From a4d639925e2cce3653d53efad100e25ff7832a08 Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Fri, 20 Nov 2020 20:56:26 -0500
Subject: [PATCH 1/8] Frontend changes: download link to validation report

---
 .../webapp/WEB-INF/jsp/validation-reports.jsp     | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
index 530d4f3c..d3663ac8 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
@@ -93,7 +93,10 @@
                     {
                         // TODO render a link to a device details page,
                         // passing the device.id
-                        data: 'device.name'
+                        data: 'device.name',
+                        render: function (data, type, full, meta) {
+                            return createDownloadLink(full);
+                        }
                     },
                     {
                         data: 'id',
@@ -126,6 +129,16 @@
                 dataTable.order([1, 'desc']).draw();    //order by createTime
             });
 
+            /**
+             * This method builds a url to download the device validation report.
+             */
+            function createDownloadLink(full) {
+                return full.device.name + '&nbsp;' +
+                '<a href="${portal}/validation-reports/download?id=' + full.device.name +
+                '"><img src="${icons}/ic_file_download_black_24dp.png" title="Download validation report">' +
+                '</a>';
+            }
+
             /**
              * Gets HTML to display (icon tag) for the specified validation type.
              * If a validation for the requested type is not found, an empty

From 18ec7d4a5b4a35af853075e4b56db33c4fae1792 Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Wed, 25 Nov 2020 13:11:17 -0500
Subject: [PATCH 2/8] Controller changes: Pull platform credential for device
 and parse info

---
 .../ValidationReportsPageController.java      | 33 ++++++++++++++++++-
 .../webapp/WEB-INF/jsp/validation-reports.jsp |  2 +-
 2 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index e95d4ca3..bdafe79d 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -6,6 +6,9 @@ import hirs.attestationca.portal.datatables.OrderedListQueryDataTableAdapter;
 import hirs.attestationca.portal.page.PageController;
 import hirs.attestationca.portal.page.params.NoPageParams;
 import hirs.data.persist.certificate.Certificate;
+import hirs.data.persist.certificate.PlatformCredential;
+import hirs.data.persist.certificate.attributes.ComponentIdentifier;
+import hirs.persist.CertificateManager;
 import org.apache.logging.log4j.Logger;
 import static org.apache.logging.log4j.LogManager.getLogger;
 import org.hibernate.Criteria;
@@ -16,6 +19,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
 
@@ -25,6 +29,10 @@ import hirs.data.persist.SupplyChainValidationSummary;
 import hirs.persist.CriteriaModifier;
 import hirs.persist.CrudManager;
 
+import javax.servlet.http.HttpServletResponse;
+import java.util.ArrayList;
+import java.util.UUID;
+
 /**
  * Controller for the Validation Reports page.
  */
@@ -33,6 +41,7 @@ import hirs.persist.CrudManager;
 public class ValidationReportsPageController extends PageController<NoPageParams> {
 
     private final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager;
+    private final CertificateManager certificateManager;
 
     private static final Logger LOGGER = getLogger(ValidationReportsPageController.class);
 
@@ -42,9 +51,11 @@ public class ValidationReportsPageController extends PageController<NoPageParams
      */
     @Autowired
     public ValidationReportsPageController(
-            final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager) {
+            final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager,
+            final CertificateManager certificateManager) {
         super(VALIDATION_REPORTS);
         this.supplyChainValidatorSummaryManager = supplyChainValidatorSummaryManager;
+        this.certificateManager = certificateManager;
     }
 
     /**
@@ -97,4 +108,24 @@ public class ValidationReportsPageController extends PageController<NoPageParams
 
         return new DataTableResponse<>(records, input);
     }
+
+    @RequestMapping(value = "download", method = RequestMethod.GET)
+    public void download(@RequestParam final String id,
+                         final HttpServletResponse response) {
+        LOGGER.info("Downloading validation report for " + id);
+        UUID uuid = UUID.fromString(id);
+        PlatformCredential pc = PlatformCredential.select(certificateManager).byDeviceId(uuid).getCertificate();
+        LOGGER.info("Verified manufacturer: " + pc.getManufacturer());
+        LOGGER.info("Model: " + pc.getModel());
+        LOGGER.info("SN: " + pc.getChassisSerialNumber());
+        LOGGER.info("Verification date: " + pc.getBeginValidity());
+        if (pc.getComponentIdentifiers() != null &&
+                pc.getComponentIdentifiers().size() > 0) {
+            for (ComponentIdentifier ci : pc.getComponentIdentifiers()) {
+                LOGGER.info("Manufacturer ID: " + ci.getComponentManufacturerId().toString() +
+                        "\nModel: " + ci.getComponentModel().getString() +
+                        "\nRevision: " + ci.getComponentRevision().getString());
+            }
+        }
+    }
 }
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
index d3663ac8..ce09ed94 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
@@ -134,7 +134,7 @@
              */
             function createDownloadLink(full) {
                 return full.device.name + '&nbsp;' +
-                '<a href="${portal}/validation-reports/download?id=' + full.device.name +
+                '<a href="${portal}/validation-reports/download?id=' + full.device.id +
                 '"><img src="${icons}/ic_file_download_black_24dp.png" title="Download validation report">' +
                 '</a>';
             }

From bb6cbfe87174038198ee0e84feecc04b30b011d8 Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Mon, 7 Dec 2020 16:31:26 -0500
Subject: [PATCH 3/8] Front end change: display modal dialog for user input on
 download link click.

---
 .../ValidationReportsPageController.java      | 18 +++++++---
 .../webapp/WEB-INF/jsp/validation-reports.jsp | 33 ++++++++++++++++---
 .../webapp/WEB-INF/tags/download-info.tag     | 14 ++++++++
 3 files changed, 57 insertions(+), 8 deletions(-)
 create mode 100644 HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/tags/download-info.tag

diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index bdafe79d..c1548f77 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -29,8 +29,9 @@ import hirs.data.persist.SupplyChainValidationSummary;
 import hirs.persist.CriteriaModifier;
 import hirs.persist.CrudManager;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.util.ArrayList;
+import java.util.Enumeration;
 import java.util.UUID;
 
 /**
@@ -109,10 +110,17 @@ public class ValidationReportsPageController extends PageController<NoPageParams
         return new DataTableResponse<>(records, input);
     }
 
