[#12872] Warn instructors not to share link with students (#13137)

* Add caution to template and change tests * Update tests * Fix failing test * Change phrasing * Fix typo * Modify email template and tests * Fix typo
TEAMMATES · Jul 5, 2024 · f604c11 · f604c11
1 parent b402863
commit f604c11
Show file tree

Hide file tree

Showing 10 changed files with 78 additions and 6 deletions.
diff --git a/src/main/java/teammates/logic/api/EmailGenerator.java b/src/main/java/teammates/logic/api/EmailGenerator.java
@@ -823,7 +823,7 @@ private EmailWrapper generateFeedbackSessionEmailBaseForNotifiedInstructors(
                 "${feedbackSessionName}", SanitizationHelper.sanitizeForHtml(session.getFeedbackSessionName()),
                 "${deadline}", SanitizationHelper.sanitizeForHtml(
                         TimeHelper.formatInstant(endTime, session.getTimeZone(), DATETIME_DISPLAY_FORMAT)),
-                "${instructorPreamble}", fillUpInstructorPreamble(course),
+                "${instructorPreamble}", fillUpInstructorPreamble(course, session),
                 "${sessionInstructions}", session.getInstructionsString(),
                 "${submitUrl}", "{in the actual email sent to the students, this will be the unique link}",
                 "${reportUrl}", "{in the actual email sent to the students, this will be the unique link}",
@@ -1020,10 +1020,14 @@ private String fillUpInstructorRejoinAfterGoogleIdResetFragment(InstructorAttrib
                 "${supportEmail}", Config.SUPPORT_EMAIL);
     }
 
-    private String fillUpInstructorPreamble(CourseAttributes course) {
+    private String fillUpInstructorPreamble(CourseAttributes course, FeedbackSessionAttributes session) {
+        var recoveryUrl = Config.getFrontEndAppUrl(Const.WebPageURIs.SESSIONS_LINK_RECOVERY_PAGE).toAbsoluteString();
         return Templates.populateTemplate(EmailTemplates.FRAGMENT_INSTRUCTOR_COPY_PREAMBLE,
                 "${courseId}", SanitizationHelper.sanitizeForHtml(course.getId()),
-                "${courseName}", SanitizationHelper.sanitizeForHtml(course.getName()));
+                "${courseName}", SanitizationHelper.sanitizeForHtml(course.getName()),
+                "${feedbackSessionName}",
+                SanitizationHelper.sanitizeForHtml(session.getFeedbackSessionName()),
+                "${sessionsRecoveryLink}", recoveryUrl);
     }
 
     /**

diff --git a/src/main/java/teammates/sqllogic/api/SqlEmailGenerator.java b/src/main/java/teammates/sqllogic/api/SqlEmailGenerator.java
@@ -851,7 +851,7 @@ private EmailWrapper generateFeedbackSessionEmailBaseForNotifiedInstructors(
                 "${feedbackSessionName}", SanitizationHelper.sanitizeForHtml(session.getName()),
                 "${deadline}", SanitizationHelper.sanitizeForHtml(
                         TimeHelper.formatInstant(endTime, session.getCourse().getTimeZone(), DATETIME_DISPLAY_FORMAT)),
-                "${instructorPreamble}", fillUpInstructorPreamble(course),
+                "${instructorPreamble}", fillUpInstructorPreamble(course, session),
                 "${sessionInstructions}", session.getInstructionsString(),
                 "${submitUrl}", "{in the actual email sent to the students, this will be the unique link}",
                 "${reportUrl}", "{in the actual email sent to the students, this will be the unique link}",
@@ -1098,10 +1098,14 @@ private String fillUpInstructorRejoinAfterGoogleIdResetFragment(Instructor instr
             "${supportEmail}", Config.SUPPORT_EMAIL);
     }
 
-    private String fillUpInstructorPreamble(Course course) {
+    private String fillUpInstructorPreamble(Course course, FeedbackSession session) {
+        var recoveryUrl = Config.getFrontEndAppUrl(Const.WebPageURIs.SESSIONS_LINK_RECOVERY_PAGE).toAbsoluteString();
+
         return Templates.populateTemplate(EmailTemplates.FRAGMENT_INSTRUCTOR_COPY_PREAMBLE,
             "${courseId}", SanitizationHelper.sanitizeForHtml(course.getId()),
-            "${courseName}", SanitizationHelper.sanitizeForHtml(course.getName()));
+                "${courseName}", SanitizationHelper.sanitizeForHtml(course.getName()),
+                "${feedbackSessionName}", SanitizationHelper.sanitizeForHtml(session.getName()),
+                "${sessionsRecoveryLink}", recoveryUrl);
     }
 
     /**

diff --git a/src/main/resources/instructorEmailFragment-instructorCopyPreamble.html b/src/main/resources/instructorEmailFragment-instructorCopyPreamble.html
@@ -1,4 +1,12 @@
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session ${feedbackSessionName} in course [${courseId}] ${courseName} is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${sessionsRecoveryLink}>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [${courseId}] ${courseName}.
   <br><br>
   === Email message as seen by the students ===

diff --git a/src/test/resources/emails/sessionClosingEmailCopyToInstructor.html b/src/test/resources/emails/sessionClosingEmailCopyToInstructor.html
@@ -1,6 +1,14 @@
 <p>Hello Instructor1 Course1,</p>
 
