STCOR-875 sync keycloak-ramsons to master #1534
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Provide tests for hideEmail, loginServices, okapiActions, okapiReducer, and processBadResponse. Tiny refactor of some loginServices functions to: * consistently test for success, else handle an error * consistently test for success in responses by checking `response.ok` rather than `response.status`. consistency is nice. it's predictable.
When resuming an existing session, populate `stripes.user.user` exactly the same way as when creating a new session. Principally, this means leveraging the return value from `spreadUserWithPerms` over `user` to spread the `user.personal` attributes. instead of simply using the raw user value from the response. Refs STCOR-860
`ws` >= 8.0.0 and <= 8.17.0 is vulnerable to CVE-2024-37890.
Lokalise: Translations update
Stripes should render `<ModuleContainer>` either when discovery is complete or when okapi isn't present at all, i.e. when `stripes.config.js` doesn't even contain an `okapi` entry. What's most amazing about this bug is not the bug, which is a relatively simple typo, but that it didn't bite us for more than six years. BTOG init never conducted discovery, but _did_ pass an okapi object during application setup, which is another way of saying that our application didn't have anything that relied on the presence of this bug, but our test suite did. Refs STCOR-864
…what it's skipping. (#1495) * adjust translation string for skip link * log changes
Lokalise: Translations update
Lokalise: Translations update
Lokalise: Translations update
Replaces PR #1457, which was just too cumbersome to rebase after all the work that came in STCOR-776 / PR #1463. Invalidate all react-query caches on login and logout. Because the RQ cache is persistent across sessions, it was possible that empty values were cached if a query returns 4xx when a session ended, and then (incorrectly) reused when the session restarted. Approach Pass `<QueryClient>` down from `<RootWithIntl>` to some of its children so they can clear the cache immediately after login and before logout. The exact locations of this logic in `<MainNavigation>` and `<SessionEventContainer>` are certainly debatable, but using existing components instead of embarking on a larger refactor does have merits. Refs STCOR-832 Co-authored-by: John Coburn <[email protected]>
Sentences were missing periods and it killed me absolutely killed me There are no code changes here just translation updates Refs STCOR-870
folio is an acronym and therefore must be written in all-caps. there are no code changes here; it is a translation change only. Refs STCOR-871
`axios` >= 1.3.2 and <= 1.7.3 is vulnerable to CVE-2024-39338.
…edCQLFetch` for manipulations in the context of a specific tenant (#1518) * STCOR-873 Ensure support for the passed 'tenantId' value by 'useChunkedCQLFetch' for manipulations in the context of a specific tenant * resolve description issues
Lokalise: Translations update
When re-authenticating after getting kicked out due to an inactivity-timeout, return to the previous location, allowing uninterrupted work. This was a particular problem in certain application such as bulk-edit and data-import that have long-running processes and transient URLs, i.e. starting a process might direct you to a URL like `/some-process/123-abc`, and this is a stable URL you can return to _if you know the URL_, but when starting a new session there is no way to discover this URL by browsing or searching through the UI. This is handled by caching the current location in session-storage in the inactivity event handlers and retrieving at on the logout-timeout page, allowing you to return to such transient URLs. Refs STCOR-849
Lokalise: Translations update
`keycloak-ramsons` is different from `master` in numerous small but significant ways. This brings them back into compatibility. Refs STCOR-875
The bugfix for STCOR-865, #1500, resulted in vastly simpler logic in the SessionEventContainer event handlers as well as simple and predictable and behavior in the Logout and LogoutTimeout components. Restore that logic; it's better. Refs STCOR-865, STCOR-875
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
keycloak-ramsonshas diverged frommasterin numerous small but important ways. This PR resolves them and will allowkeycloak-ramsonsto then merge smoothly without conflict.