Merge pull request #3594 from ControlSystemStudio/CSSTUDIO-3488

Escape HTML in Olog logs

Author: shroffk

app/logbook/olog/client-es/src/main/java/org/phoebus/olog/es/api/OlogHttpClient.java

@@ -260,9 +260,14 @@ private SearchResult findLogs(MultivaluedMap<String, String> searchParams) throw
                 .build();
         try {
             HttpResponse<String> response = httpClient.send(request, HttpResponse.BodyHandlers.ofString());
-            OlogSearchResult searchResult = OlogObjectMappers.logEntryDeserializer.readValue(response.body(), OlogSearchResult.class);
-            return SearchResult.of(new ArrayList<>(searchResult.getLogs()),
-                    searchResult.getHitCount());
+            if(response.statusCode() == 200) {
+                OlogSearchResult searchResult = OlogObjectMappers.logEntryDeserializer.readValue(response.body(), OlogSearchResult.class);
+                return SearchResult.of(new ArrayList<>(searchResult.getLogs()),
+                        searchResult.getHitCount());
+            }
+            else{
+                throw new RuntimeException(response.body());
+            }
         } catch (Exception e) {
             LOGGER.log(Level.WARNING, "failed to retrieve log entries", e);
             throw new RuntimeException(e);

app/logbook/olog/ui/doc/index.rst

@@ -21,6 +21,12 @@ Features
 
 - Log entry viewers offer search capabilities based on meta data and content.
 
+Missing features
+----------------
+In contrast to other markup implementations, HTML tags are **not** supported. Any such tags entered by user will
+be rendered as plain text.
+
+
 Launching the log entry editor
 ------------------------------
 The log entry editor is launched as a non-modal window using one of the following methods:

app/logbook/olog/ui/src/main/java/org/phoebus/logbook/olog/ui/HtmlAwareController.java

@@ -29,30 +29,38 @@
 
 public class HtmlAwareController {
 
-    private Parser parser;
-    private HtmlRenderer htmlRenderer;
+    private final Parser parser;
+    private final HtmlRenderer htmlRenderer;
 
+    /**
+     * Constructor to generate html code for HTML preview feature in LogEntryEditor or detailed log entry view.
+     * @param serviceUrl Olog service url
+     */
     public HtmlAwareController(String serviceUrl){
-        List<Extension> extensions =
-                Arrays.asList(TablesExtension.create(), ImageAttributesExtension.create());
-        this.parser = Parser.builder().extensions(extensions).build();
-        htmlRenderer = HtmlRenderer.builder()
-                .attributeProviderFactory(context -> new OlogAttributeProvider(serviceUrl))
-                .extensions(extensions).build();
+       this(new OlogAttributeProvider(serviceUrl));
     }
 
     /**
-     * To create HtmlAwareController object to generate html code for HTML preview feature in LogEntryEditor.
+     * Constructor to generate html code for HTML preview feature in LogEntryEditor or detailed log entry view.
      * @param serviceUrl Olog service url.
      * @param preview Set true when preview button is clicked.
      * @param attachments The current attachments list from AttachmentsEditorController.
      */
     public HtmlAwareController(String serviceUrl, boolean preview, List<Attachment> attachments){
+       this(new OlogAttributeProvider(serviceUrl, preview, attachments));
+    }
+
+    /**
+     * Private constructor to avoid code duplication.
+     * @param ologAttributeProvider The {@link OlogAttributeProvider} particular to the use case.
+     */
+    private HtmlAwareController(OlogAttributeProvider ologAttributeProvider){
         List<Extension> extensions =
                 Arrays.asList(TablesExtension.create(), ImageAttributesExtension.create());
         this.parser = Parser.builder().extensions(extensions).build();
         htmlRenderer = HtmlRenderer.builder()
-                .attributeProviderFactory(context -> new OlogAttributeProvider(serviceUrl, preview, attachments))
+                .escapeHtml(true)
+                .attributeProviderFactory(context -> ologAttributeProvider)
                 .extensions(extensions).build();
     }
 

app/logbook/olog/ui/src/main/java/org/phoebus/logbook/olog/ui/LogEntryCalenderViewController.java

