From ec4221b68858a57236e39308633f79480411859c Mon Sep 17 00:00:00 2001 From: Mark Pittaway Date: Tue, 28 Mar 2023 10:09:28 +1100 Subject: [PATCH 01/44] update cores --- client/package-lock.json | 46 ++++++++++++++++++++-------------------- client/package.json | 2 +- server/requirements.in | 2 +- server/requirements.txt | 12 +++++++---- 4 files changed, 33 insertions(+), 29 deletions(-) diff --git a/client/package-lock.json b/client/package-lock.json index f9d9ac9..fd28fe8 100644 --- a/client/package-lock.json +++ b/client/package-lock.json @@ -833,9 +833,9 @@ } }, "@popperjs/core": { - "version": "2.11.6", - "resolved": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.6.tgz", - "integrity": "sha512-50/17A98tWUfQ176raKiOGXuYpLyyVMkxxG6oylzL3BPOlA6ADGdK7EYunSa4I064xerltq9TGXs8HmOk5E+vw==" + "version": "2.11.7", + "resolved": "https://registry.npmjs.org/@popperjs/core/-/core-2.11.7.tgz", + "integrity": "sha512-Cr4OjIkipTtcXKjAsm8agyleBuDHvxzeBoa1v543lbv1YaIwQjESsVcmjiWiPEbC1FIeHOG/Op9kdCmAmiS3Kw==" }, "@protobufjs/aspromise": { "version": "1.1.2", @@ -912,9 +912,9 @@ "integrity": "sha512-JCB8C6SnDoQf0cNycqd/35A7MjcnK+ZTqE7judS6o7utxUCg6imJg3QK2qzHKszlTjcj2cn+NwMB2i96ubpj7w==" }, "@types/react": { - "version": "18.0.28", - "resolved": "https://registry.npmjs.org/@types/react/-/react-18.0.28.tgz", - "integrity": "sha512-RD0ivG1kEztNBdoAK7lekI9M+azSnitIn85h4iOiaLjaTrMjzslhaqCGaI4IyCJ1RljWiLCEu4jyrLLgqxBTew==", + "version": "18.0.30", + "resolved": "https://registry.npmjs.org/@types/react/-/react-18.0.30.tgz", + "integrity": "sha512-AnME2cHDH11Pxt/yYX6r0w448BfTwQOLEhQEjCdwB7QskEI7EKtxhGUsExTQe/MsY3D9D5rMtu62WRocw9A8FA==", "requires": { "@types/prop-types": "*", "@types/scheduler": "*", @@ -930,9 +930,9 @@ } }, "@types/scheduler": { - "version": "0.16.2", - "resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz", - "integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==" + "version": "0.16.3", + "resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.3.tgz", + "integrity": "sha512-5cJ8CB4yAx7BH1oMvdU0Jh9lrEXyPkar6F9G/ERswkCuvP4KQZfZkSjcMbAICCpQTN4OuZn8tz0HiKv9TGZgrQ==" }, "abbrev": { "version": "1.1.1", @@ -2287,14 +2287,14 @@ } }, "caniuse-db": { - "version": "1.0.30001469", - "resolved": "https://registry.npmjs.org/caniuse-db/-/caniuse-db-1.0.30001469.tgz", - "integrity": "sha512-1PKKiaGtL8hmIkNAQCt/2dIpJIxWU89K7QYvOiZKi07G03RaFen0BU3kEFT3qX0twManeMSHgh2uFPGGYrZqNQ==" + "version": "1.0.30001470", + "resolved": "https://registry.npmjs.org/caniuse-db/-/caniuse-db-1.0.30001470.tgz", + "integrity": "sha512-csqbktKHrIIdVMEyHX9LzJc3nXnqUDm7K6125qESEEE+RMBwEax83sVOyUqrtY7wU+nXrw+GAGVX0fzE3Pxq0g==" }, "caniuse-lite": { - "version": "1.0.30001469", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001469.tgz", - "integrity": "sha512-Rcp7221ScNqQPP3W+lVOYDyjdR6dC+neEQCttoNr5bAyz54AboB4iwpnWgyi8P4YUsPybVzT4LgWiBbI3drL4g==" + "version": "1.0.30001470", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001470.tgz", + "integrity": "sha512-065uNwY6QtHCBOExzbV6m236DDhYCCtPmQUCoQtwkVqzud8v5QPidoMr6CoMkC2nfp6nksjttqWQRRh75LqUmA==" }, "caseless": { "version": "0.12.0", @@ -3117,9 +3117,9 @@ "integrity": "sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==" }, "electron-to-chromium": { - "version": "1.4.335", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.335.tgz", - "integrity": "sha512-l/eowQqTnrq3gu+WSrdfkhfNHnPgYqlKAwxz7MTOj6mom19vpEDHNXl6dxDxyTiYuhemydprKr/HCrHfgk+OfQ==" + "version": "1.4.341", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.341.tgz", + "integrity": "sha512-R4A8VfUBQY9WmAhuqY5tjHRf5fH2AAf6vqitBOE0y6u2PgHgqHSrhZmu78dIX3fVZtjqlwJNX1i2zwC3VpHtQQ==" }, "elliptic": { "version": "6.5.4", @@ -5989,8 +5989,8 @@ "integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==" }, "newsroom-core": { - "version": "github:superdesk/newsroom-core#e78ddf8997ce9ea0b367c7e95242329c58896eff", - "from": "github:superdesk/newsroom-core#v2.4.0-rc1", + "version": "github:superdesk/newsroom-core#20d9de89e99d2f54a7daa248938a2648db2fd2a4", + "from": "github:superdesk/newsroom-core#release/2.4", "requires": { "@popperjs/core": "^2.11.4", "alertifyjs": "1.11.2", @@ -7519,9 +7519,9 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==" }, "react-onclickoutside": { - "version": "6.12.2", - "resolved": "https://registry.npmjs.org/react-onclickoutside/-/react-onclickoutside-6.12.2.tgz", - "integrity": "sha512-NMXGa223OnsrGVp5dJHkuKxQ4czdLmXSp5jSV9OqiCky9LOpPATn3vLldc+q5fK3gKbEHvr7J1u0yhBh/xYkpA==" + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/react-onclickoutside/-/react-onclickoutside-6.13.0.tgz", + "integrity": "sha512-ty8So6tcUpIb+ZE+1HAhbLROvAIJYyJe/1vRrrcmW+jLsaM+/powDRqxzo6hSh9CuRZGSL1Q8mvcF5WRD93a0A==" }, "react-popper": { "version": "2.3.0", diff --git a/client/package.json b/client/package.json index 1c71af2..e3038a6 100644 --- a/client/package.json +++ b/client/package.json @@ -5,7 +5,7 @@ }, "dependencies": { "firebase": "9.6.11", - "newsroom-core": "github:superdesk/newsroom-core#v2.4.0-rc1" + "newsroom-core": "github:superdesk/newsroom-core#release/2.4" }, "devDependencies": { "babel-plugin-transform-object-rest-spread": "^6.26.0", diff --git a/server/requirements.in b/server/requirements.in index 7f1f280..a9cc3f0 100644 --- a/server/requirements.in +++ b/server/requirements.in @@ -1,3 +1,3 @@ google-auth==2.6.0 python3-saml==1.14.0 -git+https://github.com/superdesk/newsroom-core.git@v2.4.0-rc1#egg=Newsroom-Core +git+https://github.com/superdesk/newsroom-core.git@release/2.4#egg=Newsroom-Core diff --git a/server/requirements.txt b/server/requirements.txt index 9b74e21..45579e8 100644 --- a/server/requirements.txt +++ b/server/requirements.txt @@ -1,8 +1,8 @@ # -# This file is autogenerated by pip-compile with Python 3.10 +# This file is autogenerated by pip-compile with Python 3.8 # by the following command: # -# pip-compile requirements.in +# pip-compile --resolver=backtracking requirements.in # amqp==2.6.1 # via kombu @@ -203,7 +203,7 @@ mongolock==1.3.4 # via superdesk-core natsort==8.3.1 # via croniter -newsroom-core @ git+https://github.com/superdesk/newsroom-core.git@v2.4.0-rc1 +newsroom-core @ git+https://github.com/superdesk/newsroom-core.git@release/2.4 # via -r requirements.in oauth2client==4.1.3 # via flask-oidc-ex @@ -273,6 +273,7 @@ python3-saml==1.14.0 # via -r requirements.in pytz==2022.7.1 # via + # babel # celery # eve-elastic # flask-babel @@ -344,13 +345,14 @@ tinycss2==1.2.1 typing-extensions==4.5.0 # via # limits + # pypdf # qrcode # superdesk-core tzlocal==2.1 # via # pyhanko # superdesk-core -unidecode==0.04.21 +unidecode==0.4.21 # via superdesk-core uritools==4.0.1 # via pyhanko-certvalidator @@ -389,6 +391,8 @@ xhtml2pdf==0.2.9 # via newsroom-core xmlsec==1.3.13 # via python3-saml +zipp==3.15.0 + # via importlib-resources # The following packages are considered to be unsafe in a requirements file: # setuptools From f5130f81591192f58736126a4c37c1bd8c9125d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Ja=C5=A1ek?= Date: Tue, 28 Mar 2023 09:49:00 +0200 Subject: [PATCH 02/44] fix custom reset password (#101) keeps the old one working, only first try to reset via firebase and fallback to core reset on error there. CPCN-106 --- client/src/reset-password.js | 25 ++++++++-------- server/cp/auth.py | 8 ++++-- server/theme/login.html | 6 +--- server/theme/request_token.html | 51 +++++++++++++++++++++++++++++++++ 4 files changed, 70 insertions(+), 20 deletions(-) create mode 100644 server/theme/request_token.html diff --git a/client/src/reset-password.js b/client/src/reset-password.js index 42057f1..ab4ebce 100644 --- a/client/src/reset-password.js +++ b/client/src/reset-password.js @@ -1,10 +1,8 @@ import { auth } from './auth' import { sendPasswordResetEmail } from 'firebase/auth'; -const form = document.getElementById('reset-password-form'); -const url = new URL(window.nextUrl); -const params = new URLSearchParams(url.search); -const sendButton = document.getElementById('send-email'); +const form = document.getElementById('formToken'); +const sendButton = document.getElementById('reset-btn'); form.onsubmit = (event) => { event.preventDefault(); @@ -15,20 +13,21 @@ form.onsubmit = (event) => { const data = new FormData(form); const email = data.get("email"); + const url = new URL(window.nextUrl); + const params = new URLSearchParams(); params.append("email", email); url.search = params; sendButton.disabled = true; - sendPasswordResetEmail(auth, email, {url: url.toString()}) - .then(() => { - form.submit(); - return true; - }) - .catch((reason) => { - console.error(reason); - sendButton.disabled = false; // allow another request if there was an error - }); + sendPasswordResetEmail(auth, email, { url: url.toString() }) + .then(() => { + location.replace(window.externalSuccessUrl); + }) + .catch((reason) => { + console.error(reason); + form.submit(); + }); return false; }; \ No newline at end of file diff --git a/server/cp/auth.py b/server/cp/auth.py index ada5090..e89ff07 100644 --- a/server/cp/auth.py +++ b/server/cp/auth.py @@ -22,7 +22,7 @@ def token(): try: claims = google.oauth2.id_token.verify_firebase_token( token, - audience="cp-identity", + audience="cp-identity-dev" if "cp-dev" in flask.request.base_url else "cp-identity", request=firebase_request_adapter, ) except ValueError as err: @@ -44,7 +44,11 @@ def logout(): @blueprint.route("/cp_reset_password_done") def reset_password_confirmation(): - return flask.render_template("cp_reset_password_confirmation.html") + flask.flash( + gettext("A reset password token has been sent to your email address."), + "success", + ) + return flask.redirect(flask.url_for("auth.login")) @blueprint.route("/cp_reset_password", methods=["GET", "POST"]) diff --git a/server/theme/login.html b/server/theme/login.html index 30fbe43..f83a20d 100644 --- a/server/theme/login.html +++ b/server/theme/login.html @@ -31,11 +31,7 @@
{{ gettext("Login") }}
{% elif get_locale() == "fr_CA" %} {{ gettext("Sign up") }} {% endif %} -

- {{ gettext('Forgot your password?') }} - {{ gettext('Contact Us') }} -

- {{ gettext('Reset password') }} + {{ gettext('Reset password') }} {% if get_client_locales()|length is gt 1 %} diff --git a/server/theme/request_token.html b/server/theme/request_token.html new file mode 100644 index 0000000..0b2b4ce --- /dev/null +++ b/server/theme/request_token.html @@ -0,0 +1,51 @@ +{% extends "layout_wire.html" %} + +{% block contentMain %} + +
+
+
+
+
+
+
+

{{ gettext("Password Reset") }}

+
+
+
+ + {{ form.csrf_token }} + + {% include "form_alerts.html" %} + +
+ + {{ form.email(class="form-control", id="email", required="true") }} +
+ + {% if token_type=='validate' %} + + {% else %} + + {% endif %} +
+
+
+
+
+
+
+ {% include "login_messages.html" %} + + + + {{ javascript_tag('reset_password') | safe }} +
+{% endblock %} From 7252f569b7460b1efd7168f3be5c71cb733fe289 Mon Sep 17 00:00:00 2001 From: Darko Tomic Date: Fri, 24 Mar 2023 11:06:22 +0100 Subject: [PATCH 03/44] New side navigation UI (#100) --- server/theme/base_layout.html | 27 +++++++++++++++------------ server/theme/sidenav_icon.html | 2 ++ server/theme/theme.css | 14 ++++++-------- 3 files changed, 23 insertions(+), 20 deletions(-) diff --git a/server/theme/base_layout.html b/server/theme/base_layout.html index bf29bf5..8eb588b 100644 --- a/server/theme/base_layout.html +++ b/server/theme/base_layout.html @@ -23,38 +23,40 @@
{% block topnav %} -