3946 additional metadata elements

scripts/database/upgrades/upgrade_v4.7_to_v4.7.1.sql

@@ -4,4 +4,22 @@
 ALTER TABLE authenticateduser ADD COLUMN createdtime TIMESTAMP NOT NULL DEFAULT '01-01-2000 00:00:00';
 ALTER TABLE authenticateduser ADD COLUMN lastlogintime TIMESTAMP DEFAULT NULL;
 ALTER TABLE authenticateduser ADD COLUMN lastapiusetime TIMESTAMP DEFAULT NULL;
-ALTER TABLE authenticateduser DROP COLUMN modificationtime;
+ALTER TABLE authenticateduser DROP COLUMN modificationtime;
+
+/* 
+Add validationFormat to DatasetFieldType to 
+ */
+ALTER TABLE datasetfieldtype
+ADD COLUMN validationFormat character varying(255);
+
+/*
+for testing display format 
+This adds a display format that links out to an outside site. The format of the #VALUE is
+four characters alpha numeric (3fki works) 
+
+update datasetfieldtype 
+set displayformat = '<a target="_blank" href="http://www.rcsb.org/pdb/explore/explore.do?structureId=#VALUE">PDB (RCSB) #VALUE</a>',
+fieldType= 'TEXT'
+where id = xxx;
+
+*/

src/main/java/edu/harvard/iq/dataverse/DatasetField.java

@@ -274,7 +274,7 @@ public List<String> getValues() {
         List returnList = new ArrayList();
         if (!datasetFieldValues.isEmpty()) {
             for (DatasetFieldValue dsfv : datasetFieldValues) {
-                returnList.add(dsfv.getValue());
+                returnList.add(dsfv.getDisplayValue());
             }
         } else {
             for (ControlledVocabularyValue cvv : controlledVocabularyValues) {

src/main/java/edu/harvard/iq/dataverse/DatasetFieldCompoundValue.java

@@ -5,6 +5,7 @@
  */
 package edu.harvard.iq.dataverse;
 
+import edu.harvard.iq.dataverse.util.MarkupChecker;
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Comparator;
@@ -143,15 +144,18 @@ public Map<DatasetField,String> getDisplayValueMap() {
                 if (StringUtils.isBlank(format)) {
                     format = "#VALUE";
                 }
-
+                String sanitizedValue = childDatasetField.getDatasetFieldType().isSanitizeHtml() ? MarkupChecker.sanitizeBasicHTML(childDatasetField.getValue()) :  childDatasetField.getValue();
+                if (!childDatasetField.getDatasetFieldType().isSanitizeHtml() && childDatasetField.getDatasetFieldType().isEscapeOutputText()){
+                    sanitizedValue = MarkupChecker.stripAllTags(sanitizedValue);
+                }
                 // replace the special values in the format (note: we replace #VALUE last since we don't
                 // want any issues if the value itself has #NAME in it)
                 String displayValue = format
                         .replace("#NAME", childDatasetField.getDatasetFieldType().getTitle())
                         //todo: this should be handled in more generic way for any other text that can then be internationalized
                         // if we need to use replaceAll for regexp, then make sure to use: java.util.regex.Matcher.quoteReplacement(<target string>)
                         .replace("#EMAIL", ResourceBundle.getBundle("Bundle").getString("dataset.email.hiddenMessage"))
-                        .replace("#VALUE", childDatasetField.getValue());
+                        .replace("#VALUE",  sanitizedValue );
 
                 fieldMap.put(childDatasetField,displayValue);
             }

src/main/java/edu/harvard/iq/dataverse/DatasetFieldType.java

@@ -46,10 +46,7 @@ public Long getId() {
     public void setId(Long id) {
         this.id = id;
     }
-
-    public String getIdString(){
-        return id.toString();
-    }
+
 
     /**
      * The internal, DDI-like name, no spaces, etc.
@@ -83,6 +80,8 @@ public String getIdString(){
      * A watermark to be displayed in the UI.
      */
     private String watermark;
+
+    private String validationFormat;
 
     @OneToMany(mappedBy = "datasetFieldType")
     private Set<DataverseFacet> dataverseFacets;
@@ -164,8 +163,23 @@ public void setDisplayFormat(String displayFormat) {
         this.displayFormat = displayFormat;
     }
 