-    @RequestMapping(value = "download", method = RequestMethod.GET)
+    @RequestMapping(value = "download", method = RequestMethod.POST)
     public void download(@RequestParam final String id,
+                         final HttpServletRequest request,
                          final HttpServletResponse response) {
+
         LOGGER.info("Downloading validation report for " + id);
+        Enumeration parameters = request.getParameterNames();
+        while (parameters.hasMoreElements()) {
+            String parameter = (String) parameters.nextElement();
+            LOGGER.info(parameter + ": " + request.getParameter(parameter));
+        }
         UUID uuid = UUID.fromString(id);
         PlatformCredential pc = PlatformCredential.select(certificateManager).byDeviceId(uuid).getCertificate();
         LOGGER.info("Verified manufacturer: " + pc.getManufacturer());
@@ -122,8 +130,10 @@ public class ValidationReportsPageController extends PageController<NoPageParams
         if (pc.getComponentIdentifiers() != null &&
                 pc.getComponentIdentifiers().size() > 0) {
             for (ComponentIdentifier ci : pc.getComponentIdentifiers()) {
-                LOGGER.info("Manufacturer ID: " + ci.getComponentManufacturerId().toString() +
-                        "\nModel: " + ci.getComponentModel().getString() +
+                if (ci.getComponentManufacturerId() != null) {
+                    LOGGER.info("Manufacturer ID: " + ci.getComponentManufacturerId().toString());
+                }
+                LOGGER.info("\nModel: " + ci.getComponentModel().getString() +
                         "\nRevision: " + ci.getComponentRevision().getString());
             }
         }
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
index ce09ed94..85ffeda2 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
@@ -133,10 +133,35 @@
              * This method builds a url to download the device validation report.
              */
             function createDownloadLink(full) {
-                return full.device.name + '&nbsp;' +
-                '<a href="${portal}/validation-reports/download?id=' + full.device.id +
-                '"><img src="${icons}/ic_file_download_black_24dp.png" title="Download validation report">' +
-                '</a>';
+                var device = full.device;
+                var html = '<form method="POST" action="${portal}/validation-reports/download?id=' + device.id + '">' +
+                                device.name +
+                                '<a href="#downloadValidationReport" data-toggle="modal" title="Download Validation Report">' +
+                                    '<img src="${icons}/ic_file_download_black_24dp.png"/>' +
+                                '</a>' +
+                                '<div id="downloadValidationReport" class="modal fade" role="dialog" style="top:30%">' +
+                                    '<div class="modal-dialog">' +
+                                        '<div class="modal-content">' +
+                                            '<div class="modal-header">' +
+                                                '<h1 id="modal-title">Download Validation Report</h1>' +
+                                            '</div>' +
+                                            '<div class="modal-body">' +
+                                                '<label>Company<input id="company" type="text" name="company" /></label>' +
+                                                '<label>Contract #<input id="contract" type="text" name="contract" /></label>' +
+                                                '<label>Date range end<input id="date" type="text" name="date" /></label>' +
+                                            '</div>' +
+                                            '<div class="modal-footer">' +
+                                                '<div class="modal-custom-buttons">' +
+
+                                                '</div>' +
+                                                '<button class="btn btn-secondary" data-dismiss="modal">Cancel</button>' +
+                                                '<input class="btn btn-primary" type="submit" value="Save">' +
+                                            '</div>' +
+                                        '</div>' +
+                                    '</div>' +
+                                '</div>' +
+                            '</form>';
+                return html;
             }
 
             /**
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/tags/download-info.tag b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/tags/download-info.tag
new file mode 100644
index 00000000..f14e33e0
--- /dev/null
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/tags/download-info.tag
@@ -0,0 +1,14 @@
+<%@tag description="download icon that opens modal dialog with form" pageEncoding="UTF-8"%>
+
+<%@attribute name="id"%>
+<%@attribute name="label"%>
+<%@attribute name="customButtons" fragment="true" required="false"%>
+
+<%@ taglib prefix="my" tagdir="/WEB-INF/tags" %>
+
+<a href="#${id}" data-toggle="modal" title="${label}">
+    <img src="${icons}/ic_file_download_black_24dp.png"/>
+</a>
+<my:modal id="${id}" label="${label}" customButtons="${customButtons}">
+    <jsp:doBody/>
+</my:modal>
\ No newline at end of file

From 3cd9e06f97b2dbb74b6a482df18c2bc49247f7bc Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Wed, 23 Dec 2020 10:08:25 -0500
Subject: [PATCH 4/8] Add user input fields to modal dialog. Handle user input,
 collect device report data, and write to local file.

---
 .../ValidationReportsPageController.java      | 72 ++++++++++++++++---
 .../webapp/WEB-INF/jsp/validation-reports.jsp |  6 +-
 2 files changed, 69 insertions(+), 9 deletions(-)

diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index c1548f77..039f50bb 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -8,6 +8,7 @@ import hirs.attestationca.portal.page.params.NoPageParams;
 import hirs.data.persist.certificate.Certificate;
 import hirs.data.persist.certificate.PlatformCredential;
 import hirs.data.persist.certificate.attributes.ComponentIdentifier;
+import hirs.data.persist.certificate.attributes.V2.ComponentIdentifierV2;
 import hirs.persist.CertificateManager;
 import org.apache.logging.log4j.Logger;
 import static org.apache.logging.log4j.LogManager.getLogger;
@@ -31,6 +32,9 @@ import hirs.persist.CrudManager;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedWriter;
+import java.io.IOException;
+import java.io.OutputStreamWriter;
 import java.util.Enumeration;
 import java.util.UUID;
 
@@ -49,6 +53,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
     /**
      * Constructor providing the Page's display and routing specification.
      * @param supplyChainValidatorSummaryManager the manager
+     * @param certificateManager the certificate manager
      */
     @Autowired
     public ValidationReportsPageController(
@@ -110,32 +115,83 @@ public class ValidationReportsPageController extends PageController<NoPageParams
         return new DataTableResponse<>(records, input);
     }
 
+    /**
+     * This method handles downloading a validation report. The report will contain the
+     * following data:
+     * - Company devices where shipped from
+     * - Contract#
+     * - Report for Date range (default to current date)
+     * -Verified Manufacturer is the Platform Vendor
+     * - Model is the Platform Model
+     * - SN is the Chassis SN
+     * - Verification Data is the not before time on the Attestation Certificate
+     * - Component Status column is 8 component classes names listed above
+     * (Component Status data is taken from the pass/fail status of the report summary)
+     * - Device Status is the overall pass/fail of the report summary
+     * @param id of the validated device
+     * @param deviceName name of the validated device
+     * @param request object
+     * @param response object
+     * @throws IOException thrown by BufferedWriter object
+     */
     @RequestMapping(value = "download", method = RequestMethod.POST)
     public void download(@RequestParam final String id,
+                         @RequestParam final String deviceName,
                          final HttpServletRequest request,
-                         final HttpServletResponse response) {
+                         final HttpServletResponse response) throws IOException {
 
