From 2b3046164f1c503dcd7fc558fce4fe8fc052c892 Mon Sep 17 00:00:00 2001
From: Sarah Vaupel <vaupel.sarah@campus.lmu.de>
Date: Mon, 13 Jan 2020 10:46:11 +0100
Subject: [PATCH] fix(exam-correct): add XSRF token to post header

---
 .../src/utils/exam-correct/exam-correct.js    | 29 +++++++++++++------
 package-lock.json                             |  5 ++++
 package.json                                  |  1 +
 records.json                                  | 13 +++++++++
 4 files changed, 39 insertions(+), 9 deletions(-)

diff --git a/frontend/src/utils/exam-correct/exam-correct.js b/frontend/src/utils/exam-correct/exam-correct.js
index aa76ea9ad..5e1e96ca2 100644
--- a/frontend/src/utils/exam-correct/exam-correct.js
+++ b/frontend/src/utils/exam-correct/exam-correct.js
@@ -3,9 +3,12 @@ import { StorageManager, LOCATION } from '../../lib/storage-manager/storage-mana
 
 import './exam-correct.sass';
 
+import Cookies from 'js-cookie';
 import moment from 'moment';
 
 
+const EXAM_CORRECT_URL_POST = 'correct';
+
 const EXAM_CORRECT_IDENT = 'uw-exam-correct';
 const EXAM_CORRECT_PART_INPUT_ATTR = 'uw-exam-correct--part-input';
 const EXAM_CORRECT_SEND_BTN_ID = 'exam-correct__send-btn';
@@ -89,13 +92,13 @@ export class ExamCorrect {
     });
 
     // abort send if there are no results (after validation)
-    if (results === {}) return;
+    if (Object.keys(results).length <= 0) return;
 
-    console.log(participant, results);
+    console.log('input validated, proceeding', participant, results);
 
-    // TODO apply row and data classes
-    // (maybe create some sort of template for this instead)
+    // TODO create and use template for this
     const correctionRow = document.createElement('TR');
+    correctionRow.classList.add('table__row');
     const dateTD = document.createElement('TD');
     dateTD.appendChild(document.createTextNode(moment().format()));
     const participantTD = document.createElement('TD');
@@ -107,27 +110,35 @@ export class ExamCorrect {
         partTD.appendChild(document.createTextNode(results[partKey]));
       return partTD;
     });
-    [dateTD,participantTD,...partTDs].forEach((td) => correctionRow.appendChild(td));
+    [dateTD,participantTD,...partTDs].forEach((td) => {
+      td.classList.add('table__td');
+      correctionRow.appendChild(td);
+    });
     const tableBody = this._element.querySelector(`tbody:not(#${EXAM_CORRECT_INPUT_BODY_ID})`);
     tableBody.insertBefore(correctionRow, tableBody.firstChild);
 
     // clear input values on validation success
+    // TODO only clear input on post success
     [this._participantInput, ...this._partInputs].forEach(clearInput);
 
-    const url = 'TODO';
-    const headers = {};
+    const url = EXAM_CORRECT_URL_POST;
+    const headers = {
+      'X-XSRF-TOKEN': Cookies.get('XSRF-TOKEN'),
+    };
     const body = {
       participant: participant,
       results: results,
     };
 
+    console.log('body', body);
+
     this._app.httpClient.post({
       url: url,
       headers: headers,
       body: body,
     }).then(
-      (response) => response.json()
-    ).then(
+    //  (response) => response.json()
+    //).then(
       (response) => this._processResponse(response, participant)
     ).catch((error) => {
       console.error('Error while processing response', error);
diff --git a/package-lock.json b/package-lock.json
index e25a06694..5e95dfe19 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9767,6 +9767,11 @@
         }
       }
     },
+    "js-cookie": {
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/js-cookie/-/js-cookie-2.2.1.tgz",
+      "integrity": "sha512-HvdH2LzI/EAZcUwA8+0nKNtWHqS+ZmijLA30RwZA0bo7ToCckjK5MkGhjED9KoRcXO6BaGI3I9UIzSA1FKFPOQ=="
+    },
     "js-levenshtein": {
       "version": "1.1.6",
       "resolved": "https://registry.npmjs.org/js-levenshtein/-/js-levenshtein-1.1.6.tgz",
diff --git a/package.json b/package.json
index c943338ee..8095b10cb 100644
--- a/package.json
+++ b/package.json
@@ -108,6 +108,7 @@
     "@babel/runtime": "^7.7.6",
     "@juggle/resize-observer": "^2.5.0",
     "core-js": "^3.4.8",
+    "js-cookie": "^2.2.1",
     "moment": "^2.24.0",
     "npm": "^6.13.4",
     "tail.datetime": "git+ssh://git@gitlab2.rz.ifi.lmu.de/uni2work/tail.DateTime.git#master",
diff --git a/records.json b/records.json
index 0e3c24f99..9d50500cc 100644
--- a/records.json
+++ b/records.json
@@ -739,5 +739,18 @@
         "usedIds": []
       }
     }
+  ],
+  "mini-css-extract-plugin node_modules/css-loader/dist/cjs.js??ref--6-1!node_modules/postcss-loader/src/index.js??ref--6-2!node_modules/resolve-url-loader/index.js??ref--6-3!node_modules/sass-loader/dist/cjs.js??ref--6-4!frontend/src/utils/exam-correct/exam-correct.sass": [
+    {
+      "modules": {
+        "byIdentifier": {},
+        "usedIds": {}
+      },
+      "chunks": {
+        "byName": {},
+        "bySource": {},
+        "usedIds": []
+      }
+    }
   ]
 }
\ No newline at end of file