RE1-T112 PR#321 fixes

Author: ucswift

Providers/Resgrid.Providers.Weather/EnvironmentCanadaWeatherAlertProvider.cs

@@ -233,7 +233,7 @@ private async Task<List<WeatherAlert>> FetchAndParseCapDocumentAsync(string capU
 					if (geocodes.Any())
 					{
 						alert.Geocodes = System.Text.Json.JsonSerializer.Serialize(
-							geocodes.ToDictionary(g => g.Name, g => g.Value));
+							geocodes.GroupBy(g => g.Name).ToDictionary(g => g.Key, g => g.Last().Value));
 					}
 				}
 

Web/Resgrid.Web/Areas/User/Controllers/TrainingsController.cs

@@ -224,6 +224,10 @@ public async Task<IActionResult> View(int trainingId)
 		{
 			var model = new ViewTrainingModel();
 			model.Training = await _trainingService.GetTrainingByIdAsync(trainingId);
+
+			if (model.Training == null)
+				return NotFound();
+
 			model.CreatorUserName = await UserHelper.GetFullNameForUser(model.Training.CreatedByUserId);
 
 			if (model.Training.DepartmentId != DepartmentId)
@@ -302,9 +306,9 @@ public async Task<IActionResult> Edit(int trainingId, EditTrainingModel model, I
 						attachment.FileName = file.FileName;
 						attachment.TrainingId = trainingId;
 
-using var stream = file.OpenReadStream();
-var uploadedFile = new byte[stream.Length];
-stream.Read(uploadedFile, 0, uploadedFile.Length);
+						using var stream = file.OpenReadStream();
+						var uploadedFile = new byte[stream.Length];
+						await stream.ReadAsync(uploadedFile, 0, uploadedFile.Length);
 
 						attachment.Data = uploadedFile;
 						existingTraining.Attachments.Add(attachment);
@@ -485,6 +489,9 @@ public async Task<IActionResult> Quiz(int trainingId, CancellationToken cancella
 			var model = new ViewTrainingModel();
 			model.Training = await _trainingService.GetTrainingByIdAsync(trainingId);
 
+			if (model.Training == null)
+				return NotFound();
+
 			if (model.Training.DepartmentId != DepartmentId)
 				return Unauthorized();
 
@@ -499,7 +506,10 @@ public async Task<IActionResult> Quiz(ViewTrainingModel model, IFormCollection f
 		{
 			int correctAnswers = 0;
 			var training = await _trainingService.GetTrainingByIdAsync(model.Training.TrainingId);
-			
+
+			if (training == null)
+				return NotFound();
+
 			List<int> questions = (from object key in form.Keys where key.ToString().StartsWith("question_") select int.Parse(key.ToString().Replace("question_", ""))).ToList();
 
 			foreach (var questionId in questions)
@@ -529,6 +539,9 @@ public async Task<IActionResult> DeleteTraining(int trainingId)
 			var model = new ViewTrainingModel();
 			model.Training = await _trainingService.GetTrainingByIdAsync(trainingId);
 
+			if (model.Training == null)
+				return NotFound();
+
 			if (model.Training.DepartmentId != DepartmentId)
 				return Unauthorized();
 
@@ -543,6 +556,9 @@ public async Task<IActionResult> ResetUserTraining(int trainingId, string userId
 			var model = new ViewTrainingModel();
 			model.Training = await _trainingService.GetTrainingByIdAsync(trainingId);
 
+			if (model.Training == null)
+				return NotFound();
+
 			if (model.Training.DepartmentId != DepartmentId)
 				return Unauthorized();
 
@@ -556,6 +572,10 @@ public async Task<IActionResult> Report(int trainingId)
 		{
 			var model = new TrainingReportView();
 			model.Training = await _trainingService.GetTrainingByIdAsync(trainingId);
+
+			if (model.Training == null)
+				return NotFound();
+
 			model.UserGroups = new Dictionary<string, string>();
 			model.Department = await _departmentsService.GetDepartmentByIdAsync(DepartmentId, false);
 

