* decode tokens with jwt instead of with base64 w/ burnettk
* try to verify jwt token with keycloak when we decode it w/ burnettk
* make the token algorithm a constant w/ burnettk
* WIP: create more valid looking jwt from spiff w/ burnettk
* tests are passsing now w/ burnettk
* some pyl stuff w/ burnettk
* fixed mypy issues w/ burnettk
* fixed issues from mypy fixes w/ burnettk
* do not load openid blueprint if not using those configs w/ burnettk
* used the process instance to determine if guest user can use connector api w/ burnettk
* only check the db for process instance if the api call is for typeahead
* removed unused test code
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* store the db ids of the process instance queue records instead of the sqlalchemy objects to avoid detached instance errors w/ burnettk
* raise an error similar to one we raise elsewhere in the unexpected case that this fails
* removed unused method
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* get parent process groups of process models that the user has access to w/ burnettk
* use the process group list to get the info we need for the group show page for permissions w/ burnettk
* clear the browser cache when updating a process group w/ burnettk
* fixed broken test w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not error out and allow process instances to recover if the bpmn_process is null but the definition is set w/ burnettk
* fixed another flakey test w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* n plus one checks
* tests passing with nplusone
* satisfy probably-wrong json schema
* remove useless comment and consolidate poetry dev deps
* not actually going to add this dependency, but leave docs for next guy
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* removed id from task and still working on getting the migration working w/ burnettk
* fixed migration to work on postgres and sqlite as well w/ burnettk
* fixed tests w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* get most recent tasks based on last_state_change instead of task_model.id
* added api to get task instances of a task
* some changes to support displaying task instances
* forgot to commit the controller
* updated frontend to display info for other instances of a task w/ burnettk
* some formatting to the selected task instance w/ burnettk
* do not get task instances when selecting different instance w/ burnettk
* added tests for task-instances w/ burnettk
* some ui tweaks for task instance view w/ burnettk
* updates based on coderabbit
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* allow additional valid client ids to be specified for the purpose of token validation
* import the correct typedict and notrequired for python 3.10
* remove HEY
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* WIP: some initial code for category in data objects
* attempt to get the data object for the given bpmn process and instance of it w/ burnettk
* updates for data objects
* fixed tests
* made suggestions by code rabbit and moved logic to get process data file out of shared method since it has a completely different implentation
* remove commented out code
* updated SpiffWorkflow for data object category
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* WIP: some initial test code to test out celery w/ burnettk
* some cleanup for celery and added base model to put tasks waiting on timers
* removed dup bpmn file
* some more cleanup and added strategy to queue instructions
* some minor code changes w/ burnettk
* remove the unused next_task key from api calls since nobody uses it w/ burnettk essweine
* added migration for future tasks and added test to make sure we are inserting into it w/ burnettk essweine
* ensure future task run at time can be updated w/ burnettk
* added table to queue instructions for end user in w/ burnettk
* added test to ensure we are storing instructions for end users w/ burnettk
* added progress page to display new instructions to user
* ignore dup instructions on db insert w/ burnettk
* some more updates for celery w/ burnettk
* some pyl and test fixes w/ burnettk
* fixed tests w/ burnettk
* WIP: added in page to show instructions on pi show page w/ burnettk
* pi show page is fully using not interstitial now w/ burnettk
* fixed broken test w/ burnettk
* moved background processing items to own module w/ burnettk
* fixed apscheduler start script
* updated celery task queue to handle future tasks and upgraded black and set its line-length to match ruff w/ burnettk
* added support to run future tasks using countdown w/ burnettk
* build image for celery branch w/ burnettk
* poet does not exist in the image w/ burnettk
* start blocking scheduler should always start the scheduler w/ burnettk
* add init and stuff for this branch
* make this work not just on my mac
* send other args to only
* added running status for process instance and use that on fe to go to show page and added additional identifier to locking system to isolate celery workers better w/ burnettk
* fixed typing error that typeguard found, not sure why mypy did not w/ burnettk
* do not check for no instructions on interstitial page for cypress tests on frontend w/ burnettk
* do not queue process instances twice w/ burnettk
* removed bad file w/ burnettk
* queue tasks using strings to avoid circular imports when attmepting to queue w/ burnettk
* only queue imminent new timer events and mock celery
* some keyboard shortcut support on frontend and added ability to force run a process instance over the api w/ burnettk
* some styles added for the shortcut menu w/ burnettk
* pyl w/ burnettk
* fixed test w/ burnettk
* removed temporary celery script and added support for celery worker in run server locally w/ burnettk
* cleaned up migrations w/ burnettk
* created new migration to clean up old migrations
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* This fixes guest login with using multiple auths, removes empty items from ApiError, and raises if redirect_url given to login does not match expected frontend host w/ burnettk
* get body for debug
* try to get the logs from the correct place to upload w/ burnettk
* mock the openid call instead of actually calling it w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* reset to page 1 when status changes to fix#765 w/ jasquat
* upgrade connexion and werkzeug to fix snyk w/ jasquat
* fix all security issues like a boss w/ jasquat
* whoops, still no resolution for cryptography w/ jasquat
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* curl and procps in container for debugging
* added some spacing between from lines in dockerfiles w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* removed simple-crypt and cleaned up usage of keys for encryption w/ burnettk
* renamed var to SPIFFWORKFLOW_BACKEND_ENCRYPTION_KEY w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* show the full breadcrumb on task show page w/ burnettk
* check read permission of process model before displaying in breadcrumb on task show page
* in the breadcrumb if the api returns 401 then just ignore the breadcrumb
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* look for deny in the permission action rather than in the target uri and updated the documentation w/ burnettk
* added depecation warning if allowed_permissions is being used intead of actions w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not add data to spiff tasks if that task is finished w/ burnettk
* build docker image for this branch w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* We were getting copy and paste errors that an id already existed. This fixes that problem by assuring we always call the importXML method on the diagram modeller (and don't bypass it with a call to the fromXML of the protected _moddle.
