Added UI fixes and updated documentation.

Change-Id: I8cb10b6b08b9c77b3867483f172cc0a996464e01
Signed-off-by: Puja <puja.chatterjee@sap.com>

README.md

@@ -22,7 +22,6 @@ Clone the Git [repository](https://github.com/SAP/cloud-espm-v2.git) or download
 5. [Setup the Runtime Environment](https://help.hana.ondemand.com/help/frameset.htm?7613f000711e1014839a8273b0e91070.html). please use the Java EE 6 Web Profile section in the above document
 6. Signup for [HCP Trial account](https://hcp.sap.com/developers.html#section_4) 
 
-
 ### Build the application and deploy
 1. Git configuration in Eclipse
    - From the Eclipse IDE main menu, choose Window > Preferences
@@ -82,6 +81,8 @@ Clone the Git [repository](https://github.com/SAP/cloud-espm-v2.git) or download
    - On this wizard page check that the master branch is selected and click again on Next >
    - On the last wizard page you can adjust the location of the local Git Repository, but for the scope of this tutorial we'll just leave the default as-is
    - Click on Finish so that the remote cloud-basecamp Git repository (source code) is cloned to the local location specified on the last wizard page.
+   - In Eclipse, open File->Import->Existing Maven projects.
+
 4. Update dependencies and build Maven project
 
     - Instruction to run update dependencies for the Maven project
@@ -214,33 +215,6 @@ The ESPM Sample Application is a Maven based project which has a parent pom.xml
 
     After deploying the application in HCP, assign the Retailer role to the user who will act as the retailer of the eCommerce site. Please refer to documentation of SAP HANA Cloud Platform on how to assign roles to users. See [Details](https://help.hana.ondemand.com/help/frameset.htm?db8175b9d976101484e6fa303b108acd.html)
 
-### Protecting from Cross-Site Request Forgery
-
-In ESPM, we use **Custom header approach** for CSRF protection. For details on the same, please refer [SAP HANA Cloud Platform documentation](https://help.hana.ondemand.com/help/frameset.htm?1f5f34e31ec64af8b5fef1796ea07c0a.html)
-
-In Web.xml file in ESPM espm-cloud-web project(path src/main/webapp/WEB-INF/web.xml), we have added the below tags to enable CSRF protection for the secure odata service (http://<appname><accountname>.hana.ondemand.com/espm-cloud-web/espm.svc/secure)
-```sh
-	<!-- CSRF protection for the REST API for retailer scenario -->
-		<filter>
-		   <filter-name>RestCSRF</filter-name>
-		   <filter-class>org.apache.catalina.filters.RestCsrfPreventionFilter</filter-class>
-	 	</filter>
-	 <filter-mapping>
-	   	<filter-name>RestCSRF</filter-name>
-	    <!--modifying REST APIs  -->
-		<url-pattern>/espm.svc/secure/*</url-pattern>	    
-	 </filter-mapping>	
-```
-
-Note that the CSRF protection is performed only for modifying HTTP requests (different from GET|HEAD or OPTIONS).
-All CSRF protected resources should be protected with an authentication mechanism.
-
-In ESPM, the Retailer scenario (https://localhost:\<port\>/espm-cloud-web/retailer) is protected with authentication. The Sales Order Approval and Stock Update scenario is protected with CSRF protection. 
-
-The modifing HTTP requests to the secure service will be sent with header **X-CSRF-Token: <token_value>**
-
-Prior to sending a modifing HTTTP request, an HTTP GET request should be sent to a non-modifing HTTP request with the header **X-CSRF-Token: Fetch**. This will fetch the **<token_value>** required for the modifing request.
-
 # Important Disclaimers on Security and Legal Aspects
 This document is for informational purposes only. Its content is subject to change without notice, and SAP does not warrant that it is error-free. SAP MAKES NO WARRANTIES, EXPRESS OR IMPLIED, OR OF MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE.
 

espm-cloud-web/src/main/webapp/retailer/controller/Home.controller.js

@@ -1,20 +1,19 @@
 sap.ui.define([
-	"sap/ui/core/mvc/Controller",
-	'sap/ui/model/json/JSONModel'
-], function(Controller, JSONModel) {
+	"sap/ui/core/mvc/Controller"
+], function(Controller) {
 	"use strict";
 
 	return Controller.extend("com.sap.espm.retailer.controller.Home", {
 
-		onInit : function (evt) {
+		onInit : function () {
 		},
 
-		approveTilePressed: function(event){
+		approveTilePressed: function(){
 
 			var oRouter = sap.ui.core.UIComponent.getRouterFor(this);
 			oRouter.navTo("SalesOrder");
 		},
-		stockTilePressed: function(event){
+		stockTilePressed: function(){
 
 			var oRouter = sap.ui.core.UIComponent.getRouterFor(this);
 			oRouter.navTo("StockInformation");

espm-cloud-web/src/main/webapp/retailer/controller/SalesOrder.controller.js

@@ -1,16 +1,14 @@
 jQuery.sap.require("com.sap.espm.retailer.model.format");
 sap.ui.define([
 	"sap/ui/core/mvc/Controller",
-	"sap/ui/core/routing/History",
 	"com/sap/espm/retailer/model/formatter",
 	"sap/m/MessageBox",
 	"sap/m/MessageToast"
 