Web/Resgrid.Web/Areas/User/Views/Trainings/Edit.cshtml

@@ -270,18 +270,19 @@
 @section Scripts
 {
 	<script>
-		var resgridTrainingsI18n = {
-			selectGroups: '@localizer["SelectGroupsPlaceholder"]',
-			selectRoles: '@localizer["SelectRolesPlaceholder"]',
-			selectUsers: '@localizer["SelectUsersPlaceholder"]',
-			removeQuestionTooltip: '@localizer["RemoveQuestionTooltip"]',
-			removeAnswerTooltip: '@localizer["RemoveAnswerTooltip"]',
-			addAnswer: '@localizer["AddAnswerButton"]',
-			answerRequired: '@localizer["AnswerRequiredMessage"]',
-			addQuestionTooltip: '@localizer["AddQuestionTooltip"]',
-			correct: '@localizer["CorrectLabel"]',
-			answerText: '@localizer["AnswerTextColumn"]'
-		};
+		var resgridTrainingsI18n = @Html.Raw(System.Text.Json.JsonSerializer.Serialize(new {
+			selectGroups = localizer["SelectGroupsPlaceholder"].Value,
+			selectRoles = localizer["SelectRolesPlaceholder"].Value,
+			selectUsers = localizer["SelectUsersPlaceholder"].Value,
+			removeQuestionTooltip = localizer["RemoveQuestionTooltip"].Value,
+			removeAnswerTooltip = localizer["RemoveAnswerTooltip"].Value,
+			addAnswer = localizer["AddAnswerButton"].Value,
+			answerRequired = localizer["AnswerRequiredMessage"].Value,
+			addQuestionTooltip = localizer["AddQuestionTooltip"].Value,
+			addAnswerTooltip = localizer["AddAnswerTooltip"].Value,
+			correct = localizer["CorrectLabel"].Value,
+			answerText = localizer["AnswerTextColumn"].Value
+		}));
 	</script>
 	<script src="~/js/app/internal/training/resgrid.training.edittraining.js"></script>
 }

Web/Resgrid.Web/Areas/User/Views/Trainings/New.cshtml

@@ -198,18 +198,19 @@
 @section Scripts
 {
 	<script>
-		var resgridTrainingsI18n = {
-			selectGroups: '@localizer["SelectGroupsPlaceholder"]',
-			selectRoles: '@localizer["SelectRolesPlaceholder"]',
-			selectUsers: '@localizer["SelectUsersPlaceholder"]',
-			removeQuestionTooltip: '@localizer["RemoveQuestionTooltip"]',
-			removeAnswerTooltip: '@localizer["RemoveAnswerTooltip"]',
-			addAnswer: '@localizer["AddAnswerButton"]',
-			answerRequired: '@localizer["AnswerRequiredMessage"]',
-			addQuestionTooltip: '@localizer["AddQuestionTooltip"]',
-			correct: '@localizer["CorrectLabel"]',
-			answerText: '@localizer["AnswerTextColumn"]'
-		};
+		var resgridTrainingsI18n = @Html.Raw(System.Text.Json.JsonSerializer.Serialize(new {
+			selectGroups = localizer["SelectGroupsPlaceholder"].Value,
+			selectRoles = localizer["SelectRolesPlaceholder"].Value,
+			selectUsers = localizer["SelectUsersPlaceholder"].Value,
+			removeQuestionTooltip = localizer["RemoveQuestionTooltip"].Value,
+			removeAnswerTooltip = localizer["RemoveAnswerTooltip"].Value,
+			addAnswer = localizer["AddAnswerButton"].Value,
+			answerRequired = localizer["AnswerRequiredMessage"].Value,
+			addQuestionTooltip = localizer["AddQuestionTooltip"].Value,
+			addAnswerTooltip = localizer["AddAnswerTooltip"].Value,
+			correct = localizer["CorrectLabel"].Value,
+			answerText = localizer["AnswerTextColumn"].Value
+		}));
 	</script>
 	<script src="~/js/app/internal/training/resgrid.training.newtraining.js"></script>
 }

Web/Resgrid.Web/wwwroot/js/app/internal/training/resgrid.training.edittraining.js

@@ -6,6 +6,11 @@ var resgrid;
         (function (edittraining) {
             var i18n = (typeof resgridTrainingsI18n !== 'undefined') ? resgridTrainingsI18n : {};
 
+            function escapeHtml(str) {
+                if (!str) return '';
+                return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#39;');
+            }
+
             $(document).ready(function () {
                 resgrid.common.analytics.track('Training - Edit');
 
@@ -46,7 +51,7 @@ var resgrid;
                         $('#rolesToAdd').prop('disabled', false).trigger('change.select2');
                         $('#usersToAdd').prop('disabled', false).trigger('change.select2');
                     }
-                });
+                }).trigger('change');
 
