1 22 2024 Tech Team Report

1-22-2024

Date	Task	Hours (Main)	Hours (EOLS)
15-Jan-2024	Report, meeting, investigate Keycloak account linking, remove old ldap accounts that would conflict if username = email w/o domain, create backup ldap, clean old posix info, recreate test ldap db with new uids via sed, fix givenName/firstName misconfig on dev		6
17-Jan-2024	Verify QDR doesn't have thumb-related bugs seen @IQSS, sec. update to Drupal core on dev/stage, paragraphs, entity-reference-revision, missing-module-message-fixer module updates to dev/stage, coord.	1
18-Jan-2024	Update prod to Drupal 10.2.2 + minor module updates, fix bad login link in open hamburger menu	1
19-Jan-2024	Debug converting all ldap uids from emails, update ldap, drupal, dv dbs, delete/restore keycloak users, make sure login by email is allowed, verify all users load, try login via username and email, check linking based on email from ORCID, start changing reg module to use email prefix as username, test, update DV google lib to 26.30.0		7

Found/fixed a misconfiguration on dev stopping the first name from passing through to Drupal, etc.
Investigated Keycloak account linking - trying to find out what happens if an email is changed
Worked to clean up ldap db and convert to not using email as the uid, while avoiding duplicate uids (from two emails with the same prefix)
Changed the ldap db and then made corresponding changes to Drupal and Dataverse dbs to use new uid/account ids, developed mechanism to clear/re-import accounts for Keycloak (slightly tricky since Keycloak normally syncs with ldap).
Worked through Drupal code updates (on a branch) to not assume email and uid are the same and started checking to see if we ever don't get a valid uid from Keycloak where we'd still need to generate a valid uid (e.g. by using the prefix of the email as I've one for testing).

Deploy Drupal 10.2.2 sec fix and minor module updates to dev/stage/prod
Fixed bad login link in the open hamburger menu in the header - an issue from when we switched to OIDC that wasn't caught before. Updated dev, stage, applied locally on prod.

Verified that QDR doesn't have the thumbnail size issues being reported for v6.1 - we have slightly different code due to theming and an old thumb PR that IQSS hasn't merged that avoid the issue for QDR. (Was able to suggest fixes based on QDR code)
Verified that QDR does include SQL query bugs reported in the guestbook-at-request functionality, but haven't been able to reproduce the publish failure or other symptoms being reported. I'll have the fixes ready to go if we do see any issues.
Updated to the latest google lib version for archiver

slapadd shows warnings related to invalid hashes due to the manual changes I made to remove the posix class we don't use. I don't think it's worth changing but wanted to document it.

Continue working on authentication issue #43(non-email account id, MFA, etc.)
Work on metadata issue #44 (more metadata to DataCite, etc.)
Fix Stata-14 ingest by allowing file inspection during direct upload or adjusting the Stata ingester.
Fix #113 if possible
Matomo - investigate event-level tracking via tag manager, remove non-working google scripts
AnnoRep - explore round-trip, configure auto-start and log rotation
Ops
- check missing globalidcreationdates and fix via /modifyRegistration or alternative
Dataverse
- Make PR for guestbook adding datasetversion fix
- Popup info accessibility - IQSS likes the recommendations from the source I linked to, so this can be implemented along those lines.
QDAS Previewer
- Updates per request
- Investigate writing aux file/previewing lower-sensitivity version and/or other write options
TBD: FRDR Security