + return formattedDate; } /** Index: lams_tool_laqa/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_laqa/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_laqa/web/authoring/AuthoringTabsHolder.jsp =================================================================== diff -u -r86c25c80d92701a94c3161575c76c363891402ad -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/web/authoring/AuthoringTabsHolder.jsp (.../AuthoringTabsHolder.jsp) (revision 86c25c80d92701a94c3161575c76c363891402ad) +++ lams_tool_laqa/web/authoring/AuthoringTabsHolder.jsp (.../AuthoringTabsHolder.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -52,7 +52,8 @@ - + + Index: lams_tool_laqa/web/authoring/conditions.jsp =================================================================== diff -u -r86c25c80d92701a94c3161575c76c363891402ad -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/web/authoring/conditions.jsp (.../conditions.jsp) (revision 86c25c80d92701a94c3161575c76c363891402ad) +++ lams_tool_laqa/web/authoring/conditions.jsp (.../conditions.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -19,10 +19,13 @@ } function deleteCondition(orderId, sessionMapID){ - $("#conditionsArea").load("",{ - 'orderId' : orderId, - 'sessionMapID' : sessionMapID - }); + $.ajax({ + async : false, + url : '', + data : 'orderId=' + orderId + '&sessionMapID=' + sessionMapID + '&', + type : "POST" + }); + } function upCondition(orderId,sessionMapID){ @@ -41,7 +44,8 @@ //Packs additional elements and submits the question form function submitCondition(){ var form = $('#QaConditionForm'); - $('#conditionInputArea').load(form.attr('action'), form.serialize()); + var obj = form.serializeArray(); + $('#conditionInputArea').load(form.attr('action'), obj); } @@ -57,4 +61,4 @@ class="btn btn-default btn-sm">  -
\ No newline at end of file +
Index: lams_tool_laqa/web/authoring/newQuestionBox.jsp =================================================================== diff -u -r6a00057c1bd113919030bcd00ce1e3c7327c7b2e -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/web/authoring/newQuestionBox.jsp (.../newQuestionBox.jsp) (revision 6a00057c1bd113919030bcd00ce1e3c7327c7b2e) +++ lams_tool_laqa/web/authoring/newQuestionBox.jsp (.../newQuestionBox.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -108,7 +108,8 @@
- + + Index: lams_tool_laqa/web/monitoring/MonitoringMaincontent.jsp =================================================================== diff -u -r95a88e5e56253d7007ebf634b6969cb353d7cf1e -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_laqa/web/monitoring/MonitoringMaincontent.jsp (.../MonitoringMaincontent.jsp) (revision 95a88e5e56253d7007ebf634b6969cb353d7cf1e) +++ lams_tool_laqa/web/monitoring/MonitoringMaincontent.jsp (.../MonitoringMaincontent.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -46,7 +46,7 @@ lams: '${lams}', submissionDeadline: '${submissionDeadline}', submissionDateString: '${submissionDateString}', - setSubmissionDeadlineUrl: '', + setSubmissionDeadlineUrl: '?', toolContentID: '${content.qaContentId}', messageNotification: '', messageRestrictionSet: '', @@ -315,21 +315,6 @@ $('#edit-response-dialog').dialog( 'option' , 'responseUid' , responseUid ); $('#edit-response-dialog').dialog('open'); } - - function submitMonitoringMethod(actionMethod) { - document.forms.qaMonitoringForm.action=actionMethod+".do"; - document.forms.qaMonitoringForm.submit(); - } - - function submitMethod(actionMethod) { - submitMonitoringMethod(actionMethod); - } - - function submitModifyMonitoringQuestion(questionIndexValue, actionMethod) { - document.forms.qaMonitoringForm.questionIndex.value=questionIndexValue; - submitMethod(actionMethod); - } - function doSelectTab(tabId) { selectTab(tabId); @@ -339,14 +324,7 @@ - - - - - - - @@ -380,6 +358,5 @@
- Index: lams_tool_larsrc/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_larsrc/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_larsrc/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_leader/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_leader/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_leader/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_mindmap/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_mindmap/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_mindmap/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_nb/src/java/org/lamsfoundation/lams/tool/noticeboard/web/controller/NbAuthoringController.java =================================================================== diff -u -rbe74862925361d836bef1df4c5959105c9695a87 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_nb/src/java/org/lamsfoundation/lams/tool/noticeboard/web/controller/NbAuthoringController.java (.../NbAuthoringController.java) (revision be74862925361d836bef1df4c5959105c9695a87) +++ lams_tool_nb/src/java/org/lamsfoundation/lams/tool/noticeboard/web/controller/NbAuthoringController.java (.../NbAuthoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -49,20 +49,9 @@ /** *