         LOGGER.info("Downloading validation report for " + id);
+        response.setHeader("Content-Type", "text/plain");
+        response.setHeader("Content-Disposition",
+                "attachment;filename=\"" + deviceName + "_validation_report.txt\"");
+        BufferedWriter bufferedWriter = new BufferedWriter(
+                new OutputStreamWriter(response.getOutputStream(), "UTF-8"));
         Enumeration parameters = request.getParameterNames();
         while (parameters.hasMoreElements()) {
             String parameter = (String) parameters.nextElement();
+            bufferedWriter.append(parameter + ": " + request.getParameter(parameter) + "\n");
             LOGGER.info(parameter + ": " + request.getParameter(parameter));
         }
+//        String columnHeaders = "Company, Contract Number, Date Range, Verified Manufacturer, "
+//                + "Model, SN, Verification Date, Component Statuses, Device Status";
+//        bufferedWriter.append(columnHeaders + "\n");
+//        LOGGER.info(columnHeaders);
         UUID uuid = UUID.fromString(id);
-        PlatformCredential pc = PlatformCredential.select(certificateManager).byDeviceId(uuid).getCertificate();
+        PlatformCredential pc = PlatformCredential.select(certificateManager)
+                                            .byDeviceId(uuid).getCertificate();
+        bufferedWriter.append("Verified manufacturer: " + pc.getManufacturer() + "\n");
+        bufferedWriter.append("Model: " + pc.getModel() + "\n");
+        bufferedWriter.append("SN: " + pc.getChassisSerialNumber() + "\n");
+        bufferedWriter.append("Verification date: " + pc.getBeginValidity() + "\n");
         LOGGER.info("Verified manufacturer: " + pc.getManufacturer());
         LOGGER.info("Model: " + pc.getModel());
         LOGGER.info("SN: " + pc.getChassisSerialNumber());
         LOGGER.info("Verification date: " + pc.getBeginValidity());
-        if (pc.getComponentIdentifiers() != null &&
-                pc.getComponentIdentifiers().size() > 0) {
+        if (pc.getComponentIdentifiers() != null
+                && pc.getComponentIdentifiers().size() > 0) {
             for (ComponentIdentifier ci : pc.getComponentIdentifiers()) {
-                if (ci.getComponentManufacturerId() != null) {
-                    LOGGER.info("Manufacturer ID: " + ci.getComponentManufacturerId().toString());
+                if (ci instanceof ComponentIdentifierV2) {
+                    bufferedWriter.append(((ComponentIdentifierV2) ci).getComponentClass()
+                            + "\nComponent status: "
+                                + ((ComponentIdentifierV2) ci).getAttributeStatus() + "\n");
+                    LOGGER.info(((ComponentIdentifierV2) ci).getComponentClass()
+                            + "\nComponent status: "
+                                + ((ComponentIdentifierV2) ci).getAttributeStatus());
+                } else {
+                    bufferedWriter.append("Platform Components" + "\n");
+                    LOGGER.info("Platform Components");
                 }
-                LOGGER.info("\nModel: " + ci.getComponentModel().getString() +
-                        "\nRevision: " + ci.getComponentRevision().getString());
+                bufferedWriter.append("Component manufacturer : "
+                            + ci.getComponentManufacturer().getString()
+                        + "\nComponent model: " + ci.getComponentModel().getString()
+                        + "\nComponent revision: " + ci.getComponentRevision().getString() + "\n");
+                LOGGER.info("Component manufacturer : "
+                            + ci.getComponentManufacturer().getString()
+                        + "\nComponent model: " + ci.getComponentModel().getString()
+                        + "\nComponent revision: " + ci.getComponentRevision().getString());
             }
         }
+
+        bufferedWriter.flush();
     }
 }
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
index 85ffeda2..f811c998 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
@@ -134,7 +134,9 @@
              */
             function createDownloadLink(full) {
                 var device = full.device;
-                var html = '<form method="POST" action="${portal}/validation-reports/download?id=' + device.id + '">' +
+                var deviceStatus = full.overallValidationResult;
+                var html = '<form method="POST" action="${portal}/validation-reports/download?id=' + device.id +
+                            '&deviceName=' + device.name + '">' +
                                 device.name +
                                 '<a href="#downloadValidationReport" data-toggle="modal" title="Download Validation Report">' +
                                     '<img src="${icons}/ic_file_download_black_24dp.png"/>' +
@@ -149,6 +151,8 @@
                                                 '<label>Company<input id="company" type="text" name="company" /></label>' +
                                                 '<label>Contract #<input id="contract" type="text" name="contract" /></label>' +
                                                 '<label>Date range end<input id="date" type="text" name="date" /></label>' +
+                                                '<input id="deviceStatus" type="hidden" name="deviceStatus" value="' +
+                                                    deviceStatus + '" />' +
                                             '</div>' +
                                             '<div class="modal-footer">' +
                                                 '<div class="modal-custom-buttons">' +

From 4acfbf3026182c8babe1390c77392b9e3b5503fd Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Thu, 14 Jan 2021 08:22:11 -0500
Subject: [PATCH 5/8] Single download link for the entire page. Added date
 range begin and end fields. Pass timestamp to controller to filter reports.
 Format file in CSV.

---
 .../ValidationReportsPageController.java      | 170 ++++++++++++------
 .../webapp/WEB-INF/jsp/validation-reports.jsp |  82 +++++----
 2 files changed, 158 insertions(+), 94 deletions(-)

diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index 039f50bb..c5d07cdc 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -10,6 +10,7 @@ import hirs.data.persist.certificate.PlatformCredential;
 import hirs.data.persist.certificate.attributes.ComponentIdentifier;
 import hirs.data.persist.certificate.attributes.V2.ComponentIdentifierV2;
 import hirs.persist.CertificateManager;
+import hirs.persist.DeviceManager;
 import org.apache.logging.log4j.Logger;
 import static org.apache.logging.log4j.LogManager.getLogger;
 import org.hibernate.Criteria;
@@ -20,7 +21,6 @@ import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
 
@@ -35,6 +35,10 @@ import javax.servlet.http.HttpServletResponse;
 import java.io.BufferedWriter;
 import java.io.IOException;
 import java.io.OutputStreamWriter;
+import java.time.LocalDate;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.ArrayList;
 import java.util.Enumeration;
 import java.util.UUID;
 
