Visual description

client/index.html

@@ -63,6 +63,8 @@ <h2 class="text-center">Title</h2>
                   aria-hidden="true"></span>
             <span id="session-fail-help"
                   class="fail-help help-block hidden">Please input the 26-character session key.</span>
+            <span id="session-fail-custom-help"
+                  class="fail-custom help-block hidden"></span>
           </div>
           <div class="form-group">
             <label class="control-label" for="participation-code">Participation code</label>
@@ -76,6 +78,8 @@ <h2 class="text-center">Title</h2>
                   aria-hidden="true"></span>
             <span id="participation-code-fail-help"
                   class="fail-help help-block hidden">Please input the 26-character participation code.</span>
+            <span id="participation-code-fail-custom-help"
+                  class="fail-custom help-block hidden"></span>
           </div>
         </form>
       </div>
@@ -241,12 +245,15 @@ <h4 id="totals-hot-name"></h4>
           $parent.find('.success-icon').removeClass('hidden').addClass('show');
           $parent.find('.fail-icon').removeClass('show').addClass('hidden');
           $parent.find('.fail-help').removeClass('show').addClass('hidden');
+          $parent.find('.fail-custom').removeClass('show').addClass('hidden');
+          verify_keys_and_fetch_description();
         } else {
 
           $parent.removeClass('has-success').addClass('has-error has-feedback');
           $parent.find('.success-icon').removeClass('show').addClass('hidden');
           $parent.find('.fail-icon').removeClass('hidden').addClass('show');
           $parent.find('.fail-help').removeClass('hidden').addClass('show');
+          $parent.find('.fail-custom').removeClass('show').addClass('hidden');
         }
       };
 
@@ -262,6 +269,8 @@ <h4 id="totals-hot-name"></h4>
 
       $participationCode.val(getParameterByName('participationCode'));
       $session.val(getParameterByName('session'));
+      if($session.val().trim() !== "") $session.blur();
+      if($participationCode.val().trim() !== "") $participationCode.blur();
 
       var req = $.ajax({
         type: "GET",

client/script/client.js

@@ -16,6 +16,47 @@ function success(msg) {
   alertify.alert("<img src='style/accept.png' alt='Success'>Success!", msg);
 }
 
+// When the session and/or participation code is modified, fetch session info from server.
+function verify_keys_and_fetch_description() {
+  var session = $("#session").val().trim().toLowerCase();
+  var participationCode = $("#participation-code").val().trim().toLowerCase();
+
+  if(session == "" || participationCode == "") return;
+
+  $.ajax({
+    type: "POST",
+    url: "/sessioninfo",
+    contentType: "application/json",
+    data: JSON.stringify({session: session, userkey: participationCode}),
+    dataType: "text"
+  }).then(function(response) {
+    response = JSON.parse(response);
+    var title = response.title;
+    var description = response.description;
+
+    //$("#session-title").html(title);
+    //$("#session-description").html(description);
+
+    var $parent = $('#session, #participation-code').parent();
+    $parent.removeClass('has-error').addClass('has-success has-feedback');
+    $parent.find('.success-icon').removeClass('hidden').addClass('show');
+    $parent.find('.fail-icon').removeClass('show').addClass('hidden');
+    $parent.find('.fail-help').removeClass('show').addClass('hidden');
+    $parent.find('.fail-custom').removeClass('show').addClass('hidden');
+  }).catch(function(err) {
+    var errorMsg = SERVER_ERR;
+    if (err && err.hasOwnProperty('responseText') && err.responseText !== undefined)
+      errorMsg = err.responseText;
+
+    var $parent = $('#session, #participation-code').parent();
+    $parent.removeClass('has-success').addClass('has-error has-feedback');
+    $parent.find('.success-icon').removeClass('show').addClass('hidden');
+    $parent.find('.fail-icon').removeClass('hidden').addClass('show');
+    $parent.find('.fail-help').removeClass('show').addClass('hidden');
+    $parent.find('.fail-custom').removeClass('hidden').addClass('show').html(errorMsg);
+  });
+}
+
 /**
  * Called when the submit button is pressed.
  */

client/script/drop_sheet.js

@@ -187,7 +187,7 @@ var DropSheet = function DropSheet(opts) {
     function process_ws(ws, table_def, table) {
 
         // Clear existing values in case user is submitting updated sheet after error.
-        table.clear();
+        //table.clear();
 