- * This class is a simple combination of NbAuthoringStarterAction and NbAuthoringAction. It has been created for the - * purpose of supporting the new authoring page which is done using DHTML. + * The unspecified method will get called on first entry into the authoring environment. *

* - *

- * The unspecified method, is the same as the execute method for NbAuthoringStarterAction. It will get called when the - * method parameter is not specified (that is on first entry into the authoring environment). - *

- * - *

- * The save, upload and delete method is the same as that of NbAuthoringAction, to see its explanation, please see - * org.lamsfoundation.lams.tool.noticeboard.web.NbAuthoringAction - *

- * * @author mtruong */ @Controller @@ -95,7 +84,31 @@ @RequestMapping("/authoring") public String unspecified(@ModelAttribute NbAuthoringForm nbAuthoringForm, HttpServletRequest request, HttpServletResponse response) { + ToolAccessMode mode = WebUtil.readToolAccessModeAuthorDefaulted(request); + return readDatabaseData(nbAuthoringForm, request, mode); + } + + /** + * Set the defineLater flag so that learners cannot use content while we are editing. This flag is released when + * updateContent is called. + */ + @RequestMapping(path = "/definelater", method = RequestMethod.POST) + public String definelater(@ModelAttribute NbAuthoringForm nbAuthoringForm, HttpServletRequest request) { + Long contentId = WebUtil.readLongParam(request, NoticeboardConstants.TOOL_CONTENT_ID); + NoticeboardContent nb = nbService.retrieveNoticeboard(contentId); + nb.setDefineLater(true); + nbService.saveNoticeboard(nb); + // audit log the teacher has started editing activity in monitor + nbService.auditLogStartEditingActivityInMonitor(contentId); + + return readDatabaseData(nbAuthoringForm, request, ToolAccessMode.TEACHER); + } + + /** + * Common method for "unspecified" and "defineLater" + */ + private String readDatabaseData(NbAuthoringForm nbAuthoringForm, HttpServletRequest request, ToolAccessMode mode) { Long contentId = WebUtil.readLongParam(request, NoticeboardConstants.TOOL_CONTENT_ID); String contentFolderId = WebUtil.readStrParam(request, NoticeboardConstants.CONTENT_FOLDER_ID); @@ -146,14 +159,8 @@ boolean isDefineLater = Boolean.parseBoolean(nbAuthoringForm.getDefineLater()); nb.setDefineLater(isDefineLater); nbService.saveNoticeboard(nb); - - if (isDefineLater) { - request.setAttribute(AttributeNames.ATTR_MODE, ToolAccessMode.TEACHER.toString()); - - // audit log the teacher has started editing activity in monitor - nbService.auditLogStartEditingActivityInMonitor(contentId); - } } + request.setAttribute(AttributeNames.ATTR_MODE, mode); request.setAttribute(FORM, nbAuthoringForm); @@ -175,7 +182,6 @@ @RequestMapping(value = "/save", method = RequestMethod.POST) public String save(@ModelAttribute NbAuthoringForm nbAuthoringForm, HttpServletRequest request) { - //copyAuthoringFormValuesIntoFormBean(request, nbForm); String idAsString = nbAuthoringForm.getToolContentID(); Index: lams_tool_nb/src/java/org/lamsfoundation/lams/tool/noticeboard/web/controller/NbMonitoringController.java =================================================================== diff -u -rbe74862925361d836bef1df4c5959105c9695a87 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_nb/src/java/org/lamsfoundation/lams/tool/noticeboard/web/controller/NbMonitoringController.java (.../NbMonitoringController.java) (revision be74862925361d836bef1df4c5959105c9695a87) +++ lams_tool_nb/src/java/org/lamsfoundation/lams/tool/noticeboard/web/controller/NbMonitoringController.java (.../NbMonitoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -42,7 +42,7 @@ import org.lamsfoundation.lams.tool.noticeboard.model.NoticeboardUser; import org.lamsfoundation.lams.tool.noticeboard.service.INoticeboardService; import org.lamsfoundation.lams.tool.noticeboard.service.NbApplicationException; -import org.lamsfoundation.lams.tool.noticeboard.web.form.NbMonitoringForm; +import org.lamsfoundation.lams.tool.noticeboard.web.form.MonitoringDTO; import org.lamsfoundation.lams.util.WebUtil; import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; @@ -64,10 +64,10 @@ @Autowired private INoticeboardService nbService; - public final static String FORM = "NbMonitoringForm"; + public final static String FORM = "MonitoringDTO"; @RequestMapping("/monitoring") - public String unspecified(@ModelAttribute NbMonitoringForm nbMonitoringForm, HttpServletRequest request) { + public String unspecified(HttpServletRequest request) { Long toolContentId = WebUtil.readLongParam(request, NoticeboardConstants.TOOL_CONTENT_ID); String contentFolderID = WebUtil.readStrParam(request, NoticeboardConstants.CONTENT_FOLDER_ID); @@ -79,14 +79,16 @@ NoticeboardContent content = nbService.retrieveNoticeboard(toolContentId); - nbMonitoringForm.setTitle(content.getTitle()); - nbMonitoringForm.setBasicContent(content.getContent()); + MonitoringDTO monitoringDTO = new MonitoringDTO(); + request.setAttribute("monitoringDTO", monitoringDTO); + monitoringDTO.setTitle(content.getTitle()); + monitoringDTO.setBasicContent(content.getContent()); request.setAttribute(NoticeboardConstants.TOOL_CONTENT_ID, toolContentId); request.setAttribute(NoticeboardConstants.CONTENT_FOLDER_ID, contentFolderID); //Get the total number of learners that have participated in this tool activity - nbMonitoringForm.setTotalLearners(nbService.calculateTotalNumberOfUsers(toolContentId)); + monitoringDTO.setTotalLearners(nbService.calculateTotalNumberOfUsers(toolContentId)); Set sessions = content.getNbSessions(); Iterator i = sessions.iterator(); @@ -116,8 +118,8 @@ } } } - nbMonitoringForm.setGroupStatsMap(numUsersMap); - nbMonitoringForm.setSessionIdMap(sessionIdMap); + monitoringDTO.setGroupStatsMap(numUsersMap); + monitoringDTO.setSessionIdMap(sessionIdMap); boolean isGroupedActivity = nbService.isGroupedActivity(toolContentId); request.setAttribute("isGroupedActivity", isGroupedActivity); @@ -130,13 +132,13 @@ request.setAttribute("allowComments", content.isAllowComments()); String currentTab = WebUtil.readStrParam(request, AttributeNames.PARAM_CURRENT_TAB, true); - nbMonitoringForm.setCurrentTab(currentTab != null ? currentTab : "1"); - request.setAttribute(FORM, nbMonitoringForm); + monitoringDTO.setCurrentTab(currentTab != null ? currentTab : "1"); + return "/monitoring/monitoring"; } @RequestMapping("/viewReflection") - public String viewReflection(@ModelAttribute NbMonitoringForm nbMonitoringForm, HttpServletRequest request) { + public String viewReflection(HttpServletRequest request) { Long userId = WebUtil.readLongParam(request, NoticeboardConstants.USER_ID); Long toolSessionId = WebUtil.readLongParam(request, NoticeboardConstants.TOOL_SESSION_ID); NoticeboardUser nbUser = nbService.retrieveNoticeboardUser(userId, toolSessionId); @@ -151,8 +153,7 @@ } @RequestMapping("/viewComments") - public String viewComments(@ModelAttribute NbMonitoringForm nbMonitoringForm, HttpServletRequest request) { - + public String viewComments(HttpServletRequest request) { Long toolSessionID = WebUtil.readLongParam(request, NoticeboardConstants.TOOL_SESSION_ID, false); NoticeboardContent nbContent = nbService.retrieveNoticeboardBySessionID(toolSessionID); Index: lams_tool_nb/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_nb/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_nb/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_notebook/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_notebook/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_notebook/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_pixlr/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_pixlr/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_pixlr/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_preview/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_preview/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_preview/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_sbmt/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_sbmt/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_sbmt/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/AuthoringController.java =================================================================== diff -u -rbb0f9854016a8e3380c17cbfed58cd6d02a8f54c -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/AuthoringController.java (.../AuthoringController.java) (revision bb0f9854016a8e3380c17cbfed58cd6d02a8f54c) +++ lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/AuthoringController.java (.../AuthoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -111,7 +111,7 @@ return starting(authoringForm, request, mode); } - @RequestMapping("/definelater") + @RequestMapping(path = "/definelater", method = RequestMethod.POST) private String definelater(@ModelAttribute("authoringForm") ScratchieForm authoringForm, HttpServletRequest request, @RequestParam Long toolContentID) throws ServletException { // update define later flag to true @@ -229,7 +229,7 @@ /** * This method will persist all inforamtion in this authoring page, include all scratchie item, information etc. */ - @RequestMapping("/update") + @RequestMapping(path = "/update", method = RequestMethod.POST) private String updateContent(@ModelAttribute("authoringForm") ScratchieForm authoringForm, HttpServletRequest