Fix: Release 2.7.4 hotfixes (#494)

* add link to see result details of the url resolvability check

* fix vizualization widget not showing  code section

* fix metrics graph evolution to use chart component

* re-enforce the sparql query  security for no admin users

* fix collection show members using the wrong params name

* remove unused history routes

app/components/url_resolvability_component.rb

@@ -4,14 +4,15 @@ class UrlResolvabilityComponent < ViewComponent::Base
 
   include OntologiesHelper, CheckResolvabilityHelper
 
-  def initialize(resolvable: false, supported_formats: [], status: nil)
+  def initialize(url: '', resolvable: false, supported_formats: [], status: nil)
     @resolvable = resolvable
     @supported_formats = supported_formats
     @status = status
+    @url = url
   end
 
   def call
-    text = check_resolvability_message(@resolvable, @supported_formats, @status)
+    text = check_resolvability_message(@resolvable, @supported_formats, @status, @url)
     if @resolvable && @supported_formats.size > 1
       icon = status_icons(ok: true)
     elsif @resolvable

app/controllers/admin_controller.rb

@@ -12,10 +12,20 @@ class AdminController < ApplicationController
 
   def sparql_endpoint
     graph = params["named-graph-uri"]
-    if !session[:user]&.admin? && !graph.blank?
+    apikey = params["apikey"]
+    user_name = params["username"]
+
+    unless user_name.blank?
+      user = LinkedData::Client::Models::User.find(user_name, {include: 'all', apikey: apikey})
+      render(inline: 'Query not permitted') && return if user.nil?
+    end
+
+    render(inline: 'Query not permitted') && return if graph.blank? && !user&.admin?
+
+    unless graph.blank?
       acronym = graph.split('/')[-3]
-      @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(acronym).first
-      render(inline: 'Query not permitted') && return  if @ontology.nil? || @ontology.errors
+      @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(acronym, {apikey: apikey}).first
+      render(inline: 'Query not permitted') && return if @ontology.nil? || @ontology.errors
     end
 
     response = helpers.ontology_sparql_query(params[:query], graph)

app/controllers/check_resolvability_controller.rb

@@ -14,7 +14,7 @@ def check_resolvability
     container = "#{helpers.escape(params[:url])}_container"
     result = helpers.check_resolvability_helper(url)
     render_turbo_stream(replace(container) {
-      render_to_string UrlResolvabilityComponent.new(resolvable: result[:result].eql?(1) || result[:result].eql?(2),
+      render_to_string UrlResolvabilityComponent.new(url: params[:url], resolvable: result[:result].eql?(1) || result[:result].eql?(2),
                                                      status: result[:status],
                                                      supported_formats: result[:allowed_format]), layout: false
     })

app/controllers/collections_controller.rb

@@ -14,7 +14,7 @@ def show_label
   end
 
   def show_members
-    @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(params[:ontology]).first
+    @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(params[:ontology_id] || params[:ontology]).first
     @collection = get_request_collection
     page = params[:page] || '1'
     @auto_click = page.to_s.eql?('1')

app/helpers/check_resolvability_helper.rb

@@ -103,15 +103,20 @@ def check_resolvability_success(result)
     url_resolvable?(result) || url_content_negotiable?(result)
   end
 
-  def check_resolvability_message(resolvable, allowed_formats, status)
+  def check_resolvability_message(resolvable, allowed_formats, status, url = nil)
     supported_format = Array(allowed_formats).compact
     supported_format = allowed_formats.empty? ? 'Format not specified' : supported_format.join(', ')
+
     if resolvable && (supported_format.size > 1)
-      "The URL is resolvable and support the following formats: #{supported_format}"
+      text =  "The URL is resolvable and support the following formats: #{supported_format}"
     elsif resolvable
-      "The URL resolvable but is not content negotiable, support only: #{supported_format}"
+      text = "The URL resolvable but is not content negotiable, support only: #{supported_format}"
     else
-      "The URL is not resolvable and not content negotiable (returns #{status})."
+      text = "The URL is not resolvable and not content negotiable (returns #{status})"
     end
+
+
+    text = text + link_to(' See details', check_resolvability_path(url: url), target: '_blank') if url
+    text
   end
 end

app/helpers/fair_score_helper.rb

@@ -14,7 +14,7 @@ def get_fairness_service_url(apikey = user_apikey)
   def get_fairness_json(ontologies_acronyms, apikey = user_apikey)
     begin
       conn = Faraday.new do |conn|
-        conn.options.timeout = 1
+        conn.options.timeout = 30
       end
       response = conn.get(get_fairness_service_url(apikey) + "&ontologies=#{ontologies_acronyms}&combined")
       MultiJson.load(response.body.force_encoding('ISO-8859-1').encode('UTF-8'))

app/helpers/sparql_helper.rb

@@ -58,9 +58,11 @@ def sparql_query(query)
       "Query timeout"
     end
   end
-  def sparql_query_container(graph: nil)
+  def sparql_query_container(username: current_user&.username, graph: nil, apikey: get_apikey)
     content_tag(:div, '', data: {controller: 'sparql',
                                  'sparql-proxy-value': '/sparql_proxy/',
+                                 'sparql-apikey-value': apikey,
+                                 'sparql-username-value': username,
                                  'sparql-graph-value': graph})
   end
 

app/javascript/controllers/sparql_controller.js

@@ -5,6 +5,8 @@ import { getYasgui } from '../mixins/useYasgui'
 export default class extends Controller {
   static  values = {
     proxy: String,
+    username: String,
+    apikey: String,
     graph: String,
   }
   connect () {
@@ -14,12 +16,16 @@ export default class extends Controller {
         corsProxy: this.proxyValue,
         copyEndpointOnNewTab: true,
         requestConfig: {
-          endpoint: this.proxyValue,
+          endpoint: this.#proxyUrl(),
           acceptHeaderGraph: false,
           acceptHeaderUpdate: false,
           namedGraphs: [this.graphValue],
         }
       })
 