we have to correct for the loop characteristics getting removed in a different way.
* run_pyl.
* eslint fixes
* Cypress caught some errors - I hate it, but it was right, and it caught something critical.
* when backend returns 401 also remove cookies and redirect in frontend if cookies are not set w/ burnettk
* added a copule helpful comments w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added some support for configs to have mutliple auths
* multiple openids services are mostly working - still needs some cleanup
* some cleanup for pyl and fixed login_return for internal openid server w/ burnettk
* if only one auth is returned from backend then just do that w/ burnettk
* login page has been formatted w/ burnettk
* some extra formatting on the login page w/ burnettk
* relabel test openid providers and add user
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* only check for timer events in ready_user_task_has_associated_timer so we can skip user_input_required instances w/ burnettk
* removed test.py file w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added migration to drop the id column from json_data and make hash the primary key
* removed id column from task_draft_data as well
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added api to get all completed tasks for an instance and display it in a table w/ burnettk
* moved completed tasks table on pi show page to sub tabs
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added test and some additional support for deny permissions w/ burnettk
* added support for deny through permissions-check api w/ burnettk
* support DENY at the beginning of a permission target marcro
* do not look up permissions using grant type, only use the uniqueness key
* added support in frontend to display a nice error if user does not have access to a data object value w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not save cancelled task events again
* actually only process cancelled events that were cancelled during the current run
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* support formatting data client side in markdown and support greater than and less than for metadata column filters w/ burnettk
* moved spiff conversion functions to FormattingService and use it in InstructionsForEndUser w/ burnettk
* added tests for greater than and less than metadata operators and added negative tests w/ burnettk
* removed unneeded useEffect w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* updated Dockerfile to try to remove security vulnerabilities w/ burnettk
* we require curl for health checks w/ burnettk
* try to scan docker image in ci
* use Dockerfile from backend w/ burnettk
* continue-on-error w/ burnettk
* attempt to elevate permissions of snyk w/ burnettk
* added snyk security github workflow w/ burnettk
* fixed location of constraints w/ burnettk
* add in or true for snyk tests w/ burnettk
* sent the snyk token w/ burnettk
* specify the directory for the sarif file w/ burnettk
* updated spiffworkflow-connector-command for snyk issue w/ burnettk
* updated sql statements sanitize input
* ignore issues for debug_controller and check frontend with snyk w/ burnettk
* updated babel and electron for snyk w/ burnettk
* some more updates to fix vulnerabilities w/ burnettk
* prune repeated deps for frontend builds since
* uncomment ci code so it runs again and use node for frontend base image w/ burnettk
* fixed backend image name w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* WIP for error boundary support w/ burnettk
* updates to catch error boundary events and send them back out w/ burnettk
* fixed broken test w/ burnettk
* use connector-http and spiffworkflow-proxy from main w/ burnettk
* updated smtp and slack connectors in connector-proxy-demo w/ burnettk
* added more tests for the service task service call connector to test errors w/ burnettk
* added spiffworkflow-connector-command and some code clean up
* updated the connectors in the proxy demo
* use SpiffWorkflow from git instead of locally
* some cleanup while code reviewing
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* using new spiffworkflow locally and the db can be recreated w/ burnettk
* tests are passing w/ burnettk
* added version 3 data migration for typenames on tasks and bpmn processes w/ burnettk
* pyl w/ burnettk
* attempting to add tests for data migrator and fix 1.3 for postgres
* run version_1_3 migration differently from postgres versus mysql and sqlite
* look up the task model again to make sure it is fresh w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* using new spiffworkflow locally and the db can be recreated w/ burnettk
* tests are passing w/ burnettk
* added version 3 data migration for typenames on tasks and bpmn processes w/ burnettk
* pyl w/ burnettk
* switch SpiffWorkflow back to main
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* cherry picked changes from b12af9f3bc to pin form json files
* use the class name to determine what a task type is w/ burnettk
* initial thoughts to fix cancel timer issue w/ burnettk
* added migration to run predict on all open instances w/ burnettk
* remove debug, refactor data migrations, add benchmark_log_func
* log progress of script
* only process predicted tasks and their parents in the version 2 data miagration w/ burnettk
* added data migrator and using that to run version 2 migrations when needed w/ burnettk
* removed some unwanted code
* fix issue, but tests still need updating
* fix tests by returning code to closer to what it was
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* support wildcards when adding users to groups from waiting table
* moved the user route to authentication_controller to avoid having so many user routes and this controller was all about login
* added test to ensure regexes work for permissions - still need to remove old ones on refresh
* moved token related code out of authorization service and into authentication service w/ burnettk
* remove old user group assignment waiting entries when refreshing permissions w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* removed group service in favor of user service and messing around with ruff and pre-commeit w/ burnettk
* pyl can succeed now w/ burnettk
* removed debug code w/ burnettk
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* task show loads the correct revision of the json schema form w/ burnettk
* display error if form cannot be found at revision w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Added a spiffworkflow logo, colors, fonts, styling to login page based off the styles used on our website.