request) throws Exception { // get back sessionMAP @@ -566,7 +566,7 @@ * @param response * @return */ - @RequestMapping("/removeItem") + @RequestMapping(path = "/removeItem", method = RequestMethod.POST) private String removeItem(HttpServletRequest request) { SessionMap sessionMap = getSessionMap(request); SortedSet itemList = getItemList(sessionMap); Index: lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/MonitoringController.java =================================================================== diff -u -re4ab7517268533520c11b8cb076abd74d7721d89 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/MonitoringController.java (.../MonitoringController.java) (revision e4ab7517268533520c11b8cb076abd74d7721d89) +++ lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/MonitoringController.java (.../MonitoringController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -67,8 +67,11 @@ import org.lamsfoundation.lams.web.util.SessionMap; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import com.fasterxml.jackson.databind.node.JsonNodeFactory; @@ -166,7 +169,7 @@ return "pages/monitoring/parts/itemSummary"; } - @RequestMapping("/saveUserMark") + @RequestMapping(path = "/saveUserMark", method = RequestMethod.POST) private String saveUserMark(HttpServletRequest request) { if ((request.getParameter(ScratchieConstants.PARAM_NOT_A_NUMBER) == null) && !StringUtils.isEmpty(request.getParameter(ScratchieConstants.ATTR_USER_ID)) @@ -184,8 +187,9 @@ /** * Set Submission Deadline */ - @RequestMapping("/setSubmissionDeadline") - private String setSubmissionDeadline(HttpServletRequest request, HttpServletResponse response) throws IOException { + @RequestMapping(path = "/setSubmissionDeadline", method = RequestMethod.POST, produces = MediaType.TEXT_PLAIN_VALUE) + @ResponseBody + private String setSubmissionDeadline(HttpServletRequest request) { Long contentID = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); Scratchie scratchie = scratchieService.getScratchieByContentId(contentID); @@ -203,15 +207,13 @@ scratchie.setSubmissionDeadline(tzSubmissionDeadline); scratchieService.saveOrUpdateScratchie(scratchie); - response.setContentType("text/plain;charset=utf-8"); - response.getWriter().print(formattedDate); - return null; + return formattedDate; } /** * Exports tool results into excel. */ - @RequestMapping("/exportExcel") + @RequestMapping(path = "/exportExcel", method = RequestMethod.POST) @ResponseStatus(HttpStatus.OK) private void exportExcel(HttpServletRequest request, HttpServletResponse response) throws IOException { SessionMap sessionMap = getSessionMap(request); Index: lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/TblMonitorController.java =================================================================== diff -u -re4ab7517268533520c11b8cb076abd74d7721d89 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/TblMonitorController.java (.../TblMonitorController.java) (revision e4ab7517268533520c11b8cb076abd74d7721d89) +++ lams_tool_scratchie/src/java/org/lamsfoundation/lams/tool/scratchie/web/controller/TblMonitorController.java (.../TblMonitorController.java) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -69,6 +69,7 @@ import org.springframework.http.HttpStatus; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; @@ -180,10 +181,8 @@ * Exports tool results into excel. * * Had to move it from the tool as tool uses SessionMap - * - * @throws IOException */ - @RequestMapping("/exportExcel") + @RequestMapping(path = "/exportExcel", method = RequestMethod.POST) @ResponseStatus(HttpStatus.OK) public void exportExcel(HttpServletRequest request, HttpServletResponse response) throws IOException { Long toolContentId = WebUtil.readLongParam(request, AttributeNames.PARAM_TOOL_CONTENT_ID); Index: lams_tool_scratchie/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_scratchie/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_scratchie/web/pages/authoring/authoring.jsp =================================================================== diff -u -re8a7110708b15579af2c6b31ac52a6da427fef6d -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/web/pages/authoring/authoring.jsp (.../authoring.jsp) (revision e8a7110708b15579af2c6b31ac52a6da427fef6d) +++ lams_tool_scratchie/web/pages/authoring/authoring.jsp (.../authoring.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -47,8 +47,8 @@ - + Index: lams_tool_scratchie/web/pages/authoring/basic.jsp =================================================================== diff -u -rbb0f9854016a8e3380c17cbfed58cd6d02a8f54c -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/web/pages/authoring/basic.jsp (.../basic.jsp) (revision bb0f9854016a8e3380c17cbfed58cd6d02a8f54c) +++ lams_tool_scratchie/web/pages/authoring/basic.jsp (.../basic.