merged in main and resolved conflicts

2025-02-23 21:08:18 +00:00 · 2022-08-22 09:03:49 -04:00 · 2022-08-22 09:03:49 -04:00 · d94b10afdf
commit d94b10afdf
parent 5952f199ed ad2bf980fe
11 changed files with 101 additions and 23 deletions
--- a/bin/deploy
+++ b/bin/deploy
@ -31,6 +31,18 @@ if [[ -z "${SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE:-}" ]]; then
  export SPIFFWORKFLOW_BACKEND_DOCKER_COMPOSE_PROFILE=run
 fi

+if [[ -z "${SPIFFWORKFLOW_FRONTEND_URL:-}" ]]; then
+  export SPIFFWORKFLOW_FRONTEND_URL='http://167.172.242.138:7001'
+fi
+
+if [[ -z "${SPIFFWORKFLOW_BACKEND_URL:-}" ]]; then
+  export SPIFFWORKFLOW_BACKEND_URL='http://167.172.242.138:7000'
+fi
+
+if [[ -z "${OPEN_ID_SERVER_URL:-}" ]]; then
+  export OPEN_ID_SERVER_URL='http://167.172.242.138:7002'
+fi
+
 git pull
 ./bin/build_and_run_with_docker_compose
 ./bin/wait_for_server_to_be_up
--- a/bin/spiffworkflow-realm.json
+++ b/bin/spiffworkflow-realm.json
@ -944,7 +944,10 @@
      "alwaysDisplayInConsole": false,
      "clientAuthenticatorType": "client-secret",
      "secret": "JXeQExm0JhQPLumgHtIIqf52bDalHz0q",
-      "redirectUris": ["http://localhost:7000/*"],
+      "redirectUris": [
+        "http://localhost:7000/*",
+        "http://167.172.242.138:7000/*"
+      ],
      "webOrigins": [],
      "notBefore": 0,
      "bearerOnly": false,
@ -1210,7 +1213,10 @@
      "enabled": true,
      "alwaysDisplayInConsole": false,
      "clientAuthenticatorType": "client-secret",
-      "redirectUris": ["http://localhost:7001/*"],
+      "redirectUris": [
+        "http://localhost:7001/*",
+        "http://167.172.242.138:7001/*"
+      ],
      "webOrigins": ["*"],
      "notBefore": 0,
      "bearerOnly": false,
@ -1275,7 +1281,10 @@
      "alwaysDisplayInConsole": false,
      "clientAuthenticatorType": "client-secret",
      "secret": "6o8kIKQznQtejHOdRhWeKorBJclMGcgA",
-      "redirectUris": ["http://localhost:7001/*"],
+      "redirectUris": [
+        "http://localhost:7001/*",
+        "http://167.172.242.138:7001/*"
+      ],
      "webOrigins": [],
      "notBefore": 0,
      "bearerOnly": false,
--- a/bin/start_keycloak
+++ b/bin/start_keycloak
@ -31,7 +31,15 @@ sleep 10
 docker exec keycloak /opt/keycloak/bin/kc.sh import --file /tmp/finance-realm.json || echo ''
 docker exec keycloak /opt/keycloak/bin/kc.sh import --file /tmp/spiffworkflow-realm.json || echo ''
 docker exec keycloak /opt/keycloak/bin/kc.sh import --file /tmp/quarkus-realm.json || echo ''
-echo 'ran import finance realm'
+
+echo 'imported realms'
+
+if [ "${TURN_OFF_SSL:-}" == "true" ]; then
+  docker exec -it keycloak /opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080 --realm master --user admin
+  docker exec -it keycloak /opt/keycloak/bin/kcadm.sh update realms/master -s sslRequired=NONE
+  docker exec -it keycloak /opt/keycloak/bin/kcadm.sh update realms/spiffworkflow -s sslRequired=NONE
+  echo 'turned off SSL requirement'
+fi

 docker stop keycloak
 docker start keycloak
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -54,6 +54,9 @@ services:
      - FLASK_ENV=${FLASK_ENV:-development}
      - FLASK_DEBUG=0
      - FLASK_SESSION_SECRET_KEY=${FLASK_SESSION_SECRET_KEY:-super_secret_key}
+      - OPEN_ID_SERVER_URL=${OPEN_ID_SERVER_URL:-http://localhost:7002}
+      - SPIFFWORKFLOW_FRONTEND_URL=${SPIFFWORKFLOW_FRONTEND_URL:-http://localhost:7001}
+      - SPIFFWORKFLOW_BACKEND_URL=${SPIFFWORKFLOW_BACKEND_URL:-http://localhost:7000}
      - SPIFFWORKFLOW_BACKEND_PORT=7000
      - SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true
      - SPIFFWORKFLOW_BACKEND_DATABASE_URI=mysql+mysqlconnector://root:${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}@localhost:7003/${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
--- a/pyproject.toml
+++ b/pyproject.toml
@ -86,6 +86,18 @@ sqlalchemy-stubs = "^0.4"
 [tool.poetry.scripts]
 spiffworkflow-backend = "spiffworkflow_backend.__main__:main"

