fix(backend): strip tags from labels

packages/backend/src/_common/decorators/StripTagsDecorator.ts

@@ -5,18 +5,23 @@ import {
 } from "class-transformer";
 
 import striptags from "striptags";
+import sanitizeHtml from "sanitize-html";
 
 export function StripTagsTransform(
   transformOptions?: TransformOptions
 ): (target: any, key: string) => void {
   return Transform((sourceData: TransformFnParams) => {
-    if ("string" !== typeof sourceData.value) {
+    if (typeof sourceData.value !== "string") {
       return null;
     }
-    if (sourceData.value.trim() === "") {
+
+    const trimmedValue = sourceData.value.trim();
+    if (trimmedValue === "") {
       return null;
     }
-    return striptags(sourceData.value)
+
+    const sanitized = sanitizeHtml(trimmedValue);
+    return striptags(sanitized)
       .replace(/[\\$~*<>{}]/gi, "")
       .replace(/\s+/g, " ")
       .trim();

packages/backend/src/usagers/dto/UploadUsagerDoc.dto.ts

@@ -1,6 +1,6 @@
 import { ApiProperty } from "@nestjs/swagger";
 import { IsNotEmpty, IsString, MaxLength } from "class-validator";
-import { Trim } from "../../_common/decorators";
+import { StripTagsTransform, Trim } from "../../_common/decorators";
 
 export class UploadUsagerDocDto {
   @ApiProperty({
@@ -12,6 +12,7 @@ export class UploadUsagerDocDto {
   @MaxLength(100)
   @IsString()
   @Trim()
+  @StripTagsTransform()
   public label!: string;
 
   @ApiProperty({ type: "string", format: "binary" })

packages/backend/src/usagers/dto/UsagerAyantDroitDto.ts

@@ -8,7 +8,7 @@ import {
 } from "class-validator";
 
 import { LIEN_PARENTE_LABELS, AyantDroiLienParent } from "@domifa/common";
-import { Trim } from "../../_common/decorators";
+import { StripTagsTransform, Trim } from "../../_common/decorators";
 
 export class UsagerAyantDroitDto {
   @ApiProperty({
@@ -19,6 +19,7 @@ export class UsagerAyantDroitDto {
   @IsNotEmpty()
   @MaxLength(200)
   @IsString()
+  @StripTagsTransform()
   @Trim()
   public nom!: string;
 
@@ -29,6 +30,7 @@ export class UsagerAyantDroitDto {
   })
   @IsNotEmpty()
   @MaxLength(200)
+  @StripTagsTransform()
   @IsString()
   @Trim()
   public prenom!: string;
@@ -40,6 +42,7 @@ export class UsagerAyantDroitDto {
   })
   @IsNotEmpty()
   @IsString()
+  @StripTagsTransform()
   @Trim()
   @IsIn(Object.keys(LIEN_PARENTE_LABELS))
   public lien!: AyantDroiLienParent;

packages/backend/src/usagers/dto/check-duplicate-usager-ref.dto.ts

@@ -1,12 +1,14 @@
 import { ApiProperty } from "@nestjs/swagger";
 import { IsNotEmpty, IsString, MaxLength } from "class-validator";
+import { StripTagsTransform } from "../../_common/decorators";
 
 export class CheckDuplicateUsagerRefDto {
   @ApiProperty({
     required: true,
   })
   @IsNotEmpty()
   @IsString()
+  @StripTagsTransform()
   @MaxLength(100)
   public customRef!: string;
 }

packages/backend/src/usagers/dto/search-usager.dto.ts

@@ -1,6 +1,10 @@
 import { ApiProperty } from "@nestjs/swagger";
 import { IsNotEmpty, IsString, MinLength } from "class-validator";
-import { LowerCaseTransform, Trim } from "../../_common/decorators";
+import {
+  LowerCaseTransform,
+  StripTagsTransform,
+  Trim,
+} from "../../_common/decorators";
 
 export class SearchUsagerDto {
   @ApiProperty({
@@ -11,6 +15,7 @@ export class SearchUsagerDto {
   @IsString()
   @Trim()
   @MinLength(3)
+  @StripTagsTransform()
   @LowerCaseTransform()
   public searchString!: string;
 }

packages/backend/src/usagers/dto/transfert.dto.ts

@@ -9,7 +9,7 @@ import {
 import { ApiProperty } from "@nestjs/swagger";
 import { Transform, TransformFnParams } from "class-transformer";
 
-import { Trim } from "../../_common/decorators";
+import { StripTagsTransform, Trim } from "../../_common/decorators";
 import { UsagerOptionsTransfert } from "@domifa/common";
 
 export class TransfertDto implements UsagerOptionsTransfert {
@@ -27,6 +27,7 @@ export class TransfertDto implements UsagerOptionsTransfert {
   @IsString()
   @MaxLength(200)
   @Trim()
+  @StripTagsTransform()
   public nom!: string;
 
