Release 1.5

Bug Fixes (Highest Testing Priority)

Permissions

• CATS-881: In a private Clowder instance, a superadmin can now see datasets in a space that he/she is not part of

1. SETUP: Is there special setup or configuration needed to make an instance "private"?
2. Login to Clowder
3. Make yourself SuperAdmin using the dropdown at the top-right
   1. You should now be able to see all datasets on Clowder, including those that you are not a part of

• CATS-887: if permissions are not private we should not list all datasets

1. SETUP: Is there special setup or configuration needed to make an instance "private"?
2. Login to Clowder
3. ???

Authentication

• CATS-868: If no local password and only 1 provider, redirect to the provider login page immediately

• CATS-911: login with 2+ LDAP users on the same clowder

MongoDB Dataset Service

• CATS-897 / CATS-906: mongodbdatasetservice.findbyfileid will also return datasets indirectly containing give fileid

1. add file under path test/a/b/file,
   1. run get paths endpoint on this file.
   2. delete this file from clowder.
2. add file under test dataset.
   1. run get paths endpoint on this file.
   2. delete this file from clowder.

RabbitMQ Parameter Escaping

• CATS-905: Parameters subdocument is escaped in rabbitmq message

Extractors Logging Sensitive Data in Plaintext

• CATS-903: Fixed extractors printing the private key in error messages

New Views: ExtractorInfo / ExtractorDetails

• CATS-890: Per-space extractor list should now show more detail (e.g. table)

1. Check out this branch, enable the RabbitMQ plugin in your Clowder instance, and start an extractor that has the process block defined in extractor_info.json
2. Create a space (or navigate to an existing space)
3. Admins should see an "Extractors" button/link on the right of the spaces/:spaceId view - click this link
   1. You should be brought to spaces/:spaceId/extractors
   2. You should see any registered extractors listed here
   3. This view now should roughly match the mockups attached to this ticket (sans the "Show Columns" dropdown)
   4. Each extractor should list the name, description, author, and process triggers, as well as the checkbox to enable or disable them

• CATS-891: New global extractor view (e.g. table)

• CATS-892: New Extractor details view

• CATS-908: Removed excess whitespace from both updateExtractors views

• CATS-909: Disabled (and force-checked) checkboxes on space-level UpdateExtractors for extractors that are enabled globally

New API: Reverse Proxy

• CATS-793 / CATS-889: Clowder Reverse Proxy API - GET/POST/PUT/DELETE

1. Configure the following in your custom.conf, then run Clowder using that configuration:

   clowder.proxy {
     geopub="https://geoserver.ncsa.illinois.edu/geoserver"
   }

2. Without logging in, attempt to hit the geoserver API through the proxy - for example: http://localhost:9000/api/proxy/geopub/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
   • You should get a generic response of Not authorized
3. Log into Clowder via http://localhost:9000/login
4. Attempt to hit the geoserver API again using the proxy - for example: http://localhost:9000/api/proxy/geopub/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
   • This should return the same response/image as the original endpoint: https://geoserver.ncsa.illinois.edu/geoserver/clowder/wms?service=WMS&version=1.1.0&request=GetMap&layers=clowder:tmppFKK2_.zip12172744&styles=&bbox=365741.5,4434859.5,375398.5,4444630.5&width=506&height=512&srs=EPSG:26916&format=image/png
5. Choose an endpoint_key that does not exist - for example: http://localhost:9000/api/proxy/ThisIsNonsense
   • You should get a generic response of Not found: ThisIsNonsense

• CATS-895: Clowder Reverse Proxy API - Authentication

1. Configure your clowder.proxy as follows:

   clowder.proxy {
       authtest="http://username:12345@httpbin.org/basic-auth/username/12345"
   }

2. Navigate to http://localhost:9000/api/proxy/authtest
   • You should get a generic message from Clowder saying Not authorized
3. Navigate to http://localhost:9000/login and login to Clowder
4. Navigate once more to http://localhost:9000/api/proxy/authtest
   • This time, you should be authenticated into the test service using the service account credentials specified in the proxy configuration

• CATS-910: Fixes to swagger spec

1. view the updated spec in Swagger UI here: https://clowder.ncsa.illinois.edu/swagger/?url=http://localhost:9000/swagger

Notes

You can also serve swagger.yml some other way, if you'd like, but CORS did (I think) prevent me from linking Swagger UI directly to a raw file in our OpenSource BitBucket.

For example, this did not work: https://clowder.ncsa.illinois.edu/swagger/?url=https%3A%2F%2Fopensource.ncsa.illinois.edu%2Fbitbucket%2Fprojects%2FCATS%2Frepos%2Fclowder%2Fraw%2Fpublic%2Fswagger.yml%3Fat%3Drefs%252Fheads%252Fbugfix%252FCATS-910-fix-swagger-documentation-format

New Features

Tracking Usage Metrics

• CATS-374 / CATS-375: Track usage metrics - files/datasets + views/downloads

Per-Space Extractors

• CATS-799: Extractors should now respect per-space enabled/disabled options

Configuration / Maintainability Changes

• CATS-884: Added Orcid Id's to zenodo.json file

• BD-2128: Add overridable environment vars for Mongo and Rabbit MQ URIs

• Script to create service accounts