From 4e878362c0f8adcb3f8c69c3375da3c501557bc5 Mon Sep 17 00:00:00 2001 From: osc-bot <78549874+osc-bot@users.noreply.github.com> Date: Mon, 9 Sep 2024 09:35:29 -0400 Subject: [PATCH 1/5] lint a random file (#3786) --- apps/myjobs/config/environment.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/myjobs/config/environment.rb b/apps/myjobs/config/environment.rb index 426333bb46..d5abe55806 100644 --- a/apps/myjobs/config/environment.rb +++ b/apps/myjobs/config/environment.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # Load the Rails application. require_relative 'application' From f499dc20299cf9bd11df6a1a96ed2bcbdaa6ad35 Mon Sep 17 00:00:00 2001 From: osc-bot <78549874+osc-bot@users.noreply.github.com> Date: Mon, 9 Sep 2024 09:40:28 -0400 Subject: [PATCH 2/5] update dependencies (#3788) --- apps/dashboard/Gemfile.lock | 10 ++++------ apps/dashboard/yarn.lock | 12 ++++++------ apps/myjobs/Gemfile.lock | 6 ++---- apps/shell/yarn.lock | 34 +++++++++++++++++----------------- 4 files changed, 29 insertions(+), 33 deletions(-) diff --git a/apps/dashboard/Gemfile.lock b/apps/dashboard/Gemfile.lock index 389b53cfcc..3f2e02f496 100644 --- a/apps/dashboard/Gemfile.lock +++ b/apps/dashboard/Gemfile.lock @@ -145,14 +145,14 @@ GEM method_source (1.1.0) mime-types (3.5.2) mime-types-data (~> 3.2015) - mime-types-data (3.2024.0820) + mime-types-data (3.2024.0903) mini_mime (1.1.5) mini_portile2 (2.8.7) minitest (5.25.1) mocha (2.4.5) ruby2_keywords (>= 0.0.5) multi_json (1.15.0) - mustermann (3.0.2) + mustermann (3.0.3) ruby2_keywords (~> 0.0.1) net-imap (0.3.7) date @@ -232,8 +232,7 @@ GEM http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - rexml (3.3.6) - strscan + rexml (3.3.7) rss (0.3.1) rexml ruby2_keywords (0.0.5) @@ -264,7 +263,6 @@ GEM activesupport (>= 6.1) sprockets (>= 3.0.0) stringio (3.1.1) - strscan (3.1.0) thor (1.3.2) tilt (2.4.0) timecop (0.9.10) @@ -282,7 +280,7 @@ GEM websocket-extensions (0.1.5) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.6.17) + zeitwerk (2.6.18) zip_kit (6.3.1) PLATFORMS diff --git a/apps/dashboard/yarn.lock b/apps/dashboard/yarn.lock index 4076c80da8..3d82ceb8c3 100644 --- a/apps/dashboard/yarn.lock +++ b/apps/dashboard/yarn.lock @@ -573,9 +573,9 @@ retry@^0.13.1: integrity sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg== sass@^1.50.0: - version "1.77.8" - resolved "https://registry.yarnpkg.com/sass/-/sass-1.77.8.tgz#9f18b449ea401759ef7ec1752a16373e296b52bd" - integrity sha512-4UHg6prsrycW20fqLGPShtEvo/WyHRVRHwOP4DzkUrObWoWI05QBSfzU71TVB7PFaL104TwNaHpjlWXAZbQiNQ== + version "1.78.0" + resolved "https://registry.yarnpkg.com/sass/-/sass-1.78.0.tgz#cef369b2f9dc21ea1d2cf22c979f52365da60841" + integrity sha512-AaIqGSrjo5lA2Yg7RvFZrlXDBCp3nV4XP73GrLGvdRWWwk+8H3l0SDvq/5bA4eF+0RFPLuWUk3E+P1U/YqnpsQ== dependencies: chokidar ">=3.0.0 <4.0.0" immutable "^4.0.0" @@ -592,9 +592,9 @@ shallow-equal@^3.0.0: integrity sha512-pfVOw8QZIXpMbhBWvzBISicvToTiM5WBF1EeAUZDDSb5Dt29yl4AYbyywbJFSEsRUMr7gJaxqCdr4L3tQf9wVg== "source-map-js@>=0.6.2 <2.0.0": - version "1.2.0" - resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.0.tgz#16b809c162517b5b8c3e7dcd315a2a5c2612b2af" - integrity sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg== + version "1.2.1" + resolved "https://registry.yarnpkg.com/source-map-js/-/source-map-js-1.2.1.tgz#1ce5650fddd87abc099eda37dcff024c2667ae46" + integrity sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA== source-map@^0.6.1: version "0.6.1" diff --git a/apps/myjobs/Gemfile.lock b/apps/myjobs/Gemfile.lock index fa5636fd5e..d47ab41e8b 100644 --- a/apps/myjobs/Gemfile.lock +++ b/apps/myjobs/Gemfile.lock @@ -216,8 +216,7 @@ GEM redcarpet (3.6.0) request_store (1.7.0) rack (>= 1.4) - rexml (3.3.6) - strscan + rexml (3.3.7) ruby2_keywords (0.0.5) sass (3.7.4) sass-listen (~> 4.0.0) @@ -243,7 +242,6 @@ GEM activesupport (>= 6.1) sprockets (>= 3.0.0) sqlite3 (1.4.2) - strscan (3.1.0) thor (1.3.2) tilt (2.4.0) timecop (0.9.10) @@ -255,7 +253,7 @@ GEM websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - zeitwerk (2.6.17) + zeitwerk (2.6.18) PLATFORMS ruby diff --git a/apps/shell/yarn.lock b/apps/shell/yarn.lock index c321cb9098..4b22d4b0ed 100644 --- a/apps/shell/yarn.lock +++ b/apps/shell/yarn.lock @@ -583,9 +583,9 @@ "@types/istanbul-lib-report" "*" "@types/node@*": - version "22.5.2" - resolved "https://registry.yarnpkg.com/@types/node/-/node-22.5.2.tgz#e42344429702e69e28c839a7e16a8262a8086793" - integrity sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg== + version "22.5.4" + resolved "https://registry.yarnpkg.com/@types/node/-/node-22.5.4.tgz#83f7d1f65bc2ed223bdbf57c7884f1d5a4fa84e8" + integrity sha512-FDuKUJQm/ju9fT/SeX/6+gBzoPzlVCzfzmGkwKvRHQVxi4BntVbyIwf6a4Xn62mrvndLiml6z/UBXIdEVjQLXg== dependencies: undici-types "~6.19.2" @@ -953,9 +953,9 @@ camelcase@^6.0.0: integrity sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA== caniuse-lite@^1.0.30001646: - version "1.0.30001655" - resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001655.tgz#0ce881f5a19a2dcfda2ecd927df4d5c1684b982f" - integrity sha512-jRGVy3iSGO5Uutn2owlb5gR6qsGngTw9ZTb4ali9f3glshcNmJ2noam4Mo9zia5P9Dk3jNNydy7vQjuE5dQmfg== + version "1.0.30001659" + resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001659.tgz#f370c311ffbc19c4965d8ec0064a3625c8aaa7af" + integrity sha512-Qxxyfv3RdHAfJcXelgf0hU4DFUVXBGTjqrBUZLUh8AtlGnsDo+CnncYtTd95+ZKfnANUOzxyIQCuU/UeBZBYoA== capture-exit@^2.0.0: version "2.0.0" @@ -1174,11 +1174,11 @@ debug@2.6.9, debug@^2.2.0, debug@^2.3.3: ms "2.0.0" debug@4, debug@^4.1.0, debug@^4.1.1, debug@^4.3.1: - version "4.3.6" - resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.6.tgz#2ab2c38fbaffebf8aa95fdfe6d88438c7a13c52b" - integrity sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg== + version "4.3.7" + resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.7.tgz#87945b4151a011d76d95a198d7111c865c360a52" + integrity sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ== dependencies: - ms "2.1.2" + ms "^2.1.3" decamelize@^1.2.0: version "1.2.0" @@ -1274,9 +1274,9 @@ ee-first@1.1.1: integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow== electron-to-chromium@^1.5.4: - version "1.5.13" - resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.13.tgz#1abf0410c5344b2b829b7247e031f02810d442e6" - integrity sha512-lbBcvtIJ4J6sS4tb5TLp1b4LyfCdMkwStzXPyAgVgTRAsep4bvrAGaBOP7ZJtQMNJpSQ9SqG4brWOroNaQtm7Q== + version "1.5.18" + resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.18.tgz#5fe62b9d21efbcfa26571066502d94f3ed97e495" + integrity sha512-1OfuVACu+zKlmjsNdcJuVQuVE61sZOLbNM4JAQ1Rvh6EOj0/EUKhMJjRH73InPlXSh8HIJk1cVZ8pyOV/FMdUQ== emittery@^0.7.1: version "0.7.2" @@ -2660,7 +2660,7 @@ mixin-deep@^1.2.0: for-in "^1.0.2" is-extendable "^1.0.1" -ms@2.0.0, ms@2.1.1, ms@2.1.2, ms@2.1.3: +ms@2.0.0, ms@2.1.1, ms@2.1.3, ms@^2.1.3: version "2.1.1" resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.1.tgz#30a5864eb3ebb0a66f2ebe6d727af06a09d86e0a" integrity sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg== @@ -2911,9 +2911,9 @@ path-to-regexp@0.1.7: integrity sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ== picocolors@^1.0.0, picocolors@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.0.1.tgz#a8ad579b571952f0e5d25892de5445bcfe25aaa1" - integrity sha512-anP1Z8qwhkbmu7MFP5iTt+wQKXgwzf7zTyGlcdzabySa9vd0Xt392U0rVmz9poOaBj0uHJKyyo9/upk0HrEQew== + version "1.1.0" + resolved "https://registry.yarnpkg.com/picocolors/-/picocolors-1.1.0.tgz#5358b76a78cde483ba5cef6a9dc9671440b27d59" + integrity sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw== picomatch@^2.0.4, picomatch@^2.3.1: version "2.3.1" From e9c4a1bf18e3ff7185f2721dc04a458390f80f87 Mon Sep 17 00:00:00 2001 From: osc-bot <78549874+osc-bot@users.noreply.github.com> Date: Mon, 9 Sep 2024 10:49:06 -0400 Subject: [PATCH 3/5] Update Changelog (#3787) * update changelog --------- Co-authored-by: Jeff Ohrstrom --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fadef6d22f..39941eb713 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -49,6 +49,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - XDMoD jobs panel uses plain js now in [3706](https://github.com/OSC/ondemand/pull/3706). - Esbuild now has a plugin for to use source code for minified dependencies in [3693](https://github.com/OSC/ondemand/pull/3693). - Remote file uploads now move the tempfile asychronously in [3739](https://github.com/OSC/ondemand/pull/3739). +- Modals no longer pop up for some errors in the files app in [3769](https://github.com/OSC/ondemand/pull/3769). ### Fixed - Ensure that the asset directory is clean when building in [3356](https://github.com/OSC/ondemand/pull/3356). @@ -61,7 +62,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - Download buttons will now be hidden for certain files like pipes in [3654](https://github.com/OSC/ondemand/pull/3654). - Favorite file paths now consult the Allowlist in [3526](https://github.com/OSC/ondemand/pull/3526). - The ood_portal.conf now accounts for /dex (dex_uri) when enabling maintenance mode in [3736](https://github.com/OSC/ondemand/pull/3736). -- mod_ood_proxy now correctly proxies for httpd 2.4.62 in [3728](https://github.com/OSC/ondemand/pull/3728). +- mod_ood_proxy now correctly proxies for httpd 2.4.62 in [3728](https://github.com/OSC/ondemand/pull/3728) + and [3776](https://github.com/OSC/ondemand/pull/3776). - ood_auth_map now accounts for more than just \w for usernames in [3753](https://github.com/OSC/ondemand/pull/3753). - Pipes and fifos no longer show as downloadable in [3718](https://github.com/OSC/ondemand/pull/3718). From f97dafd3000af2b3be136c21ab5c1dd8fbb2ea76 Mon Sep 17 00:00:00 2001 From: Jeff Ohrstrom Date: Wed, 11 Sep 2024 16:19:47 -0400 Subject: [PATCH 4/5] More launcher id checks (#3774) Only set launcher @id once and check against regex and add some more checks when saving. --- apps/dashboard/app/models/launcher.rb | 13 ++++++--- apps/dashboard/test/models/launcher_test.rb | 29 +++++++++++++++++-- .../test/system/project_manager_test.rb | 8 ++--- 3 files changed, 39 insertions(+), 11 deletions(-) diff --git a/apps/dashboard/app/models/launcher.rb b/apps/dashboard/app/models/launcher.rb index b8286cf57d..97ca5bc72a 100644 --- a/apps/dashboard/app/models/launcher.rb +++ b/apps/dashboard/app/models/launcher.rb @@ -60,14 +60,13 @@ def scripts?