 
-], function(Controller, formatter) {
+], function(Controller, formatter, MessageBox, MessageToast) {
 	"use strict";
 
-	var statusId = 0;
 	var responseData;
 
 	return Controller.extend("com.sap.espm.retailer.controller.SalesOrder", {
@@ -80,16 +78,16 @@ sap.ui.define([
 						title : "{ProductId}"
 					}),
 					new sap.m.Text({
-						text : "{path: 'DeliveryDate', formatter: 'com.sap.espm.retailer.model.format.date'}",
+						text : "{path: 'DeliveryDate', formatter: 'com.sap.espm.retailer.model.format.date'}"
 					}),
 					new sap.m.Text({
-						text : "{path: 'Quantity', formatter: 'com.sap.espm.retailer.model.format.quantity'}",
+						text : "{path: 'Quantity', formatter: 'com.sap.espm.retailer.model.format.quantity'}"
 					}),
 					new sap.m.ObjectNumber({
 						emphasized : false,
 						number : "{path: 'GrossAmount', formatter:'com.sap.espm.retailer.model.format.formatAmount'}",
 						unit : "{CurrencyCode}"
-					}),
+					})
 					]
 			});
 
@@ -112,14 +110,14 @@ sap.ui.define([
 			binding.filter(filters); 
 
 		},
-		handleApprove: function(evt){
+		handleApprove: function(){
 
 			var bundle = this.getView().getModel("i18n").getResourceBundle(); 
 			var that = this;
 
-			sap.m.MessageBox.confirm( bundle.getText("sales.approveDialogMsg"), 
+			MessageBox.confirm( bundle.getText("sales.approveDialogMsg"), 
 					function (oAction) { 
-						if (sap.m.MessageBox.Action.OK === oAction) { 
+						if (MessageBox.Action.OK === oAction) { 
 						// notify user 
 
 							var id = that.getView().byId("detailObjectHeader").getTitle();
@@ -142,11 +140,11 @@ sap.ui.define([
 								model.refresh();
 
 								var successMsg = bundle.getText("sales.aproveDialogSuccessMsg"); 
-								sap.m.MessageToast.show(successMsg);
+								MessageToast.show(successMsg);
 							 	},
 							 	function()
 							 	{
-							 		sap.m.MessageToast.show(bundle.getText("sales.approvalFailed"));
+							 		MessageToast.show(bundle.getText("sales.approvalFailed"));
 							 	});
 						} 
 						}, 
@@ -155,13 +153,13 @@ sap.ui.define([
 
 		},
 
-		handleReject: function(evt){
+		handleReject: function(){
 
 			var bundle = this.getView().getModel("i18n").getResourceBundle(); 
 			var that = this;
-			sap.m.MessageBox.confirm( bundle.getText("sales.rejectDialogMsg"), 
+			MessageBox.confirm( bundle.getText("sales.rejectDialogMsg"), 
 					function (oAction) { 
-						if (sap.m.MessageBox.Action.OK === oAction) { 
+						if (MessageBox.Action.OK === oAction) { 
 						// notify user 
 
 							var id = that.getView().byId("detailObjectHeader").getTitle();
@@ -183,9 +181,9 @@ sap.ui.define([
 								model.refresh();
 
 								var successMsg = bundle.getText("sales.rejectDialogSuccessMsg"); 
-								sap.m.MessageToast.show(successMsg);
+								MessageToast.show(successMsg);
 							 	},function(){
-							 		sap.m.MessageToast.show(bundle.getText("sales.rejectFailed"));});
+							 		MessageToast.show(bundle.getText("sales.rejectFailed"));});
 						} 
 						}, 
 						bundle.getText("sales.rejectDialogTitle") ); 

espm-cloud-web/src/main/webapp/retailer/controller/StockInformation.controller.js

@@ -1,15 +1,8 @@
 sap.ui.define([
 	"sap/ui/core/mvc/Controller",
-	"com/sap/espm/retailer/model/formatter",
-	"sap/ui/core/routing/History",
-	'sap/m/Dialog',
-	"sap/m/Text",
-	"sap/m/Button",
-	'sap/ui/layout/HorizontalLayout',
-	'sap/ui/layout/VerticalLayout',
-	"sap/m/Input"
+	"com/sap/espm/retailer/model/formatter"
 
-], function(Controller,formatter, VerticalLayout, HorizontalLayout, Text, Input, Dialog, Button) {
+], function(Controller,formatter) {
 	"use strict";
 
 	var bindingObject;
@@ -107,7 +100,7 @@ sap.ui.define([
 									}
 								}),
 								new sap.m.Label({text:bundle.getText("stock.itemsInStock")}),
-								new sap.m.Input({value:stockString[0],editable: false}),
+								new sap.m.Input({value:stockString[0],editable: false})
 
 						      ]
 					})