merge v0.14.2 release

CHANGELOG.rst

@@ -5,6 +5,95 @@ Changelog for the SODAR project. Loosely follows the
 `Keep a Changelog <http://keepachangelog.com/en/1.0.0/>`_ guidelines.
 
 
+v0.14.2 (2024-03-15)
+====================
+
+Added
+-----
+
+- **General**
+    - Django settings for reverse proxy setup (#1917)
+- **Irodsbackend**
+    - Sanitize and validate ``IRODS_ROOT_PATH`` in ``get_root_path()`` (#1891)
+- **Landingzones**
+    - Create assay plugin shortcut collections for zones (#1869)
+    - Zone statistics for siteinfo (#1898)
+    - UI tests for project details card (#1902)
+- **Samplesheets**
+    - ``IrodsDataRequest`` timeline event extra data (#1912)
+    - CRAM file support in study apps (#1908)
+    - ``check_igv_file_suffix()`` helper in ``studyapps.utils`` (#1908)
+    - Path checking for IGV omit settings (#1923)
+    - Glob pattern support for IGV omit settings (#1923)
+- **Taskflowbackend**
+    - Django settings in siteinfo (#1901)
+    - ``BatchSetAccessTask`` in iRODS tasks (#1905)
+    - ``IrodsAccessMixin`` task helper mixin (#1905)
+
+Changed
+-------
+
+- **General**
+    - Upgrade to Django v3.2.25 (#1854)
+    - Upgrade to django-sodar-core v0.13.4 (#1899)
+    - Upgrade critical Vue app dependencies (#1854)
+    - Upgrade to cubi-isa-templates v0.1.2 (#1854)
+    - Update installation documentation (#1871)
+- **Irodsbackend**
+    - Reduce redundant object queries (#1883)
+    - Change method logic in ``get_objects()`` and ``get_objs_recursively()`` (#1883)
+    - Use ``get_root_path()`` within ``IrodsAPI`` (#1890)
+    - Refactor ``IrodsStatisticsAjaxView`` and related JQuery (#1903)
+- **Samplesheets**
+    - Improve Django messages for ``IrodsDataRequest`` exceptions (#1858)
+    - Change ``IrodsDataRequest`` description if created in Ajax view (#1862)
+    - Refactor ``IrodsDataRequestModifyMixin`` timeline helpers (#1913)
+    - Rename ``get_igv_omit_override()`` to ``get_igv_omit_list()`` (#1924)
+    - Rename ``check_igv_file_name()`` to ``check_igv_file_path()`` (#1923)
+    - Named process pooling and renaming in sheet editor (#1904)
+- **Taskflowbackend**
+    - Optimize ``landing_zone_move`` iRODS path retrieval (#1882)
+    - Set zone status on uncaught errors in ``run_flow()`` (#1458)
+    - Change ``TASKFLOW_IRODS_CONN_TIMEOUT`` default value to ``960`` (#1900)
+
+Fixed
+-----
+
+- **General**
+    - Invalid env var retrieval for ``AUTH_LDAP*_START_TLS`` (#1853)
+- **Irodsbackend**
+    - Invalid path returned by ``get_path()`` if ``IRODS_ROOT_PATH`` is set (#1889)
+    - Stats badge stuck in updating with non-200 POST status (#1327, #1886)
+- **Landingzones**
+    - Stats badge displayed to superusers for ``DELETED`` zones (#1866)
+    - Zone status updating not working in project details card (#1902)
+    - Modifying finished lock status allowed in ``SetLandingZoneStatusTask`` (#1909)
+- **Samplesheets**
+    - Invalid WebDAV URLs generated in ``IrodsDataRequestListView`` (#1860)
+    - Superuser not allowed to edit iRODS request from other users in UI (#1863)
+    - ``IrodsDataRequest`` user changed on object update (#1864)
+    - ``IrodsDataRequest._validate_action()`` failing with ``delete`` action (#1858)
+    - Protocol ref editable for new row if disabled in column config (#1875)
+    - Sheet template creation failure with slash characters in title/ID fields (#1896)
+    - ``get_pedigree_file_path()`` used in cancer study app tests (#1914)
+    - IGV omit settings not correctly set on project creation (#1925)
+    - Germline study cache build crash with no family column (#1921)
+    - Source name editing failing in assay table after row insert (#1928)
+- **Taskflowbackend**
+    - Hardcoded iRODS path length in ``landing_zone_move`` (#1888)
+    - Uncaught exceptions in ``SetAccessTask`` (#1906)
+    - Crash in ``landing_zone_create`` with large amount of collections (#1905)
+    - Finished landing zone status modified by lock exception (#1909)
+
+Removed
+-------
+
+- **General**
+    - LDAP settings ``OPT_X_TLS_REQUIRE_CERT`` workaround (#1853)
+- **Taskflowbackend**
+    - ``get_subcoll_obj_paths()`` and ``get_subcoll_paths()`` helpers (#1882)
+
+
 v0.14.1 (2023-12-12)
 ====================
 