@@ -34,6 +34,7 @@
 import org.phoebus.logbook.SearchResult;
 import org.phoebus.logbook.olog.ui.query.OlogQuery;
 import org.phoebus.logbook.olog.ui.query.OlogQueryManager;
+import org.phoebus.ui.dialog.ExceptionDetailsErrorDialog;
 
 import java.net.URL;
 import java.time.LocalDateTime;
@@ -262,7 +263,8 @@ public void search() {
                 },
                 (msg, ex) -> {
                     searchInProgress.set(false);
-                });
+                    ExceptionDetailsErrorDialog.openError(agenda, Messages.SearchFailed, "", ex);
+        });
     }
 
     public String getQuery() {

app/logbook/olog/ui/src/main/java/org/phoebus/logbook/olog/ui/LogEntryTableViewController.java

@@ -25,6 +25,7 @@
 import javafx.scene.control.Pagination;
 import javafx.scene.control.ProgressIndicator;
 import javafx.scene.control.SelectionMode;
+import javafx.scene.control.SplitPane;
 import javafx.scene.control.TableCell;
 import javafx.scene.control.TableColumn;
 import javafx.scene.control.TableView;
@@ -60,6 +61,7 @@
 import org.phoebus.security.store.SecureStore;
 import org.phoebus.security.tokens.ScopedAuthenticationToken;
 import org.phoebus.ui.dialog.DialogHelper;
+import org.phoebus.ui.dialog.ExceptionDetailsErrorDialog;
 
 import java.io.IOException;
 import java.util.ArrayList;
@@ -88,6 +90,10 @@ public class LogEntryTableViewController extends LogbookSearchController impleme
     @SuppressWarnings("unused")
     private GridPane viewSearchPane;
 
+    @SuppressWarnings("unused")
+    @FXML
+    private SplitPane splitPane;
+
     // elements related to the table view of the log entries
     @FXML
     @SuppressWarnings("unused")
@@ -420,6 +426,7 @@ public void search() {
                 },
                 (msg, ex) -> {
                     searchInProgress.set(false);
+                    ExceptionDetailsErrorDialog.openError(splitPane, Messages.SearchFailed, "", ex);
                 });
     }
 

app/logbook/olog/ui/src/main/java/org/phoebus/logbook/olog/ui/Messages.java

@@ -55,6 +55,7 @@ public class Messages
             PreviewOpenErrorTitle,
             ReplyToLogEntry,
             RequestTooLarge,
+            SearchFailed,
             SelectFile,
             SelectFolder,
             ShowHideDetails,

app/logbook/olog/ui/src/main/resources/org/phoebus/logbook/olog/ui/messages.properties

@@ -94,6 +94,7 @@ ScalingFactor=Scaling Factor
 SearchButtonText=Search:
 Search=Search available:
 SearchAvailableItems=Search the list of available items.
+SearchFailed=Search Failed
 SearchToolTip=Edit and press Enter to search
 Selected=Selected
 SelectFolder=Select Folder

app/logbook/olog/ui/src/test/java/org/phoebus/logbook/olog/ui/HtmlAwareControllerTest.java

@@ -0,0 +1,18 @@
+/*
+ * Copyright (C) 2025 European Spallation Source ERIC.
+ */
+
+package org.phoebus.logbook.olog.ui;
+
+import org.junit.jupiter.api.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+public class HtmlAwareControllerTest {
+
+    @Test
+    public void testEscapeHtml(){
+        HtmlAwareController htmlAwareController = new HtmlAwareController("");
+        String escapedHtml = htmlAwareController.toHtml("<br><p>Paragraph</p>");
+        assertEquals("<p>&lt;br&gt;&lt;p&gt;Paragraph&lt;/p&gt;</p>\n", escapedHtml);
+    }
+}