+[tool.pytest.ini_options]
+# ignore three deprecation warnings from three different packages
+filterwarnings = [
+    # note the use of single quote below to denote "raw" strings in TOML
+    # kombu/utils/compat.py:82
+    'ignore:SelectableGroups dict interface is deprecated. Use select.',
+    # marshmallow_sqlalchemy/convert.py:17
+    'ignore:distutils Version classes are deprecated. Use packaging.version instead.',
+    # connexion/spec.py:50
+    'ignore:Passing a schema to Validator.iter_errors is deprecated and will be removed in a future release'
+]
+
 [tool.coverage.paths]
 source = ["src", "*/site-packages"]
 tests = ["tests", "*/tests"]
--- a/src/spiffworkflow_backend/config/default.py
+++ b/src/spiffworkflow_backend/config/default.py
@ -16,6 +16,12 @@ CORS_ALLOW_ORIGINS = re.split(
 PROCESS_WAITING_MESSAGES = (
    environ.get("PROCESS_WAITING_MESSAGES", default="false") == "true"
 )
+SPIFFWORKFLOW_FRONTEND_URL = environ.get(
+    "SPIFFWORKFLOW_FRONTEND_URL", default="http://localhost:7001"
+)
+SPIFFWORKFLOW_BACKEND_URL = environ.get(
+    "SPIFFWORKFLOW_BACKEND_URL", default="http://localhost:7000"
+)

 # Open ID server
 OPEN_ID_SERVER_URL = environ.get("OPEN_ID_SERVER_URL", default="http://localhost:7002")
--- a/src/spiffworkflow_backend/models/active_task.py
+++ b/src/spiffworkflow_backend/models/active_task.py
@ -47,16 +47,21 @@ class ActiveTaskModel(SpiffworkflowBaseDBModel):
    task_status = db.Column(db.String(50))
    task_data: str = db.Column(db.Text)

-    def to_task(self) -> Task:
+    @classmethod
+    def to_task(cls, task: ActiveTaskModel) -> Task:
        """To_task."""
-        task_data = json.loads(self.task_data)
+        task_data = json.loads(task.task_data)

-        return Task(
-            self.task_id,
-            self.task_name,
-            self.task_title,
-            self.task_type,
-            self.task_status,
+        new_task = Task(
+            task.task_id,
+            task.task_name,
+            task.task_title,
+            task.task_type,
+            task.task_status,
            data=task_data,
-            process_instance_id=self.process_instance_id,
+            process_instance_id=task.process_instance_id,
        )
+        if hasattr(task, "process_model_identifier"):
+            new_task.process_name = task.process_model_identifier
+
+        return new_task
--- a/src/spiffworkflow_backend/routes/process_api_blueprint.py
+++ b/src/spiffworkflow_backend/routes/process_api_blueprint.py
@ -545,10 +545,23 @@ def task_list_my_tasks(page: int = 1, per_page: int = 100) -> flask.wrappers.Res
    active_tasks = (
        ActiveTaskModel.query.filter_by(assigned_principal_id=principal.id)
        .order_by(desc(ActiveTaskModel.id))  # type: ignore
+        .join(ProcessInstanceModel)
+        # just need this add_columns to add the process_model_identifier. Then add everything back that was removed.
+        .add_columns(
+            ProcessInstanceModel.process_model_identifier,
+            ActiveTaskModel.task_data,
+            ActiveTaskModel.task_name,
+            ActiveTaskModel.task_title,
+            ActiveTaskModel.task_type,
+            ActiveTaskModel.task_status,
+            ActiveTaskModel.task_id,
+            ActiveTaskModel.id,
+            ActiveTaskModel.process_instance_id,
+        )
        .paginate(page, per_page, False)
    )