config/settings/base.py

@@ -22,7 +22,7 @@
 env = environ.Env()
 
 # .env file, should load only in development environment
-READ_DOT_ENV_FILE = env.bool('DJANGO_READ_DOT_ENV_FILE', default=False)
+READ_DOT_ENV_FILE = env.bool('DJANGO_READ_DOT_ENV_FILE', False)
 
 if READ_DOT_ENV_FILE:
     # Operating System Environment variables have precedence over variables
@@ -35,6 +35,7 @@
 # ------------------------------------------------------------------------------
 # Hosts/domain names that are valid for this site
 ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['*'])
+USE_X_FORWARDED_HOST = env.bool('DJANGO_USE_X_FORWARDED_HOST', False)
 
 # APP CONFIGURATION
 # ------------------------------------------------------------------------------
@@ -156,7 +157,7 @@
 # See: https://docs.djangoproject.com/en/3.2/ref/settings/#databases
 # Uses django-environ to accept uri format
 # See: https://django-environ.readthedocs.io/en/latest/#supported-types
-DATABASES = {'default': env.db('DATABASE_URL', default='postgres:///sodar')}
+DATABASES = {'default': env.db('DATABASE_URL', 'postgres:///sodar')}
 DATABASES['default']['ATOMIC_REQUESTS'] = False
 
 # Set default auto field (for Django 3.2+)
@@ -365,14 +366,12 @@
         'last_name': 'sn',
         'email': 'mail',
     }
-    # Temporarily disable cert checking (see issue #1853)
-    ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
 
