Merge remote-tracking branch 'origin/develop' into fb_mail_transport_via_graph

Author: labkey-bpatel

build.gradle

@@ -5,6 +5,8 @@ plugins {
     id 'maven-publish'
 }
 
+import org.labkey.gradle.task.RunTestSuite
+import org.labkey.gradle.task.RunUiTest
 import org.labkey.gradle.util.BuildUtils
 import org.labkey.gradle.util.GroupNames
 import org.labkey.gradle.util.PomFileHelper
@@ -170,8 +172,19 @@ project.tasks.register("convertHarToStressXml", JavaExec) {
         }
 }
 
-project.tasks.uiTests.dependsOn(initPropertiesTask)
-project.parent.parent.tasks.ijConfigure.dependsOn(initPropertiesTask)
+project.tasks.register("testPackageLockJson", RunUiTest) {
+    include "org/labkey/test/tests/PackageLockJsonTest.class"
+}
+
+project.tasks.named("uiTests").configure {
+    dependsOn(initPropertiesTask)
+}
+project.parent.parent.tasks.named("ijConfigure").configure {
+    dependsOn(initPropertiesTask)
+}
+project.tasks.withType(RunTestSuite).configureEach { it ->
+    scanForTestClasses = true // Required for Gradle 9.3
+}
 
 if (project.hasProperty('doPublishing'))
 {

data/api/rlabkey-api-query.xml

@@ -625,4 +625,45 @@
             ]]>
         </response>
     </test>
+    <test name="make filters" type="post">
+        <url>
+            <![CDATA[
+                library(Rlabkey)
+                print(makeFilter(
+                    c("foo/Reagent", "CONTAINS", "this or that"),
+                    c("Temp_C", "GREATER_THAN", "12"),
+                    c("SystolicBloodPressure", "MISSING", "")))
+            ]]>
+        </url>
+        <response>
+            <![CDATA[
+                [1] "query.foo%2FReagent~contains=this%20or%20that"
+                [2] "query.Temp_C~gt=12"
+                [3] "query.SystolicBloodPressure~isblank="
+            ]]>
+        </response>
+    </test>
+    <test name="make filters as list" type="post">
+        <url>
+            <![CDATA[
+                library(Rlabkey)
+                print(makeFilter(
+                    c("foo/Reagent", "CONTAINS", "this or that"),
+                    c("Temp_C", "GREATER_THAN", "12"),
+                    c("SystolicBloodPressure", "MISSING", ""), asList=TRUE))
+            ]]>
+        </url>
+        <response>
+            <![CDATA[
+                $`query.foo/Reagent~contains`
+                [1] "this or that"
+
+                $`query.Temp_C~gt`
+                [1] "12"
+
+                $`query.SystolicBloodPressure~isblank`
+                [1] ""
+            ]]>
+        </response>
+    </test>
 </ApiTests>

data/api/rlabkey-api.xml

@@ -30,7 +30,7 @@
         <url>
             <![CDATA[
                 library(Rlabkey)
-                print(labkey.getFolders(labkey.url.base, "/%projectName%", includeEffectivePermissions=FALSE))
+                print(labkey.getFolders(labkey.url.base, "/%projectName%", includeEffectivePermissions=FALSE, includeSubfolders=TRUE))
             ]]>
         </url>
         <response>

src/org/labkey/remoteapi/SimpleFormCommand.java

@@ -0,0 +1,43 @@
+package org.labkey.remoteapi;
+
+import org.apache.hc.client5.http.classic.methods.HttpPost;
+import org.apache.hc.client5.http.classic.methods.HttpUriRequest;
+import org.apache.hc.client5.http.entity.UrlEncodedFormEntity;
+import org.apache.hc.core5.http.NameValuePair;
+import org.apache.hc.core5.http.message.BasicNameValuePair;
+
+import java.io.IOException;
+import java.net.URI;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+public class SimpleFormCommand extends Command<CommandResponse, HttpUriRequest>
+{
+    private final Map<String, String> _formData;
+
+    public SimpleFormCommand(String controller, String action, Map<String, String> formData)
+    {
+        super(controller, action);
+        _formData = formData;
+    }
+
+    public CommandResponse execute(Connection connection) throws IOException, CommandException
+    {
+        return execute(connection, null);
+    }
+
+    @Override
+    protected HttpUriRequest createRequest(URI uri)
+    {
+        HttpPost post = new HttpPost(uri);
+
+        List<NameValuePair> args = new ArrayList<>();
+        for (Map.Entry<String, String> reportVal : _formData.entrySet())
+        {
+            args.add(new BasicNameValuePair(reportVal.getKey(), reportVal.getValue()));
+        }
+        post.setEntity(new UrlEncodedFormEntity(args));
+        return post;
+    }
+}

src/org/labkey/test/Runner.java

@@ -41,9 +41,11 @@
 import org.jetbrains.annotations.NotNull;
 import org.junit.Ignore;
 import org.junit.runner.Description;
+import org.junit.runner.RunWith;
 import org.junit.runner.manipulation.Filter;
 import org.junit.runner.manipulation.Filterable;
 import org.junit.runner.manipulation.NoTestsRemainException;
+import org.junit.runners.AllTests;
 import org.labkey.junit.runner.WebTestProperties;
 import org.labkey.serverapi.reader.Readers;
 import org.labkey.serverapi.writer.PrintWriters;
@@ -92,6 +94,7 @@
 
 import static org.labkey.test.WebTestHelper.logToServer;
 
