* curl and procps in container for debugging
* added some spacing between from lines in dockerfiles w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* removed simple-crypt and cleaned up usage of keys for encryption w/ burnettk
* renamed var to SPIFFWORKFLOW_BACKEND_ENCRYPTION_KEY w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* show the full breadcrumb on task show page w/ burnettk
* check read permission of process model before displaying in breadcrumb on task show page
* in the breadcrumb if the api returns 401 then just ignore the breadcrumb
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* look for deny in the permission action rather than in the target uri and updated the documentation w/ burnettk
* added depecation warning if allowed_permissions is being used intead of actions w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not add data to spiff tasks if that task is finished w/ burnettk
* build docker image for this branch w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* We were getting copy and paste errors that an id already existed. This fixes that problem by assuring we always call the importXML method on the diagram modeller (and don't bypass it with a call to the fromXML of the protected _moddle.
we have to correct for the loop characteristics getting removed in a different way.
* run_pyl.
* eslint fixes
* Cypress caught some errors - I hate it, but it was right, and it caught something critical.
* when backend returns 401 also remove cookies and redirect in frontend if cookies are not set w/ burnettk
* added a copule helpful comments w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added some support for configs to have mutliple auths
* multiple openids services are mostly working - still needs some cleanup
* some cleanup for pyl and fixed login_return for internal openid server w/ burnettk
* if only one auth is returned from backend then just do that w/ burnettk
* login page has been formatted w/ burnettk
* some extra formatting on the login page w/ burnettk
* relabel test openid providers and add user
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* only check for timer events in ready_user_task_has_associated_timer so we can skip user_input_required instances w/ burnettk
* removed test.py file w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added migration to drop the id column from json_data and make hash the primary key
* removed id column from task_draft_data as well
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added api to get all completed tasks for an instance and display it in a table w/ burnettk
* moved completed tasks table on pi show page to sub tabs
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added test and some additional support for deny permissions w/ burnettk
* added support for deny through permissions-check api w/ burnettk
* support DENY at the beginning of a permission target marcro
* do not look up permissions using grant type, only use the uniqueness key
* added support in frontend to display a nice error if user does not have access to a data object value w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not save cancelled task events again
* actually only process cancelled events that were cancelled during the current run
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* support formatting data client side in markdown and support greater than and less than for metadata column filters w/ burnettk
* moved spiff conversion functions to FormattingService and use it in InstructionsForEndUser w/ burnettk
* added tests for greater than and less than metadata operators and added negative tests w/ burnettk
* removed unneeded useEffect w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* updated Dockerfile to try to remove security vulnerabilities w/ burnettk
* we require curl for health checks w/ burnettk
* try to scan docker image in ci
* use Dockerfile from backend w/ burnettk
* continue-on-error w/ burnettk
* attempt to elevate permissions of snyk w/ burnettk
* added snyk security github workflow w/ burnettk
* fixed location of constraints w/ burnettk
* add in or true for snyk tests w/ burnettk
* sent the snyk token w/ burnettk
* specify the directory for the sarif file w/ burnettk
* updated spiffworkflow-connector-command for snyk issue w/ burnettk
* updated sql statements sanitize input
* ignore issues for debug_controller and check frontend with snyk w/ burnettk
* updated babel and electron for snyk w/ burnettk
* some more updates to fix vulnerabilities w/ burnettk
* prune repeated deps for frontend builds since
* uncomment ci code so it runs again and use node for frontend base image w/ burnettk
* fixed backend image name w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>