@@ -47,21 +51,26 @@ public class ValidationReportsPageController extends PageController<NoPageParams
 
     private final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager;
     private final CertificateManager certificateManager;
+    private final DeviceManager deviceManager;
 
     private static final Logger LOGGER = getLogger(ValidationReportsPageController.class);
+    private static final String DEFAULT_COMPANY = "AllDevices";
 
     /**
      * Constructor providing the Page's display and routing specification.
      * @param supplyChainValidatorSummaryManager the manager
      * @param certificateManager the certificate manager
+     * @param deviceManager the device manager
      */
     @Autowired
     public ValidationReportsPageController(
             final CrudManager<SupplyChainValidationSummary> supplyChainValidatorSummaryManager,
-            final CertificateManager certificateManager) {
+            final CertificateManager certificateManager,
+            final DeviceManager deviceManager) {
         super(VALIDATION_REPORTS);
         this.supplyChainValidatorSummaryManager = supplyChainValidatorSummaryManager;
         this.certificateManager = certificateManager;
+        this.deviceManager = deviceManager;
     }
 
     /**
@@ -128,70 +137,127 @@ public class ValidationReportsPageController extends PageController<NoPageParams
      * - Component Status column is 8 component classes names listed above
      * (Component Status data is taken from the pass/fail status of the report summary)
      * - Device Status is the overall pass/fail of the report summary
-     * @param id of the validated device
-     * @param deviceName name of the validated device
      * @param request object
      * @param response object
      * @throws IOException thrown by BufferedWriter object
      */
     @RequestMapping(value = "download", method = RequestMethod.POST)
-    public void download(@RequestParam final String id,
-                         @RequestParam final String deviceName,
-                         final HttpServletRequest request,
+    public void download(final HttpServletRequest request,
                          final HttpServletResponse response) throws IOException {
 
-        LOGGER.info("Downloading validation report for " + id);
-        response.setHeader("Content-Type", "text/plain");
-        response.setHeader("Content-Disposition",
-                "attachment;filename=\"" + deviceName + "_validation_report.txt\"");
-        BufferedWriter bufferedWriter = new BufferedWriter(
-                new OutputStreamWriter(response.getOutputStream(), "UTF-8"));
+        LOGGER.info("Downloading validation report");
+        String company = "";
+        String contractNumber = "";
+        DateTimeFormatter dateFormat = DateTimeFormatter.ofPattern("MM/dd/uuuu");
+        DateTimeFormatter dateTimeFormat = DateTimeFormatter.ofPattern("uuuu-MM-dd HH:mm:ss");
+        LocalDate startDate = null;
+        LocalDate endDate = null;
+        ArrayList<LocalDate> createTimes = new ArrayList<LocalDate>();
+        String[] deviceNames = new String[]{};
         Enumeration parameters = request.getParameterNames();
         while (parameters.hasMoreElements()) {
             String parameter = (String) parameters.nextElement();
-            bufferedWriter.append(parameter + ": " + request.getParameter(parameter) + "\n");
-            LOGGER.info(parameter + ": " + request.getParameter(parameter));
+            String parameterValue = request.getParameter(parameter);
+            switch (parameter) {
+                case "company":
+                    company = parameterValue;
+                    break;
+                case "contract":
+                    contractNumber = parameterValue;
+                    break;
+                case "dateStart":
+                    if (parameterValue != null && !parameterValue.isEmpty()) {
+                        startDate = LocalDate.parse(parameterValue, dateFormat);
+                    }
+                    break;
+                case "dateEnd":
+                    if (parameterValue != null && !parameterValue.isEmpty()) {
+                        endDate = LocalDate.parse(parameterValue, dateFormat);
+                    }
+                    break;
+                case "createTimes":
+                    String[] timestamps = parameterValue.split(",");
+                    for (String timestamp : timestamps) {
+                        createTimes.add(LocalDateTime.parse(timestamp,
+                                dateTimeFormat).toLocalDate());
+                        LOGGER.info("Create time added: "
+                                + createTimes.get(createTimes.size() - 1));
+                    }
+                    break;
+                case "deviceNames":
+                    deviceNames = parameterValue.split(",");
+                    break;
+                default:
+            }
+            LOGGER.info(parameter + ": " + parameterValue);
         }
-//        String columnHeaders = "Company, Contract Number, Date Range, Verified Manufacturer, "
-//                + "Model, SN, Verification Date, Component Statuses, Device Status";
-//        bufferedWriter.append(columnHeaders + "\n");
-//        LOGGER.info(columnHeaders);
-        UUID uuid = UUID.fromString(id);
-        PlatformCredential pc = PlatformCredential.select(certificateManager)
-                                            .byDeviceId(uuid).getCertificate();
-        bufferedWriter.append("Verified manufacturer: " + pc.getManufacturer() + "\n");
-        bufferedWriter.append("Model: " + pc.getModel() + "\n");
-        bufferedWriter.append("SN: " + pc.getChassisSerialNumber() + "\n");
-        bufferedWriter.append("Verification date: " + pc.getBeginValidity() + "\n");
-        LOGGER.info("Verified manufacturer: " + pc.getManufacturer());
-        LOGGER.info("Model: " + pc.getModel());
-        LOGGER.info("SN: " + pc.getChassisSerialNumber());
-        LOGGER.info("Verification date: " + pc.getBeginValidity());
-        if (pc.getComponentIdentifiers() != null
-                && pc.getComponentIdentifiers().size() > 0) {
-            for (ComponentIdentifier ci : pc.getComponentIdentifiers()) {
-                if (ci instanceof ComponentIdentifierV2) {
-                    bufferedWriter.append(((ComponentIdentifierV2) ci).getComponentClass()
-                            + "\nComponent status: "
-                                + ((ComponentIdentifierV2) ci).getAttributeStatus() + "\n");
-                    LOGGER.info(((ComponentIdentifierV2) ci).getComponentClass()
-                            + "\nComponent status: "
-                                + ((ComponentIdentifierV2) ci).getAttributeStatus());
-                } else {
-                    bufferedWriter.append("Platform Components" + "\n");
-                    LOGGER.info("Platform Components");
+        if (company.equals("")) {
+            company = DEFAULT_COMPANY;
+        }
+        if (contractNumber.equals("")) {
+            contractNumber = "none";
+        }
+        if (startDate == null) {
+            startDate = LocalDate.ofEpochDay(0);
+        }
+        if (endDate == null) {
+            endDate = LocalDate.now();
+        }
+        LOGGER.info("Start date: " + startDate.toString() + ", end date: " + endDate.toString());
+
+        response.setHeader("Content-Type", "text/csv");
+        response.setHeader("Content-Disposition",
+                "attachment;filename=\"validation_report.csv\"");
+        BufferedWriter bufferedWriter = new BufferedWriter(
+                new OutputStreamWriter(response.getOutputStream(), "UTF-8"));
+        String columnHeaders = "Verified Manufacturer, "
+                + "Model, SN, Verification Date, Component Statuses, Device Status";
+        bufferedWriter.append("Contract number: " + contractNumber + "\n");
+        bufferedWriter.append(columnHeaders + "\n");
+        LOGGER.info(columnHeaders);
+        for (int i = 0; i < deviceNames.length; i++) {
+            if ((createTimes.get(i).isAfter(startDate) || createTimes.get(i).isEqual(startDate))
+                    && (createTimes.get(i).isBefore(endDate)
+                        || createTimes.get(i).isEqual(endDate))) {
+                UUID deviceId = deviceManager.getDevice(deviceNames[i]).getId();
+                LOGGER.info(deviceId);
+                PlatformCredential pc = PlatformCredential.select(certificateManager)
+                        .byDeviceId(deviceId).getCertificate();
+                LOGGER.info("Found platform credential: " + pc.toString());
+                bufferedWriter.append(pc.getManufacturer() + ","
+                        + pc.getModel() + ","
+                        + pc.getChassisSerialNumber() + ","
+                        + pc.getBeginValidity() + ",");
+                LOGGER.info("Verified manufacturer: " + pc.getManufacturer());
+                LOGGER.info("Model: " + pc.getModel());
+                LOGGER.info("SN: " + pc.getChassisSerialNumber());
+                LOGGER.info("Verification date: " + pc.getBeginValidity());
+                if (pc.getComponentIdentifiers() != null
+                        && pc.getComponentIdentifiers().size() > 0) {
+                    String attributeStatuses = "";
+                    for (ComponentIdentifier ci : pc.getComponentIdentifiers()) {
+                        if (ci instanceof ComponentIdentifierV2) {
+                            attributeStatuses += ((ComponentIdentifierV2) ci)
+                                    .getAttributeStatus() + ",";
+                            LOGGER.info(((ComponentIdentifierV2) ci).getComponentClass()
+                                    + "\nComponent status: "
+                                    + ((ComponentIdentifierV2) ci).getAttributeStatus());
+                        } else {
+                            //("Platform Components" + "\n");
+                            LOGGER.info("\nPlatform Components");
+                        }
+                        LOGGER.info("Component manufacturer : "
+                                + ci.getComponentManufacturer().getString()
+                                + "\nComponent model: " + ci.getComponentModel().getString()
+                                + "\nComponent revision: " + ci.getComponentRevision().getString());
+                    }
+                    attributeStatuses = attributeStatuses.substring(0,
+                            attributeStatuses.length() - 1);
+                    bufferedWriter.append("(" + attributeStatuses + "),");
                 }
-                bufferedWriter.append("Component manufacturer : "
-                            + ci.getComponentManufacturer().getString()
-                        + "\nComponent model: " + ci.getComponentModel().getString()
-                        + "\nComponent revision: " + ci.getComponentRevision().getString() + "\n");
-                LOGGER.info("Component manufacturer : "
-                            + ci.getComponentManufacturer().getString()
-                        + "\nComponent model: " + ci.getComponentModel().getString()
-                        + "\nComponent revision: " + ci.getComponentRevision().getString());
+                bufferedWriter.append("" + pc.getDevice().getSupplyChainStatus() + "\n");
             }
         }
-
         bufferedWriter.flush();
     }
 }
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
index f811c998..71d40b36 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
@@ -25,6 +25,17 @@
         <c:set var="errorText" value="Validation Error"/>
         <c:set var="unknownText" value="Unknown Validation Status"/>
 
