Each assigment should have the options to have its own set of hints #278

  - Backend work done

webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentEndpoint.java

@@ -25,12 +25,17 @@
  */
 package org.owasp.webgoat.endpoints;
 
+import com.google.common.collect.Lists;
+import lombok.Getter;
+import org.owasp.webgoat.i18n.LabelManager;
+import org.owasp.webgoat.lessons.AbstractLesson;
 import org.owasp.webgoat.lessons.AttackResult;
 import org.owasp.webgoat.session.UserTracker;
 import org.owasp.webgoat.session.WebSession;
 import org.springframework.beans.factory.annotation.Autowired;
 
 import javax.ws.rs.Path;
+import java.util.List;
 
 /**
  * Each lesson can define an endpoint which can support the lesson. So for example if you create a lesson which uses JavaScript and
@@ -47,7 +52,9 @@ public abstract class AssignmentEndpoint extends Endpoint {
     private UserTracker userTracker;
     @Autowired
 	private WebSession webSession;
-
+    @Autowired
+    @Getter
+    private LabelManager labelProvider;
 
 	//// TODO: 11/13/2016 events better fit?
     protected AttackResult trackProgress(AttackResult attackResult) {
@@ -67,4 +74,6 @@ protected WebSession getWebSession() {
     public final String getPath() {
         return this.getClass().getAnnotationsByType(Path.class)[0].value();
     }
+
+
 }

webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentHints.java

@@ -0,0 +1,16 @@
+package org.owasp.webgoat.endpoints;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Created by nbaars on 1/14/17.
+ */
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface AssignmentHints {
+
+    String[] value() default {};
+}

webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentPath.java

@@ -0,0 +1,18 @@
+package org.owasp.webgoat.endpoints;
+
+import org.springframework.core.annotation.AliasFor;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Created by nbaars on 1/14/17.
+ */
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface AssignmentPath {
+
+    String value();
+}

webgoat-container/src/main/java/org/owasp/webgoat/i18n/LabelManager.java

@@ -1,6 +1,10 @@
 
 package org.owasp.webgoat.i18n;
 
+import org.owasp.webgoat.session.LabelDebugger;
+import org.springframework.stereotype.Component;
+
+import java.io.Serializable;
 import java.util.Locale;
 
 
@@ -33,22 +37,42 @@
  * @version $Id: $Id
  * @author dm
  */
-public interface LabelManager
+@Component
+public class LabelManager
 {
+	private static final long serialVersionUID = 1L;
 
-	/**
-	 * <p>setLocale.</p>
-	 *
-	 * @param locale a {@link java.util.Locale} object.
-	 */
-	public void setLocale(Locale locale);
+	private LabelProvider labelProvider;
+	private LabelDebugger labelDebugger;
+	private Locale locale = new Locale(LabelProvider.DEFAULT_LANGUAGE);
 
 	/**
-	 * <p>get.</p>
+	 * <p>Constructor for LabelManagerImpl.</p>
 	 *
-	 * @param labelKey a {@link java.lang.String} object.
-	 * @return a {@link java.lang.String} object.
+	 * @param labelProvider a {@link LabelProvider} object.
 	 */
-	public String get(String labelKey);
+	protected LabelManager(LabelProvider labelProvider, LabelDebugger labelDebugger) {
+		this.labelDebugger = labelDebugger;
+		this.labelProvider = labelProvider;
+	}
+
+	/** {@inheritDoc} */
+	public void setLocale(Locale locale)
+	{
+		if (locale != null)
+		{
+			this.locale = locale;
+		}
+	}
+
+	/** {@inheritDoc} */
+	public String get(String labelKey, Object... params)
+	{
+		String label = labelProvider.get(locale, labelKey, params);
+		if (labelDebugger.isEnabled()) {
+			label = "<font color=\"#00CD00\">" + label + "</font>";
+		}
+		return label;
+	}
 
 }

webgoat-container/src/main/java/org/owasp/webgoat/i18n/LabelProvider.java

@@ -97,8 +97,8 @@ public ClassLoader getClassLoader() {
      * @param strName a {@link java.lang.String} object.
      * @return a {@link java.lang.String} object.
      */
-    public String get(Locale locale, String strName) {
-        return pluginLabels.getMessage(strName, null, useLocaleOrFallbackToEnglish(locale));
+    public String get(Locale locale, String strName, Object... params) {
+        return pluginLabels.getMessage(strName, params, useLocaleOrFallbackToEnglish(locale));
     }
 
     private Locale useLocaleOrFallbackToEnglish(Locale locale) {

webgoat-container/src/main/java/org/owasp/webgoat/lessons/AbstractLesson.java

@@ -2,6 +2,7 @@
 
 import lombok.Getter;
 import lombok.Setter;
+import org.owasp.webgoat.i18n.LabelProvider;
 import org.owasp.webgoat.session.Screen;
 
 import java.util.List;
@@ -219,4 +220,5 @@ public String toString() {
     }
 
     public abstract String getId();
+
 }

webgoat-container/src/main/java/org/owasp/webgoat/lessons/Assignment.java

@@ -2,8 +2,11 @@
 
 import lombok.AllArgsConstructor;
 import lombok.Getter;
+import lombok.NonNull;
+import lombok.RequiredArgsConstructor;
 
 import java.io.Serializable;
+import java.util.List;
 
