Changelog

All notable changes to this project will be documented in this file.

1.9.5.1

  • Fix a bug giving a 500 error when user session is expired

1.9.5

  • Fix a bug giving a 500 error when users logs out twice
  • Avoid checking service accounts when requests are handled by API controllers
  • Remove support for Kerberos authentication
  • Add support for Keycloack authentication
  • Update gems

1.9.4

  • Display git TAG in developers information
  • Display formatted Changelog

1.9.3

  • Switch from FTP to SFTP to access files in gpfs (PDF reports)
  • Fix some deprecation warning
  • Fix swagger URLs for dev and test

1.9.2

  • Small fix on FTP gateway

1.9.1

  • Set up for Ubuntu 22

1.9

  • Upgrade Rails to version 7.1
  • Upgrade Ruby to version 3.3.0
  • Change session storage to database
  • Add public view URL into CCV serialization (#10)
  • Add begin_at_strategy parameter to get_by_detector_conditions APIs endpoint (#9)
  • Additional fields in PDU and Detectors model relative to detectors' PDUs composition and module ordering
  • Expose additional fields in CCVs embedded PDUs displaying the status at the begin_at time of the corresponding CCV
  • Update directors information in Legal & About website section
  • Update Selenium driver and Capybara configuration for CI browser tests
  • Added missing DB indexes on CCVs
  • Fixed DB indexes on reports.file_path
  • reports.file_path can now be up to 1000 characters

1.8

  • CCVs general API (/api/calibration_constant_versions) now accepts additional query parameters report.file_path, begin_at_after, begin_at_before which allows for more advanced CCVs filtering
  • Idempotent special APIs endpoints requiring a request BODY now allow POST method
  • Replace radio buttons with checkboxes in data grids search type selection to fix an issue with Firefox
  • Move GIT credentials away from deploy file (and move to secrets)
  • Update data protection information in Legals & About
  • Provide additional information for the 500 error notification email
  • Fix 500 error in get_by_detector_conditions endpoint when parameter_condition has a null value in text parameters
  • Added Rack Attack DoS prevention
  • Implement Brute-Force Login Attacks prevention in Rack attack
  • Improve Rack attack whitelisting and logging
  • Prevent API access to locked accounts
  • Implement flag service account for API only accounts
  • Allow multi-CCV lookup to use parameter names
  • Fix missing pagination in Rails Admin grids
  • Small JS bugfixes
  • Gem update
  • Added precedence bulk mail header to avoid auto-response messages

1.7.2

  • Avoid selection of PDUs with empty UUID in detector edit PDUs interface
  • Avoid 500 error in detector edit PDUs interface if a PDU with empty UUID is chosen
  • Set default sorting by creation date descending in CCVs grid

1.7.1

  • Fixed CSRF issue in users grid
  • Add CCVs' IDs in CCVs grid
  • Update jQuery to version 2
  • Fix issue with log rotation
  • Re-organize crontab jobs
  • Minor gems update

1.7

Changed

  • Updated application for Rails 7.0 and Ruby 3.1.3
  • Upgrade several gems
  • Replace uglifier by treser
  • Fixed several errors in Rails Admin

Added

  • Add Alma Linux 8/9 and Ubuntu 22 to Gitlab-CI

1.6.2

  • Fixed link to Gitlab

1.6.1

Added

  • CCVs general API (/api/calibration_constant_versions) now accepts an additional query parameter calibration.id which allows for filtering CCVs by indirect connected Calibration model (aka by constant type)

Changed

  • Improved Swagger API documentation
  • Added formality check for timestamp parameters in APIs

1.6

Added

  • Parameters can now be set as "text" (flg_text = true) and have text values (more details in the documentation on specialized APIs)
  • Condition APIs which retrieve a single condition now embed the associated parameters_conditions
  • CCVs general API (/api/calibration_constant_versions) is now accepting additional query parameters, among which:
    • physical_detector_unit_id
    • sort: defines the sort field of matching result. Prepending a "-" (hyphen-minus) in the field name reverts the sort order
  • Serialized CCVs now include created_at field

Changed

  • Bugfix: general search in datatables could give inconsistent results in some cases (depending on browser conditions and order of arrival of search results)
  • The CCVs api get_by_detector_conditions now does not query for old version of CCVs, and, for consistency, this api and in PDUs api get_all_by_detector the parameter snapshot_at is now renamed pdu_snapshot_at for clarity of purpose (PDUs api get_all_by_detector still accepts snapshot_at for backward compatibility)

Removed

  • Removed all code related to API V1

1.5.2

  • Bugfix: PDUs embedded in CCVs are now consistent with the snapshot_at parameter
  • Report PDF files can only be downloaded if stored in the "official" calibration gpfs folder (https://git.xfel.eu/ITDM/calibration_catalog/-/issues/2)
  • JS refactoring according to ITDM defined code standard (+introducing ESLint)

1.5.1

  • Bugfix in bulk update PDU on modules' swapping

1.5.0

Added

  • New API get_prior_in_time_version to get valid calibration constant versions in case of multiple calibration constants and old validity time strategy (consistent with get_version API which works for a single calibration constant)
  • New SET API for Reports to create reports. This API is failsafe in case of invalid uniqueness constraint on report's name and file path (it will return the report available with the provided unique parameters instead of giving error)
  • Script to fix DB entries relative to LPD modules missing UUID

Changed

  • Security fix: trusted user role was able to manage other users
  • API to retrieve CCVs by detector and subset of parameters conditions now accepts parameter condition UUID to be 0
  • Fix API error handling when mandatory keys are missing
  • PDU's UUID is now a mandatory field
  • Roles review:
    • Trusted user can now deploy/undeploy CCVs from Report page
    • Trusted user can now manage Detector's PDU composition from Detector page
    • Readonly and Normal user are now equivalent

Removed

  • Deprecated V1 APIs

1.4.0

Added

  • Detectors web pages (with history module)
  • PDUs web pages (with history module)
  • Detector PDUs management Web GUI
  • New API to retrieve CCVs by detector and subset of parameters conditions
  • Wiki documentation on non standard APIs
  • Script to inject Integration time condition for AGIPD type detector (in db/seeds)

Changed

  • Fixed ids parameter evaluation (code injection vulnerability)
  • Updated gems
  • Some fields made immutable:
    • PDU physical name
    • Parameter name
    • Calibration name (constant type)
  • Additional functionalities on Select2 binding (JS)
  • Remote load feature on Bootstrap tabs (JS)
  • Additional feature on Form utils (JS)
  • Removed unused date fields from CCVs tables under corresponding CC (view)
  • APIs api_pie documentation replaced with Swagger
  • Modify Seed tests to include UUID parameter condition for some CCVs
  • Bugfixes on trusted users permissions
  • API results' default pagination set to 100 (and max set to 500)
  • Bugfixes on settings, timeline, reports

1.3.0

Added

  • Reports web pages
  • Settings model
  • FTP gateway to access report files

Changed

  • Upgraded Ruby to version 3.0.1
  • Upgraded Rails to version 6.1.3.2
  • Ported various bugfixes and improvements from myMdC
  • Allow DOC functional account login

30.09.2020

Added

  • Add model Operation Modes with respective RESTful APIs and RSpec tests
  • Activate Instruments RESTful APIs and RSpec tests
  • Specific APIs for myMdC Dark runs integration

Changed

  • Add special validation on PDUs (PDUs belonging to the same detector must be of the same detector type)
  • Make Detector identifier immutable
  • Modify Seed tests to include Operation modes