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session First feedback session in course [idOfTypicalCourse1] Typical Course 1 with 2 Evals is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${app.url}/web/front/help/session-links-recovery>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [idOfTypicalCourse1] Typical Course 1 with 2 Evals.
   <br><br>
   === Email message as seen by the students ===

diff --git a/src/test/resources/emails/sessionClosingEmailTestingSanitizationCopyToInstructor.html b/src/test/resources/emails/sessionClosingEmailTestingSanitizationCopyToInstructor.html
@@ -1,6 +1,14 @@
 <p>Hello Instructor&lt;script&gt; alert(&#39;hi!&#39;); &lt;&#x2f;script&gt;,</p>
 
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session Normal feedback session name in course [idOfTestingSanitizationCourse] Testing&lt;script&gt; alert(&#39;hi!&#39;); &lt;&#x2f;script&gt; is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${app.url}/web/front/help/session-links-recovery>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [idOfTestingSanitizationCourse] Testing&lt;script&gt; alert(&#39;hi!&#39;); &lt;&#x2f;script&gt;.
   <br><br>
   === Email message as seen by the students ===

diff --git a/src/test/resources/emails/sessionOpeningEmailCopyToInstructor.html b/src/test/resources/emails/sessionOpeningEmailCopyToInstructor.html
@@ -1,6 +1,14 @@
 <p>Hello Instructor1 Course1,</p>
 
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session First feedback session in course [idOfTypicalCourse1] Typical Course 1 with 2 Evals is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${app.url}/web/front/help/session-links-recovery>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [idOfTypicalCourse1] Typical Course 1 with 2 Evals.
   <br><br>
   === Email message as seen by the students ===

diff --git a/src/test/resources/emails/sessionOpeningEmailTestingSanitizationCopyToInstructor.html b/src/test/resources/emails/sessionOpeningEmailTestingSanitizationCopyToInstructor.html
@@ -1,6 +1,14 @@
 <p>Hello Instructor&lt;script&gt; alert(&#39;hi!&#39;); &lt;&#x2f;script&gt;,</p>
 
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session Normal feedback session name in course [idOfTestingSanitizationCourse] Testing&lt;script&gt; alert(&#39;hi!&#39;); &lt;&#x2f;script&gt; is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${app.url}/web/front/help/session-links-recovery>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [idOfTestingSanitizationCourse] Testing&lt;script&gt; alert(&#39;hi!&#39;); &lt;&#x2f;script&gt;.
   <br><br>
   === Email message as seen by the students ===

diff --git a/src/test/resources/emails/sessionPublishedEmailCopyToInstructor.html b/src/test/resources/emails/sessionPublishedEmailCopyToInstructor.html
@@ -1,6 +1,14 @@
 <p>Hello Instructor1 Course1,</p>
 
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session First feedback session in course [idOfTypicalCourse1] Typical Course 1 with 2 Evals is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${app.url}/web/front/help/session-links-recovery>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [idOfTypicalCourse1] Typical Course 1 with 2 Evals.
   <br><br>
   === Email message as seen by the students ===

diff --git a/src/test/resources/emails/sessionReminderEmailCopyToInstructor.html b/src/test/resources/emails/sessionReminderEmailCopyToInstructor.html
@@ -1,6 +1,14 @@
 <p>Hello Instructor1 Course1,</p>
 
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session First feedback session in course [idOfTypicalCourse1] Typical Course 1 with 2 Evals is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${app.url}/web/front/help/session-links-recovery>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [idOfTypicalCourse1] Typical Course 1 with 2 Evals.
   <br><br>
   === Email message as seen by the students ===

diff --git a/src/test/resources/emails/sessionUnpublishedEmailCopyToInstructor.html b/src/test/resources/emails/sessionUnpublishedEmailCopyToInstructor.html
@@ -1,6 +1,14 @@
 <p>Hello Instructor1 Course1,</p>
 
 <p>
+  Kindly note that this email simply serves as a preview of how the email will appear to the
+  students, and the link is not the actual link that the students will receive.
+  As such, please <b style="color: red;">do not forward</b> this email to students.
+  We recommend that you make the following announcement (edit content as you see fit) using an alternative means (e.g., your course announcements) to alert students:
+  <hr>
+  The TEAMMATES session First feedback session in course [idOfTypicalCourse1] Typical Course 1 with 2 Evals is now open.
+  If you did not receive the unique access link via email, and you can't find it in your spam box either, go to <a href=${app.url}/web/front/help/session-links-recovery>this link</a> to recover the access link.
+  <hr>
   The email below has been sent to students of course: [idOfTypicalCourse1] Typical Course 1 with 2 Evals.
   <br><br>
   === Email message as seen by the students ===