(project_dir) ID_REX = /\A\w{8}\Z/.freeze - validates(:id, format: { with: ID_REX, allow_blank: true, message: :format }, on: [:save]) - validates(:id, format: { with: ID_REX, message: :format }, on: [:update]) + validates(:id, format: { with: ID_REX, message: "ID does not match #{Launcher::ID_REX.inspect}" }, on: [:save]) def initialize(opts = {}) opts = opts.to_h.with_indifferent_access @project_dir = opts[:project_dir] || raise(StandardError, 'You must set the project directory') - @id = opts[:id] if opts[:id].to_s.empty? || opts[:id].to_s.match?(ID_REX) + @id = opts[:id].to_s.match?(ID_REX) ? opts[:id].to_s : Launcher.next_id @title = opts[:title].to_s @created_at = opts[:created_at] sm_opts = { @@ -149,9 +148,11 @@ def []=(_id, value) end def save - @id = Launcher.next_id if @id.nil? || !@id.to_s.match?(ID_REX) + return false unless valid?(:save) + @created_at = Time.now.to_i if @created_at.nil? script_path = Launcher.script_path(project_dir, id) + script_path.mkpath unless script_path.exist? File.write(Launcher.script_form_file(script_path), to_yaml) @@ -223,6 +224,10 @@ def create_default_script private def self.script_path(root_dir, script_id) + unless script_id.to_s.match?(ID_REX) + raise(StandardError, "#{script_id} is invalid. Does not match #{ID_REX.inspect}") + end + Pathname.new(File.join(Launcher.scripts_dir(root_dir), script_id.to_s)) end diff --git a/apps/dashboard/test/models/launcher_test.rb b/apps/dashboard/test/models/launcher_test.rb index 7432eb7127..39c6dc4284 100644 --- a/apps/dashboard/test/models/launcher_test.rb +++ b/apps/dashboard/test/models/launcher_test.rb @@ -91,12 +91,16 @@ class LauncherTest < ActiveSupport::TestCase end end - test 'launchers will not assign wrong id' do + test 'launchers will re-assign wrong id' do Dir.mktmpdir do |tmp| projects_path = Pathname.new(tmp) OodAppkit.stubs(:dataroot).returns(projects_path) - launcher = Launcher.new({ project_dir: projects_path.to_s, id: '1234', title: 'Test Script' }) - assert_nil(launcher.id) + bad_id = '1234' + launcher = Launcher.new({ project_dir: projects_path.to_s, id: bad_id, title: 'Test Script' }) + + assert(launcher.id.to_s.match?(Launcher::ID_REX)) + refute(bad_id.match?(Launcher::ID_REX)) + refute(bad_id.to_s == launcher.id) end end @@ -130,4 +134,23 @@ class LauncherTest < ActiveSupport::TestCase assert_equal false, Pathname(File.join(projects_path, 'hello_world.sh')).exist? end end + + test 'will not save even if id is resest' do + Dir.mktmpdir do |tmp| + bad_id = '1234' + launcher = Launcher.new({ project_dir: tmp.to_s, id: bad_id, title: 'Default Script' }) + + # initializer reset the id, but we can reset it + refute(launcher.id.to_s == bad_id.to_s) + launcher.instance_variable_set('@id', bad_id) + assert_equal(launcher.id, bad_id) + assert(launcher.errors.size, 0) + + # now try to save it, and it fails + refute(launcher.save) + assert(launcher.errors.size, 1) + assert_equal(launcher.errors.full_messages[0], "Id ID does not match #{Launcher::ID_REX.inspect}") + assert(Dir.empty?