Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release: SSO, JSON field types, and File Upload Mutations #513

Open
wants to merge 86 commits into
base: master
Choose a base branch
from
Open

Release: SSO, JSON field types, and File Upload Mutations #513

wants to merge 86 commits into from
+1,660 −152

Conversation

chrismaddalena
Copy link
Collaborator

Summary

This includes #489, #494, #501, and #502. Not much has changed from each individual PR, but this branch has been tested with all of them combined.

CHANGELOG

[4.3.0] – 3 Sep 2024

Added

  • Added two mutations to the GraphQL API to support uploading new evidence files and report template files
  • Added a new adapter for handling authentication for Single Sign-On (SSO) providers
    • The adapter fills-in a nearly full profile for any new accounts (full name, email address)
    • Usernames for new accounts will default to the first half of the email address
    • If an existing account has the same email address, the accounts will be linked
    • Review the wiki for more information
  • Added support for loading customized config files
    • These are files you can use to modify settings normally found in /config/settings/base.py and production.py
    • Admins can make changes to the custom config files without worrying about the changes needing to be stashed prior to pulling an update
  • Added support for a JSON field type for custom fields

Changed

  • Updated the django-allauth module used for authentication and SSO
    • Important: This change impacts anyone currently using SSO with Azure
    • The azure provider is now microsoft and SSO configurations will need to be updated
  • Changed the cloud infrastructure monitoring task to also check auxiliary IP addresses when determining if a cloud host is tracked in a project

ColonelThirtyTwo and others added 30 commits June 21, 2024 14:30
@ColonelThirtyTwo
Add uploadEvidence graphql mutation
89f16ca 
Takes similar fields to the evidence upload form. Due to Hasura issue
number 2419, the file data must be passed in as a base64 string. The
filename must also be provided separately.

Tags are parsed by Taggit, as documented at [1]. tldr: a space or comma
separated string, optionally with double quotes around tags.

[1]: https://django-taggit.readthedocs.io/en/latest/forms.html
@ColonelThirtyTwo
Add uploadReportTemplate graphql mutation
3bb1a77 
See notes of the previous commit for uploadEvidence for usage notes.
@ColonelThirtyTwo
Add JSON extra field type
bdc3961 
The extra field stores an arbitrary JSON subobject as a field on the
root extra_fields object. This is intended for automated systems to fill
out and provide data for templating. Since it's likely to contain a
large value, Tte UI hides the value behind a button, like rich text
fields. It also uses a plain non-rich-text textarea for editing.
@ColonelThirtyTwo
Defer loading of extra_fields on project lists
fd4937a 
With integrations attaching potentially large JSON blobs to the extra
fields, they should not be loaded unless actually needed.
@ColonelThirtyTwo
Merge branch 'master' into extra-field-json
01a22dd
@ColonelThirtyTwo
Merge branch 'master' into graphql-api-file-upload-dev
8321615
@chrismaddalena
Merge branch 'master' into graphql-api-file-upload-dev
ed7969a
@ColonelThirtyTwo
Fix linting issues, add test for evidence upload
bfd9478
@ColonelThirtyTwo
Merge branch 'graphql-api-file-upload-dev' into json-and-file-upload-dev
9fbb218
@ColonelThirtyTwo
Merge branch 'extra-field-json' into json-and-file-upload-dev
23bfa84
@chrismaddalena
Removed duplicate JSOn field display
c95104c
@chrismaddalena
Added check for decode errors for evidence display
b1afa60 
If someone uses the API endpoint to upload an image with a text file extension, the template tries to display the content as text and unicode throws an unhandled 500 error with `UnicodeDecodeError`. This change adds a check for a `UnicodeError`.
@chrismaddalena
Changes to profiles and emails for SSO additions
3fcab66
@chrismaddalena
Fixed template issue with blocks
6ba3e0d
@chrismaddalena
Initial commit of customized social adapter
b3e3b67
@chrismaddalena
Added social account domain allowlist
d822464
@chrismaddalena
Adjusted reg unavailable page to be more helpful for troubleshooting
64e4a62
@chrismaddalena
Added social reg domain allowlist option
c565a9a
@chrismaddalena
Initial commit for user-created settings files
0e5e793
@chrismaddalena
Applied changes from PR #501
4b914ea
@chrismaddalena
Updated to implement the social domain allowlist
f27b935
@chrismaddalena
Updated adapter with logging and better allowlist handling
150c7e6
@chrismaddalena
Fixed instructions in comments
cc4f789
@chrismaddalena
Added config for SOCIALACCOUNT_LOGIN_ON_GET for easier control
cd1e823
@chrismaddalena
Updated binaries to v0.2.20
f375e51
@chrismaddalena
Updated for django-allauth v0.63.6
09a5111
@chrismaddalena
Bumped django-allauth to v0.63.6
11aee93
@chrismaddalena
Customized sign-up page to make it look better
f54e218
@chrismaddalena
Added customized UserSignupForm
060d4f5
@chrismaddalena
Linting change
0562f71
This was referenced Sep 10, 2024
Closed
Closed
Closed
Closed
@ColonelThirtyTwo
Fix error when trying to create a new object with extra fields
71af5f5 
`prepare_value`` seems to be passed an empty python `object` in some
cases. Ignore when that happens and pass it through unchanged, which is
consistent with other field implementations.
@ColonelThirtyTwo
Fix error when having a blockquote in a list
46111b4 
The handling still isn't great - the blockquote will generate its own
paragraph "separate" from the list. But at least it won't throw an error
anymore.
@chrismaddalena chrismaddalena mentioned this pull request Sep 10, 2024
Closed
@chrismaddalena
Changed call dict() to {}
3646614
@chrismaddalena
Removed unique constraint from the ip_address field
ba65700
@chrismaddalena
Added warnings if multiple project servers share an IP address
8e89c57
@chrismaddalena
Removed unused img files
ded6d59
@chrismaddalena
Cleaned up unused image files
07851d4
@chrismaddalena
Added updated logo image files and inverted versions
6371b88
@chrismaddalena
Added labels to ignore
204b3d3
@chrismaddalena
Updated for delayed release
e6d36a9
@chrismaddalena
Added shared func for filtering tags with django-filters
ab77bf4
@chrismaddalena
Updated filters to use the shared search_tags func
1ee1de6
@chrismaddalena
Added a "Tags" column to the tables
6e51835
@chrismaddalena
Updated for the latest changes
1e4a0d6
@chrismaddalena
Merge branch 'master' into feature/sso-json-and-file-api
52d8b5c
@chrismaddalena
Merge branch 'master' into feature/sso-json-and-file-api
fcbaf6f
@chrismaddalena
Removed repeated forgot password link
99b32ce
@chrismaddalena
Merge branch 'feature/sso-json-and-file-api' of https://github.com/Gh…
7347005 
…ostManager/Ghostwriter into feature/sso-json-and-file-api
@chrismaddalena
Merged duplicate 0050 migration files
426e527
@chrismaddalena
Removed broke p element
915587f
@chrismaddalena
Fixed user profile always showing current user's profile picture
eb9975d
@chrismaddalena
Removed duplicated update_badges()
7cba799
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chrismaddalena @smcgu @ColonelThirtyTwo