* initial script to find get_current_user calls
* handle pre and post scripts as well
* refactor
* omit absolute root dir path when printing
* avoid printing NS
* consolidate lxml parsing in one place
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* added new api to show secrets so we can use that in permissions
* updated frontend to use new secret show value api
* cleaned up secret_show method
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* Prevent duplicated path prefix elements in generated URLs
* add more debug info
* pure refactor
* let flask determine how to access site
* build this branch
* build image
* use more url_for, which includes a slash, and things are working locally
* fix hopefully the last missing url_for
* add some code that works for any openid provider
* one more url_for and remove more backend url config references
---------
Co-authored-by: Bret Mogilefsky <bmogilefsky@gmail.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* allow setting the path prefix of the server w/ burnettk
* added error in case someone was successfully using SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT w/ burnettk
* Update docs/DevOps_installation_integration/path_based_routing.md
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* check if pi is enqueued to run in the future before running it in celery w/ burnettk
* only mark future tasks as complete if the corresponding task is complete w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* use the backend url config for the well-known endpoint since request.host_url will not know about the path w/ burnettk
* attempting to fix run precommit in ci w/ burnettk
* fix constraints location w/ burnettk
* fix correct stanza w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* updates to avoid loading completed subprocesses when loading a processor w/ burnettk
* bpmn unit test generator in controller test is passing w/ burnettk
* most tests are passing again w/ burnettk
* tests are all passing now w/ burnettk
* added assertion to reset pi test to ensure task data does come back w/ burnettk
* removed debug benchmark stuff w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* simplify build with pip and poetry in one step and no pipx
* upgrade setuptools
* just in case
* debug w/ burnettk
* print pwd and ls whenever we call constraints w/ burnettk
* update safety and setuptools to fix ci errors w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added script to import process instance and updated some docs for redis and celery w/ burnettk
* pyl and removed bad gitignore w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* some initial code to handle celery logs better w/ burnettk
* some more work to get celery logs properly formatting w/ burnettk
* added logger setup for celery w/ burnettk
* added logger setup for celery w/ burnettk
* use the same logger setup method for both celery and the flask server w/ burnettk
* move the log formatter to own method w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* handle process instance already locked in message service
* moved celery check to own method in message sevice w/ burnettk
* removed initial implementation w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* Run partial tests, add sqlite var
* Add upsearch api
* Getting ./bin/pyl to pass
* Getting ./bin/pyl to pass
* Clean up fixtures
* Revert this change
* PR feedback - use actual schema for api.yml
* Hopefully fix the permissions
* added most of the code needed to generate a bpmn unit test from a process instance w/ burnettk
* pyl and tests are passing
* renamed some files and some clean up
* added api method to generate test case w/ burnettk
* debugging the generate test api w/ burnettk
* test case generator test case is now passing w/ burnettk
* added test for TaskMismatchError w/ burnettk
* added support for extension to create bpmn unit tests with the api w/ burnettk
* coderabbit and typeguard fixes w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* removed human_task_ibfk_5 from old migration file and updated task id removal migration to work with both mysql and postgres w/ burnettk
* use sqlalchemy error classes instead of mysql w/ burnettk
* mypy w/ burnettk
* remove deprecated cypress config w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* initial updates to prepare for data object data migration w/ burnettk
* added method to import bpmn_process_dict to the database w/ burnettk
* test to ensure we can import json is passing w/ burnettk
* added some more tests around importing bpmn process json w/ burnettk
* version 4 migration test is now passing w/ burnettk
* spiff lib back to main after its merge
* some coderabbit suggestions
* do not run version 3 and 4 migrations twice w/ burnettk
* build docker images for this branch w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* removed some portions of the guest access flow in favor of the unauthed flow w/ burnettk
* removed guest access from auth flow in backend w/ burnettk
* updated frontend to use new public api for guest tasks
* fixed tests and updated get task url script to choose between public and non public urls
* removed old guest task support from frontend
* return 404 when a task cannot be found w/ burnettk
* fixed typo in group list tiles w/ burnettk
* added cypress tests for public formg w/ burnettk
* display metadata key for urls instead of values w/ burnettk
* updated permissions for acceptance testss w/ burnettk
* set up permissions for public group if it is in the list and login and logout admin user in ci to ensure permissions are set w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* some basic updates for unauthed endpoints and the start of a test w/ burnettk
* added logic to create public access token if appropriate w/ burnettk
* updated message_form_show to return the rjs form w/ burnettk
* pyl w/ burnettk
* WIP: adding public routes to frontend w/ burnettk
* added public message form page to start a process instance w/ burnettk
* added api endpoint to submit message task data w/ burnettk
* allow switching rjsf themes in customform w/ burnettk
* we can submit a public message form w/ burnettk
* add message start submit to public exclusion list w/ burnettk
* run message submit in synchronous mode w/ burnettk
* a little refactoring to get ready for submitting unauthed tasks w/ burnettk
* created public controller w/ burnettk
* added api endpoint to submit additional public forms w/ burnettk
* added ability to submit a second form from the public web ui w/ burnettk
* some clean up and show markdown confirmation messages w/ burnettk
* added support for instructions and added a logout page for public users w/ burnettk
* support instructions for end user on the start message event as well w/ burnettk
* minor tweaks to public logout page w/ burnettk
* pyl w/ burnettk
* log unsupported form in custom form w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* Purpose: Allow the messages api endpoint to accept arbitrary JSON in it's body - and to respond with the latest task_data - this will allow you to create BPMN processes are that can function as microservices.