                 function initSelect2(selector, placeholder, url) {
                     $(selector).select2({
@@ -81,41 +86,34 @@ var resgrid;
                 resgrid.training.edittraining.questionsCount = maxIndex;
             });
             function addQuestion() {
-                var removeTooltip = i18n.removeQuestionTooltip || 'Remove this question';
+                var removeTooltip = escapeHtml(i18n.removeQuestionTooltip || 'Remove this question');
                 resgrid.training.edittraining.questionsCount++;
                 $('#questions tbody').first().append("<tr><td style='max-width: 215px;'><textarea id='question_" + edittraining.questionsCount + "' name='question_" + edittraining.questionsCount + "' rows='4' cols='40'></textarea></td><td>" + resgrid.training.edittraining.generateAnswersTable(edittraining.questionsCount) + "</td><td style='text-align:center;'><a onclick='$(this).parent().parent().remove();' class='tip-top' data-original-title='" + removeTooltip + "'><i class='fa fa-minus' style='color: red;'></i></a></td></tr>");
             }
             edittraining.addQuestion = addQuestion;
             function generateAnswersTable(count) {
-                var addAnswerLabel = i18n.addAnswer || 'Add Answer';
-                var addAnswerTooltip = i18n.addQuestionTooltip || 'Add Answers to Question';
-                var correctLabel = i18n.correct || 'Correct';
-                var answerTextLabel = i18n.answerText || 'Answer Text';
-                var answersTable = '<table id="answersTable_' + count + '" class="table table-striped table-bordered"><thead><tr><th style="max-width:35px;font-size: 14px;" >' + correctLabel + '</th><th style = "font-size: 14px;" >' + answerTextLabel + '</th><th style = "font-size: 16px;" ><a id="addAnswerButton" class="btn btn-success btn-xs" onclick="resgrid.training.edittraining.addAnswer(' + count + ');" data-original-title="' + addAnswerTooltip + '" ><i class="icon-plus" ></i> ' + addAnswerLabel + '</a></th></tr></thead><tbody></tbody></table>';
+                var addAnswerLabel = escapeHtml(i18n.addAnswer || 'Add Answer');
+                var addAnswerTooltip = escapeHtml(i18n.addAnswerTooltip || 'Add Answers to Question');
+                var correctLabel = escapeHtml(i18n.correct || 'Correct');
+                var answerTextLabel = escapeHtml(i18n.answerText || 'Answer Text');
+                var answersTable = '<table id="answersTable_' + count + '" class="table table-striped table-bordered"><thead><tr><th style="max-width:35px;font-size: 14px;" >' + correctLabel + '</th><th style = "font-size: 14px;" >' + answerTextLabel + '</th><th style = "font-size: 16px;" ><a id="addAnswerButton_' + count + '" class="btn btn-success btn-xs" onclick="resgrid.training.edittraining.addAnswer(' + count + ');" data-original-title="' + addAnswerTooltip + '" ><i class="icon-plus" ></i> ' + addAnswerLabel + '</a></th></tr></thead><tbody></tbody></table>';
                 return answersTable;
             }
             edittraining.generateAnswersTable = generateAnswersTable;
             function addAnswer(count) {
                 var id = generate(4);
-                var answerRequired = i18n.answerRequired || 'Answer is required';
-                var removeAnswerTooltip = i18n.removeAnswerTooltip || 'Remove this answer from the question';
+                var answerRequired = escapeHtml(i18n.answerRequired || 'Answer is required');
+                var removeAnswerTooltip = escapeHtml(i18n.removeAnswerTooltip || 'Remove this answer from the question');
                 $('#answersTable_' + count + ' tbody').append("<tr><td><input type='radio' name='answer_" + count + "' value='answerForQuestion_" + count + "_" + id + "'></td><td><textarea rows='3' cols='30' data-bv-notempty data-bv-notempty-message='" + answerRequired + "' id='answerForQuestion_" + count + "_" + id + "' name='answerForQuestion_" + count + "_" + id + "'></textarea></td><td style='text-align:center;'><a onclick='$(this).parent().parent().remove();' class='tip-top' data-original-title='" + removeAnswerTooltip + "'><i class='fa fa-minus' style='color: red;'></i></a></td></tr>");
             }
             edittraining.addAnswer = addAnswer;
             function removeQuestion(index) {
                 $('#questionRow_' + index).remove();
             }
             edittraining.removeQuestion = removeQuestion;
-            function generate(length) {
-                var arr = [];
-                var n;
-                for (var i = 0; i < length; i++) {
-                    do
-                        n = Math.floor(Math.random() * 20 + 1);
-                    while (arr.indexOf(n) !== -1);
-                    arr[i] = n;
-                }
-                return arr.join('');
+            var _answerIdCounter = 0;
+            function generate() {
+                return ++_answerIdCounter;
             }
             edittraining.generate = generate;
         })(edittraining = training.edittraining || (training.edittraining = {}));

Web/Resgrid.Web/wwwroot/js/app/internal/training/resgrid.training.newtraining.js

@@ -7,6 +7,11 @@ var resgrid;
         (function (newtraining) {
             var i18n = (typeof resgridTrainingsI18n !== 'undefined') ? resgridTrainingsI18n : {};
 
+            function escapeHtml(str) {
+                if (!str) return '';
+                return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#39;');
+            }
+
             $(document).ready(function () {
                 resgrid.common.analytics.track('Training - New');
 
