Release 1.5
Bug Fixes (Highest Testing Priority)
Permissions
CATS-881: In a private Clowder instance, a superadmin can now see datasets in a space that he/she is not part of
- SETUP: Is there special setup or configuration needed to make an instance "private"?
- Login to Clowder
- Make yourself SuperAdmin using the dropdown at the top-right
- You should now be able to see all datasets on Clowder, including those that you are not a part of
CATS-887: if permissions are not private we should not list all datasets
- SETUP: Is there special setup or configuration needed to make an instance "private"?
- Login to Clowder
- ???
Authentication
CATS-868: If no local password and only 1 provider, redirect to the provider login page immediately
CATS-911: login with 2+ LDAP users on the same clowder
MongoDB Dataset Service
CATS-897 / CATS-906: mongodbdatasetservice.findbyfileid will also return datasets indirectly containing give fileid
- add file under path test/a/b/file,
- run get paths endpoint on this file.
- delete this file from clowder.
- add file under test dataset.
- run get paths endpoint on this file.
- delete this file from clowder.
RabbitMQ Parameter Escaping
CATS-905: Parameters subdocument is escaped in rabbitmq message
Extractors Logging Sensitive Data in Plaintext
CATS-903: Fixed extractors printing the private key in error messages
New Views: ExtractorInfo / ExtractorDetails
CATS-890: Per-space extractor list should now show more detail (e.g. table)
- Check out this branch, enable the RabbitMQ plugin in your Clowder instance, and start an extractor that has the
process
block defined inextractor_info.json
- Create a space (or navigate to an existing space)
- Admins should see an "Extractors" button/link on the right of the
spaces/:spaceId
view - click this link- You should be brought to
spaces/:spaceId/extractors
- You should see any registered extractors listed here
- This view now should roughly match the mockups attached to this ticket (sans the "Show Columns" dropdown)
- Each extractor should list the name, description, author, and process triggers, as well as the checkbox to enable or disable them
- You should be brought to
CATS-891: New global extractor view (e.g. table)
CATS-892: New Extractor details view
CATS-908: Removed excess whitespace from both updateExtractors views
CATS-909: Disabled (and force-checked) checkboxes on space-level UpdateExtractors for extractors that are enabled globally
New API: Reverse Proxy
Configure the following in your
custom.conf
, then run Clowder using that configuration:clowder.proxy { geopub="https://geoserver.ncsa.illinois.edu/geoserver" }
- Without logging in, attempt to hit the geoserver API through the proxy - for example: http://localhost:9000/api/proxy/geopub/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
- You should get a generic response of Not authorized
- Log into Clowder via http://localhost:9000/login
- Attempt to hit the geoserver API again using the proxy - for example: http://localhost:9000/api/proxy/geopub/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
- This should return the same response/image as the original endpoint: https://geoserver.ncsa.illinois.edu/geoserver/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
- Choose an endpoint_key that does not exist - for example: http://localhost:9000/api/proxy/ThisIsNonsense
- You should get a generic response of Not found: ThisIsNonsense
CATS-895: Clowder Reverse Proxy API - Authentication
Configure your
clowder.proxy
as follows:clowder.proxy { authtest="http://username:12345@httpbin.org/basic-auth/username/12345" }
- Navigate to http://localhost:9000/api/proxy/authtest
- You should get a generic message from Clowder saying
Not authorized
- You should get a generic message from Clowder saying
- Navigate to http://localhost:9000/login and login to Clowder
- Navigate once more to http://localhost:9000/api/proxy/authtest
- This time, you should be authenticated into the test service using the service account credentials specified in the proxy configuration
CATS-910: Fixes to swagger spec
- view the updated spec in Swagger UI here: https://clowder.ncsa.illinois.edu/swagger/?url=http://localhost:9000/swagger
Notes
You can also serve swagger.yml
some other way, if you'd like, but CORS did (I think) prevent me from linking Swagger UI directly to a raw file in our OpenSource BitBucket.
For example, this did not work: https://clowder.ncsa.illinois.edu/swagger/?url=https%3A%2F%2Fopensource.ncsa.illinois.edu%2Fbitbucket%2Fprojects%2FCATS%2Frepos%2Fclowder%2Fraw%2Fpublic%2Fswagger.yml%3Fat%3Drefs%252Fheads%252Fbugfix%252FCATS-910-fix-swagger-documentation-format
New Features
Tracking Usage Metrics
Per-Space Extractors
CATS-799: Extractors should now respect per-space enabled/disabled options
Configuration / Maintainability Changes
CATS-884: Added Orcid Id's to zenodo.json file
BD-2128: Add overridable environment vars for Mongo and Rabbit MQ URIs
Script to create service accounts