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -29,7 +29,7 @@ var deletionConfirmed = confirm(""); if (deletionConfirmed) { - var url = ""; + var url = "?"; $(itemTargetDiv).load( url, { Index: lams_tool_scratchie/web/pages/authoring/parts/addMcq.jsp =================================================================== diff -u -r6f08699af6d02a9a1ecbb2a73d61cce5951d2168 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/web/pages/authoring/parts/addMcq.jsp (.../addMcq.jsp) (revision 6f08699af6d02a9a1ecbb2a73d61cce5951d2168) +++ lams_tool_scratchie/web/pages/authoring/parts/addMcq.jsp (.../addMcq.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -220,6 +220,7 @@ + Index: lams_tool_scratchie/web/pages/monitoring/summary.jsp =================================================================== diff -u -rb4d4f30a226e762635770f831a7582be62d812cb -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/web/pages/monitoring/summary.jsp (.../summary.jsp) (revision b4d4f30a226e762635770f831a7582be62d812cb) +++ lams_tool_scratchie/web/pages/monitoring/summary.jsp (.../summary.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -74,7 +74,7 @@ launchPopup(userSummaryUrl, "MonitoringReview"); }, // caption: "${summary.sessionName}", - cellurl: '', + cellurl: '?', cellEdit: true, afterEditCell: function (rowid,name,val,iRow,iCol){ oldValue = eval(val); @@ -241,7 +241,7 @@ }); function exportExcel(){ - var url = "?sessionMapID=${sessionMapID}&reqID=" + (new Date()).getTime(); + var url = "?&sessionMapID=${sessionMapID}&reqID=" + (new Date()).getTime(); return downloadFile(url, 'messageArea_Busy', '', 'messageArea', 'btn-disable-on-submit'); }; @@ -250,7 +250,7 @@ lams: '', submissionDeadline: '${submissionDeadline}', submissionDateString: '${submissionDateString}', - setSubmissionDeadlineUrl: '', + setSubmissionDeadlineUrl: '?', toolContentID: '${param.toolContentID}', messageNotification: '', messageRestrictionSet: '', Index: lams_tool_scratchie/web/pages/tblmonitoring/traStudentChoices.jsp =================================================================== diff -u -re4ab7517268533520c11b8cb076abd74d7721d89 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scratchie/web/pages/tblmonitoring/traStudentChoices.jsp (.../traStudentChoices.jsp) (revision e4ab7517268533520c11b8cb076abd74d7721d89) +++ lams_tool_scratchie/web/pages/tblmonitoring/traStudentChoices.jsp (.../traStudentChoices.jsp) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -33,7 +33,13 @@ Index: lams_tool_scribe/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_scribe/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_scribe/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_spreadsheet/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_spreadsheet/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_spreadsheet/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_survey/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_survey/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_survey/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_task/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_task/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_task/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_vote/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_vote/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_vote/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_wiki/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_wiki/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_wiki/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_tool_zoom/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_tool_zoom/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_tool_zoom/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file + Index: lams_www/web/WEB-INF/tags/OutcomeAuthor.tag =================================================================== diff -u -rdbe381256743b49523ad8e294cbda8e42e19eb25 -re6dc4db4137cfd6b07a4aa79711b9d12b39fb78e --- lams_www/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision dbe381256743b49523ad8e294cbda8e42e19eb25) +++ lams_www/web/WEB-INF/tags/OutcomeAuthor.tag (.../OutcomeAuthor.tag) (revision e6dc4db4137cfd6b07a4aa79711b9d12b39fb78e) @@ -10,6 +10,7 @@ <%@ taglib uri="tags-fmt" prefix="fmt" %> <%@ taglib uri="tags-lams" prefix="lams"%> <%@ taglib uri="tags-function" prefix="fn" %> +<%@ taglib uri="csrfguard" prefix="csrf" %> <%-- Optional attributes. Must provide at either lessonId or toolContentId --%> @@ -93,7 +94,7 @@ 'select' : function(event, ui){ var input = $(this); $.ajax({ - 'url' : 'outcome/outcomeMap.do', + 'url' : 'outcome/outcomeMap.do?', 'dataType' : 'text', 'data': $.extend({ 'outcomeId' : ui.item.value, @@ -205,4 +206,4 @@ - \ No newline at end of file +