Fixed missing image on print card page

[LiamStanziani]

Fixed missing image on print card page by setting default image to openosp logo

Summary by Sourcery

Bug Fixes:

• Fallback to default OpenOSP logo when the configured clinic logo file is missing or undefined.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR ensures the print card page always displays a clinic logo by loading the OpenOSP logo as a default resource and integrating it into the property lookup flow for CLINIC_LOGO_FILE, with a fallback when no custom logo is provided.

Sequence diagram for clinic logo rendering with default fallback

sequenceDiagram
participant User
participant "ImageRenderingServlet"
participant "OscarProperties"
participant "File System"

User->>"ImageRenderingServlet": Request clinic logo
"ImageRenderingServlet"->>"OscarProperties": Get CLINIC_LOGO_FILE property (with default)
"OscarProperties"-->>"ImageRenderingServlet": Return filename or defaultClinicLogo
alt filename is null or empty
    "ImageRenderingServlet"->>"File System": Use defaultClinicLogo
else filename exists
    "ImageRenderingServlet"->>"File System": Use filename
end
"File System"-->>"ImageRenderingServlet": Return logo image
"ImageRenderingServlet"-->>User: Respond with logo image

Loading

Class diagram for ImageRenderingServlet logo rendering changes

classDiagram
class ImageRenderingServlet {
  +renderClinicLogoStored(request, response)
  -defaultClinicLogo : String
}
class OscarProperties {
  +getProperty(key, defaultValue)
}
class FileSystem
ImageRenderingServlet --> OscarProperties : uses
ImageRenderingServlet --> FileSystem : reads logo file

Loading

File-Level Changes

Change	Details	Files
Introduce retrieval of default OpenOSP logo from web resources	Added code to fetch defaultResourceUrl via session.getServletContext().getResource Initialized defaultClinicLogo with defaultResourceUrl.getPath() or null	src/main/java/ca/openosp/openo/ui/servlet/ImageRenderingServlet.java
Implement fallback to default logo when custom clinic logo is missing	Updated OscarProperties.getProperty call to pass defaultClinicLogo as fallback Added null/empty check on filename and reassigned defaultClinicLogo if needed	src/main/java/ca/openosp/openo/ui/servlet/ImageRenderingServlet.java

Possibly linked issues

• #Image doesn't load properly on Schedule tab - Edit an appointment window - Print Card: PR adds default OpenOSP logo when CLINIC_LOGO_FILE is missing, fixing clinic logo 404 on print card.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• Consider loading the default logo resource from the classpath (e.g. via getResourceAsStream) instead of using a hard-coded filesystem path, which may not exist in packaged deployments.
• Mark DEFAULT_CLINIC_LOGO_FILE as static final to reflect that it’s a constant and adhere to naming conventions.
• Add a warning log or fallback behavior if neither the custom nor default logo file is found, to make missing images easier to diagnose.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Consider loading the default logo resource from the classpath (e.g. via getResourceAsStream) instead of using a hard-coded filesystem path, which may not exist in packaged deployments.
- Mark DEFAULT_CLINIC_LOGO_FILE as static final to reflect that it’s a constant and adhere to naming conventions.
- Add a warning log or fallback behavior if neither the custom nor default logo file is found, to make missing images easier to diagnose.

## Individual Comments

### Comment 1
<location> `src/main/java/ca/openosp/openo/ui/servlet/ImageRenderingServlet.java:67` </location>
<code_context>
         local_client, hnr_client, integrator_client, signature_preview, signature_stored, clinic_logo
     }

+    private static String DEFAULT_CLINIC_LOGO_FILE = "src/main/resources/loginResource/openosp_logo.png";
+
     @Override
</code_context>

<issue_to_address>
**suggestion:** Consider using 'final' for the DEFAULT_CLINIC_LOGO_FILE constant.

Marking DEFAULT_CLINIC_LOGO_FILE as 'private static final' ensures immutability and protects against unintended changes.

```suggestion
    private static final String DEFAULT_CLINIC_LOGO_FILE = "src/main/resources/loginResource/openosp_logo.png";
```
</issue_to_address>

### Comment 2
<location> `src/main/java/ca/openosp/openo/ui/servlet/ImageRenderingServlet.java:330` </location>
<code_context>

         try {
-            String filename = OscarProperties.getInstance().getProperty("CLINIC_LOGO_FILE");
+            String filename = OscarProperties.getInstance().getProperty("CLINIC_LOGO_FILE", DEFAULT_CLINIC_LOGO_FILE);
             if (filename != null) {
                 File f = new File(filename);
</code_context>

<issue_to_address>
**suggestion:** Check for null or empty property values when using a default.

If getProperty returns "", the default won't be used. Consider treating empty strings as unset to ensure the default is applied.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

New security issues found

[LiamStanziani]

@sourcery-ai resolve

Sourcery does not seem to be resolving the blocking issue, this was already explained to not be a security vulnerability in the comment to the change, will manually dismiss.

[sourcery-ai]

Hey there - I've reviewed your changes and they look great!

Blocking issues:

• Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path. (link)

Prompt for AI Agents

Please address the comments from this code review:

## Individual Comments

### Comment 1
<location> `src/main/java/ca/openosp/openo/ui/servlet/ImageRenderingServlet.java:340` </location>
<code_context>
                File f = new File(filename);
</code_context>

<issue_to_address>
**security (java.lang.security.httpservlet-path-traversal):** Detected a potential path traversal. A malicious actor could control the location of this file, to include going backwards in the directory with '../'. To address this, ensure that user-controlled variables in file paths are sanitized. You may also consider using a utility method such as org.apache.commons.io.FilenameUtils.getName(...) to only retrieve the file name from the path.

*Source: opengrep*
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

Same false positive dismissed before