   @ApiProperty({
@@ -37,6 +38,7 @@ export class TransfertDto implements UsagerOptionsTransfert {
   @IsString()
   @MaxLength(400)
   @MinLength(10)
+  @StripTagsTransform()
   @Trim()
   public adresse!: string;
 

packages/frontend/src/_common/model/structure-doc/constants/index.ts

@@ -1,4 +1,2 @@
 //@index('./*', f => `export * from '${f.path}'`)
 export * from "./DOCUMENT_EXTENSION_LABELS.const";
-export * from "../../../../app/modules/structures/constants/DOMIFA_CUSTOM_DOCS.const";
-export * from "../../../../app/modules/shared/components/display-table-image/STRUCTURE_DOC_ICONS.const";

packages/frontend/src/app/interceptors/server-error.interceptor.ts

@@ -38,8 +38,9 @@ export class ServerErrorInterceptor implements HttpInterceptor {
       getCurrentScope().setTag("structure", user?.structureId?.toString());
       getCurrentScope().setUser({
         email: user.email,
-        username:
-          "STRUCTURE " + user?.structureId?.toString() + " : " + user?.prenom,
+        username: `STRUCTURE ${user?.structureId?.toString()} : ${
+          user?.prenom
+        }`,
       });
     }
 
@@ -93,7 +94,7 @@ export class ServerErrorInterceptor implements HttpInterceptor {
   }
 
   private logError(request: HttpRequest<any>, error: HttpErrorResponse): void {
-    console.error(error.message, {
+    console.warn(error.message, {
       status: error.status,
       statusText: error.statusText,
       url: error.url,

packages/frontend/src/app/modules/admin-portail-usagers/components/manage-structure-information/manage-structure-information.component.ts

@@ -36,8 +36,6 @@ export class ManageStructureInformationComponent implements OnInit {
     this.loading = false;
     this.structureInformation = [];
     this.selectedStructureInformation = null;
-
-    console.log(STRUCTURE_INFORMATION_TYPES);
   }
 
   ngOnInit(): void {

packages/frontend/src/app/modules/general/general.module.ts

@@ -33,6 +33,7 @@ import { HelpModalComponent } from "./components/static-modals/help-modal/help-m
 import { RgaaComponent } from "./components/static-pages/rgaa/rgaa.component";
 import { LandingPagePortailComponent } from "./components/static-pages/landing-page-portail/landing-page-portail.component";
 import { HomeStatsComponent } from "../stats/components/home-stats/home-stats.component";
+import { FontAwesomeModule } from "@fortawesome/angular-fontawesome";
 
 @NgModule({
   declarations: [
@@ -73,6 +74,7 @@ import { HomeStatsComponent } from "../stats/components/home-stats/home-stats.co
     SharedModule,
     RouterModule.forChild([]),
     NgbModule,
+    FontAwesomeModule,
     HomeStatsComponent,
   ],
   providers: [GeneralService],

packages/frontend/src/app/modules/shared/components/display-table-image/display-table-image.component.html

@@ -1,14 +1,12 @@
 <span
-  class="doc-icon"
   aria-hidden="true"
-  [ngClass]="STRUCTURE_DOC_ICONS[document.filetype]"
+  [ngClass]="'doc-icon icon-' + STRUCTURE_DOC_ICONS[document.filetype].iconName"
 >
   <fa-icon
     aria-hidden="true"
     [icon]="STRUCTURE_DOC_ICONS[document.filetype]"
   ></fa-icon>
 </span>
-
 <span class="visually-hidden">
   {{ STRUCTURE_DOC_EXTENSIONS_LABELS[document.filetype] }}
 </span>

packages/frontend/src/app/modules/shared/components/display-table-image/display-table-image.component.scss

@@ -0,0 +1,21 @@
+.doc-icon {
+  padding: 0.4rem 1.2rem;
+  font-size: 2rem;
+  text-align: center;
+  border-radius: 6px;
+  display: inline-block;
+  background-color: #ecefff;
+}
+
+.icon-image {
+  color: #553828;
+}
+.icon-file-pdf {
+  color: #fe3b31;
+}
+.icon-file-word {
+  color: #017aff;
+}
+.icon-file-excel {
+  color: #33c75a;
+}

packages/frontend/src/app/modules/shared/components/display-table-image/display-table-image.component.spec.ts

@@ -1,10 +1,10 @@
 import { CUSTOM_ELEMENTS_SCHEMA, NO_ERRORS_SCHEMA } from "@angular/core";
 import { ComponentFixture, TestBed } from "@angular/core/testing";
-import { DOMIFA_CUSTOM_DOCS } from "../../../../../_common/model";
 
 import { DisplayTableImageComponent } from "./display-table-image.component";
 import { FontAwesomeModule } from "@fortawesome/angular-fontawesome";
 import { NgClass } from "@angular/common";
+import { DOMIFA_CUSTOM_DOCS } from "../../../structures/constants/DOMIFA_CUSTOM_DOCS.const";
 
 describe("DisplayTableImageComponent", () => {
   let component: DisplayTableImageComponent;

packages/frontend/src/app/modules/shared/components/display-table-image/display-table-image.component.ts

