1937 Commits

Author SHA1 Message Date
dependabot[bot]
4bd920bed5
Bump marshmallow-sqlalchemy in /spiffworkflow-backend (#972)
Bumps [marshmallow-sqlalchemy](https://github.com/marshmallow-code/marshmallow-sqlalchemy) from 0.29.0 to 1.0.0.
- [Changelog](https://github.com/marshmallow-code/marshmallow-sqlalchemy/blob/dev/CHANGELOG.rst)
- [Commits](https://github.com/marshmallow-code/marshmallow-sqlalchemy/compare/0.29.0...1.0.0)

---
updated-dependencies:
- dependency-name: marshmallow-sqlalchemy
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-06 07:07:39 -08:00
burnettk
d542804d9c
allow pr write permission for pr review 2024-02-06 10:05:26 -05:00
dependabot[bot]
01acc1944c
Bump flask-sqlalchemy from 3.0.3 to 3.0.5 in /spiffworkflow-backend (#961)
Bumps [flask-sqlalchemy](https://github.com/pallets-eco/flask-sqlalchemy) from 3.0.3 to 3.0.5.
- [Release notes](https://github.com/pallets-eco/flask-sqlalchemy/releases)
- [Changelog](https://github.com/pallets-eco/flask-sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets-eco/flask-sqlalchemy/compare/3.0.3...3.0.5)

---
updated-dependencies:
- dependency-name: flask-sqlalchemy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-05 07:23:38 -08:00
burnettk
05b50df2b3
Revert "future tasks should not cause anything to happen if the instance is suspended"
This reverts commit b627567addbb911447299641dee43f7081b6213d.
2024-02-02 17:59:37 -05:00
burnettk
b627567add
future tasks should not cause anything to happen if the instance is suspended 2024-02-02 17:58:53 -05:00
dependabot[bot]
6a0249955a
Bump bandit from 1.7.2 to 1.7.7 in /spiffworkflow-backend (#945)
Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.2 to 1.7.7.
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](https://github.com/PyCQA/bandit/compare/1.7.2...1.7.7)

---
updated-dependencies:
- dependency-name: bandit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-02 10:43:52 -08:00
dependabot[bot]
6567112615
Bump xdoctest from 1.1.2 to 1.1.3 in /spiffworkflow-backend (#943)
Bumps [xdoctest](https://github.com/Erotemic/xdoctest) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/Erotemic/xdoctest/releases)
- [Changelog](https://github.com/Erotemic/xdoctest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Erotemic/xdoctest/compare/v1.1.2...v1.1.3)

---
updated-dependencies:
- dependency-name: xdoctest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 13:44:12 -08:00
burnettk
b3b1f44d51
update cryptography 2024-02-01 14:02:49 -05:00
Kevin Burnett
020519a724
support bpmn executable property (#934)
* support executable property

* process model with no primary file is not executable

* filter by executable and primary file and avoid snagging g.user from service

* kill Start buttons on process group list as well

* use more similar code to check is executable and write integration test

* add a test and improve a variable name

---------

Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2024-02-01 10:57:12 -08:00
Kevin Burnett
6a3f8a212f
update spiff and remove dot notation (#933)
* update spiff and remove dot notation

* update script_engine dependency based on spiff lib update

---------

Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2024-02-01 06:51:19 -08:00
jbirddog
a214a6aedd
Add migration (#931) 2024-01-31 11:31:14 -05:00
Kevin Burnett
711da2b048
unique bpmn process ids (#927)
* remove SpecReferenceCache

* make sure strings are sometimes unique

* lint

* more random

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

---------

Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
2024-01-30 12:48:44 -08:00
burnettk
40b9570e22
process instances for-me is a basic permissions thing needed by everyone 2024-01-30 12:16:46 -05:00
jbirddog
6c209fe2ff
Bump docker (#918)
* Bump docker base image to python 3.12.1