         // Default range for input section of spreadsheet, obtained from tables.json.
         var sheet_start = table_def.excel[0].start;

server/index.js

@@ -127,7 +127,9 @@ var SessionInfo = mongoose.model('SessionInfo', {
   _id: String,
   session: String,
   pub_key: String,
-  password: String
+  password: String,
+  title: String,
+  description: String
 });
 var FinalAggregate = mongoose.model('FinalAggregate', {
   _id: String,
@@ -151,7 +153,7 @@ var SessionStatus = mongoose.model('SessionStatus', {
 function verify_password(session, password, success, fail) {
   SessionInfo.findOne({session: session, password: password}, function (err, data) {
     if (err)
-      fail('Error while verifying user key.');
+      fail('Error while verifying password.');
     else if (data == null)
       fail('Invalid session/password');
     else
@@ -163,7 +165,7 @@ function verify_password(session, password, success, fail) {
 function verify_status(session, status, success, fail) {
   SessionStatus.findOne({_id: session}, function (err, data) {
     if (err)
-      fail('Error while verifying user key.');
+      fail('Error while verifying participation code.');
 
     var db_status = "START";
     if (data != null)
@@ -202,7 +204,7 @@ app.post('/', function (req, res) {
   joi.validate(body, bodySchema, function (err, body) {
     if (err) {
       console.log(err);
-      res.status(500).send('Missing or invalid fields');
+      res.status(500).send('Missing or invalid fields.');
       return;
     }
 
@@ -223,12 +225,12 @@ app.post('/', function (req, res) {
       UserKey.findOne({_id: ID}, function (err, data) {
         if (err) {
           console.log(err);
-          res.status(500).send('Error while verifying user key.');
+          res.status(500).send('Error while verifying participation code.');
           return;
         }
 
         if (data == null) {
-          res.status(500).send('Invalid user key');
+          res.status(500).send('Invalid participation code.');
         } else { // User Key Found.
           // save the mask and individual aggregate
           var aggToSave = new Aggregate({
@@ -265,7 +267,7 @@ app.post('/', function (req, res) {
             })
             .catch(function (err) {
               console.log(err);
-              res.status(500).send('Unable to save aggregate, please try again');
+              res.status(500).send('Unable to save aggregate, please try again.');
               return;
             });
         }
@@ -285,31 +287,88 @@ app.post("/publickey", function (req, res) {
   joi.validate(req.body, schema, function (valErr, body) {
     if (valErr) {
       console.log(valErr);
-      res.status(500).send('Error while fetching key.');
+      res.status(500).send('Invalid request.');
       return;
     }
+
+    var mask = body.mask,
+        req_data = body.data,
+        session = body.session,
+        user = body.user;
+
     SessionInfo.findOne({session: body.session}, function (err, data) {
       if (err) {
         console.log(err);
-        res.status(500).send('Error while fetching key.');
+        res.status(500).send('Error while fetching session.');
         return;
       }
       if (data == null) {
-        res.status(500).send('No key found with the specified session ID');
+        res.status(500).send('Session is not found.');
       } else {
         res.send(data.pub_key);
       }
     });
   });
 });
 
+// endpoint for verifying user and session key and getting the session info.
+app.post("/sessioninfo", function (req, res) {
+  console.log('POST /sessioninfo');
+  console.log(req.body);
+  var schema = {
+    session: joi.string().alphanum().required(),
+    userkey: joi.string().alphanum().required()
+  };
+
+  joi.validate(req.body, schema, function (valErr, body) {
+    if (valErr) {
+      console.log(valErr);
+      res.status(500).send('Invalid request.');
+      return;
+    }
+
+    var session = body.session;
+    var userkey = body.userkey;
+    var ID = session + userkey;
+
+    UserKey.findOne({_id: ID}, function (err, data) {
+      if (err) {
+        console.log(err);
+        res.status(500).send('Error while fetching data.');
+        return;
+      }
+
+      if (data == null) {
+        res.status(500).send('Invalid session key or participation code key');
+      } else {
+        SessionInfo.findOne({session: session}, function (err, data) {
+          if (err) {
+            console.log(err);
+            res.status(500).send('Error while fetching data.');
+            return;
+          }
+          if (data == null) {
+            res.status(500).send('Invalid session key.');
+          } else {
+            res.send( { title: data.title, description: data.description } );
+          }
+        });
+      }
+    });
+  });
+});
+
 // endpoint for generating and saving the public key
 app.post('/create_session', function (req, res) {
   console.log('POST /create_session');
   console.log(req.body);
 
   // TODO: should be more restrictive here
-  var schema = {publickey: joi.string().required()};
+  var schema = {
+    publickey: joi.string().required(),
+    title: joi.string().required(),
+    description: joi.string().required()
+  };
 
   joi.validate(req.body, schema, function (valErr, body) {
     if (valErr) {
@@ -322,11 +381,16 @@ app.post('/create_session', function (req, res) {
     var sessionID = base32Encode(crypto.randomBytes(16), 'Crockford').toString().toLowerCase();
     var password = base32Encode(crypto.randomBytes(16), 'Crockford').toString().toLowerCase();
 
