From 570d9f03a694a183129ecaca225f3da192ab701b Mon Sep 17 00:00:00 2001 From: Syphax bouazzouni Date: Wed, 7 Feb 2024 04:33:36 +0100 Subject: [PATCH] Fix: Release 2.7.4 hotfixes (#494) * add link to see result details of the url resolvability check * fix vizualization widget not showing code section * fix metrics graph evolution to use chart component * re-enforce the sparql query security for no admin users * fix collection show members using the wrong params name * remove unused history routes --- app/components/url_resolvability_component.rb | 5 ++-- app/controllers/admin_controller.rb | 16 +++++++++-- .../check_resolvability_controller.rb | 2 +- app/controllers/collections_controller.rb | 2 +- app/helpers/check_resolvability_helper.rb | 13 ++++++--- app/helpers/fair_score_helper.rb | 2 +- app/helpers/sparql_helper.rb | 4 ++- .../controllers/sparql_controller.js | 8 +++++- .../ontologies/sections/_widgets.html.haml | 8 +++--- .../_metrics_evolution_graph.html.haml | 28 +++---------------- config/routes.rb | 6 ---- 11 files changed, 46 insertions(+), 48 deletions(-) diff --git a/app/components/url_resolvability_component.rb b/app/components/url_resolvability_component.rb index b1497f1f5..379fe49c3 100644 --- a/app/components/url_resolvability_component.rb +++ b/app/components/url_resolvability_component.rb @@ -4,14 +4,15 @@ class UrlResolvabilityComponent < ViewComponent::Base include OntologiesHelper, CheckResolvabilityHelper - def initialize(resolvable: false, supported_formats: [], status: nil) + def initialize(url: '', resolvable: false, supported_formats: [], status: nil) @resolvable = resolvable @supported_formats = supported_formats @status = status + @url = url end def call - text = check_resolvability_message(@resolvable, @supported_formats, @status) + text = check_resolvability_message(@resolvable, @supported_formats, @status, @url) if @resolvable && @supported_formats.size > 1 icon = status_icons(ok: true) elsif @resolvable diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index 4269e1142..6ac13e362 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -12,10 +12,20 @@ class AdminController < ApplicationController def sparql_endpoint graph = params["named-graph-uri"] - if !session[:user]&.admin? && !graph.blank? + apikey = params["apikey"] + user_name = params["username"] + + unless user_name.blank? + user = LinkedData::Client::Models::User.find(user_name, {include: 'all', apikey: apikey}) + render(inline: 'Query not permitted') && return if user.nil? + end + + render(inline: 'Query not permitted') && return if graph.blank? && !user&.admin? + + unless graph.blank? acronym = graph.split('/')[-3] - @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(acronym).first - render(inline: 'Query not permitted') && return if @ontology.nil? || @ontology.errors + @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(acronym, {apikey: apikey}).first + render(inline: 'Query not permitted') && return if @ontology.nil? || @ontology.errors end response = helpers.ontology_sparql_query(params[:query], graph) diff --git a/app/controllers/check_resolvability_controller.rb b/app/controllers/check_resolvability_controller.rb index 7ac22cbe6..4ad28747a 100644 --- a/app/controllers/check_resolvability_controller.rb +++ b/app/controllers/check_resolvability_controller.rb @@ -14,7 +14,7 @@ def check_resolvability container = "#{helpers.escape(params[:url])}_container" result = helpers.check_resolvability_helper(url) render_turbo_stream(replace(container) { - render_to_string UrlResolvabilityComponent.new(resolvable: result[:result].eql?(1) || result[:result].eql?(2), + render_to_string UrlResolvabilityComponent.new(url: params[:url], resolvable: result[:result].eql?(1) || result[:result].eql?