* Add libffi-dev

* Add chardet

* Dumping logs in CI

* Remove tmp CI step, bump gunicorn
2024-01-29 11:09:36 -08:00
burnettk
616659e691
consistent license 2024-01-29 10:16:28 -05:00
Dan Funk
03b21accec
allow looping back in a process to create more messages - minor bug fix - didn't add what would be a complex test to this, as it was a one line change that seems an oversight in the original code. (#924) 2024-01-29 06:40:39 -08:00
jasquat
f0f4bcce12
Feature/homepage extension filter refactor (#919)
* WIP: initial work to have a home page created from an extension w/ burnettk

* added support to display an extension as the root page w/ burnettk

* allow extensions to add new routes to base routes w/ burnettk

* use page instead of creating new key route w/ burnettk

* added components to support pi tables in extensions w/ burnettk

* allow using asterisks to mark words as bold in process instance list table

* moved table component from InstancesListTable to own component w/ burnettk

* filters are somewhat working again w/ burnettk

* default homepage uses the table without filters component now w/ burnettk

* renamed instance list tables to be more appropriate w/ burnettk

* display errors if list table is used incorrectly w/ burnettk

* fixed issue where columns were not displaying in the filter list

* pyl

* rely on changes in report hash to determine if report hash state needs updating

* only show link to report if there are instances to show

* many updates for filtering to remove the apply button and clean things up w/ burnettk

* some more fixes for too many renderings w/ burnettk

* advanced filters are working again w/ burnettk

* clear is working again w/ burnettk

* fixed a few linting errors and warnings w/ burnettk

* fixed some cypress tests

* if there are errors then display them right away instead of trying to put together the other elements

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2024-01-26 11:41:07 -05:00
jbirddog
4758634c99
Show Data Store tiles on the Process Group page (#917)
Co-authored-by: Kevin Burnett <18027+burnettk@users.noreply.github.com>
2024-01-24 10:15:08 -05:00
jbirddog
858e8eaec4
Get backend working with Python 3.12 (#876)
Co-authored-by: Kevin Burnett <18027+burnettk@users.noreply.github.com>
2024-01-24 08:00:10 -05:00
jbirddog
60f34e3015
Validate writes to the json data store against its schema (#875)
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Kevin Burnett <18027+burnettk@users.noreply.github.com>
2024-01-24 07:58:30 -05:00
jasquat
0ab1ca446c
force user logout if token cannot be decoded w/ burnettk 2024-01-18 14:51:04 -05:00
jasquat
11384c2a47
queue instance with celery instead of running engine steps on task submit w/ burnettk 2024-01-18 13:29:10 -05:00
jasquat
88f81cd2b3
use caps in api key header name w/ burnettk 2024-01-17 11:04:40 -05:00
jasquat
80bc2f2e42
Feature/typeahead allow guest user (#897)
* decode tokens with jwt instead of with base64 w/ burnettk

* try to verify jwt token with keycloak when we decode it w/ burnettk

* make the token algorithm a constant w/ burnettk

* WIP: create more valid looking jwt from spiff w/ burnettk

* tests are passsing now w/ burnettk

* some pyl stuff w/ burnettk

* fixed mypy issues w/ burnettk

* fixed issues from mypy fixes w/ burnettk

* do not load openid blueprint if not using those configs w/ burnettk

* used the process instance to determine if guest user can use connector api w/ burnettk