-    tasks = [active_task.to_task() for active_task in active_tasks.items]
+    tasks = [ActiveTaskModel.to_task(active_task) for active_task in active_tasks.items]

    response_json = {
        "results": tasks,
@ -585,7 +598,7 @@ def process_instance_task_list(


 def task_show(process_instance_id: int, task_id: str) -> flask.wrappers.Response:
-    """Task_list_my_tasks."""
+    """Task_show."""
    principal = find_principal_or_raise()

    process_instance = find_process_instance_by_id_or_raise(process_instance_id)
@ -606,7 +619,10 @@ def task_show(process_instance_id: int, task_id: str) -> flask.wrappers.Response
    if active_task_assigned_to_me:
        form_schema_file_name = active_task_assigned_to_me.form_file_name
        form_ui_schema_file_name = active_task_assigned_to_me.ui_form_file_name
-        task = active_task_assigned_to_me.to_task()
+        active_task_assigned_to_me.process_model_identifier = (
+            process_instance.process_model_identifier
+        )
+        task = ActiveTaskModel.to_task(active_task_assigned_to_me)
    else:
        spiff_task = get_spiff_task_from_process_instance(task_id, process_instance)
        extensions = spiff_task.task_spec.extensions
@ -705,7 +721,9 @@ def task_submit(
        assigned_principal_id=principal.id, process_instance_id=process_instance.id
    ).first()
    if next_active_task_assigned_to_me:
-        return make_response(jsonify(next_active_task_assigned_to_me.to_task()), 200)
+        return make_response(
+            jsonify(ActiveTaskModel.to_task(next_active_task_assigned_to_me)), 200
+        )

    return Response(json.dumps({"ok": True}), status=202, mimetype="application/json")

--- a/src/spiffworkflow_backend/routes/user.py
+++ b/src/spiffworkflow_backend/routes/user.py
@ -254,7 +254,8 @@ def logout(id_token: str, redirect_url: Optional[str]) -> Response:

 def logout_return() -> Response:
    """Logout_return."""
-    return redirect("http://localhost:7001/")
+    frontend_url = str(current_app.config["SPIFFWORKFLOW_FRONTEND_URL"])
+    return redirect(f"{frontend_url}/")


 def get_decoded_token(token: str) -> Optional[Dict]:
--- a/src/spiffworkflow_backend/services/authentication_service.py
+++ b/src/spiffworkflow_backend/services/authentication_service.py
@ -44,11 +44,15 @@ class PublicAuthenticationService:
    Used during development to make testing easy.
    """

+    def get_backend_url(self) -> str:
+        """Get_backend_url."""
+        return str(current_app.config["SPIFFWORKFLOW_BACKEND_URL"])
+
    def logout(self, id_token: str, redirect_url: Optional[str] = None) -> Response:
        """Logout."""
        if redirect_url is None:
            redirect_url = "/"
-        return_redirect_url = "http://localhost:7000/v1.0/logout_return"
+        return_redirect_url = f"{self.get_backend_url()}/v1.0/logout_return"
        (
            open_id_server_url,
            open_id_client_id,
@ -77,7 +81,7 @@ class PublicAuthenticationService:
            open_id_realm_name,
            open_id_client_secret_key,
        ) = get_open_id_args()
-        return_redirect_url = "http://localhost:7000/v1.0/login_return"
+        return_redirect_url = f"{self.get_backend_url()}/v1.0/login_return"
        login_redirect_url = (
            f"{open_id_server_url}/realms/{open_id_realm_name}/protocol/openid-connect/auth?"
            + f"state={state}&"
@ -104,11 +108,10 @@ class PublicAuthenticationService:
            "Content-Type": "application/x-www-form-urlencoded",
            "Authorization": f"Basic {backend_basic_auth.decode('utf-8')}",
        }
-
        data = {
            "grant_type": "authorization_code",
            "code": code,
-            "redirect_uri": "http://localhost:7000/v1.0/login_return",
+            "redirect_uri": f"{self.get_backend_url()}/v1.0/login_return",
        }

        request_url = f"{open_id_server_url}/realms/{open_id_realm_name}/protocol/openid-connect/token"
--- a/src/spiffworkflow_backend/services/process_instance_processor.py
+++ b/src/spiffworkflow_backend/services/process_instance_processor.py
@ -631,7 +631,8 @@ class ProcessInstanceProcessor:
                    and task.workflow == self.bpmn_process_instance
                ):
                    endtasks.append(task)
-            return endtasks[-1]
+            if len(endtasks) > 0:
+                return endtasks[-1]

        # If there are ready tasks to complete, return the next ready task, but return the one
        # in the active parallel path if possible.  In some cases the active parallel path may itself be