(2), status: result[:status], supported_formats: result[:allowed_format]), layout: false }) diff --git a/app/controllers/collections_controller.rb b/app/controllers/collections_controller.rb index ad125dd17..f9712219a 100644 --- a/app/controllers/collections_controller.rb +++ b/app/controllers/collections_controller.rb @@ -14,7 +14,7 @@ def show_label end def show_members - @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(params[:ontology]).first + @ontology = LinkedData::Client::Models::Ontology.find_by_acronym(params[:ontology_id] || params[:ontology]).first @collection = get_request_collection page = params[:page] || '1' @auto_click = page.to_s.eql?('1') diff --git a/app/helpers/check_resolvability_helper.rb b/app/helpers/check_resolvability_helper.rb index aff26755a..3bab841fb 100644 --- a/app/helpers/check_resolvability_helper.rb +++ b/app/helpers/check_resolvability_helper.rb @@ -103,15 +103,20 @@ def check_resolvability_success(result) url_resolvable?(result) || url_content_negotiable?(result) end - def check_resolvability_message(resolvable, allowed_formats, status) + def check_resolvability_message(resolvable, allowed_formats, status, url = nil) supported_format = Array(allowed_formats).compact supported_format = allowed_formats.empty? ? 'Format not specified' : supported_format.join(', ') + if resolvable && (supported_format.size > 1) - "The URL is resolvable and support the following formats: #{supported_format}" + text = "The URL is resolvable and support the following formats: #{supported_format}" elsif resolvable - "The URL resolvable but is not content negotiable, support only: #{supported_format}" + text = "The URL resolvable but is not content negotiable, support only: #{supported_format}" else - "The URL is not resolvable and not content negotiable (returns #{status})." + text = "The URL is not resolvable and not content negotiable (returns #{status})" end + + + text = text + link_to(' See details', check_resolvability_path(url: url), target: '_blank') if url + text end end diff --git a/app/helpers/fair_score_helper.rb b/app/helpers/fair_score_helper.rb index 7025a91b1..306bad662 100644 --- a/app/helpers/fair_score_helper.rb +++ b/app/helpers/fair_score_helper.rb @@ -14,7 +14,7 @@ def get_fairness_service_url(apikey = user_apikey) def get_fairness_json(ontologies_acronyms, apikey = user_apikey) begin conn = Faraday.new do |conn| - conn.options.timeout = 1 + conn.options.timeout = 30 end response = conn.get(get_fairness_service_url(apikey) + "&ontologies=#{ontologies_acronyms}&combined") MultiJson.load(response.body.force_encoding('ISO-8859-1').encode('UTF-8')) diff --git a/app/helpers/sparql_helper.rb b/app/helpers/sparql_helper.rb index eb1a1eed0..18aa804f3 100644 --- a/app/helpers/sparql_helper.rb +++ b/app/helpers/sparql_helper.rb @@ -58,9 +58,11 @@ def sparql_query(query) "Query timeout" end end - def sparql_query_container(graph: nil) + def sparql_query_container(username: current_user&.username, graph: nil, apikey: get_apikey) content_tag(:div, '', data: {controller: 'sparql', 'sparql-proxy-value': '/sparql_proxy/', + 'sparql-apikey-value': apikey, + 'sparql-username-value': username, 'sparql-graph-value': graph}) end diff --git a/app/javascript/controllers/sparql_controller.js b/app/javascript/controllers/sparql_controller.js index 31227f4fd..11a6879b2 100644 --- a/app/javascript/controllers/sparql_controller.js +++ b/app/javascript/controllers/sparql_controller.js @@ -5,6 +5,8 @@ import { getYasgui } from '../mixins/useYasgui' export default class extends Controller { static values = { proxy: String, + username: String, + apikey: String, graph: String, } connect () { @@ -14,7 +16,7 @@ export default class extends Controller { corsProxy: this.proxyValue, copyEndpointOnNewTab: true, requestConfig: { - endpoint: this.proxyValue, + endpoint: this.