+    var title = body.title.split("<").join("&lt;").split(">").join("&gt;");
+    var description = body.description.split("<").join("&lt;").split(">").join("&gt;");
+
     var sessInfo = new SessionInfo({
       _id: sessionID,
       session: sessionID,
       pub_key: publickey,
-      password: password
+      password: password,
+      title: title,
+      description: description
     });
 
     sessInfo.save(function (err) {
@@ -371,7 +435,7 @@ app.post('/generate_client_urls', function (req, res) {
       UserKey.where({session: body.session}).find(function (err, data) {
         if (err) {
           console.log(err);
-          res.status(500).send('Error getting user keys.');
+          res.status(500).send('Error getting participation codes.');
           return;
         }
 

shared/sail_hot.js

@@ -183,7 +183,12 @@ var renderer = function (instance, TD, row, col, prop, value, cellProperties) {
 
       }
 
-    } //else {
+    } else { // Remove tooltip if it was already initialized
+      if (element !== null && element.qtip('api') != null) {
+        element.qtip('api').destroy();
+      }
+    }
+    //else {
     //     // Prompt message with light-colored cell and tooltip.
     //     // Shows on initial table load and
     //     TD.style.background = '#ffffff';
@@ -249,6 +254,7 @@ var renderer = function (instance, TD, row, col, prop, value, cellProperties) {
   // Fallback if no jQuery - use comments.
   if (tooltip !== undefined && tooltip !== null && (typeof jQuery === 'undefined' || typeof jQuery().qtip === 'undefined')) {
     if (cellProperties.valid === false) cellProperties.comment = {"value": tooltip.errorTitle.toUpperCase() + ' - ' + tooltip.error};
+    else cellProperties.comment = null;
     //else cellProperties.comment = { "value": tooltip.promptTitle.toUpperCase() + ' - ' + tooltip.prompt };
   }
 

trusted/index.html

@@ -11,6 +11,9 @@
     #infoDiv {
         visibility: hidden;
     }
+    textarea {
+      width: 100%;
+    }
   </style>
 </head>
 <body>
@@ -30,15 +33,18 @@ <h1>Trusted Party<br/><small>Secure Session Creator</small></h1>
     <div>
       <h2>Instructions</h2>
       <p>
-        After generating a secure session, please keep the private key file named <b>Session_#######_private_key.pem</b>.
-        All secured data will be lost if the private key is lost. Also, do <b>not</b> share your private key. After clicking the
-        "Generate Session" button, email the <b>Session Key</b> to all participants. Once the data is collected from the
-        participants, with your private key, continue to the next step.
+        After generating a secure session, please keep the private key files named <b>Session_#######_private_key.pem</b> and <b>Session_#######_password.txt</b>.
+        All secured data will be lost if the private key is lost. Also, you will not be able to manage the session if you loose the password or session key.
+        Do <b>not</b> share your private key. Click on "Go To Live Data Page", enter the password, then generate and email links to the participants.
+        You can generate more links later. Once the data is collected from the participants, with your private key, continue to the next step.
       </p>
+
+      <textarea id="session-title" rows="1" placeholder="Title" maxlength="255"></textarea> <br/>
+      <textarea id="session-description" rows="10" placeholder="Description" maxlength="4096"></textarea>
     </div>
     <br/>
     <button class="btn btn-primary btn-lg" id="Generate"
-            onclick="generateSession('infoDiv','sessionID', 'passwordID', 'pubkeyID','privkeyID','linkID')">
+            onclick="generateSession('infoDiv','sessionID', 'passwordID', 'pubkeyID','privkeyID','linkID', 'session-title', 'session-description')">
       Generate Session
     </button>
       <div id="infoDiv">

trusted/script/generateSession.js

@@ -94,7 +94,10 @@ function fetchOldLinks(session, password, oldUrlsID, section) {
   });
 }
 
-function generateSession(hiddenDiv, sessionID, passwordID, pubID, privID, linkID) {
+function generateSession(hiddenDiv, sessionID, passwordID, pubID, privID, linkID, titleID, descriptionID) {
+  var title = document.getElementById(titleID).value;
+  var description = document.getElementById(descriptionID).value;
+
   document.getElementById(hiddenDiv).style.visibility = "visible";
   document.getElementById(sessionID).innerHTML = "Loading...";
   document.getElementById(passwordID).innerHTML = "Loading...";
@@ -131,7 +134,7 @@ function generateSession(hiddenDiv, sessionID, passwordID, pubID, privID, linkID
         type: "POST",
         url: "/create_session",
         contentType: "application/json",
-        data: JSON.stringify({publickey: publicKey}),
+        data: JSON.stringify({publickey: publicKey, title: title, description: description}),
         success: function (resp) {
           console.log(resp);
           var rndSess = resp.sessionID;

trusted/session_data.html

@@ -146,14 +146,14 @@ <h3>Previously Generated Links</h3>
 
       fetchOldLinks(session, password, "oldUrlsID", "oldUrlsSection");
       document.getElementById("gen_button").onclick = function () {
-        var count = document.getElementById(countID).value;
+        var count = document.getElementById("countID").value;
         count = parseInt(count);
-        
+
         if(isNaN(count)) { // fail gracefully
           alert("Please enter the number of desired links");
           return;
         }
-        
+
         generateUrls(session, password, 'urlsID', count);
       };