(Launcher.scripts_dir(tmp).to_s)) + end + end end diff --git a/apps/dashboard/test/system/project_manager_test.rb b/apps/dashboard/test/system/project_manager_test.rb index 10937f27bd..a858e6e2a6 100644 --- a/apps/dashboard/test/system/project_manager_test.rb +++ b/apps/dashboard/test/system/project_manager_test.rb @@ -727,18 +727,18 @@ def add_auto_environment_variable(project_id, script_id, save: true) test 'cant show invalid script' do Dir.mktmpdir do |dir| project_id = setup_project(dir) - visit project_launcher_path(project_id, '1') + visit project_launcher_path(project_id, '12345678') assert_current_path("/projects/#{project_id}") - assert_selector('.alert-danger', text: "Close\nCannot find script 1") + assert_selector('.alert-danger', text: "Close\nCannot find script 12345678") end end test 'cant edit invalid script' do Dir.mktmpdir do |dir| project_id = setup_project(dir) - visit edit_project_launcher_path(project_id, '1') + visit edit_project_launcher_path(project_id, '12345678') assert_current_path("/projects/#{project_id}") - assert_selector('.alert-danger', text: "Close\nCannot find script 1") + assert_selector('.alert-danger', text: "Close\nCannot find script 12345678") end end From 11d11799173fd03fd681b6ce99f037a40be7f1df Mon Sep 17 00:00:00 2001 From: Jeff Ohrstrom Date: Wed, 11 Sep 2024 16:20:17 -0400 Subject: [PATCH 5/5] Project validations (#3780) * dont need to mkpath here * ensure template is a real directory and is readable --- apps/dashboard/app/models/launcher.rb | 4 +--- apps/dashboard/app/models/project.rb | 8 +++++--- apps/dashboard/test/models/projects_test.rb | 4 +++- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/apps/dashboard/app/models/launcher.rb b/apps/dashboard/app/models/launcher.rb index 97ca5bc72a..400ffe781f 100644 --- a/apps/dashboard/app/models/launcher.rb +++ b/apps/dashboard/app/models/launcher.rb @@ -10,9 +10,7 @@ class ClusterNotFound < StandardError; end class << self def scripts_dir(project_dir) - Pathname.new("#{project_dir}/.ondemand/scripts").tap do |path| - path.mkpath unless path.exist? - end + Pathname.new("#{project_dir}/.ondemand/scripts") end def find(id, project_dir) diff --git a/apps/dashboard/app/models/project.rb b/apps/dashboard/app/models/project.rb index 2834fda087..254b43bd7c 100644 --- a/apps/dashboard/app/models/project.rb +++ b/apps/dashboard/app/models/project.rb @@ -297,8 +297,10 @@ def project_directory_invalid def project_template_invalid # This validation is to prevent the template directory being manipulated in the form. - if !template.blank? && Project.templates.map { |template| template.directory.to_s }.exclude?(template.to_s) - errors.add(:template, :invalid) - end + return if template.blank? + + template_path = Pathname.new(template) + errors.add(:template, :invalid) if Project.templates.map { |t| t.directory.to_s }.exclude?(template.to_s) + errors.add(:template, :invalid) unless template_path.exist? && template_path.readable? end end diff --git a/apps/dashboard/test/models/projects_test.rb b/apps/dashboard/test/models/projects_test.rb index 55cb10120c..aaea1faea3 100644 --- a/apps/dashboard/test/models/projects_test.rb +++ b/apps/dashboard/test/models/projects_test.rb @@ -28,10 +28,12 @@ class ProjectsTest < ActiveSupport::TestCase template: '/invalid/template' }) assert_not project.save - assert_equal 2, project.errors.size + assert_equal 3, project.errors.size assert_not_equal invalid_icon, project.icon assert_not project.errors[:directory].empty? assert_not project.errors[:template].empty? + assert_equal(1, project.errors[:directory].size) + assert_equal(2, project.errors[:template].size) end end