* only check the db for process instance if the api call is for typeahead

* removed unused test code

* pyl

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2024-01-16 14:47:25 -05:00
jasquat
2d9fb4430e
updated SpiffWorkflow for data object category fix (#904)
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2024-01-16 14:45:55 -05:00
jbirddog
8e05e1e3c0
Add identifier and clz fields to the data stores response (#894) 2024-01-12 08:04:32 -05:00
Kevin Burnett
b02f505bea
move snyk stuff to snyk file (#895)
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2024-01-11 06:14:25 -08:00
jasquat
12f929f777
ignore newest cryptography snyk issue 2024-01-10 12:29:50 -05:00
jbirddog
1c0570c147
Bump Restricted Python to 7.x, needed for Python 3.12 support (#872) 2024-01-10 10:46:28 -05:00
jbirddog
a8a32b60fa
Add data store at the process group level (#859) 2024-01-10 09:48:31 -05:00
jbirddog
ab39569cac
Add direct dependency on jsonschema (#868) 2024-01-10 08:18:34 -05:00
jasquat
7489d17f4f
added comment in migration to explain why it was being done w/ burnettk 2024-01-04 14:38:57 -05:00
jbirddog
ad3e63367f
Make file upload detection more flexible, add integration test (#854) 2024-01-04 11:32:13 -05:00
jasquat
6bafd7b144
use urlsafe_base64decode for keycloak id tokens to support certain utf8 characters w/ burnettk (#852)
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2024-01-03 16:14:14 -05:00
jasquat
14846bfb86
feature/detached-instance-error (#847)
* store the db ids of the process instance queue records instead of the sqlalchemy objects to avoid detached instance errors w/ burnettk

* raise an error similar to one we raise elsewhere in the unexpected case that this fails

* removed unused method

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2024-01-03 13:34:56 -05:00
jbirddog
73eb221c17
Remove category param (#848) 2024-01-02 17:49:00 -05:00
jbirddog
b1206c5b3d
Drop __annotations__ from task data (#834) 2023-12-27 11:50:01 -05:00
jasquat
a7a48ee9fc
feature/get-pg-of-readable-pm (#832)
* get parent process groups of process models that the user has access to w/ burnettk

* use the process group list to get the info we need for the group show page for permissions w/ burnettk

* clear the browser cache when updating a process group w/ burnettk

* fixed broken test w/ burnettk

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-12-22 13:17:40 -05:00
jbirddog
2f83a68787
Clear caches when deleting a file (#826) 2023-12-21 14:12:48 -05:00
jasquat
88030781d6
do not include task data by default but allow overriding that decision w/ burnettk (#828)
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-12-21 09:53:44 -05:00
jasquat
d2b39b10c6
feature/handle-null-bpmn-process-on-pi (#827)
* do not error out and allow process instances to recover if the bpmn_process is null but the definition is set w/ burnettk

* fixed another flakey test w/ burnettk

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-12-20 16:16:08 -05:00
jasquat
06bf1f24df
fixed flakey task model test 2023-12-20 13:54:20 -05:00
Kevin Burnett
e1fefa9fc7
nplusone (#824)
* n plus one checks

* tests passing with nplusone

* satisfy probably-wrong json schema

* remove useless comment and consolidate poetry dev deps

* not actually going to add this dependency, but leave docs for next guy

---------

Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2023-12-20 07:18:20 -08:00
burnettk
d688e2414d
make it so we can delete TaskInstructionsForEndUserModel on instance delete 2023-12-19 15:28:02 -05:00
jasquat
3fce735d4f
Feature/task table drop (#823)
* removed id from task and still working on getting the migration working w/ burnettk

* fixed migration to work on postgres and sqlite as well w/ burnettk

* fixed tests w/ burnettk

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-12-19 08:59:29 -08:00
jasquat
0c8ff4ee45
updated get_token to work with internal openid as well w/ burnettk 2023-12-18 16:21:28 -05:00
jasquat
15d0d788e5
Feature/pi show page diagram (#816)
* get most recent tasks based on last_state_change instead of task_model.id

* added api to get task instances of a task

* some changes to support displaying task instances

* forgot to commit the controller

* updated frontend to display info for other instances of a task w/ burnettk

* some formatting to the selected task instance w/ burnettk

* do not get task instances when selecting different instance w/ burnettk

* added tests for task-instances w/ burnettk

* some ui tweaks for task instance view w/ burnettk

* updates based on coderabbit

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-12-18 14:23:51 -05:00
Kevin Burnett
d6be107167
use the approach from check_permissions to avoid n plus 1 query issue (#814)
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2023-12-18 07:27:14 -08:00
burnettk
435c476577
ignore snyk issues with no resolution yet 2023-12-18 10:26:38 -05:00
jasquat
1fdca1408b
return the form dict even if it is empty and let rjsf handle it (#812)
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-12-14 14:46:42 -05:00