Merge branch 'dev' for release 6.3.14

sleede · Feb 26, 2024 · 484fbde · 484fbde
2 parents a523b56 + a2aa1f3
commit 484fbde
Show file tree

Hide file tree

Showing 25 changed files with 172 additions and 39 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,15 @@
 
 ## Next release
 
+## v6.3.14 2024 February 26
+
+- improvement: add idp_slo_service_url(logout requests url) to saml provider
+- Fix a bug: event canceled places error
+- Updated puma to 6.4.2
+- Updated carrierwave to 3.0.4
+- Updated sidekiq-unique-jobs to 7.1.33
+- [TODO DEPLOY] `rails fablab:setup:build_places_cache`
+
 ## v6.3.13 2024 February 19
 
 - Fix a bug: missing payment transfer journal code in accouting line

diff --git a/Gemfile b/Gemfile
@@ -7,7 +7,7 @@ gem 'rails', '~> 7.0'
 # Used by rails 5.2 to reduce the app boot time by over 50%
 gem 'bootsnap'
 # Use Puma as web server
-gem 'puma', '6.1.0'
+gem 'puma', '6.4.2'
 gem 'shakapacker', '6.6.0'
 
 # rails 6 compatibility with ruby 3 (may not be required after upgrade to rails 7)

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -72,7 +72,7 @@ GEM
       tzinfo (~> 2.0)
     acts_as_list (1.0.4)
       activerecord (>= 4.2)
-    addressable (2.8.1)
+    addressable (2.8.6)
       public_suffix (>= 2.0.2, < 6.0)
     aes_key_wrap (1.1.0)
     afm (0.2.2)
@@ -102,13 +102,12 @@ GEM
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
     camertron-eprun (1.1.1)
-    carrierwave (2.1.1)
-      activemodel (>= 5.0.0)
-      activesupport (>= 5.0.0)
+    carrierwave (3.0.5)
+      activemodel (>= 6.0.0)
+      activesupport (>= 6.0.0)
       addressable (~> 2.6)
       image_processing (~> 1.1)
-      mimemagic (>= 0.3.0)
-      mini_mime (>= 0.1.3)
+      marcel (~> 1.0.0)
       ssrf_filter (~> 1.0)
     caxlsx (3.0.4)
       htmlentities (~> 4.3, >= 4.3.4)
@@ -177,7 +176,7 @@ GEM
       i18n (>= 1.6, < 2)
     faraday (0.17.3)
       multipart-post (>= 1.2, < 3)
-    ffi (1.15.5)
+    ffi (1.16.3)
     foreman (0.87.0)
     forgery (0.7.0)
     friendly_id (5.1.0)
@@ -195,7 +194,7 @@ GEM
       mini_mime (>= 1.0.0)
       multi_xml (>= 0.5.2)
     httpclient (2.8.3)
-    i18n (1.12.0)
+    i18n (1.14.1)
       concurrent-ruby (~> 1.0)
     icalendar (2.7.1)
       ice_cube (~> 0.16)
@@ -249,9 +248,9 @@ GEM
     mimemagic (0.4.3)
       nokogiri (~> 1)
       rake
-    mini_magick (4.10.1)
-    mini_mime (1.1.2)
-    minitest (5.18.0)
+    mini_magick (4.12.0)
+    mini_mime (1.1.5)
+    minitest (5.22.2)
     minitest-reporters (1.4.2)
       ansi
       builder
@@ -270,10 +269,10 @@ GEM
       timeout
     net-smtp (0.3.3)
       net-protocol
-    nio4r (2.5.8)
-    nokogiri (1.14.3-x86_64-darwin)
+    nio4r (2.7.0)
+    nokogiri (1.16.2-x86_64-darwin)
       racc (~> 1.4)
-    nokogiri (1.14.3-x86_64-linux)
+    nokogiri (1.16.2-x86_64-linux)
       racc (~> 1.4)
     oauth2 (1.4.4)
       faraday (>= 0.8, < 2.0)
@@ -338,13 +337,13 @@ GEM
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    public_suffix (5.0.1)
-    puma (6.1.0)
+    public_suffix (5.0.4)
+    puma (6.4.2)
       nio4r (~> 2.0)
     pundit (2.1.0)
       activesupport (>= 3.0.0)
     raabro (1.4.0)
-    racc (1.6.2)
+    racc (1.7.3)
     rack (2.2.8.1)
     rack-oauth2 (1.21.3)
       activesupport
@@ -386,7 +385,7 @@ GEM
       thor (~> 1.0)
       zeitwerk (~> 2.5)
     rainbow (3.0.0)
-    rake (13.0.6)
+    rake (13.1.0)
     rb-fsevent (0.10.3)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
@@ -428,7 +427,7 @@ GEM
     ruby-saml (1.16.0)
       nokogiri (>= 1.13.10)
       rexml
-    ruby-vips (2.1.4)
+    ruby-vips (2.2.1)
       ffi (~> 1.12)
     rubyXL (3.4.25)
       nokogiri (>= 1.10.8)
@@ -477,7 +476,7 @@ GEM
     spring-watcher-listen (2.1.0)
       listen (>= 2.7, < 4.0)
       spring (>= 4)
-    ssrf_filter (1.0.7)
+    ssrf_filter (1.1.2)
     stripe (5.29.0)
     swd (1.3.0)
       activesupport (>= 3)
@@ -596,7 +595,7 @@ DEPENDENCIES
   prawn
   prawn-table
   pry
-  puma (= 6.1.0)
+  puma (= 6.4.2)
   pundit
   railroady
   rails (~> 7.0)