 /**
  * ************************************************************************************************
@@ -35,10 +38,14 @@
  * @since November 25, 2016
  */
 @AllArgsConstructor
+@RequiredArgsConstructor
 @Getter
 public class Assignment implements Serializable {
 
+    @NonNull
     private final String name;
+    @NonNull
     private final String path;
+    private List<String> hints;
 
 }

webgoat-container/src/main/java/org/owasp/webgoat/lessons/Hint.java

@@ -26,70 +26,20 @@
  */
 package org.owasp.webgoat.lessons;
 
+import lombok.Getter;
+import lombok.Setter;
+
 /**
  * <p>Hint class.</p>
  *
  * @author rlawson
  * @version $Id: $Id
  */
+@Getter
+@Setter
 public class Hint {
 
     private String hint;
     private String lesson;
     private int number;
-
-    /**
-     * <p>Getter for the field <code>hint</code>.</p>
-     *
-     * @return the hint
-     */
-    public String getHint() {
-        return hint;
-    }
-
-    /**
-     * <p>Setter for the field <code>hint</code>.</p>
-     *
-     * @param hint the hint to set
-     */
-    public void setHint(String hint) {
-        this.hint = hint;
-    }
-
-    /**
-     * <p>Getter for the field <code>lesson</code>.</p>
-     *
-     * @return the lesson
-     */
-    public String getLesson() {
-        return lesson;
-    }
-
-    /**
-     * <p>Setter for the field <code>lesson</code>.</p>
-     *
-     * @param lesson the lesson to set
-     */
-    public void setLesson(String lesson) {
-        this.lesson = lesson;
-    }
-
-    /**
-     * <p>Getter for the field <code>number</code>.</p>
-     *
-     * @return the number
-     */
-    public int getNumber() {
-        return number;
-    }
-
-    /**
-     * <p>Setter for the field <code>number</code>.</p>
-     *
-     * @param number the number to set
-     */
-    public void setNumber(int number) {
-        this.number = number;
-    }
-
 }

webgoat-container/src/main/java/org/owasp/webgoat/lessons/NewLesson.java

@@ -34,7 +34,6 @@
 public abstract class NewLesson extends LessonAdapter {
 
 
-
     @Override
     public abstract Category getDefaultCategory();
 

webgoat-container/src/main/java/org/owasp/webgoat/plugins/Plugin.java

@@ -4,6 +4,8 @@
 import com.google.common.collect.Lists;
 import lombok.Getter;
 import org.owasp.webgoat.endpoints.AssignmentEndpoint;
+import org.owasp.webgoat.endpoints.AssignmentHints;
+import org.owasp.webgoat.endpoints.AssignmentPath;
 import org.owasp.webgoat.endpoints.Endpoint;
 import org.owasp.webgoat.lessons.AbstractLesson;
 import org.owasp.webgoat.lessons.Assignment;
@@ -114,11 +116,18 @@ public Optional<AbstractLesson> getLesson() {
 
 
     private List<Assignment> createAssignment(List<Class<AssignmentEndpoint>> endpoints) {
-        return endpoints.stream().map(e -> new Assignment(e.getSimpleName(), getPath(e))).collect(toList());
+        return endpoints.stream().map(e -> new Assignment(e.getSimpleName(), getPath(e), Lists.newArrayList("test"))).collect(toList());
     }
 
     private String getPath(Class<AssignmentEndpoint> e) {
-        return e.getAnnotationsByType(javax.ws.rs.Path.class)[0].value();
+        return e.getAnnotationsByType(AssignmentPath.class)[0].value();
+    }
+
+    private List<String> getHints(Class<AssignmentEndpoint> e) {
+        if (e.isAnnotationPresent(AssignmentHints.class)) {
+            return Lists.newArrayList(e.getAnnotationsByType(AssignmentHints.class)[0].value());
+        }
+        return Lists.newArrayList();
     }
 
 

webgoat-lessons/client-side-filtering/src/main/java/org/owasp/webgoat/plugin/Attack.java

@@ -1,6 +1,8 @@
 package org.owasp.webgoat.plugin;
 
 import org.owasp.webgoat.endpoints.AssignmentEndpoint;
+import org.owasp.webgoat.endpoints.AssignmentHints;
+import org.owasp.webgoat.endpoints.AssignmentPath;
 import org.owasp.webgoat.lessons.AttackResult;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -39,7 +41,7 @@
  * @version $Id: $Id
  * @since August 11, 2016
  */
-@Path("/clientSideFiltering/attack1")
+@AssignmentPath("/clientSideFiltering/attack1")
 public class Attack extends AssignmentEndpoint {
 
     @RequestMapping(method = RequestMethod.POST)