Maybe someday these can bleed through to the app itself.
* use the c option with git commands instead of using cd from python w/ burnettk
* removed the cd method since we should not be using it since it is not threadsafe
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* some debug items w/ burnettk
* removed some db commits from workflow execution service so the passed in save is the only thing that actually commits the transaction
* set max depth to 50000 for now w/ burnettk
* pyl w/ burnettk
* use temp maxdepth fix in SpiffWorkflow w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added method to get configs from env so we can manipulate the values in a consistent way w/ burnettk
* grouped configs in default py to make it a little easier to understand
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added basic model for new reference cache w/ burnettk
* switched out SpecReferenceCache for ReferenceCacheModel w/ burnettk jbirddog
* pyl w/ burnettk jbirddog
* save items to the db using the new cache with generation table w/ burnettk
* bulk save for performance
* tests are passing
* actually use the new generation table - we still need a test to ensure we are using it
* added test to ensure using new cache generation
* corrected reference interface on frontend w/ burnettk
* do not perform git pull in webhook if the revision is the same as the current w/ burnettk jbirddog
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* updated to use new spiff branch and fixed broken tests w/ burnettk essweine
* updated spiffworkflow with new main build w/ burnettk essweine
* initial updates to new spiff branch w/ burnettk essweine
* more updates for new spiff w/ burnettk essweine
* fixed some linting issues w/ burnettk essweine
* fixed some failing tests w/ burnettk
* updated spiffworkflow for cancel fix w/ burnettk
* Improvement/flexible task iteration 2 (#504)
* wip
* consistent failure, mostly
* removing test code and tests
* removing unused test bpmn files
* removing unused test bpmn files
* minor cleanup of commented code
* spaces and unused imports
* go back to spiff on main
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* lint
* updated test to reflect storing predicted tasks w/ burnettk
* add some orders so postgres does not do whatever it wants, and clear log
* fix lint
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: danfunk <daniel.h.funk@gmail.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* Don't bug out in older instances that don't have runtime_info
* Add zoom buttons to React Diagram Editor
* This removes some potential features for on-boarding, that we are not currently using, but fixes the issue with 100's of onboarding processes piling up and sitting around. Hoepfully we can wrap this into the extensions mechanism so everything works the same way eventually.
* Improved error messages on form builder
Don't try to auto-save the file before it is fully loaded.
Example data was not getting saved on update.
* Found several errors with new zooming buttons in DMN, so cleaning that up.
Recent changes prevented creating a new dmn table.
* Errors were not being displyed for the Editor Routes
* Going to disable handling user tasks in the onboarding controller for now.
* some initial work to support user api keys w/ burnettk
* some updates to store and use service accounts - migrations do not work in sqlite atm
* pyl
* minor tweak to the migration
* refactored user route
* this is working if returning user that created the service account
* put back migrations from main w/ burnettk
* tests pass with new migration w/ burnettk
* do not remove service account permissions on refresh_permissions w/ burnettk
* added new component to make some api calls to populate child components and routes w/ burnettk
* allow displaying extensions in configuration tab w/ burnettk
* removed service accounts controller in favor of extension and encrypt the api keys
* add fuzz to username to make deleting and recreating service accounts easier
* allow specifying the process id to use when running an extension w/ burnettk
* allow extensions to navigate to each other on form submit w/ burnettk
* removed commented out debug code
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* when removing predicted tasks for data storage, don't alter the in-memory version of the workflow.