#proxyUrl(), acceptHeaderGraph: false, acceptHeaderUpdate: false, namedGraphs: [this.graphValue], @@ -22,4 +24,8 @@ export default class extends Controller { }) } + + #proxyUrl(){ + return `${this.proxyValue}?apikey=${this.apikeyValue}&username=${this.usernameValue}` + } } diff --git a/app/views/ontologies/sections/_widgets.html.haml b/app/views/ontologies/sections/_widgets.html.haml index 8c3aa40b0..be1019cdd 100644 --- a/app/views/ontologies/sections/_widgets.html.haml +++ b/app/views/ontologies/sections/_widgets.html.haml @@ -9,7 +9,7 @@ %h5.p-4 Add #{@ontology.acronym} Web Widgets to your site %div - = render WidgetBlockComponent.new(id:'jump-to', title: 'Jump To', description: "Type a class name from #{@ontology.acronym} and jump to it in #{$SITE}") do |c| + = render WidgetBlockComponent.new(id:'jump-to-widget', title: 'Jump To', description: "Type a class name from #{@ontology.acronym} and jump to it in #{$SITE}") do |c| - c.widget do #bp_quick_jump :javascript @@ -60,7 +60,7 @@ For more help visit %a{:href => "http://bioontology.org/wiki/index.php/NCBO_Widgets#How_to_use_NCBO_Widgets", :target => "_blank"} NCBO Widget Wiki %div - = render WidgetBlockComponent.new(id:'form-autocomplete', title: 'Autocomplete', description: "Fill your form fields with classes from #{@ontology.acronym}") do |c| + = render WidgetBlockComponent.new(id:'form-autocomplete-widget', title: 'Autocomplete', description: "Fill your form fields with classes from #{@ontology.acronym}") do |c| - c.widget do %div.py-3.px-1 %p.card-text @@ -146,7 +146,7 @@ %div - = render WidgetBlockComponent.new(id: 'visualization', title: 'Visualization', description: "Display a visualization for a given class in #{@ontology.acronym}") do |c| + = render WidgetBlockComponent.new(id: 'visualization-widget', title: 'Visualization', description: "Display a visualization for a given class in #{@ontology.acronym}") do |c| - c.widget do #bp_vis_container - rest_domain = $REST_URL.sub(/https?:\/\//, "") @@ -166,7 +166,7 @@ - unless @ontology.flat? %div - = render WidgetBlockComponent.new(id: 'tree', title: 'Tree Widget', description: "Display a class tree with a search field for #{@ontology.acronym}") do |c| + = render WidgetBlockComponent.new(id: 'tree-widget', title: 'Tree Widget', description: "Display a class tree with a search field for #{@ontology.acronym}") do |c| - c.widget do %link{rel:"stylesheet", type:"text/css", href:"/widgets/jquery.ncbo.tree.css"} #widget_tree diff --git a/app/views/ontologies/sections/metadata/_metrics_evolution_graph.html.haml b/app/views/ontologies/sections/metadata/_metrics_evolution_graph.html.haml index a8791f2da..918c5275a 100644 --- a/app/views/ontologies/sections/metadata/_metrics_evolution_graph.html.haml +++ b/app/views/ontologies/sections/metadata/_metrics_evolution_graph.html.haml @@ -1,26 +1,6 @@ = turbo_frame_tag 'application_modal_content' do - %canvas#metrics_evolution_chart - :javascript + - data = data.values.first.each_with_index.map{|x, i| ["Submission #{i + 1}", x]}.reject{|_, count| count.zero?}.to_h - var metrics = #{raw data.to_json}; - var key = Object.entries(metrics)[0][0] - var numbers = Object.entries(metrics)[0][1] - - // Create a line chart - var ctx = document.getElementById('metrics_evolution_chart').getContext('2d'); - console.log(key, numbers) - var metricsChart = new Chart(ctx, { - type: 'line', - data: { - labels: numbers.map((_, index) => `Submission ${index + 1}`), - datasets: [ - { - label: key, - data: numbers, - borderColor: 'rgba(75, 192, 192, 1)', - backgroundColor: 'rgba(75, 192, 192, 0.2)', - } - ] - }, - options: {} - }) \ No newline at end of file + = chart_component(title: '', type: 'line', + labels: data.keys, + datasets: visits_chart_dataset_array({ count: data.to_a}, fill: false)) diff --git a/config/routes.rb b/config/routes.rb index c8c9ad26e..4e5d119f0 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -181,12 +181,6 @@ get '/login_as/:login_as' => 'login#login_as', constraints: { login_as: /[\d\w\.\-\%\+ ]+/ } post '/login/send_pass', to: 'login#send_pass' - # History - get '/tab/remove/:ontology' => 'history#remove', :as => :remove_tab - get '/tab/update/:ontology/:concept' => 'history#update', :as => :update_tab - - get 'jambalaya/:ontology/:id' => 'visual#jam', :as => :jam - # Search get 'search', to: 'search#index'