* This fixes guest login with using multiple auths, removes empty items from ApiError, and raises if redirect_url given to login does not match expected frontend host w/ burnettk
* get body for debug
* try to get the logs from the correct place to upload w/ burnettk
* mock the openid call instead of actually calling it w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* reset to page 1 when status changes to fix#765 w/ jasquat
* upgrade connexion and werkzeug to fix snyk w/ jasquat
* fix all security issues like a boss w/ jasquat
* whoops, still no resolution for cryptography w/ jasquat
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* curl and procps in container for debugging
* added some spacing between from lines in dockerfiles w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* removed simple-crypt and cleaned up usage of keys for encryption w/ burnettk
* renamed var to SPIFFWORKFLOW_BACKEND_ENCRYPTION_KEY w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* show the full breadcrumb on task show page w/ burnettk
* check read permission of process model before displaying in breadcrumb on task show page
* in the breadcrumb if the api returns 401 then just ignore the breadcrumb
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* look for deny in the permission action rather than in the target uri and updated the documentation w/ burnettk
* added depecation warning if allowed_permissions is being used intead of actions w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not add data to spiff tasks if that task is finished w/ burnettk
* build docker image for this branch w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* We were getting copy and paste errors that an id already existed. This fixes that problem by assuring we always call the importXML method on the diagram modeller (and don't bypass it with a call to the fromXML of the protected _moddle.
we have to correct for the loop characteristics getting removed in a different way.
* run_pyl.
* eslint fixes
* Cypress caught some errors - I hate it, but it was right, and it caught something critical.
* when backend returns 401 also remove cookies and redirect in frontend if cookies are not set w/ burnettk
* added a copule helpful comments w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* try to debug snyk issue
* try to correct debug env var
* put the debug var in the correct area
* updated autoprefixer to make snyk happy
* put the rest of the ci items back
* run snyk on a schedule w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>