+        <form:form id="download" method="POST" action="${portal}/validation-reports/download">
+            Download Validation Reports
+            <my:download-info id="validationReportsDownload" label="Download Validation Reports">
+                <label>Company<input id="company" type="text" name="company" /></label>
+                <label>Contract #<input id="contract" type="text" name="contract" /></label>
+                <br>
+                <label>Date range start (mm/dd/yyyy)<input id="dateStart" type="text" name="dateStart" /></label>
+                <label>Date range end (mm/dd/yyyy)<input id="dateEnd" type="text" name="dateEnd" /></label>
+            </my:download-info>
+        </form:form>
+
         <div class="aca-data-table">
             <table id="reportTable" class="display" width="100%">
                 <thead>
@@ -93,10 +104,7 @@
                     {
                         // TODO render a link to a device details page,
                         // passing the device.id
-                        data: 'device.name',
-                        render: function (data, type, full, meta) {
-                            return createDownloadLink(full);
-                        }
+                        data: 'device.name'
                     },
                     {
                         data: 'id',
@@ -129,44 +137,34 @@
                 dataTable.order([1, 'desc']).draw();    //order by createTime
             });
 
-            /**
-             * This method builds a url to download the device validation report.
-             */
-            function createDownloadLink(full) {
-                var device = full.device;
-                var deviceStatus = full.overallValidationResult;
-                var html = '<form method="POST" action="${portal}/validation-reports/download?id=' + device.id +
-                            '&deviceName=' + device.name + '">' +
-                                device.name +
-                                '<a href="#downloadValidationReport" data-toggle="modal" title="Download Validation Report">' +
-                                    '<img src="${icons}/ic_file_download_black_24dp.png"/>' +
-                                '</a>' +
-                                '<div id="downloadValidationReport" class="modal fade" role="dialog" style="top:30%">' +
-                                    '<div class="modal-dialog">' +
-                                        '<div class="modal-content">' +
-                                            '<div class="modal-header">' +
-                                                '<h1 id="modal-title">Download Validation Report</h1>' +
-                                            '</div>' +
-                                            '<div class="modal-body">' +
-                                                '<label>Company<input id="company" type="text" name="company" /></label>' +
-                                                '<label>Contract #<input id="contract" type="text" name="contract" /></label>' +
-                                                '<label>Date range end<input id="date" type="text" name="date" /></label>' +
-                                                '<input id="deviceStatus" type="hidden" name="deviceStatus" value="' +
-                                                    deviceStatus + '" />' +
-                                            '</div>' +
-                                            '<div class="modal-footer">' +
-                                                '<div class="modal-custom-buttons">' +
-
-                                                '</div>' +
-                                                '<button class="btn btn-secondary" data-dismiss="modal">Cancel</button>' +
-                                                '<input class="btn btn-primary" type="submit" value="Save">' +
-                                            '</div>' +
-                                        '</div>' +
-                                    '</div>' +
-                                '</div>' +
-                            '</form>';
-                return html;
-            }
+            $("#download").submit(function(e) {
+                var tableLength = $("#reportTable").rows;
+                var createTimes = "";
+                var deviceNames = "";
+                $('#reportTable tr').not('thead tr').each(function() {
+                    createTimes += $(this).find("td").eq(1).html() + ",";
+                    deviceNames += $(this).find("td").eq(2).html() + ",";
+                });
+                createTimes = createTimes.substring(0, createTimes.length - 1);
+                deviceNames = deviceNames.substring(0, deviceNames.length - 1);
+                var params = [
+                                {
+                                    name: 'createTimes',
+                                    value: createTimes
+                                },
+                                {
+                                    name: 'deviceNames',
+                                    value: deviceNames
+                                }
+                            ];
+                $(this).append($.map(params, function(param) {
+                    return $('<input>', {
+                        type: 'hidden',
+                        name: param.name,
+                        value: param.value
+                    });
+                }));
+            });
 