+@RunWith(AllTests.class)
 public class Runner extends TestSuite
 {
     static

src/org/labkey/test/components/core/ProjectMenu.java

@@ -89,6 +89,8 @@ public ProjectMenu open()
             openMenu.run();
             if (!Locator.tagWithClass("div", "folder-nav").existsIn(this))
             {
+                // Menu opened but the folder list didn't load
+                close();
                 openMenu.run(); // retry
             }
         }

src/org/labkey/test/tests/AbstractAdminConsoleTest.java

@@ -25,6 +25,7 @@
 import java.util.List;
 
 import static org.labkey.test.util.PermissionsHelper.APP_ADMIN_ROLE;
+import static org.labkey.test.util.PermissionsHelper.TROUBLESHOOTER_ROLE;
 
 public abstract class AbstractAdminConsoleTest extends BaseWebDriverTest
 {
@@ -79,7 +80,7 @@ protected void createTestUsers()
 
         int troubleshooterId = _userHelper.createUser(TROUBLESHOOTER_USER, true, false).getUserId();
         setInitialPassword(troubleshooterId);
-        apiPermissionsHelper.addMemberToRole(TROUBLESHOOTER_USER, "Troubleshooter", PermissionsHelper.MemberType.user, "/");
+        apiPermissionsHelper.addMemberToRole(TROUBLESHOOTER_USER, TROUBLESHOOTER_ROLE, PermissionsHelper.MemberType.user, "/");
     }
 
     @Override

src/org/labkey/test/tests/AdminConsoleNavigationTest.java

@@ -33,12 +33,13 @@
 
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
+import static org.labkey.test.util.PermissionsHelper.TROUBLESHOOTER_ROLE;
 
 @Category({Git.class})
 @BaseWebDriverTest.ClassTimeout(minutes = 6)
 public class AdminConsoleNavigationTest extends BaseWebDriverTest
 {
-    private static final String TROUBLESHOOTER = "troubleshooter@adminconsolelinks.test";
+    private static final String TROUBLESHOOTER_USER = "troubleshooter@adminconsolelinks.test";
     private static final String NON_ADMIN = "nonadmin@adminconsolelinks.test";
 
     public ApiPermissionsHelper _apiPermissionsHelper = new ApiPermissionsHelper(this);
@@ -52,16 +53,16 @@ public static void setupProject()
 
     private void doSetup()
     {
-        _userHelper.createUser(TROUBLESHOOTER);
-        _apiPermissionsHelper.addMemberToRole(TROUBLESHOOTER, "Troubleshooter", PermissionsHelper.MemberType.user, "/");
+        _userHelper.createUser(TROUBLESHOOTER_USER);
+        _apiPermissionsHelper.addMemberToRole(TROUBLESHOOTER_USER, TROUBLESHOOTER_ROLE, PermissionsHelper.MemberType.user, "/");
 
         _userHelper.createUser(NON_ADMIN);
     }
 
     @Override
     protected void doCleanup(boolean afterTest)
     {
-        _userHelper.deleteUsers(false, TROUBLESHOOTER, NON_ADMIN);
+        _userHelper.deleteUsers(false, TROUBLESHOOTER_USER, NON_ADMIN);
     }
 
     @Test
@@ -120,7 +121,7 @@ public void testTroubleshooterLinkAccess()
                 "Profiler"                  //Profiler can be edited by the troubleshooter
         ));
         ShowAdminPage adminConsole = goToAdminConsole();
-        impersonate(TROUBLESHOOTER);
+        impersonate(TROUBLESHOOTER_USER);
         Map<String, String> linkHrefs = new LinkedHashMap<>();
         List<WebElement> troubleshooterLinks = adminConsole.getAllAdminConsoleLinks();
         assertTrue(String.format("Failed sanity check. Only found %s admin links. There should be more.", troubleshooterLinks.size()), troubleshooterLinks.size() > 10);

