♻️ Simplified survey display

Pa-Touche · Pa-Touche · commit 445a46f563cd · 2026-05-06T16:11:39.000+02:00
diff --git a/sormas-backend/src/main/java/de/symeda/sormas/backend/patch/PatchFieldHelper.java b/sormas-backend/src/main/java/de/symeda/sormas/backend/patch/PatchFieldHelper.java
@@ -1,18 +1,21 @@
 package de.symeda.sormas.backend.patch;
 
 import java.util.Arrays;
+import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
 import javax.annotation.Nullable;
+import javax.ejb.EJB;
 import javax.enterprise.context.ApplicationScoped;
 import javax.inject.Inject;
 import javax.validation.constraints.NotNull;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import de.symeda.sormas.api.systemconfiguration.SystemConfigurationValueFacade;
 import de.symeda.sormas.api.utils.Tuple;
 import de.symeda.sormas.backend.patch.alias.PathAliasHelper;
 
@@ -30,13 +33,17 @@ public class PatchFieldHelper {
 	private static final String CLOSING_PARENTHESIS = ")";
 	private static final String PIPE = "|";
 
-	// might be more subtle: person.toto but also *.uuid (or uuid). includes approach ?
-	// TODO: must be twofold: enforced default fields : technical: uuid, user ... + custom config by admin
-	private Set<String> forbiddenFields = Set.of("Person.birthdate", "Person.birthdateDD", "Person.birthdateMM", "Person.birthdateYYYY");
+	public static final String PATCH_FORBIDDEN_FIELDS_CONFIG_KEY = "PATCH_FORBIDDEN_FIELDS";
+
+	private static final Set<String> DEFAULT_FORBIDDEN_FIELDS =
+		Set.of("Person.birthdate", "Person.birthdateDD", "Person.birthdateMM", "Person.birthdateYYYY");
 
 	@Inject
 	private PathAliasHelper pathAliasHelper;
 
+	@EJB
+	private SystemConfigurationValueFacade systemConfigurationValueFacade;
+
 	public PatchFieldHelper() {
 	}
 
@@ -78,7 +85,6 @@ public PathFailureCause checkIfPathIsInvalid(String path) {
 	private PathFailureCause checkIfPathIsInvalidImpl(String path, Set<String> additionalSupportedPrefixes) {
 		PathFailureCause dataPatchFailureCause = null;
 
-		// TODO: check it would be required to distinguish read / write: per example Immunization can be read and write but write does not reach this code.
 		if (!path.contains(PATH_SEPARATOR)) {
 			dataPatchFailureCause = PathFailureCause.INVALID_PATH_FORMAT;
 		} else if (!(startsWithAllowedPrefix(path) || pathStartsWithAllowedPrefix(path, additionalSupportedPrefixes))) {
@@ -97,7 +103,18 @@ public Tuple<String, PathFailureCause> resolveAlias(String pathWithPotentialAlia
 	}
 
 	private boolean fieldIsForbidden(String path) {
-		return forbiddenFields.contains(path);
+		Set<String> configured = resolveConfiguredForbiddenFields();
+		return configured.contains(path);
+	}
+
+	private Set<String> resolveConfiguredForbiddenFields() {
+		String configValue = systemConfigurationValueFacade != null
+			? systemConfigurationValueFacade.getValue(PATCH_FORBIDDEN_FIELDS_CONFIG_KEY)
+			: null;
+		return Optional.ofNullable(configValue)
+			.filter(v -> !v.isBlank())
+			.map(v -> Arrays.stream(v.split(",")).map(String::trim).filter(s -> !s.isEmpty()).collect(Collectors.toSet()))
+			.orElse(DEFAULT_FORBIDDEN_FIELDS);
 	}
 
 	private boolean startsWithAllowedPrefix(String path) {
diff --git a/sormas-ui/src/main/java/de/symeda/sormas/ui/survey/SurveyQuestionnaireWindow.java b/sormas-ui/src/main/java/de/symeda/sormas/ui/survey/SurveyQuestionnaireWindow.java
@@ -27,6 +27,7 @@
 import de.symeda.sormas.api.survey.SurveyTokenReferenceDto;
 import de.symeda.sormas.api.survey.external.views.ExternalSurveyView;
 import de.symeda.sormas.api.survey.external.views.QuestionAnswersView;
+import org.apache.commons.lang3.StringUtils;
 
 /**
  * Modal window displaying a survey questionnaire as a structured HTML view.
@@ -97,7 +98,7 @@ private void appendQuestion(StringBuilder sb, QuestionAnswersView q, int depth)
 			.append(indent)
 			.append(questionStyle)
 			.append("\">")
-			.append(escapeHtml(q.getQuestion()))
+			.append(q.getQuestion())
 			.append("</td>")
 			.append("<td style=\"padding:5px 8px;color:#555;\">")
 			.append(resolveAnswer(q))
@@ -113,19 +114,15 @@ private void appendQuestion(StringBuilder sb, QuestionAnswersView q, int depth)
 
 	private String resolveAnswer(QuestionAnswersView q) {
 		// Prefer human-readable answerText, fall back to raw answer
-		if (q.getAnswerText() != null && !q.getAnswerText().isEmpty()) {
-			return escapeHtml(q.getAnswerText());
+		String answerText = q.getAnswerText();
+		if (StringUtils.isNotBlank(answerText)) {
+			return answerText;
 		}
-		if (q.getAnswer() != null && !q.getAnswer().isEmpty()) {
-			return escapeHtml(q.getAnswer());
+		String answer = q.getAnswer();
+		if (StringUtils.isNotBlank(answer)) {
+			return answer;
 		}
-		return "<span style=\"color:#bbb;\">—</span>";
+		return "<span>—</span>";
 	}
 
-	private String escapeHtml(String text) {
-		if (text == null) {
-			return "";
-		}
-		return text.replace("&", "&amp;").replace("<", "&lt;").replace(">", "&gt;").replace("\"", "&quot;");
-	}
 }