             /**
              * Gets HTML to display (icon tag) for the specified validation type.

From 177e307a177f4c11cdb949c13d9038e082f2292c Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Mon, 25 Jan 2021 17:00:45 -0500
Subject: [PATCH 6/8] Add input formatting and validation to client and server
 side. Close dialog box on submission.

---
 .../ValidationReportsPageController.java      | 61 +++++++++++--------
 .../webapp/WEB-INF/jsp/validation-reports.jsp | 14 +++--
 2 files changed, 44 insertions(+), 31 deletions(-)

diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index c5d07cdc..a80b7a17 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -41,6 +41,8 @@ import java.time.format.DateTimeFormatter;
 import java.util.ArrayList;
 import java.util.Enumeration;
 import java.util.UUID;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 /**
  * Controller for the Validation Reports page.
@@ -55,6 +57,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
 
     private static final Logger LOGGER = getLogger(ValidationReportsPageController.class);
     private static final String DEFAULT_COMPANY = "AllDevices";
+    private static final String UNDEFINED = "undefined";
 
     /**
      * Constructor providing the Page's display and routing specification.
@@ -148,7 +151,8 @@ public class ValidationReportsPageController extends PageController<NoPageParams
         LOGGER.info("Downloading validation report");
         String company = "";
         String contractNumber = "";
-        DateTimeFormatter dateFormat = DateTimeFormatter.ofPattern("MM/dd/uuuu");
+        Pattern pattern = Pattern.compile("[A-Za-z0-9\\s]*");
+        DateTimeFormatter dateFormat = DateTimeFormatter.ofPattern("uuuu-MM-dd");
         DateTimeFormatter dateTimeFormat = DateTimeFormatter.ofPattern("uuuu-MM-dd HH:mm:ss");
         LocalDate startDate = null;
         LocalDate endDate = null;
@@ -158,56 +162,59 @@ public class ValidationReportsPageController extends PageController<NoPageParams
         while (parameters.hasMoreElements()) {
             String parameter = (String) parameters.nextElement();
             String parameterValue = request.getParameter(parameter);
+            LOGGER.info(parameter + ": " + parameterValue);
             switch (parameter) {
                 case "company":
-                    company = parameterValue;
+                    Matcher companyMatcher = pattern.matcher(parameterValue);
+                    if (companyMatcher.matches()) {
+                        company = parameterValue;
+                    } else {
+                        company = DEFAULT_COMPANY;
+                    }
                     break;
                 case "contract":
-                    contractNumber = parameterValue;
+                    Matcher contractMatcher = pattern.matcher(parameterValue);
+                    if (contractMatcher.matches()) {
+                        contractNumber = parameterValue;
+                    } else {
+                        contractNumber = "none";
+                    }
                     break;
                 case "dateStart":
                     if (parameterValue != null && !parameterValue.isEmpty()) {
                         startDate = LocalDate.parse(parameterValue, dateFormat);
+                    } else {
+                        startDate = LocalDate.ofEpochDay(0);
                     }
                     break;
                 case "dateEnd":
                     if (parameterValue != null && !parameterValue.isEmpty()) {
                         endDate = LocalDate.parse(parameterValue, dateFormat);
+                    } else {
+                        endDate = LocalDate.now();
                     }
                     break;
                 case "createTimes":
-                    String[] timestamps = parameterValue.split(",");
-                    for (String timestamp : timestamps) {
-                        createTimes.add(LocalDateTime.parse(timestamp,
-                                dateTimeFormat).toLocalDate());
-                        LOGGER.info("Create time added: "
-                                + createTimes.get(createTimes.size() - 1));
+                    if (!parameterValue.equals(UNDEFINED)) {
+                        String[] timestamps = parameterValue.split(",");
+                        for (String timestamp : timestamps) {
+                            createTimes.add(LocalDateTime.parse(timestamp,
+                                    dateTimeFormat).toLocalDate());
+                        }
                     }
                     break;
                 case "deviceNames":
-                    deviceNames = parameterValue.split(",");
+                    if (!parameterValue.equals(UNDEFINED)) {
+                        deviceNames = parameterValue.split(",");
+                    }
                     break;
                 default:
             }
-            LOGGER.info(parameter + ": " + parameterValue);
         }
-        if (company.equals("")) {
-            company = DEFAULT_COMPANY;
-        }
-        if (contractNumber.equals("")) {
-            contractNumber = "none";
-        }
-        if (startDate == null) {
-            startDate = LocalDate.ofEpochDay(0);
-        }
-        if (endDate == null) {
-            endDate = LocalDate.now();
-        }
-        LOGGER.info("Start date: " + startDate.toString() + ", end date: " + endDate.toString());
 