src/org/labkey/test/tests/PackageLockJsonTest.java

@@ -0,0 +1,160 @@
+package org.labkey.test.tests;
+
+import org.apache.commons.lang3.CharUtils;
+import org.json.JSONObject;
+import org.json.JSONTokener;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.labkey.serverapi.reader.Readers;
+import org.labkey.test.TestFileUtils;
+import org.labkey.test.util.TestLogger;
+
+import java.io.File;
+import java.io.Reader;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+
+@Category({})
+@RunWith(Parameterized.class)
+public class PackageLockJsonTest
+{
+    private static final Set<String> ALLOWED_DEPENDENCY_HOSTS = Set.of("registry.npmjs.org", "labkey.jfrog.io");
+    // Allow-list of '@isaacs/cliui' dependencies
+    private static final Set<String> ALLOWED_NONSTANDARD_VERSIONS = Set.of("npm:string-width@^4.2.0", "npm:strip-ansi@^6.0.1", "npm:wrap-ansi@^7.0.0");
+
+    private final List<String> errors = new ArrayList<>();
+    private final File moduleDir;
+
+    public PackageLockJsonTest(File moduleDir, String name)
+    {
+        this.moduleDir = moduleDir;
+    }
+
+    @Parameterized.Parameters(name = "{1}")
+    public static Collection<Object[]> data()
+    {
+        List<File> allModules = new ArrayList<>();
+
+        File modulesDir = new File(TestFileUtils.getLabKeyRoot(), "server/modules");
+        File[] files = modulesDir.listFiles();
+        if (files == null)
+        {
+            throw new RuntimeException("No files found in modules directory: " + modulesDir.getAbsolutePath());
+        }
+        for (File file : files)
+        {
+            if (file.isDirectory())
+            {
+                if (new File(file, "module.properties").exists())
+                {
+                    allModules.add(file);
+                }
+                else
+                {
+                    allModules.addAll(Arrays.stream(Objects.requireNonNull(file.listFiles(), () -> "No files found in " + file.getAbsolutePath()))
+                        .filter(f -> f.isDirectory() && new File(f, "module.properties").isFile()).toList());
+                }
+            }
+        }
+
+        return allModules.stream().filter(file -> new File(file, "package-lock.json").exists())
+            .map(f -> new Object[]{f, f.getName()}).toList();
+    }
+
+    @Test
+    public void testPackageLock() throws Exception
+    {
+        File packageLock = new File(moduleDir, "package-lock.json");
+        Assert.assertTrue("No package-lock.json found in module: " + moduleDir.getAbsolutePath(), packageLock.isFile());
+
+        TestLogger.log("Testing module: " + moduleDir.getAbsolutePath());
+
+        JSONObject packages;
+        try (Reader reader = Readers.getReader(packageLock))
+        {
+            JSONObject jsonObject = new JSONObject(new JSONTokener(reader));
+            packages = jsonObject.optJSONObject("packages");
+            if (packages == null)
+                packages = jsonObject.getJSONObject("dependencies"); // old lockfile version
+        }
+
+        for (String packageName : packages.keySet())
+        {
+            if (!packageName.isBlank())
+            {
+                JSONObject packageJson = packages.getJSONObject(packageName);
+                verifyPackage(packageName, packageJson, packageLock);
+            }
+        }
+
+        Assert.assertTrue("Bad sources: " + errors, errors.isEmpty());
+    }
+
+    /// Verify that a package reference in a package-lock.json file only resolves to known hosts and has a valid version
+    /// Also checks sub-dependencies
+    private void verifyPackage(String packageName, JSONObject packageJson, File packageLockFile)
+    {
+        String resolved = packageJson.optString("resolved");
+        if (resolved.isBlank())
+        {
+            TestLogger.debug("Resolved field is blank for package " + packageName + " in " + packageLockFile.getAbsolutePath());
+        }
+        else
+        {
+            try
+            {
+                URI resolvedURL = new URI(resolved);
+                String host = resolvedURL.getHost();
+                if (!ALLOWED_DEPENDENCY_HOSTS.contains(host))
+                {
+                    String message = "Package " + packageName + " resolved to unrecognized host [" + host + "] in " + packageLockFile.getAbsolutePath();
+                    errors.add(message);
+                    TestLogger.error(message);
+                }
+            }
+            catch (URISyntaxException e)
+            {
+                String message = "Package " + packageName + " resolved to an invalid location [" + resolved + "] in " + packageLockFile.getAbsolutePath();
+                errors.add(message);
+                TestLogger.error(message);
+            }
+        }
+
+        String version = packageJson.optString("version");
+        if (version.isBlank() || !CharUtils.isAsciiNumeric(version.charAt(0)))
+        {
+            String message = "Package " + packageName + " has bad version [" + version + "] in " + packageLockFile.getAbsolutePath();
+            errors.add(message);
+            TestLogger.error(message);
+        }
+
+        JSONObject transitiveDeps = packageJson.optJSONObject("dependencies", new JSONObject());
+        for (String tDep : transitiveDeps.keySet())
+        {
+            JSONObject packageJsonDep = transitiveDeps.optJSONObject(tDep);
+            if (packageJsonDep != null)
+            {
+                verifyPackage(tDep, packageJsonDep, packageLockFile); // belt and suspenders
+            }
+            else
+            {
+                String tVer = transitiveDeps.optString(tDep);
+                if (tVer == null || tVer.contains(":") && !ALLOWED_NONSTANDARD_VERSIONS.contains(tVer)) // URL, file, or workspace dependency
+                {
+                    String message = "Package " + packageName + " has bad transitive dependency [" + tVer + "] in " + packageLockFile.getAbsolutePath();
+                    errors.add(message);
+                    TestLogger.error(message);
+                }
+            }
+        }
+    }
+}