* Fixing a bug that prevented the synchronous execution of a message post.
* A message post directly uses the body of the post, do not specify it within a "payload".
* The message response is not just the process instance details, it now contains the "process_instance" and "task_data" at the top level of the returned json.
* The last completed task data is now returned as a part of a response to the message api endpoint, it is with the "task_data" attribute.
* CodeRabbit suggestions
* run_pyl fixes
* fix lint
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* added async and sync support for the message start api w/ burnettk
* removed debug dump call w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added execution mode to task submit and pi run calls to run in async or sync mode w/ burnettk
* do not allow requesting async mode without celery w/ burnettk
* attempt to move queue checking for celery and async to same method to avoid confusing methods w/ burnettk
* if requesting synchronous mode then run with greedy as well w/ burnettk
* implemented some coderabbit suggestions w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added the contents of script engine init to the process model test running init w/ burnettk
* get backend scripts
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* wip spiff lib upgrade
* unit and script tests are now passing w/ burnettk
* tests and pre-commit are passing
* pass None in as external_context as named param instead of creating a variable w/ burnettk
* some extra debugging in case bpmn_xml_file_contents is empty w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* Update README.md
Some notes for people that might want to run full-on native, with detail about how Mac hijacks port 7000 and how to get around it.
* Revert "Update README.md"
This reverts commit 096887c26d591f93a836ef808c148af09767f2d2.
* README update and native code patch
Some details for user that might be running Python3, Mac, and want to run everything locally/natively.
* Implement basic tooltips
Uses MUI tooltip, as it behaves more predictably with existing styling, and enables top-level theme config.
Top-level configuration for all MUI components can be controlled via overriding the existing theme. See index.tsx. This could be done per user for customization, etc.
Enabling JSON module imports in tsconfig.json seemed to fix the error in ReactDiagramEditor
* Naive AI code editor implementation
A working starting point.
* Implement API to return if script assist should be enabled
Along with route and function, api config, etc.
* UI calls backend to see if script assist is enabled.
If it is, loads the related UI, otherwise it doesn't appear.
* Moving forward with service for message processing.
* Services scaffolded
* Open API called, prompt-engineered to get script only.
* Little cleanup work
* Enabled + process message working.
Had to find all the places permissions are enabled, etc.
* Cleanup, comments, etc.
* Env vars, styling, error cases, conditional display of script assist
Finishing touches for the most part.
REQUIRES TWO ENV VARS BE SET.
SPIFFWORKFLOW_SCRIPT_ASSIST_ENABLED=["True" | "true" | 1] (anything else is false)
SECRET_KEY_OPENAI_API=[thekey]
The are retrieved in default.py. I run the app locally, so I just set them in the terminal.
NEW INSTALL: @carbon/colors (so we consistently use carbon palette etc.)
* Fix tooltips, clean up some styling.
Finishing it off.
* Add loader and error message
Complete UX stuff
* Update useScriptAssistEnabled.tsx
Remove log
* Update script_assist_controller.py
Add this tweak to avoid TMI.
* Some reasonable changes suggested by the build process
* Comments from PR.
* Update ProcessModelEditDiagram.tsx
Should (but I don't know how to tell yet) call the change handler that wasn't firing before.
