Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integration Request 5 #12

Merged
merged 51 commits into from
Jun 4, 2014
Merged

Integration Request 5 #12

merged 51 commits into from
Jun 4, 2014

Conversation

dbrgn
Copy link
Collaborator

@dbrgn dbrgn commented Jun 3, 2014

Possibly breaking changes

  • swid_measurement API endpoint has been moved to swid-measurement
  • swid-measurement and swid-add-tags: Request data should now be submitted in a data param: {"data": [...]} instead of sending the JSON list directly
  • Default users have been removed. Add them using ./manage.py setpassword
  • Root user has been removed. If you want one, add it using ./manage.py createsuperuser --database meta
  • API now requires basic auth, the user must have the is_staff=1 flag set or the front.write_access permission assigned (-> the admin-user has that permission by default)
  • SWID import now behaves as follows:
    • Import via management command: Trying to create an already existing tag will replace all tag attributes.
    • Import via API: The tag will not be changed and will be reported as already existing.
    • In any case, if the entity name changes, it will be updated in our database. The raw SWID XML (for previously existing tags) stays unchanged and still contains the old entity name.

New features

  • API fields are now filterable using the fields= param (see c9c4687)
  • It's now possible to add package versions from the GUI
  • It's now possible to add files from the GUI
  • SWID Inventory has been revised
  • AJAX loading indicators have been added
  • Search strings in paging filters are now highlighted in the search results
  • Some small changes were made to the models to allow ./manage.py syncdb on MySQL
  • Enabled non-interactive mode on setpassword command
  • Paging for dynamic tables
  • Added paging to potentially large tables everywhere

Fixes

  • Fixed most recent session in device report
  • Some UTC-related bugs have been fixed
  • It's now possible to show the inventory or log of a single day
  • Fixed issue with search string urlencoding in pagings
  • Many other small fixes

dbrgn and others added 26 commits May 27, 2014 17:35
@dbrgn
Renamed SWID measurement endpoint
9399395 
- Moved `/api/sessions/<pk>/swid_measurement` to `/api/sessions/<pk>/swid-measurement`
- Moved endpoint from core app to swid app
- Added optional format specifier to "add tags" endpoint
@dbrgn
Added coveralls
91188f2
@dbrgn
Handle entities with multiple roles
81c3e54
@dbrgn
Improved & tested enforcement save view
174e4b6
@dbrgn
Added SQL_DEBUG setting
eba7db6 
With SQL_DEBUG enabled, all executed SQL queries get printed to stdout.
@dbrgn
Optimized database access in swid-measurement endpoint
b689dd3
@cfaessler @dbrgn
Moved inventory und log view js files to swid app
b4b3d76
@cfaessler @dbrgn
Added sorting to reported by device table
3cab39a
@dbrgn
Changed result table-headers from td to th
cb4e1a4
@dbrgn
Prevent dates and some titles from wrapping
1ded3d0
@dbrgn
Provided possibility to add file via gui
d2abb28
@cfaessler @dbrgn
Moved swid log and inventory button to device report view
5507743
@dbrgn
Inital set of hash-params should not influence browser history
4c4876f
@dbrgn
Fixed some schema problems that occur with MySQL
d85b593
@dbrgn
Added initial data fixtures
9fdcc2f
@dbrgn
Enabled non-interactive mode on setpassword command
ee59076
@dbrgn
Attached event to datepicker button
7ee3c25
@dbrgn
Added sorting to file paging
2f12465
@dbrgn
Added markdown as dependency
1793786 
This is used to render API endpoint documentation.
@dbrgn
Added --no-cov option to runtests.py
9076340
@dbrgn
Use data param for submitting a SWID measurement or tag
9e70f70
@dbrgn
Paging for dynamic tables
58e6af4
@cfaessler @dbrgn
Extended view to allow creation and removal of versions
d40d29e
@cfaessler @dbrgn
Added grouping by entity name to tag detail view
ad057b9
@dbrgn
Implemented result highlighting in paging
d4c1f67
@dbrgn
Decoded filter query
28e965c
@coveralls
Copy link

Coverage Status

Changes Unknown when pulling eba8de0 on tnc-ba:integration5 into * on strongswan:master*.

@coveralls
Copy link

Coverage Status

Changes Unknown when pulling 16b6236 on tnc-ba:integration5 into * on strongswan:master*.

dbrgn and others added 11 commits June 4, 2014 13:12
@dbrgn
Added error callback to all dajaxice calls
b1d5784
Fixed most recent session in device report
14c9957
@dbrgn
Renamed swid_log url to log
15334e5
@dbrgn
Require login for swid views and statistics
02dffad
@dbrgn
Added a fields param to all API endpoints
680fdc3 
The API now allows a new `fields` parameter that can filter returned
fields per document.

The fields need to be comma separated, without any spaces.

- Correct: `fields=id,url,packageName`
- Wrong: `fields=id&fields=url`
- Wrong: `fields=id, url`

Nested entities can be shown or hidden, but their fields cannot be
filtered.
Revised SWID inventory
d2a2d3a
@dbrgn
Removed all users and sessions from default db
c19ef9d
@dbrgn
Switched to custom API permission class
9a71cd0 
Access to the API is granted in two cases:

- User is an admin (`is_staff=True`)
- User has the `auth.write_access` permission

Otherwise, the user is rejected with a HTTP 401 or HTTP 403 status.
@dbrgn
Added CSRF_COOKIE_SECURE to settings.ini
efb7611
@dbrgn
Enabled clickjacking protection
61c4297
Added paging to potentially large tables
9df83b6
@coveralls
Copy link

Coverage Status

Changes Unknown when pulling fe7a0bb on tnc-ba:integration5 into * on strongswan:master*.

@dbrgn
Copy link
Collaborator Author

dbrgn commented Jun 4, 2014

Requested changes have been made & are squashed.

@tobiasbrunner
Copy link
Member

Seems my previous comment regarding the old spinner files got lost (see 7560c78). The following files could be removed in 69d6d45:

apps/front/static/js/jquery.spin.js
apps/front/static/js/spin.min.js

@dbrgn
Copy link
Collaborator Author

dbrgn commented Jun 4, 2014

@tobiasbrunner sorry, that comment got lost indeed. The files are now gone.

@coveralls
Copy link

Coverage Status

Changes Unknown when pulling 75a4b67 on tnc-ba:integration5 into * on strongswan:master*.

@tobiasbrunner tobiasbrunner merged commit 75a4b67 into strongswan:master Jun 4, 2014
tobiasbrunner added a commit that referenced this pull request Jun 4, 2014
@tobiasbrunner
Merge 'Integration Request 5'
0847cd9 
- Moves the `swid_measurement` API endpoint to `swid-measurement`, and
  requires the submitted data to be contained in a JSON object (`data`
  member).  The API requires basic authentication and the user must
  either have the `is_staff=1` flag set or the `front.write_access`
  permission assigned (this is the case for the `admin-user`).

- SWID tags are only updated when imported via management command,
  not via API (only entity names are updated).

- API fields are restrictable using the `fields=` parameter.

- Default users and root user have been removed from the databases.
  They can be added with `./manage.py setpassword` and `./manage.py
  createsuperuser --database meta`, respectively.

- Adding files and package versions in the GUI are possible.

- Several other improvements regarding paging/filtering, AJAX loading,
  the SWID Inventory, timezone handling and many other things are
  included too.

Closes #12.
@dbrgn dbrgn deleted the integration5 branch June 16, 2014 10:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@dbrgn @coveralls @tobiasbrunner @cfaessler