+    public Boolean isSanitizeHtml(){
+        if (this.fieldType.equals(FieldType.URL)){
+            return true;
+        }
+        return this.fieldType.equals(FieldType.TEXTBOX);
+    }
+
+    public Boolean isEscapeOutputText(){
+        if (this.fieldType.equals(FieldType.URL)){
+            return false;
+        }
+        if (this.fieldType.equals(FieldType.TEXTBOX)){
+            return false;
+        }
+        return !(this.fieldType.equals(FieldType.TEXT) &&  this.displayFormat != null &&this.displayFormat.contains("<a"));
+    }
 
-
     public String getName() {
         return name;
     }
@@ -239,6 +253,14 @@ public boolean isFacetable() {
     public void setFacetable(boolean facetable) {
         this.facetable = facetable;
     }
+
+    public String getValidationFormat() {
+        return validationFormat;
+    }
+
+    public void setValidationFormat(String validationFormat) {
+        this.validationFormat = validationFormat;
+    }
 
     /**
      * Determines whether this field type is displayed in the form when creating

src/main/java/edu/harvard/iq/dataverse/DatasetFieldValidator.java

@@ -31,7 +31,12 @@ public boolean isValid(DatasetField value, ConstraintValidatorContext context) {
         }
         if (((dsfType.isPrimitive() && dsfType.isRequired())  || (dsfType.isPrimitive() && value.isRequired())) 
                 && StringUtils.isBlank(value.getValue())) {
-            context.buildConstraintViolationWithTemplate(dsfType.getDisplayName() + " is required.").addConstraintViolation();
+            try{
+                context.buildConstraintViolationWithTemplate(dsfType.getDisplayName() + " is required.").addConstraintViolation();
+            } catch (NullPointerException npe){
+                //if there's no context for the error we can't put it anywhere....
+            }
+
             return false;
         }
         return true;

src/main/java/edu/harvard/iq/dataverse/DatasetFieldValue.java

@@ -6,8 +6,10 @@
 
 package edu.harvard.iq.dataverse;
 
+import edu.harvard.iq.dataverse.util.MarkupChecker;
 import java.io.Serializable;
 import java.util.Comparator;
+import java.util.ResourceBundle;
 import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.GeneratedValue;
@@ -18,6 +20,7 @@
 import javax.persistence.ManyToOne;
 import javax.persistence.Table;
 import javax.persistence.Transient;
+import org.apache.commons.lang.StringUtils;
 
 /**
  *
@@ -85,6 +88,31 @@ public String getValueForEdit() {
     public void setValueForEdit(String value) {
         this.value = value;
     }
+
+    public String getDisplayValue() {
+        String retVal = "";
+        if (!StringUtils.isBlank(this.getValue()) && !DatasetField.NA_VALUE.equals(this.getValue())) {
+            String format = this.datasetField.getDatasetFieldType().getDisplayFormat();
+            if (StringUtils.isBlank(format)) {
+                format = "#VALUE";
+            }           
+            String sanitizedValue = !this.datasetField.getDatasetFieldType().isSanitizeHtml() ? this.getValue() :  MarkupChecker.sanitizeBasicHTML(this.getValue());    
+
+                if (!this.datasetField.getDatasetFieldType().isSanitizeHtml() && this.datasetField.getDatasetFieldType().isEscapeOutputText()){
+                    sanitizedValue = MarkupChecker.stripAllTags(sanitizedValue);
+                }
+
+            // replace the special values in the format (note: we replace #VALUE last since we don't
+            // want any issues if the value itself has #NAME in it)
+            String displayValue = format
+                    .replace("#NAME",  this.datasetField.getDatasetFieldType().getTitle() == null ? "" : this.datasetField.getDatasetFieldType().getTitle())
+                    .replace("#EMAIL", ResourceBundle.getBundle("Bundle").getString("dataset.email.hiddenMessage"))
+                    .replace("#VALUE", sanitizedValue);
+            retVal = displayValue;
+        }
+
+        return retVal;
+    }
 
     public int getDisplayOrder() {
         return displayOrder;