         response.setHeader("Content-Type", "text/csv");
         response.setHeader("Content-Disposition",
-                "attachment;filename=\"validation_report.csv\"");
+                "attachment;filename=" + company + "_validation_report.csv");
         BufferedWriter bufferedWriter = new BufferedWriter(
                 new OutputStreamWriter(response.getOutputStream(), "UTF-8"));
         String columnHeaders = "Verified Manufacturer, "
@@ -243,13 +250,13 @@ public class ValidationReportsPageController extends PageController<NoPageParams
                                     + "\nComponent status: "
                                     + ((ComponentIdentifierV2) ci).getAttributeStatus());
                         } else {
-                            //("Platform Components" + "\n");
                             LOGGER.info("\nPlatform Components");
                         }
                         LOGGER.info("Component manufacturer : "
                                 + ci.getComponentManufacturer().getString()
                                 + "\nComponent model: " + ci.getComponentModel().getString()
-                                + "\nComponent revision: " + ci.getComponentRevision().getString());
+                                + "\nComponent revision: "
+                                    + ci.getComponentRevision().getString());
                     }
                     attributeStatuses = attributeStatuses.substring(0,
                             attributeStatuses.length() - 1);
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
index 71d40b36..4f02dfde 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
@@ -28,11 +28,13 @@
         <form:form id="download" method="POST" action="${portal}/validation-reports/download">
             Download Validation Reports
             <my:download-info id="validationReportsDownload" label="Download Validation Reports">
-                <label>Company<input id="company" type="text" name="company" /></label>
-                <label>Contract #<input id="contract" type="text" name="contract" /></label>
+                <label>Company<input id="company" type="text" pattern="[A-Za-z0-9\s]*"
+                        title="Letters, numbers, and spaces only" name="company" /></label>
+                <label>Contract #<input id="contract" type="text" pattern="[A-Za-z0-9\s]*"
+                        title="Letters, numbers, and spaces only" name="contract" /></label>
                 <br>
-                <label>Date range start (mm/dd/yyyy)<input id="dateStart" type="text" name="dateStart" /></label>
-                <label>Date range end (mm/dd/yyyy)<input id="dateEnd" type="text" name="dateEnd" /></label>
+                <label>Date range start<input id="dateStart" type="date" name="dateStart" /></label>
+                <label>Date range end<input id="dateEnd" type="date" name="dateEnd" /></label>
             </my:download-info>
         </form:form>
 
@@ -166,6 +168,10 @@
                 }));
             });
 
+            $(".btn-primary").click(function() {
+                $("#validationReportsDownload").modal('hide');
+            });
+
             /**
              * Gets HTML to display (icon tag) for the specified validation type.
              * If a validation for the requested type is not found, an empty

From 95bf9d931787fd5c4a1414b9e6fce741e285c737 Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Fri, 5 Feb 2021 16:33:00 -0500
Subject: [PATCH 7/8] Updated SN, component data, and CSV output format.

---
 .../ValidationReportsPageController.java      | 116 ++++++++++--------
 .../webapp/WEB-INF/jsp/validation-reports.jsp |   4 +-
 2 files changed, 70 insertions(+), 50 deletions(-)

diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index a80b7a17..546f02a6 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -39,6 +39,7 @@ import java.time.LocalDate;
 import java.time.LocalDateTime;
 import java.time.format.DateTimeFormatter;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.UUID;
 import java.util.regex.Matcher;
@@ -55,9 +56,13 @@ public class ValidationReportsPageController extends PageController<NoPageParams
     private final CertificateManager certificateManager;
     private final DeviceManager deviceManager;
 
-    private static final Logger LOGGER = getLogger(ValidationReportsPageController.class);
+    private static String columnHeaders = "Verified Manufacturer,"
+            + "Model,SN,Verification Date,Device Status,"
+            + "Component name,Component manufacturer,Component model,"
+            + "Component SN,Component status";
     private static final String DEFAULT_COMPANY = "AllDevices";
     private static final String UNDEFINED = "undefined";
+    private static final Logger LOGGER = getLogger(ValidationReportsPageController.class);
 
     /**
      * Constructor providing the Page's display and routing specification.
@@ -128,18 +133,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
     }
 
     /**
-     * This method handles downloading a validation report. The report will contain the
-     * following data:
-     * - Company devices where shipped from
-     * - Contract#
-     * - Report for Date range (default to current date)
-     * -Verified Manufacturer is the Platform Vendor
-     * - Model is the Platform Model
-     * - SN is the Chassis SN
-     * - Verification Data is the not before time on the Attestation Certificate
-     * - Component Status column is 8 component classes names listed above
-     * (Component Status data is taken from the pass/fail status of the report summary)
-     * - Device Status is the overall pass/fail of the report summary
+     * This method handles downloading a validation report.
      * @param request object
      * @param response object
      * @throws IOException thrown by BufferedWriter object
@@ -151,13 +145,14 @@ public class ValidationReportsPageController extends PageController<NoPageParams
         LOGGER.info("Downloading validation report");
         String company = "";
         String contractNumber = "";
-        Pattern pattern = Pattern.compile("[A-Za-z0-9\\s]*");
+        Pattern pattern = Pattern.compile("^\\w*$");
         DateTimeFormatter dateFormat = DateTimeFormatter.ofPattern("uuuu-MM-dd");
         DateTimeFormatter dateTimeFormat = DateTimeFormatter.ofPattern("uuuu-MM-dd HH:mm:ss");
         LocalDate startDate = null;
         LocalDate endDate = null;
         ArrayList<LocalDate> createTimes = new ArrayList<LocalDate>();
         String[] deviceNames = new String[]{};
+
         Enumeration parameters = request.getParameterNames();
         while (parameters.hasMoreElements()) {
             String parameter = (String) parameters.nextElement();
@@ -214,14 +209,12 @@ public class ValidationReportsPageController extends PageController<NoPageParams
 