@@ -73,37 +78,30 @@ var resgrid;
                 resgrid.training.newtraining.questionsCount = 0;
             });
             function addQuestion() {
-                var removeTooltip = i18n.removeQuestionTooltip || 'Remove this question';
+                var removeTooltip = escapeHtml(i18n.removeQuestionTooltip || 'Remove this question');
                 resgrid.training.newtraining.questionsCount++;
                 $('#questions tbody').first().append("<tr><td style='max-width: 215px;'><textarea id='question_" + newtraining.questionsCount + "' name='question_" + newtraining.questionsCount + "' rows='4' cols='40'></textarea></td><td>" + resgrid.training.newtraining.generateAnswersTable(newtraining.questionsCount) + "</td><td style='text-align:center;'><a onclick='$(this).parent().parent().remove();' class='tip-top' data-original-title='" + removeTooltip + "'><i class='fa fa-minus' style='color: red;'></i></a></td></tr>");
             }
             newtraining.addQuestion = addQuestion;
             function generateAnswersTable(count) {
-                var addAnswerLabel = i18n.addAnswer || 'Add Answer';
-                var addAnswerTooltip = i18n.addQuestionTooltip || 'Add Answers to Question';
-                var correctLabel = i18n.correct || 'Correct';
-                var answerTextLabel = i18n.answerText || 'Answer Text';
-                var answersTable = '<table id="answersTable_' + count + '" class="table table-striped table-bordered"><thead><tr><th style="max-width:35px;font-size: 14px;" >' + correctLabel + '</th><th style = "font-size: 14px;" >' + answerTextLabel + '</th><th style = "font-size: 16px;" ><a id="addAnswerButton" class="btn btn-success btn-xs" onclick="resgrid.training.newtraining.addAnswer(' + count + ');" data-original-title="' + addAnswerTooltip + '" ><i class="icon-plus" ></i> ' + addAnswerLabel + '</a></th></tr></thead><tbody></tbody></table>';
+                var addAnswerLabel = escapeHtml(i18n.addAnswer || 'Add Answer');
+                var addAnswerTooltip = escapeHtml(i18n.addAnswerTooltip || 'Add Answers to Question');
+                var correctLabel = escapeHtml(i18n.correct || 'Correct');
+                var answerTextLabel = escapeHtml(i18n.answerText || 'Answer Text');
+                var answersTable = '<table id="answersTable_' + count + '" class="table table-striped table-bordered"><thead><tr><th style="max-width:35px;font-size: 14px;" >' + correctLabel + '</th><th style = "font-size: 14px;" >' + answerTextLabel + '</th><th style = "font-size: 16px;" ><a id="addAnswerButton_' + count + '" class="btn btn-success btn-xs" onclick="resgrid.training.newtraining.addAnswer(' + count + ');" data-original-title="' + addAnswerTooltip + '" ><i class="icon-plus" ></i> ' + addAnswerLabel + '</a></th></tr></thead><tbody></tbody></table>';
                 return answersTable;
             }
             newtraining.generateAnswersTable = generateAnswersTable;
             function addAnswer(count) {
                 var id = generate(4);
-                var answerRequired = i18n.answerRequired || 'Answer is required';
-                var removeAnswerTooltip = i18n.removeAnswerTooltip || 'Remove this answer from the question';
+                var answerRequired = escapeHtml(i18n.answerRequired || 'Answer is required');
+                var removeAnswerTooltip = escapeHtml(i18n.removeAnswerTooltip || 'Remove this answer from the question');
                 $('#answersTable_' + count + ' tbody').append("<tr><td><input type='radio' name='answer_" + count + "' value='answerForQuestion_" + count + "_" + id + "'></td><td><textarea rows='3' cols='30' data-bv-notempty data-bv-notempty-message='" + answerRequired + "' id='answerForQuestion_" + count + "_" + id + "' name='answerForQuestion_" + count + "_" + id + "'></textarea></td><td style='text-align:center;'><a onclick='$(this).parent().parent().remove();' class='tip-top' data-original-title='" + removeAnswerTooltip + "'><i class='fa fa-minus' style='color: red;'></i></a></td></tr>");
             }
             newtraining.addAnswer = addAnswer;
-            function generate(length) {
-                var arr = [];
-                var n;
-                for (var i = 0; i < length; i++) {
-                    do
-                        n = Math.floor(Math.random() * 20 + 1);
-                    while (arr.indexOf(n) !== -1);
-                    arr[i] = n;
-                }
-                return arr.join('');
+            var _answerIdCounter = 0;
+            function generate() {
+                return ++_answerIdCounter;
             }
             newtraining.generate = generate;
         })(newtraining = training.newtraining || (training.newtraining = {}));