* updated the permissions setting in authorization service w/ burnettk
* precommit now passes. tests are failing w/ burnettk
* pinned SpiffWorkflow to known working version and fixed tests. we will update spiff in a later pr w/ burnettk
* made changes based on coderabbi suggestions
* updated the error handling to be more inline with how we have handled other errors and some ui tweaks
* removed pymysql package w/ burnettk
* forgot to remove pymysql from lock file w/ burnettk
---------
Co-authored-by: Tim Consolazio <tcoz@tcoz.com>
Co-authored-by: Kevin Burnett <18027+burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* add the jinja rendered instructions back to the extensions list before returning
* fixed comment
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* support decrypting and validating jwt tokens from google auth w/ burnettk
* moved code as suggested by coderabbit
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* this adds lookup of the controller names as well as the functions when checking if api call should be excluded
* added login functions to exclusion list and turned it into a constant
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* updated the docs around extensions and updated extensions interfaces in the frontend w/ burnettk
* allow specifying files in component args for extensions and added some support for CustomForm from extensions w/ burnettk
* added comments to the extension interfaces file to better describe how to create them
* finished adding comments to extension interfaces
* added comments at top and some minor tweaks
* some fixes for extensions w/ burnettk
* some fixes for extensions w/ burnettk
* ignore eslint issues for now w/ burnettk
* removed deprecated extension items w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* added api endpoint for a generic webhook w/ burnettk
* added the start of test for testing webhooks w/ burnettk
* the initial test for webhooks is now working w/ burnettk
* added test to prove we can run a message send from a non-persistent process instance w/ burnettk
* pyl w/ burnettk
* updated connector-http for patch command w/ burnettk
* make the webhook persistent so the message instance can be created w/ burnettk
* make sure we commit the message instance to the db in the webhook code w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* Update README.md
Some notes for people that might want to run full-on native, with detail about how Mac hijacks port 7000 and how to get around it.
* Revert "Update README.md"
This reverts commit 096887c26d591f93a836ef808c148af09767f2d2.
* README update and native code patch
Some details for user that might be running Python3, Mac, and want to run everything locally/natively.
* delete human task for task that is being reset to in a process instance w/ burnettk
* added script to remove duplicate human tasks from the database w/ burnettk
* test that human tasks are not duplicated during pi reset w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* Reapply "future tasks should not cause anything to happen if the instance is suspended"
This reverts commit 05b50df2b3.
* lint
* add required approval and merge instead of mark as auto merge
* lint
* added server default to new future_task column so default is actually added to the table schema w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* moved some code blocks from main process instance report service method to own methods w/ burnettk
* added notes of how to implement on backend w/ burnettk
* fixed based on some code rabbit suggestions
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* support executable property
* process model with no primary file is not executable
* filter by executable and primary file and avoid snagging g.user from service
* kill Start buttons on process group list as well
* use more similar code to check is executable and write integration test
* add a test and improve a variable name
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* remove SpecReferenceCache
* make sure strings are sometimes unique
* lint
* more random
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* WIP: initial work to have a home page created from an extension w/ burnettk
* added support to display an extension as the root page w/ burnettk
* allow extensions to add new routes to base routes w/ burnettk
* use page instead of creating new key route w/ burnettk
* added components to support pi tables in extensions w/ burnettk
* allow using asterisks to mark words as bold in process instance list table
* moved table component from InstancesListTable to own component w/ burnettk
* filters are somewhat working again w/ burnettk
* default homepage uses the table without filters component now w/ burnettk
* renamed instance list tables to be more appropriate w/ burnettk
* display errors if list table is used incorrectly w/ burnettk
* fixed issue where columns were not displaying in the filter list
* pyl
* rely on changes in report hash to determine if report hash state needs updating
* only show link to report if there are instances to show
* many updates for filtering to remove the apply button and clean things up w/ burnettk
* some more fixes for too many renderings w/ burnettk
* advanced filters are working again w/ burnettk
* clear is working again w/ burnettk
* fixed a few linting errors and warnings w/ burnettk
* fixed some cypress tests
* if there are errors then display them right away instead of trying to put together the other elements
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* decode tokens with jwt instead of with base64 w/ burnettk
* try to verify jwt token with keycloak when we decode it w/ burnettk
* make the token algorithm a constant w/ burnettk
* WIP: create more valid looking jwt from spiff w/ burnettk
* tests are passsing now w/ burnettk
* some pyl stuff w/ burnettk
* fixed mypy issues w/ burnettk
* fixed issues from mypy fixes w/ burnettk
* do not load openid blueprint if not using those configs w/ burnettk
* used the process instance to determine if guest user can use connector api w/ burnettk
* only check the db for process instance if the api call is for typeahead
* removed unused test code
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* store the db ids of the process instance queue records instead of the sqlalchemy objects to avoid detached instance errors w/ burnettk
* raise an error similar to one we raise elsewhere in the unexpected case that this fails
* removed unused method
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* get parent process groups of process models that the user has access to w/ burnettk
* use the process group list to get the info we need for the group show page for permissions w/ burnettk
* clear the browser cache when updating a process group w/ burnettk