         response.setHeader("Content-Type", "text/csv");
         response.setHeader("Content-Disposition",
-                "attachment;filename=" + company + "_validation_report.csv");
+                "attachment;filename=validation_report.csv");
         BufferedWriter bufferedWriter = new BufferedWriter(
                 new OutputStreamWriter(response.getOutputStream(), "UTF-8"));
-        String columnHeaders = "Verified Manufacturer, "
-                + "Model, SN, Verification Date, Component Statuses, Device Status";
+        StringBuilder reportData = new StringBuilder();
+        bufferedWriter.append("Company: " + company + "\n");
         bufferedWriter.append("Contract number: " + contractNumber + "\n");
-        bufferedWriter.append(columnHeaders + "\n");
-        LOGGER.info(columnHeaders);
         for (int i = 0; i < deviceNames.length; i++) {
             if ((createTimes.get(i).isAfter(startDate) || createTimes.get(i).isEqual(startDate))
                     && (createTimes.get(i).isBefore(endDate)
@@ -231,40 +224,67 @@ public class ValidationReportsPageController extends PageController<NoPageParams
                 PlatformCredential pc = PlatformCredential.select(certificateManager)
                         .byDeviceId(deviceId).getCertificate();
                 LOGGER.info("Found platform credential: " + pc.toString());
-                bufferedWriter.append(pc.getManufacturer() + ","
+                reportData.append(pc.getManufacturer() + ","
                         + pc.getModel() + ","
-                        + pc.getChassisSerialNumber() + ","
-                        + pc.getBeginValidity() + ",");
-                LOGGER.info("Verified manufacturer: " + pc.getManufacturer());
-                LOGGER.info("Model: " + pc.getModel());
-                LOGGER.info("SN: " + pc.getChassisSerialNumber());
-                LOGGER.info("Verification date: " + pc.getBeginValidity());
-                if (pc.getComponentIdentifiers() != null
-                        && pc.getComponentIdentifiers().size() > 0) {
-                    String attributeStatuses = "";
-                    for (ComponentIdentifier ci : pc.getComponentIdentifiers()) {
-                        if (ci instanceof ComponentIdentifierV2) {
-                            attributeStatuses += ((ComponentIdentifierV2) ci)
-                                    .getAttributeStatus() + ",";
-                            LOGGER.info(((ComponentIdentifierV2) ci).getComponentClass()
-                                    + "\nComponent status: "
-                                    + ((ComponentIdentifierV2) ci).getAttributeStatus());
-                        } else {
-                            LOGGER.info("\nPlatform Components");
-                        }
-                        LOGGER.info("Component manufacturer : "
-                                + ci.getComponentManufacturer().getString()
-                                + "\nComponent model: " + ci.getComponentModel().getString()
-                                + "\nComponent revision: "
-                                    + ci.getComponentRevision().getString());
+                        + pc.getPlatformSerial() + ","
+                        + pc.getBeginValidity() + ","
+                        + pc.getDevice().getSupplyChainStatus() + ",");
+                ArrayList<ArrayList<String>> parsedComponents = parseComponents(pc);
+                for (ArrayList<String> component : parsedComponents) {
+                    for (String data : component) {
+                        reportData.append(data + ",");
                     }
-                    attributeStatuses = attributeStatuses.substring(0,
-                            attributeStatuses.length() - 1);
-                    bufferedWriter.append("(" + attributeStatuses + "),");
+                    reportData.deleteCharAt(reportData.length() - 1);
+                    reportData.append("\n,,,,,");
                 }
-                bufferedWriter.append("" + pc.getDevice().getSupplyChainStatus() + "\n");
+                reportData.delete(reportData.lastIndexOf("\n"), reportData.length());
             }
         }
+        bufferedWriter.append(columnHeaders + "\n");
+        bufferedWriter.append(reportData.toString() + "\n");
+        LOGGER.info(columnHeaders);
+        LOGGER.info(reportData.toString());
         bufferedWriter.flush();
     }
+
+    /**
+     * This method parses the following ComponentIdentifier fields into an ArrayList of ArrayLists.
+     * - ComponentClass
+     * - Manufacturer
+     * - Model
+     * - Serial number
+     * - Pass/fail status (based on componentFailures string)
+     * @param pc the platform credential.
+     * @return the ArrayList of ArrayLists containing the parsed component data.
+     */
+    private ArrayList<ArrayList<String>> parseComponents(final PlatformCredential pc) {
+        ArrayList<ArrayList<String>> parsedComponents = new ArrayList<ArrayList<String>>();
+        if (pc.getComponentIdentifiers() != null
+                && pc.getComponentIdentifiers().size() > 0) {
+            LOGGER.info("Component failures: " + pc.getComponentFailures());
+            ArrayList<String> componentFailures =
+                    new ArrayList<String>(Arrays.asList(pc.getComponentFailures().split(";")));
+            for (ComponentIdentifier ci : pc.getComponentIdentifiers()) {
+                ArrayList<String> componentData = new ArrayList<String>();
+                if (ci instanceof ComponentIdentifierV2) {
+                    componentData.add(((ComponentIdentifierV2) ci).getComponentClass().toString());
+                } else {
+                    componentData.add("Platform Component");
+                }
+                componentData.add(ci.getComponentManufacturer().getString());
+                componentData.add(ci.getComponentModel().getString());
+                componentData.add(ci.getComponentSerial().getString());
+                //Failing components are identified by manufacturer + model
+                if (componentFailures.contains(componentData.get(1) + componentData.get(2))) {
+                    componentData.add("Fail");
+                } else {
+                    componentData.add("Pass");
+                }
+                parsedComponents.add(componentData);
+                LOGGER.info(String.join(",", componentData));
+            }
+        }
+
+        return parsedComponents;
+    }
 }
diff --git a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
index 4f02dfde..a70dd6b0 100644
--- a/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
+++ b/HIRS_AttestationCAPortal/src/main/webapp/WEB-INF/jsp/validation-reports.jsp
@@ -28,9 +28,9 @@
         <form:form id="download" method="POST" action="${portal}/validation-reports/download">
             Download Validation Reports
             <my:download-info id="validationReportsDownload" label="Download Validation Reports">
-                <label>Company<input id="company" type="text" pattern="[A-Za-z0-9\s]*"
+                <label>Company<input id="company" type="text" pattern="^\w*$"
                         title="Letters, numbers, and spaces only" name="company" /></label>
-                <label>Contract #<input id="contract" type="text" pattern="[A-Za-z0-9\s]*"
+                <label>Contract #<input id="contract" type="text" pattern="^\w*$"
                         title="Letters, numbers, and spaces only" name="contract" /></label>
                 <br>
                 <label>Date range start<input id="dateStart" type="date" name="dateStart" /></label>

From 847bad5201204059121d06c09360393f591a6e86 Mon Sep 17 00:00:00 2001
From: chubtub <43381989+chubtub@users.noreply.github.com>
Date: Wed, 10 Feb 2021 09:54:06 -0500
Subject: [PATCH 8/8] Update verification date

---
 .../page/controllers/ValidationReportsPageController.java       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
index 546f02a6..b0cf463e 100644
--- a/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
+++ b/HIRS_AttestationCAPortal/src/main/java/hirs/attestationca/portal/page/controllers/ValidationReportsPageController.java
@@ -227,7 +227,7 @@ public class ValidationReportsPageController extends PageController<NoPageParams
                 reportData.append(pc.getManufacturer() + ","
                         + pc.getModel() + ","
                         + pc.getPlatformSerial() + ","
-                        + pc.getBeginValidity() + ","
+                        + LocalDateTime.now().toString() + ","
                         + pc.getDevice().getSupplyChainStatus() + ",");
                 ArrayList<ArrayList<String>> parsedComponents = parseComponents(pc);
                 for (ArrayList<String> component : parsedComponents) {