Fix: user creation security #60
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
syphax-bouazzouni
force-pushed
the
fix/user-creation-issue
branch
from
03f6809 to
5857f60
Compare
Welcome to Codecov 🎉Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests. Thanks for integrating Codecov - We've got you covered ☂️ |
syphax-bouazzouni
force-pushed
the
development
branch
from
f907f55 to
708be2c
Compare
syphax-bouazzouni
force-pushed
the
development
branch
from
40b784f to
b687f69
Compare
syphax-bouazzouni
added a commit
that referenced
this pull request
May 22, 2024
…RI content negotiation and Ontology metadata and data indexation (#73) * Feature: Migrate to virtuoso (#67) * set up multiple triple store test environment * optimize api tests * Fix: update ncbo_annotator gem version (#71) * update ncbo_annotator gem version * update alegrograph to version 8.1.0 * Feature: use the new SOLR Schema API instead of SOLR config files (#68) * update docker compose to use standard SOLR not the ontoportal configured * update term search to use the new Schema API and remove config files * update properties search to use the new Schema API & remove config files * update class and properties schema to use the existent dynamic names * Feature: resolving resources within specific ontologies, supporting various output formats(#69) * remove useless line preventing sending the reset password email (#65) * [ontoportal-bot] Gemfile.lock update * Feature: api endpoint returns json-ld for the element with that URI * implement GET, POST requests, and GET /parse to submit INRATHES ontology * Enhance tests using real data submission * Enhance bin/ontoportal to make it able to run localy with UI * Small fixes - change controller name and test controller name - remove /parse endpoint - rackup to shotgun in bin/ontoportal * Fix test dereference resource controller - in json test, before we test the result we sort the hashes with the function (sort_nested_hash) - in xml, ntriples and turtle, we split the result and the expected result, sort them and compare them * update gemfile: add json-ld (3.0.2) * change derefrencement namespacing and clean code * Fix dereference resource tests expected resultsto handle parse triples * fix xml serialization test for AG and Gb by cleaning the xml string --------- Co-authored-by: OntoPortal Bot <[email protected]> Co-authored-by: imadbourouche <[email protected]> * Feature: URI drerfrencement content negotiation (#72) * remove useless line preventing sending the reset password email (#65) * [ontoportal-bot] Gemfile.lock update * Feature: api endpoint returns json-ld for the element with that URI * implement GET, POST requests, and GET /parse to submit INRATHES ontology * Enhance tests using real data submission * Enhance bin/ontoportal to make it able to run localy with UI * Small fixes - change controller name and test controller name - remove /parse endpoint - rackup to shotgun in bin/ontoportal * Fix test dereference resource controller - in json test, before we test the result we sort the hashes with the function (sort_nested_hash) - in xml, ntriples and turtle, we split the result and the expected result, sort them and compare them * update gemfile: add json-ld (3.0.2) * change derefrencement namespacing and clean code * Fix dereference resource tests expected resultsto handle parse triples * Feature: add content negotiation middleware * Add headers to tests instead of output_format * Apply middleware to only /ontologies/:acronym/resolve/:uri * Add test cases for AllegroGraph and fix xml test * move the content_negotiation middleware into rack folder and module * re-implement again the usage of the output_format param if no format is given in the request header * clean the tests for no more necessary checks * clean and simplify the content negotiation middleware * add the accepted format in the error response of resolvability endpoint * refactor the content negotiation middleware code to be more clear --------- Co-authored-by: Syphax bouazzouni <[email protected]> Co-authored-by: OntoPortal Bot <[email protected]> * Fix: user creation security (#60) * extract slice tests helper to the parent class for reusability * add a test for the creation of an admin user * enforce the security of admin user creation * update slices controller to enforce admin security * Fix: the content negotiation by removing a no needed require * Feature: Indexation administration & Ontologies and Agents search (#70) * index submission and agents metadata * add search administration endpoints to init schema and index batch * add ontology and agent search endpoints * add agent and ontology search tests * add admin search in collections * make the search admin use directly the solr connector * implement search ontologies content search endpoint * enforce solr models indexing one by one to prevent batch fails * add detType tov search ontologies content search endpoint * fix content ontology search pagination * add ontology search content types filter * Feature: Add accessibility security to ontology metadata & content search results (#74) * add ontology accessibility restriction to ontology metadata search * add ontology accessibility restriction to ontology content search * add search results accessibility security test * fix: enable user creation notification (#76) * Fix: Invalidating cache on insert & fix Redis warning (#77) * Merge pull request https://github.com/ncbo/ontologies_api/pull/120from ncbo/remove_redis-activesupport Remove redis activesupport * use the branch development of sparql client * Feature: mappings statistics slices support (#78) * restrict mapping statistics ontologies to the ontologies of the current slice * add a test for the mappings slices support * add test for mappings statistics slices support --------- Co-authored-by: OntoPortal Bot <[email protected]> Co-authored-by: imadbourouche <[email protected]> Co-authored-by: Bilel Kihal <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See ncbo#131