dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

check in hint service which provides a list of hints for the current lesson

Browse Source
This commit is contained in:
lawson89 2014-06-20 14:41:15 -04:00
parent c71931f43c
commit a90817f332
4 changed files with 834 additions and 876 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1638
java/org/owasp/webgoat/lessons/AbstractLesson.java
View File

File diff suppressed because it is too large Load Diff

47
java/org/owasp/webgoat/service/HintService.java
View File

@ -5,7 +5,13 @@
*/
package org.owasp.webgoat.service;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.HttpSession;
import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.lessons.model.Hint;
import org.owasp.webgoat.session.Course;
import org.owasp.webgoat.session.WebSession;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
@ -16,14 +22,41 @@ import org.springframework.web.bind.annotation.ResponseBody;
*/
@Controller
public class HintService extends BaseService {
/**
* Returns hints for current lesson
*
* @param session
* @return
*/
@RequestMapping(value = "/hint.do", produces = "application/json")
public @ResponseBody
Hint showHint() {
Hint h = new Hint();
h.setHint("This is a test hint");
h.setLesson("Some lesson");
h.setNumber(1);
return h;
List<Hint> showHint(HttpSession session) {
List<Hint> listHints = new ArrayList<Hint>();
WebSession ws;
Object o = session.getAttribute(WebSession.SESSION);
if (o == null || !(o instanceof WebSession)) {
return null;
}
ws = (WebSession) o;
AbstractLesson l = ws.getCurrentLesson();
if (l == null) {
return listHints;
}
List<String> hints;
hints = l.getHintsPublic(ws);
if (hints == null) {
return listHints;
}
int idx = 0;
for (String h : hints) {
Hint hint = new Hint();
hint.setHint(h);
hint.setLesson(l.getName());
hint.setNumber(idx);
listHints.add(hint);
idx++;
}
return listHints;
}
}

15
java/org/owasp/webgoat/session/Course.java
View File

@ -170,7 +170,7 @@ public class Course {
public AbstractLesson getFirstLesson() {
List<String> roles = new ArrayList<String>();
roles.add(AbstractLesson.USER_ROLE);
// Category 0 is the admin function. We want the first real category
// Category 0 is the admin function. We want the first real category
// to be returned. This is noramally the General category and the Http Basics lesson
return ((AbstractLesson) getLessons((Category) getCategories().get(0), roles).get(0));
}
@ -269,6 +269,15 @@ public class Course {
return getLessons(category, roles);
}
public AbstractLesson getLesson(int lessonId) {
for (AbstractLesson l : lessons) {
if (l.getScreenId() == lessonId) {
return l;
}
}
return null;
}
/**
* Load all of the filenames into a temporary cache
*
@ -357,7 +366,7 @@ public class Course {
if (absoluteFile.startsWith("/lesson_plans") && absoluteFile.endsWith(".html")
&& className.endsWith(fileName)) {
// System.out.println("DEBUG: setting lesson plan file " + absoluteFile + " for
// System.out.println("DEBUG: setting lesson plan file " + absoluteFile + " for
// lesson " +
// lesson.getClass().getName());
// System.out.println("fileName: " + fileName + " == className: " + className );
@ -367,7 +376,7 @@ public class Course {
}
if (absoluteFile.startsWith("/lesson_solutions") && absoluteFile.endsWith(".html")
&& className.endsWith(fileName)) {
// System.out.println("DEBUG: setting lesson solution file " + absoluteFile + "
// System.out.println("DEBUG: setting lesson solution file " + absoluteFile + "
// for lesson " +
// lesson.getClass().getName());
// System.out.println("fileName: " + fileName + " == className: " + className );

10
java/org/owasp/webgoat/session/WebSession.java
View File

@ -767,7 +767,7 @@ public class WebSession {
WebGoatI18N.setCurrentLanguage(this.currentLanguage);
}
// System.out.println("Current Screen 1: " + currentScreen );
// System.out.println("Current Screen 1: " + currentScreen );
// System.out.println("Previous Screen 1: " + previousScreen );
// FIXME: requires ?Logout=true
// FIXME: doesn't work right -- no reauthentication
@ -779,7 +779,7 @@ public class WebSession {
previousScreen = ERROR;
}
// There are several scenarios where we want the first lesson to be loaded
// There are several scenarios where we want the first lesson to be loaded
// 1) Previous screen is Welcome - Start of the course
// 2) After a logout and after the session has been reinitialized
if ((this.getPreviousScreen() == WebSession.WELCOME) || (getRequest().getSession(false) != null
@ -789,13 +789,13 @@ public class WebSession {
hintNum = -1;
}
// System.out.println("Current Screen 2: " + currentScreen );
// System.out.println("Current Screen 2: " + currentScreen );
// System.out.println("Previous Screen 2: " + previousScreen );
// update the screen variables
previousScreen = currentScreen;
try {
// If the request is new there should be no parameters.
// If the request is new there should be no parameters.
// This can occur from a session timeout or a the starting of a new course.
if (!request.getSession().isNew()) {
currentScreen = myParser.getIntParameter(SCREEN, currentScreen);
@ -880,7 +880,7 @@ public class WebSession {
isColor = myParser.getBooleanParameter(COLOR, isColor);
isDebug = myParser.getBooleanParameter(DEBUG, isDebug);
// System.out.println( "showParams:" + showParams );
// System.out.println( "showParams:" + showParams );
// System.out.println( "showSource:" + showSource );
// System.out.println( "showSolution:" + showSolution );
// System.out.println( "showCookies:" + showCookies );