Release 1.5
Bug Fixes (Highest Testing Priority)
Permissions
CATS-881: In a private Clowder instance, a superadmin can now see datasets in a space that he/she is not part of
- SETUP: Is there special setup or configuration needed to make an instance "private"?
- Login to Clowder
- Make yourself SuperAdmin using the dropdown at the top-right
- You should now be able to see all datasets on Clowder, including those that you are not a part of
CATS-887: if permissions are not private we should not list all datasets
- SETUP: Is there special setup or configuration needed to make an instance "private"?
- Login to Clowder
- ???
- Expectations?
- Expectations?
Fixes to Authentication Providers
CATS-868: If no local password and only 1 provider, redirect to the provider login page immediately
- ???
CATS-911: fixed ldap userid
- Enable LDAP login in Clowder
- Login with one user via LDAP
- Login with a second user via LDAP
- ???
- Expectations?
Fixed MongoDB Dataset Service findFileById
CATS-897 / CATS-906: mongodbdatasetservice.findbyfileid will also return datasets indirectly containing give fileid
- add file under path test/a/b/file,
- run get paths endpoint on this file.
- delete this file from clowder.
- Expectations?
- add file under test dataset.
- run get paths endpoint on this file.
- delete this file from clowder.
- Expectations?
Fixed RabbitMQ Parameter Escaping
CATS-905: Parameters subdocument is escaped in rabbitmq message
Enable the RabbitMQ plugin in your Clowder instance
Register an extractor with Clowder
Manually submit a file or dataset for extraction
- View the message in RabbitMQ
- You should see that the map of "parameters" is no longer escaped as a string
Fixed Extractors Logging Sensitive Data in Plaintext
CATS-903: Fixed extractors printing the private key in error messages
- Enable the RabbitMQ plugin in your Clowder instance
- Register an extractor with Clowder
Manually submit a file or dataset for extraction
- Hint: Try to find some case that you know will produce an extractor error
- Check the extractor logs / metadata
- You should no longer see the secret_key explicitly printed to the logs during errors
New Views: ExtractorInfo / ExtractorDetails
CATS-891: New global extractor view (e.g. table)
- Enable the RabbitMQ plugin in your Clowder instance
- Start an extractor that has the
process
block defined inextractor_info.json
- Login as an admin user via http://localhost:9000/login
- Expand the "Admin" dropdown menu at the top-right (gear icon)
- Choose the new option for "Extractors" (not to be confused with "Extractions", which previously existed)
- This should navigate you to the new http://localhost:9000/extractors view
- By default, no extractors should be enabled
CATS-908: You shouldn't see any extraneous
<br>
elements between the page header and the table
- Enable an extractor and click "Update"
- You should be brought back to the Clowder home page
- Navigate back to the "Extractors" view and refresh the page
- You should see that your selection is still enabled
- The refresh further confirms that this change has been persisted to MongoDB (not just in-memory)
- Navigate to a per-space extractor list for a space (e.g.