@@ -1,15 +1,23 @@
 import { Component, Input } from "@angular/core";
 
 import { StructureDoc, UsagerDoc } from "@domifa/common";
-import { STRUCTURE_DOC_ICONS } from "./STRUCTURE_DOC_ICONS.const";
+import { JsonPipe, NgClass } from "@angular/common";
+
 import { FontAwesomeModule } from "@fortawesome/angular-fontawesome";
-import { NgClass } from "@angular/common";
+import { IconDefinition } from "@fortawesome/fontawesome-svg-core";
+import {
+  faFileWord,
+  faImage,
+  faFileExcel,
+  faFilePdf,
+} from "@fortawesome/free-regular-svg-icons";
 
 @Component({
   selector: "app-display-table-image",
   templateUrl: "./display-table-image.component.html",
   standalone: true,
-  imports: [FontAwesomeModule, NgClass],
+  imports: [FontAwesomeModule, NgClass, JsonPipe],
+  styleUrl: "./display-table-image.component.scss",
 })
 export class DisplayTableImageComponent {
   @Input() public document!: UsagerDoc | StructureDoc;
@@ -29,5 +37,19 @@ export class DisplayTableImageComponent {
     "application/vnd.ms-excel": "Feuille de calcul Excel",
   };
 
-  public readonly STRUCTURE_DOC_ICONS = STRUCTURE_DOC_ICONS;
+  public readonly STRUCTURE_DOC_ICONS: {
+    [key: string]: IconDefinition;
+  } = {
+    "image/jpg": faImage,
+    "image/jpeg": faImage,
+    "image/png": faImage,
+    "application/pdf": faFilePdf,
+    "application/msword": faFileWord,
+    "application/vnd.openxmlformats-officedocument.wordprocessingml.document":
+      faFileWord,
+    "application/vnd.oasis.opendocument.text": faFileWord,
+    "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet":
+      faFileExcel,
+    "application/vnd.ms-excel": faFileExcel,
+  };
 }

packages/frontend/src/app/modules/shared/directives/clean-str.directive.ts

@@ -1,29 +1,30 @@
-import { Directive, ElementRef, HostListener } from "@angular/core";
+import { Directive, ElementRef, HostListener, Renderer2 } from "@angular/core";
 
 import { stringCleaner } from "../../../shared/string-cleaner.service";
+import { NgControl } from "@angular/forms";
 
 @Directive({
   selector: "[appCleanStr]",
 })
 export class CleanStrDirective {
-  constructor(private readonly el: ElementRef) {}
-
-  @HostListener("keypress", ["$event"])
-  public onKeyPress(event: KeyboardEvent) {
-    return this.validateFields(event);
-  }
+  constructor(
+    private readonly el: ElementRef,
+    private renderer: Renderer2,
+    private control: NgControl
+  ) {}
 
   @HostListener("paste", ["$event"])
-  public blockPaste(event: KeyboardEvent) {
-    this.validateFields(event);
-  }
-
-  public validateFields(event: KeyboardEvent) {
-    setTimeout(() => {
-      this.el.nativeElement.value = stringCleaner.cleanString(
-        this.el.nativeElement.value
-      );
-      event.preventDefault();
-    }, 10);
+  @HostListener("input", ["$event"])
+  @HostListener("keypress", ["$event"])
+  onInputChange(event: Event) {
+    const inputElement = event.target as HTMLInputElement;
+    const cleanedValue = stringCleaner.cleanString(inputElement.value);
+    this.renderer.setProperty(inputElement, "value", cleanedValue);
+    this.renderer.setProperty(this.el.nativeElement, "value", cleanedValue);
+    this.control.control.setValue(cleanedValue, { emitEvent: false });
+    this.control.control.updateValueAndValidity({
+      onlySelf: true,
+      emitEvent: false,
+    });
   }
 }

packages/frontend/src/app/modules/shared/shared.module.ts

@@ -23,6 +23,7 @@ import { DateFrDirective, CleanStrDirective } from "./directives";
     DateFrDirective,
     CleanStrDirective,
     CustomToastrComponent,
+    FontAwesomeModule,
   ],
   imports: [CommonModule, FontAwesomeModule],
   schemas: [CUSTOM_ELEMENTS_SCHEMA],

packages/frontend/src/app/modules/structures/components/structures-custom-docs/structures-custom-docs.component.ts

@@ -9,14 +9,12 @@ import { Title } from "@angular/platform-browser";
 import { NgbModal, NgbModalRef } from "@ng-bootstrap/ng-bootstrap";
 import { Subscription } from "rxjs";
 import { CustomToastService } from "src/app/modules/shared/services/custom-toast.service";
-import {
-  DOMIFA_CUSTOM_DOCS,
-  DEFAULT_MODAL_OPTIONS,
-} from "../../../../../_common/model";
+import { DEFAULT_MODAL_OPTIONS } from "../../../../../_common/model";
 
 import { AuthService } from "../../../shared/services/auth.service";
 import { StructureDocService } from "../../services/structure-doc.service";
 import { StructureDoc, UserStructure } from "@domifa/common";
+import { DOMIFA_CUSTOM_DOCS } from "../../constants/DOMIFA_CUSTOM_DOCS.const";
 
 @Component({
   selector: "app-structures-custom-docs",