     # Primary LDAP server
     AUTH_LDAP_SERVER_URI = env.str('AUTH_LDAP_SERVER_URI', None)
     AUTH_LDAP_BIND_DN = env.str('AUTH_LDAP_BIND_DN', None)
     AUTH_LDAP_BIND_PASSWORD = env.str('AUTH_LDAP_BIND_PASSWORD', None)
-    AUTH_LDAP_START_TLS = env.str('AUTH_LDAP_START_TLS', False)
+    AUTH_LDAP_START_TLS = env.bool('AUTH_LDAP_START_TLS', False)
     AUTH_LDAP_CA_CERT_FILE = env.str('AUTH_LDAP_CA_CERT_FILE', None)
     AUTH_LDAP_CONNECTION_OPTIONS = {**LDAP_DEFAULT_CONN_OPTIONS}
     if AUTH_LDAP_CA_CERT_FILE:
@@ -383,7 +382,6 @@
     AUTH_LDAP_USER_FILTER = env.str(
         'AUTH_LDAP_USER_FILTER', '(sAMAccountName=%(user)s)'
     )
-
     AUTH_LDAP_USER_SEARCH = LDAPSearch(
         env.str('AUTH_LDAP_USER_SEARCH_BASE', None),
         ldap.SCOPE_SUBTREE,
@@ -394,7 +392,6 @@
     AUTH_LDAP_DOMAIN_PRINTABLE = env.str(
         'AUTH_LDAP_DOMAIN_PRINTABLE', AUTH_LDAP_USERNAME_DOMAIN
     )
-
     AUTHENTICATION_BACKENDS = tuple(
         itertools.chain(
             ('projectroles.auth_backends.PrimaryLDAPBackend',),
@@ -407,7 +404,7 @@
         AUTH_LDAP2_SERVER_URI = env.str('AUTH_LDAP2_SERVER_URI', None)
         AUTH_LDAP2_BIND_DN = env.str('AUTH_LDAP2_BIND_DN', None)
         AUTH_LDAP2_BIND_PASSWORD = env.str('AUTH_LDAP2_BIND_PASSWORD', None)
-        AUTH_LDAP2_START_TLS = env.str('AUTH_LDAP2_START_TLS', False)
+        AUTH_LDAP2_START_TLS = env.bool('AUTH_LDAP2_START_TLS', False)
         AUTH_LDAP2_CA_CERT_FILE = env.str('AUTH_LDAP2_CA_CERT_FILE', None)
         AUTH_LDAP2_CONNECTION_OPTIONS = {**LDAP_DEFAULT_CONN_OPTIONS}
         if AUTH_LDAP2_CA_CERT_FILE:
@@ -418,7 +415,6 @@
         AUTH_LDAP2_USER_FILTER = env.str(
             'AUTH_LDAP2_USER_FILTER', '(sAMAccountName=%(user)s)'
         )
-
         AUTH_LDAP2_USER_SEARCH = LDAPSearch(
             env.str('AUTH_LDAP2_USER_SEARCH_BASE', None),
             ldap.SCOPE_SUBTREE,
@@ -429,7 +425,6 @@
         AUTH_LDAP2_DOMAIN_PRINTABLE = env.str(
             'AUTH_LDAP2_DOMAIN_PRINTABLE', AUTH_LDAP2_USERNAME_DOMAIN
         )
-
         AUTHENTICATION_BACKENDS = tuple(
             itertools.chain(
                 ('projectroles.auth_backends.SecondaryLDAPBackend',),
@@ -612,7 +607,7 @@ def set_logging(level=None):
 
 
 # General API settings
-SODAR_API_DEFAULT_VERSION = '0.14.1'
+SODAR_API_DEFAULT_VERSION = '0.14.2'
 SODAR_API_ALLOWED_VERSIONS = [
     '0.7.0',
     '0.7.1',
@@ -633,6 +628,7 @@ def set_logging(level=None):
     '0.13.4',
     '0.14.0',
     '0.14.1',
+    '0.14.2',
 ]
 SODAR_API_MEDIA_TYPE = 'application/vnd.bihealth.sodar+json'
 SODAR_API_DEFAULT_HOST = env.url(
@@ -745,7 +741,7 @@ def set_logging(level=None):
 
 # Taskflow backend settings
 # Connection timeout for taskflowbackend flows (other sessions not affected)
-TASKFLOW_IRODS_CONN_TIMEOUT = env.int('TASKFLOW_IRODS_CONN_TIMEOUT', 480)
+TASKFLOW_IRODS_CONN_TIMEOUT = env.int('TASKFLOW_IRODS_CONN_TIMEOUT', 960)
 TASKFLOW_LOCK_RETRY_COUNT = env.int('TASKFLOW_LOCK_RETRY_COUNT', 2)
 TASKFLOW_LOCK_RETRY_INTERVAL = env.int('TASKFLOW_LOCK_RETRY_INTERVAL', 3)
 TASKFLOW_LOCK_ENABLED = True
@@ -813,13 +809,14 @@ def set_logging(level=None):
 # Remote sample sheet sync interval in minutes
 SHEETS_SYNC_INTERVAL = env.int('SHEETS_SYNC_INTERVAL', 5)
 