* run_pyl
* Bump gitPython for security vulnerability.
* do not change guest user permissions when running refresh_permissions w/ burnettk
* linting
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* updated to use new spiff branch and fixed broken tests w/ burnettk essweine
* updated spiffworkflow with new main build w/ burnettk essweine
* work around dictionary changed size during iteration error in parallel tests
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* Detect focus loss/return in the Diagram Editor - so that we can reload the process model and assure that we know about any changed files.
Allow for looking specifically for json SCHEMA files (those files that are named -schema.json or .schema.json (as is the convention). Only show these in the dropdown for the form.
* * Run descriptions through the markdown processor so you can use bold/italic etc... in your description fields within a form.
* Move ExampleTable into it's own view component to keep the size of the form builder sane.
* Assure markdown within jrsf forms have reasonable styling that follows the containers style, rather than setting to some other default.
* Add a couple of example forms so people can get a sense of what is possible.
* Connect up the new Json Schema Editor Component to the process model edit diagram.
* Just select the schema file - not the ui file when selecting the form for a component - we may revert this to just a text box.
*
* Cleanup the formatting of arrays, so that they are sligtly intended, do not contain an awkward unneeded heading, and have some tighter css.
* Connect the form editing in the modal back to the BPMN-JS editor
Auto-Save edits in the Form Builder
Lots and lots of tweaks to the react form builder ui
* various fixes.
* test for prepare_schema
* minor fix for run_pyl
* css cleanup
less issues with reloading and jumping about when in the editor
Don't sort keys when returning the json.
More intelligent "ready"
* bump package to point to branch of bpmn-js-spiffworkflow so others can check it out.
* Assure that json keys are not sorted during serialization by default.
Allow adding example fields to an existing schema
Create a set of examples.
* db complaints in migration change.
* removed items from interface file that had been moved elsewhere w/ burnettk
* rename prepare_form to prepare-form
* rename prepare_form to prepare-form
* Remove commented out code.
* typo
* add a comment about the empty column
* move back to the main branch
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* added ability to display navigation items in user profile toggle
* updated naming of some extension elements
* added user property table and updates for extensions to use it w/ burnettk
* moved extension ui interfaces to own file and linting issues
* some updates to render markdown results on load w/ burnettk
* added migration merge file w/ burnettk
* moved code to fix linting issues w/ burnettk
* resolved db migration conflict
* removed unnecessary migrations and added just one w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added modal and table to view completed forms w/ burnettk
* avoid making api calls for tab components on instance show page w/ burnettk
* show id when no task name and fix cognitive complexity warning in an embarrassing way
* removed some commented out code
* made human task attributes optional and noted them in frontend interfaces w/ burnettk
* removed draft completed tasks component w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* removed commented out smart task prediction code from after_engine_steps and removed code to predict tasks again from within backend
* build images for this branch
* removed commented out debug code
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* some basics to set a user groups based on info in keycloak w/ burnettk
* test for adding groups from token now passes
* do not remove users from groups when running refresh_permissions if specified
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* Switch to local wheel
* Fix to load the call activity by spec
* Added log
* Logging
* WIP - getting the right tasks it seems from the db, need to get into the workflow
* Clean up, revert things
* Working thanks dan
* Getting bin_pyl to pass
* run_pyl.
* Re-poet install
* Revert file
* Remove logging lines
* Getting bin_pyl to pass
* Clean up, revert things
* Bump wheel
* Use version off pypi
---------
Co-authored-by: danfunk <daniel.h.funk@gmail.com>
* WIP: some initial code to allow anonymous users get a task w/ burnettk
* added scripts to get the url for a given human task w/ burnettk
* users can complete a task anonymously
* pyl
* fixed up login flow and added submission confirmation message for guest tasks w/ burnettk
* added only_guest_task_completion to guest token so we can remove items from the ui with it
* renamed anonymous to guest
* force logout guest users when verifying the token if certain criteria are met and do not do it random controller methods
* also allow saving draft data to use guest users w/ burnettk
* updated bpmn-js-spiffworkflow and added test to test allow guest
* pyl
* fix typo and remove bad file
* remove allow_guest column and moved allow guest check to TaskModel
* removed unnecessary comment
* missing import
* do not allow guest users to see completed tasks and remove save and close button for guest users w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* WIP - threading with dan
* WIP - cleanup with dan
* Fixing a minor bug and adding a comment and taking the win, even though it was all actually done by @jbirddog with help from @essweine
* adding a couple of simple tests
* * Threaded execution of multiple ready engine tasks is now the default behavior for all execution strategies by default (the skip-one strategry does not do it)
* Assure that tasks in the db match those in the spiffworkflow bpmn on save (remove all predicted and pruned tasks)
with @jbirddog, @jlantz, @burnettk
* run_pyl
---------
Co-authored-by: Jon Herron <jon.herron@yahoo.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>