   }
+
+  #proxyUrl(){
+    return `${this.proxyValue}?apikey=${this.apikeyValue}&username=${this.usernameValue}`
+  }
 }

app/views/ontologies/sections/_widgets.html.haml

@@ -9,7 +9,7 @@
       %h5.p-4
         Add #{@ontology.acronym} Web Widgets to your site
       %div
-        = render WidgetBlockComponent.new(id:'jump-to', title: 'Jump To', description: "Type a class name from #{@ontology.acronym} and jump to it in #{$SITE}") do |c|
+        = render WidgetBlockComponent.new(id:'jump-to-widget', title: 'Jump To', description: "Type a class name from #{@ontology.acronym} and jump to it in #{$SITE}") do |c|
           - c.widget do
             #bp_quick_jump
               :javascript
@@ -60,7 +60,7 @@
                 For more help visit
                 %a{:href => "http://bioontology.org/wiki/index.php/NCBO_Widgets#How_to_use_NCBO_Widgets", :target => "_blank"} NCBO Widget Wiki
       %div
-        = render WidgetBlockComponent.new(id:'form-autocomplete', title: 'Autocomplete', description: "Fill your form fields with classes from #{@ontology.acronym}") do |c|
+        = render WidgetBlockComponent.new(id:'form-autocomplete-widget', title: 'Autocomplete', description: "Fill your form fields with classes from #{@ontology.acronym}") do |c|
           - c.widget do
             %div.py-3.px-1
               %p.card-text
@@ -146,7 +146,7 @@
 
 
       %div
-        =  render WidgetBlockComponent.new(id: 'visualization', title: 'Visualization', description: "Display a visualization for a given class in #{@ontology.acronym}") do |c|
+        =  render WidgetBlockComponent.new(id: 'visualization-widget', title: 'Visualization', description: "Display a visualization for a given class in #{@ontology.acronym}") do |c|
           - c.widget do
             #bp_vis_container
             - rest_domain = $REST_URL.sub(/https?:\/\//, "")
@@ -166,7 +166,7 @@
 
       - unless @ontology.flat?
         %div
-          =  render WidgetBlockComponent.new(id: 'tree', title: 'Tree Widget', description: "Display a class tree with a search field for #{@ontology.acronym}") do |c|
+          =  render WidgetBlockComponent.new(id: 'tree-widget', title: 'Tree Widget', description: "Display a class tree with a search field for #{@ontology.acronym}") do |c|
             - c.widget do
               %link{rel:"stylesheet", type:"text/css", href:"/widgets/jquery.ncbo.tree.css"}
               #widget_tree

app/views/ontologies/sections/metadata/_metrics_evolution_graph.html.haml

@@ -1,26 +1,6 @@
 = turbo_frame_tag 'application_modal_content' do
-  %canvas#metrics_evolution_chart
-  :javascript
+  - data = data.values.first.each_with_index.map{|x, i| ["Submission  #{i + 1}", x]}.reject{|_, count| count.zero?}.to_h
 
-      var metrics = #{raw data.to_json};
-      var key = Object.entries(metrics)[0][0]
-      var numbers = Object.entries(metrics)[0][1]
-
-      // Create a line chart
-      var ctx = document.getElementById('metrics_evolution_chart').getContext('2d');
-      console.log(key, numbers)
-      var metricsChart = new Chart(ctx, {
-        type: 'line',
-        data: {
-          labels: numbers.map((_, index) => `Submission  ${index + 1}`),
-          datasets:  [
-            {
-              label: key,
-              data: numbers,
-              borderColor: 'rgba(75, 192, 192, 1)',
-              backgroundColor: 'rgba(75, 192, 192, 0.2)',
-            }
-          ]
-        },
-        options: {}
-      })
+  = chart_component(title: '', type: 'line',
+                            labels: data.keys,
+                            datasets: visits_chart_dataset_array({ count: data.to_a}, fill: false))

config/routes.rb

@@ -181,12 +181,6 @@
   get '/login_as/:login_as' => 'login#login_as', constraints: { login_as: /[\d\w\.\-\%\+ ]+/ }
   post '/login/send_pass', to: 'login#send_pass'
 
-  # History
-  get '/tab/remove/:ontology' => 'history#remove', :as => :remove_tab
-  get '/tab/update/:ontology/:concept' => 'history#update', :as => :update_tab
-
-  get 'jambalaya/:ontology/:id' => 'visual#jam', :as => :jam
-
   # Search
   get 'search', to: 'search#index'