spaces/:spaceId/extractors
)CATS-909: You should see that the extractor that was enabled globally cannot be unchecked
CATS-892: New Extractor details view
Enable the RabbitMQ plugin in your Clowder instance
Start and register an extractor with Clowder (for example,
ncsa.image.metadata
):export PUBLIC_IP="<YOUR_PUBLIC_IP>" export CLOWDER_API_KEY="<CLOWDER_API_KEY>" docker run -it --rm --net=host -e RABBITMQ_URI="amqp://guest:guest@localhost/%2f" -e REGISTRATION_ENDPOINTS="http://${PUBLIC_IP}:9000/api/extractors?key=${CLOWDER_API_KEY}" clowder/extractors-image-metadata
Navigate to localhost:9000/extractors/:extractorName (for example: http://localhost:9000/extractors/ncsa.image.metadata)
- You should see a new view that roughly matches the mockups shown here
- The new view should list all/most of the common fields of the underlying
ExtractorInfo
object (note that these fields were previously hidden everywhere else in the UI)
New API: Reverse Proxy
Configure the following in your
custom.conf
, then run Clowder using that configuration:clowder.proxy { geopub="https://geoserver.ncsa.illinois.edu/geoserver" }
- Without logging in, attempt to hit the geoserver API through the proxy - for example: http://localhost:9000/api/proxy/geopub/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
- You should get a generic response of Not authorized
- Log into Clowder via http://localhost:9000/login
- Attempt to hit the geoserver API again using the proxy - for example: http://localhost:9000/api/proxy/geopub/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
- This should return the same response/image as the original endpoint: https://geoserver.ncsa.illinois.edu/geoserver/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
- Choose an endpoint_key that does not exist - for example: http://localhost:9000/api/proxy/ThisIsNonsense
- You should get a generic response of Not found: ThisIsNonsense
CATS-895: Clowder Reverse Proxy API - Authentication
Configure your
clowder.proxy
as follows:clowder.proxy { authtest="http://username:12345@httpbin.org/basic-auth/username/12345" }
- Navigate to http://localhost:9000/api/proxy/authtest
- You should get a generic message from Clowder saying
Not authorized
- You should get a generic message from Clowder saying
- Navigate to http://localhost:9000/login and login to Clowder
- Navigate once more to http://localhost:9000/api/proxy/authtest
- This time, you should be authenticated into the test service using the service account credentials specified in the proxy configuration
CATS-910: Fixes to swagger spec
- view the updated spec in Swagger UI here: https://clowder.ncsa.illinois.edu/swagger/?url=http://localhost:9000/swagger
Notes
You can also serve swagger.yml
some other way, if you'd like, but CORS did (I think) prevent me from linking Swagger UI directly to a raw file in our OpenSource BitBucket.
For example, this did not work: https://clowder.ncsa.illinois.edu/swagger/?url=https%3A%2F%2Fopensource.ncsa.illinois.edu%2Fbitbucket%2Fprojects%2FCATS%2Frepos%2Fclowder%2Fraw%2Fpublic%2Fswagger.yml%3Fat%3Drefs%252Fheads%252Fbugfix%252FCATS-910-fix-swagger-documentation-format
New Features
Tracking Usage Metrics
- Enable the RabbitMQ plugin in your Clowder instance
- Register the standard image preview extractor with Clowder
- NOTE: This will prevent "views" of a file from being counted as a download, which could be confusing to users
- Login to Clowder
- Upload a new file
- View it in Clowder
- You should see that the file has 1 view and 0 downloads
- Refresh the page a few times
- You should see that the "views" count is incremented for each refresh
- Download the file and refresh the page again
- You should see now that the file has 1 download
Per-Space Extractors
CATS-890: Per-space extractor list should now show more detail (e.g. table)
- Enable the RabbitMQ plugin in your Clowder instance
- Start an extractor that has the
process
block defined inextractor_info.json
- For example:
image-metadata
- For example:
- Create a space (or navigate to an existing space)
- Admins should see an "Extractors" button/link on the right of the
spaces/:spaceId
view - click this link- You should be brought to
spaces/:spaceId/extractors
- You should see any registered extractors listed here
- This view now should roughly match the mockups attached to this ticket (sans the "Show Columns" dropdown)
- Each extractor should list the name, description, author, and process triggers, as well as the checkbox to enable or disable them
CATS-908: You shouldn't see any extraneous
<br>
elements between the page header and the table
- You should be brought to
CATS-799: Extractors should now respect per-space enabled/disabled options
- Start from the end of the previous test case (CATS-890)
- Make sure that the image-metadata extractor is disabled, both globally and in your test space
- Upload an image file to your test space
- Your extractor should not trigger, and should remain idle
- Enable the extractor globally via the new global extractor view (e.g.
/extractors
) - Upload another test image
- This time your extractor should fire, since it has been enabled globally
- Disable the extractor globally (via
/extractors
) - Enable the extractor at the space-level (e.g.
spaces/:spaceId/extractors
) - Upload one more test image
- The extractor should trigger again, since it has been enabled in this space
Configuration / Maintainability Changes
CATS-884: Added Orcid Id's to zenodo.json file
- ???
BD-2128: Add overridable environment vars for Mongo and Rabbit MQ URIs
- ???
Script to create service accounts
- ???