-# BAM file name suffixes to omit from study shortcuts and IGV session generation
+# BAM/CRAM file path glob patterns to omit from study shortcuts and IGV sessions
 SHEETS_IGV_OMIT_BAM = env.list(
-    'SHEETS_IGV_OMIT_BAM', default=['dragen_evidence.bam']
+    'SHEETS_IGV_OMIT_BAM', default=['*dragen_evidence.bam']
 )
-# VCF file name suffixes to omit from study shortcuts and IGV session generation
+# VCF file path glob patterns to omit from study shortcuts and IGV sessions
 SHEETS_IGV_OMIT_VCF = env.list(
-    'SHEETS_IGV_OMIT_VCF', default=['cnv.vcf.gz', 'ploidy.vcf.gz', 'sv.vcf.gz']
+    'SHEETS_IGV_OMIT_VCF',
+    default=['*cnv.vcf.gz', '*ploidy.vcf.gz', '*sv.vcf.gz'],
 )
 
 # Landingzones app settings

config/settings/local.py

@@ -16,7 +16,7 @@
 
 # DEBUG
 # ------------------------------------------------------------------------------
-DEBUG = env.bool('DJANGO_DEBUG', default=True)
+DEBUG = env.bool('DJANGO_DEBUG', True)
 TEMPLATES[0]['OPTIONS']['debug'] = DEBUG
 
 # SECRET CONFIGURATION
@@ -53,7 +53,7 @@
 
 # django-debug-toolbar
 # ------------------------------------------------------------------------------
-ENABLE_DEBUG_TOOLBAR = env.bool('ENABLE_DEBUG_TOOLBAR', default=True)
+ENABLE_DEBUG_TOOLBAR = env.bool('ENABLE_DEBUG_TOOLBAR', True)
 
 if ENABLE_DEBUG_TOOLBAR:
     MIDDLEWARE += ['debug_toolbar.middleware.DebugToolbarMiddleware']

config/settings/production.py

@@ -28,21 +28,24 @@
 SECURE_HSTS_SECONDS = 60
 
 SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
-    'DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS', default=True
+    'DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS', True
 )
 SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
-    'DJANGO_SECURE_CONTENT_TYPE_NOSNIFF', default=True
+    'DJANGO_SECURE_CONTENT_TYPE_NOSNIFF', True
 )
 SECURE_BROWSER_XSS_FILTER = True
 SESSION_COOKIE_SECURE = True
 SESSION_COOKIE_HTTPONLY = True
-SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', default=True)
+SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', True)
 SECURE_REDIRECT_EXEMPT = env.list(
     'DJANGO_SECURE_REDIRECT_EXEMPT',
     default=['/taskflow/', r'^irodsbackend/api/auth$'],
 )
 CSRF_COOKIE_SECURE = True
 CSRF_COOKIE_HTTPONLY = True
+CSRF_TRUSTED_ORIGINS = env.list('DJANGO_CSRF_TRUSTED_ORIGINS', default=[])
+CSRF_COOKIE_DOMAIN = env.str('DJANGO_CSRF_COOKIE_DOMAIN', None)
+
 X_FRAME_OPTIONS = 'DENY'
 
 INSTALLED_APPS += ['gunicorn']

config/settings/test.py

@@ -107,8 +107,8 @@
 SHEETS_EXTERNAL_LINK_PATH = os.path.join(
     ROOT_DIR, 'samplesheets/tests/config/ext_links.json'
 )
-SHEETS_IGV_OMIT_BAM = ['dragen_evidence.bam']
-SHEETS_IGV_OMIT_VCF = ['cnv.vcf.gz', 'ploidy.vcf.gz', 'sv.vcf.gz']
+SHEETS_IGV_OMIT_BAM = ['*dragen_evidence.bam']
+SHEETS_IGV_OMIT_VCF = ['*cnv.vcf.gz', '*ploidy.vcf.gz', '*sv.vcf.gz']
 
 # Landingzones app settings
 LANDINGZONES_TRIGGER_ENABLE = True