* fixed broken test w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not error out and allow process instances to recover if the bpmn_process is null but the definition is set w/ burnettk
* fixed another flakey test w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* n plus one checks
* tests passing with nplusone
* satisfy probably-wrong json schema
* remove useless comment and consolidate poetry dev deps
* not actually going to add this dependency, but leave docs for next guy
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* removed id from task and still working on getting the migration working w/ burnettk
* fixed migration to work on postgres and sqlite as well w/ burnettk
* fixed tests w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* get most recent tasks based on last_state_change instead of task_model.id
* added api to get task instances of a task
* some changes to support displaying task instances
* forgot to commit the controller
* updated frontend to display info for other instances of a task w/ burnettk
* some formatting to the selected task instance w/ burnettk
* do not get task instances when selecting different instance w/ burnettk
* added tests for task-instances w/ burnettk
* some ui tweaks for task instance view w/ burnettk
* updates based on coderabbit
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* allow additional valid client ids to be specified for the purpose of token validation
* import the correct typedict and notrequired for python 3.10
* remove HEY
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* WIP: some initial code for category in data objects
* attempt to get the data object for the given bpmn process and instance of it w/ burnettk
* updates for data objects
* fixed tests
* made suggestions by code rabbit and moved logic to get process data file out of shared method since it has a completely different implentation
* remove commented out code
* updated SpiffWorkflow for data object category
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* WIP: some initial test code to test out celery w/ burnettk
* some cleanup for celery and added base model to put tasks waiting on timers
* removed dup bpmn file
* some more cleanup and added strategy to queue instructions
* some minor code changes w/ burnettk
* remove the unused next_task key from api calls since nobody uses it w/ burnettk essweine
* added migration for future tasks and added test to make sure we are inserting into it w/ burnettk essweine
* ensure future task run at time can be updated w/ burnettk
* added table to queue instructions for end user in w/ burnettk
* added test to ensure we are storing instructions for end users w/ burnettk
* added progress page to display new instructions to user
* ignore dup instructions on db insert w/ burnettk
* some more updates for celery w/ burnettk
* some pyl and test fixes w/ burnettk
* fixed tests w/ burnettk
* WIP: added in page to show instructions on pi show page w/ burnettk
* pi show page is fully using not interstitial now w/ burnettk
* fixed broken test w/ burnettk
* moved background processing items to own module w/ burnettk
* fixed apscheduler start script
* updated celery task queue to handle future tasks and upgraded black and set its line-length to match ruff w/ burnettk
* added support to run future tasks using countdown w/ burnettk
* build image for celery branch w/ burnettk
* poet does not exist in the image w/ burnettk
* start blocking scheduler should always start the scheduler w/ burnettk
* add init and stuff for this branch
* make this work not just on my mac
* send other args to only
* added running status for process instance and use that on fe to go to show page and added additional identifier to locking system to isolate celery workers better w/ burnettk
* fixed typing error that typeguard found, not sure why mypy did not w/ burnettk
* do not check for no instructions on interstitial page for cypress tests on frontend w/ burnettk
* do not queue process instances twice w/ burnettk
* removed bad file w/ burnettk
* queue tasks using strings to avoid circular imports when attmepting to queue w/ burnettk
* only queue imminent new timer events and mock celery
* some keyboard shortcut support on frontend and added ability to force run a process instance over the api w/ burnettk
* some styles added for the shortcut menu w/ burnettk
* pyl w/ burnettk
* fixed test w/ burnettk
* removed temporary celery script and added support for celery worker in run server locally w/ burnettk
* cleaned up migrations w/ burnettk
* created new migration to clean up old migrations
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* This fixes guest login with using multiple auths, removes empty items from ApiError, and raises if redirect_url given to login does not match expected frontend host w/ burnettk
* get body for debug
* try to get the logs from the correct place to upload w/ burnettk
* mock the openid call instead of actually calling it w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* reset to page 1 when status changes to fix#765 w/ jasquat
* upgrade connexion and werkzeug to fix snyk w/ jasquat
* fix all security issues like a boss w/ jasquat
* whoops, still no resolution for cryptography w/ jasquat
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
* curl and procps in container for debugging
* added some spacing between from lines in dockerfiles w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* removed simple-crypt and cleaned up usage of keys for encryption w/ burnettk
* renamed var to SPIFFWORKFLOW_BACKEND_ENCRYPTION_KEY w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* show the full breadcrumb on task show page w/ burnettk
* check read permission of process model before displaying in breadcrumb on task show page
* in the breadcrumb if the api returns 401 then just ignore the breadcrumb
* pyl
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* look for deny in the permission action rather than in the target uri and updated the documentation w/ burnettk
* added depecation warning if allowed_permissions is being used intead of actions w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* do not add data to spiff tasks if that task is finished w/ burnettk
* build docker image for this branch w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
* We were getting copy and paste errors that an id already existed. This fixes that problem by assuring we always call the importXML method on the diagram modeller (and don't bypass it with a call to the fromXML of the protected _moddle.
we have to correct for the loop characteristics getting removed in a different way.
* run_pyl.
* eslint fixes
* Cypress caught some errors - I hate it, but it was right, and it caught something critical.
* when backend returns 401 also remove cookies and redirect in frontend if cookies are not set w/ burnettk
* added a copule helpful comments w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>