From 3c0e7c136212637e964a2ff84fbd2cb51c914425 Mon Sep 17 00:00:00 2001 From: "Keven L. Ates" Date: Wed, 27 Nov 2024 17:37:11 -0500 Subject: [PATCH] Update 2.2.4 Release * Properly update Project ID for vocab copies from Globals * Add CSRF protection to exports --- README.md | 3 +- pom.xml | 2 +- .../java/org/openrefine/rdf/RDFTransform.java | 2 +- .../rdf/command/InitializationCommand.java | 2 +- .../rdf/command/NamespacesSaveCommand.java | 4 +- .../rdf/model/exporter/RDFPrettyExporter.java | 3 +- .../rdf/model/exporter/RDFStreamExporter.java | 7 ++- .../rdf/model/vocab/VocabularySearcher.java | 21 +++++--- .../rdf-transform-menubar-extensions.js | 50 ++++++++++--------- .../resources/module/scripts/rdf-transform.js | 2 +- website/content/home-text.html | 5 ++ website/index.html | 2 +- 12 files changed, 58 insertions(+), 45 deletions(-) diff --git a/README.md b/README.md index d8153a8..537244c 100755 --- a/README.md +++ b/README.md @@ -45,9 +45,10 @@ See the [Install page Prerequisites on the wiki](https://github.com/AtesComp/rdf ### Latest Release -[RDF Transform v2.2.3](https://github.com/AtesComp/rdf-transform/releases/download/v2.2.3/rdf-transform-2.2.3.zip) +[RDF Transform v2.2.4](https://github.com/AtesComp/rdf-transform/releases/download/v2.2.4/rdf-transform-2.2.4.zip) ### Previous Releases +[RDF Transform v2.2.3](https://github.com/AtesComp/rdf-transform/releases/download/v2.2.3/rdf-transform-2.2.3.zip)
[RDF Transform v2.2.2](https://github.com/AtesComp/rdf-transform/releases/download/v2.2.2/rdf-transform-2.2.2.zip)
[RDF Transform v2.2.1](https://github.com/AtesComp/rdf-transform/releases/download/v2.2.1/rdf-transform-2.2.1.zip)
[RDF Transform v2.2.0](https://github.com/AtesComp/rdf-transform/releases/download/v2.2.0/rdf-transform-2.2.0.zip)
diff --git a/pom.xml b/pom.xml index 2199bb2..a61394b 100755 --- a/pom.xml +++ b/pom.xml @@ -35,7 +35,7 @@ org.openrefine rdf-transform - 2.2.3 + 2.2.4 diff --git a/src/main/java/org/openrefine/rdf/RDFTransform.java b/src/main/java/org/openrefine/rdf/RDFTransform.java index 35ff436..3763b83 100755 --- a/src/main/java/org/openrefine/rdf/RDFTransform.java +++ b/src/main/java/org/openrefine/rdf/RDFTransform.java @@ -78,7 +78,7 @@ static public final class Reconstructor { // RDF Transform Version Control static public final String VERSION_MAJOR = "2"; static public final String VERSION_MINOR = "2"; - static public final String VERSION_MICRO = "3"; + static public final String VERSION_MICRO = "4"; static public final String VERSION = RDFTransform.VERSION_MAJOR + "." + RDFTransform.VERSION_MINOR + "." + diff --git a/src/main/java/org/openrefine/rdf/command/InitializationCommand.java b/src/main/java/org/openrefine/rdf/command/InitializationCommand.java index 48f044d..1678903 100755 --- a/src/main/java/org/openrefine/rdf/command/InitializationCommand.java +++ b/src/main/java/org/openrefine/rdf/command/InitializationCommand.java @@ -338,7 +338,7 @@ public void init(RefineServlet servlet) { // // DUMMY OVERRIDES ================ - // The InitializationCommand is s dummy Command class that does not actually process + // The InitializationCommand is a dummy Command class that does not actually process // POST or GET requests. Instead, it absorbs all the "controller.js" server-side // JavaScript functionality in a more performant code processor...Java // diff --git a/src/main/java/org/openrefine/rdf/command/NamespacesSaveCommand.java b/src/main/java/org/openrefine/rdf/command/NamespacesSaveCommand.java index c342eed..a6beb5b 100755 --- a/src/main/java/org/openrefine/rdf/command/NamespacesSaveCommand.java +++ b/src/main/java/org/openrefine/rdf/command/NamespacesSaveCommand.java @@ -66,10 +66,10 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) this.getRDFTransform(request).setNamespaces(listVocabs); // ...and the namespaces' vocabulary searcher... - String projectID = request.getParameter(Util.gstrProject); + String strProjectID = request.getParameter(Util.gstrProject); RDFTransform.getGlobalContext(). getVocabularySearcher(). - synchronize( projectID, listVocabs.getPrefixSet() ); + synchronize( strProjectID, listVocabs.getPrefixSet() ); } catch (Exception ex) { NamespacesSaveCommand.respondJSON(response, CodeResponse.error); diff --git a/src/main/java/org/openrefine/rdf/model/exporter/RDFPrettyExporter.java b/src/main/java/org/openrefine/rdf/model/exporter/RDFPrettyExporter.java index 73b1556..e0c5223 100644 --- a/src/main/java/org/openrefine/rdf/model/exporter/RDFPrettyExporter.java +++ b/src/main/java/org/openrefine/rdf/model/exporter/RDFPrettyExporter.java @@ -73,7 +73,8 @@ public void export(Project theProject, Properties options, Engine theEngine, Out this.export(theProject, options, theEngine); } - public void export(Project theProject, Properties options, Engine theEngine, Writer theWriter) + @Override + public void export(Project theProject, Properties options, Engine theEngine, final Writer theWriter) throws IOException { if ( Util.isDebugMode() ) RDFPrettyExporter.logger.info("DEBUG: Exporting " + this.strName + " via Writer"); diff --git a/src/main/java/org/openrefine/rdf/model/exporter/RDFStreamExporter.java b/src/main/java/org/openrefine/rdf/model/exporter/RDFStreamExporter.java index 7d4aec6..237cf31 100755 --- a/src/main/java/org/openrefine/rdf/model/exporter/RDFStreamExporter.java +++ b/src/main/java/org/openrefine/rdf/model/exporter/RDFStreamExporter.java @@ -63,16 +63,15 @@ public RDFStreamExporter(RDFFormat format, String strName) { super(format, strName); } - public void export(Project theProject, Properties options, Engine theEngine, - OutputStream outputStream) + public void export(Project theProject, Properties options, Engine theEngine, OutputStream outputStream) throws IOException { if ( Util.isDebugMode() ) RDFStreamExporter.logger.info("DEBUG: Exporting " + this.strName + " via OutputStream"); this.outputStream = outputStream; this.export(theProject, options, theEngine); } - public void export(Project theProject, Properties options, Engine theEngine, - Writer theWriter) + @Override + public void export(Project theProject, Properties options, Engine theEngine, final Writer theWriter) throws IOException { if ( Util.isDebugMode() ) RDFStreamExporter.logger.info("DEBUG: Exporting " + this.strName + " via Writer"); diff --git a/src/main/java/org/openrefine/rdf/model/vocab/VocabularySearcher.java b/src/main/java/org/openrefine/rdf/model/vocab/VocabularySearcher.java index 543536a..901a628 100755 --- a/src/main/java/org/openrefine/rdf/model/vocab/VocabularySearcher.java +++ b/src/main/java/org/openrefine/rdf/model/vocab/VocabularySearcher.java @@ -343,16 +343,21 @@ private void indexRDFTNode(RDFTNode node, String strNodeType, String strProjectI if ( Util.isDebugMode() ) VocabularySearcher.logger.info("Indexing: "); + // NOTES: + // TextField is indexed and analyzed + // StringField is indexed but not analyzed + // StoredField is not indexed + doc.add( new StoredField( Util.gstrIRI, node.getIRI() ) ); - doc.add( new TextField( Util.gstrLabel, strLabel, Field.Store.YES) ); - doc.add( new TextField( Util.gstrDescription, strDesc, Field.Store.YES) ); - doc.add( new StringField( Util.gstrPrefix, strPrefix, Field.Store.YES) ); + doc.add( new TextField( Util.gstrLabel, strLabel, Field.Store.YES) ); + doc.add( new TextField( Util.gstrDescription, strDesc, Field.Store.YES) ); + doc.add( new StringField( Util.gstrPrefix, strPrefix, Field.Store.YES) ); doc.add( new StoredField( Util.gstrNamespace, strNamespace ) ); - doc.add( new TextField( Util.gstrLocalPart, strLocalPart, Field.Store.YES) ); + doc.add( new TextField( Util.gstrLocalPart, strLocalPart, Field.Store.YES) ); // From Node Type (Class or Property)... - doc.add( new StringField( Util.gstrType, strNodeType, Field.Store.YES ) ); + doc.add( new StringField( Util.gstrType, strNodeType, Field.Store.YES ) ); // From Project ID... - doc.add( new StringField( Util.gstrProject, strProjectID, Field.Store.NO ) ); + doc.add( new StringField( Util.gstrProject, strProjectID, Field.Store.NO ) ); this.writer.addDocument(doc); } @@ -526,8 +531,8 @@ private void addGlobalDocumentsToProject(TopDocs docs, String strProjectID) // These docs are "copied" for use in the specified project. // See the calling function: addPredefinedVocabulariesToProject() - // Set new Project ID for "copied" documents... - IndexableField fieldProjectID = new StoredField(Util.gstrProject, strProjectID); + // Set new Project ID for "copied" documents ( just like in indexRDFTNode() )... + IndexableField fieldProjectID = new StringField(Util.gstrProject, strProjectID, Field.Store.NO); // Iterate through the Global documents... for (ScoreDoc sdoc : docs.scoreDocs) { diff --git a/src/main/resources/module/scripts/rdf-transform-menubar-extensions.js b/src/main/resources/module/scripts/rdf-transform-menubar-extensions.js index e6b8cf4..7456c94 100755 --- a/src/main/resources/module/scripts/rdf-transform-menubar-extensions.js +++ b/src/main/resources/module/scripts/rdf-transform-menubar-extensions.js @@ -286,6 +286,17 @@ class RDFExporterMenuBar return; } + Refine.wrapCSRF( (token) => { + let form = RDFExporterMenuBar.#prepareExportRDFForm(format, ext, token); + + document.body.appendChild(form); + window.open("Export " + format, "gridworks-export"); + form.submit(); + document.body.removeChild(form); + }); + } + + static #prepareExportRDFForm(format, ext, token) { var strProjectName = theProject.metadata.name .replace(/^\p{White_Space}+/u, '') // Leading Whitespace to none @@ -296,32 +307,23 @@ class RDFExporterMenuBar var form = document.createElement("form"); $(form) + .css("display", "none") .attr("method", "post") - .attr("action", "command/core/export-rows/" + strProjectName + "." + ext) - .attr("target", "gridworks-export") - .hide(); - - $('') - .attr("name", "engine") - .val( JSON.stringify( ui.browsingEngine.getJSON() ) ) - .appendTo(form); - - $('') - .attr("name", "project") - .val(theProject.id) - .appendTo(form); - - $('') - .attr("name", "format") - .val(format) - .appendTo(form); - - document.body.appendChild(form); - - window.open("Export " + format, "gridworks-export"); - form.submit(); + .attr("action", "command/core/export-rows/" + strProjectName + "." + ext + "?" + $.param( {csrf_token: token} )) + .attr("target", "gridworks-export"); + + var appendField = (name, value) => { + $('') + .attr("name", name) + .val(value) + .appendTo(form); + }; + + appendField("engine", JSON.stringify( ui.browsingEngine.getJSON() )); + appendField("project", theProject.id); + appendField("format", format); - document.body.removeChild(form); + return form; } /* diff --git a/src/main/resources/module/scripts/rdf-transform.js b/src/main/resources/module/scripts/rdf-transform.js index bc295ba..5d52375 100755 --- a/src/main/resources/module/scripts/rdf-transform.js +++ b/src/main/resources/module/scripts/rdf-transform.js @@ -38,7 +38,7 @@ class RDFTransform { // RDF Transform Version Control static strVERSION_MAJOR = "2"; static strVERSION_MINOR = "2"; - static strVERSION_MICRO = "3"; + static strVERSION_MICRO = "4"; static strVERSION = RDFTransform.strVERSION_MAJOR + "." + RDFTransform.strVERSION_MINOR + "." + diff --git a/website/content/home-text.html b/website/content/home-text.html index 9774bf0..bbff899 100755 --- a/website/content/home-text.html +++ b/website/content/home-text.html @@ -35,6 +35,11 @@

Getting started...

News

+
+
2.2.4 Released
+
This version corrects the Lucene ontology copy process from Global space to a Project. +
+
2.2.3 Released
This version updates dependencies and fixes the ontology loading process. It also mitigates facet diff --git a/website/index.html b/website/index.html index d59034f..9b972c7 100755 --- a/website/index.html +++ b/website/index.html @@ -211,7 +211,7 @@ }, 'download-latest' : { // RDF Transform Version Control 'title' : 'Download Latest', - 'redirect' : 'https://github.com/AtesComp/rdf-transform/releases/download/v2.2.3/rdf-transform-2.2.3.zip' + 'redirect' : 'https://github.com/AtesComp/rdf-transform/releases/download/v2.2.4/rdf-transform-2.2.4.zip' }, 'issues' : { 'title' : 'Issue Tracker',