diff --git a/app/controllers/api/auth_providers_controller.rb b/app/controllers/api/auth_providers_controller.rb
@@ -108,7 +108,7 @@ def provider_params
     elsif params['auth_provider']['providable_type'] == SamlProvider.name
       params.require(:auth_provider)
             .permit(:id, :name, :providable_type,
-                    providable_attributes: [:id, :sp_entity_id, :idp_sso_service_url, :profile_url, :idp_cert_fingerprint, :idp_cert],
+                    providable_attributes: [:id, :sp_entity_id, :idp_sso_service_url, :profile_url, :idp_cert_fingerprint, :idp_cert, :idp_slo_service_url],
                     auth_provider_mappings_attributes: [:id, :local_model, :local_field, :api_field, :api_endpoint, :api_data_type,
                                                         :_destroy, { transformation: [:type, :format, :true_value, :false_value,
                                                                                       { mapping: %i[from to] }] }])

diff --git a/app/frontend/src/javascript/components/authentication-provider/saml-form.tsx b/app/frontend/src/javascript/components/authentication-provider/saml-form.tsx
@@ -58,6 +58,13 @@ export const SamlForm = <TFieldValues extends FieldValues>({ register, strategyN
                  tooltip={t('app.admin.authentication.saml_form.profile_edition_url_help')}
                  rules={{ required: true, pattern: ValidationLib.urlRegex }}
                  formState={formState} />
+      <FormInput id="providable_attributes.idp_slo_service_url"
+                 register={register}
+                 placeholder="https://sso.exemple.net..."
+                 label={t('app.admin.authentication.saml_form.idp_slo_service_url')}
+                 tooltip={t('app.admin.authentication.saml_form.idp_slo_service_url_help')}
+                 rules={{ pattern: ValidationLib.urlRegex }}
+                 formState={formState} />
     </div>
   );
 };
diff --git a/app/frontend/src/javascript/models/authentication-provider.ts b/app/frontend/src/javascript/models/authentication-provider.ts
@@ -72,6 +72,7 @@ export interface SamlProvider {
   idp_cert_fingerprint: string,
   idp_cert: string,
   profile_url: string,
+  idp_slo_service_url: string,
 }
 
 export interface MappingFields {

diff --git a/app/models/slots_reservation.rb b/app/models/slots_reservation.rb
@@ -66,10 +66,13 @@ def remove_from_places_cache(target_slot = slot)
   # @param target_slot [Slot]
   def update_places_cache(operation, target_slot = slot)
     if reservation.reservable_type == 'Event'
+      total_booked_seats = reservation.nb_reserve_places
+      total_booked_seats += reservation.tickets.map(&:booked).map(&:to_i).reduce(:+) if reservation.tickets.count.positive?
+      total_booked_seats = 0 if reservation.reservable.pre_registration
       Slots::PlacesCacheService.change_places(target_slot,
                                               reservation.reservable_type,
                                               reservation.reservable_id,
-                                              reservation.reservable.pre_registration ? 0 : reservation.total_booked_seats,
+                                              total_booked_seats,
                                               operation)
     else
       Slots::PlacesCacheService.change_places(target_slot, reservation.reservable_type, reservation.reservable_id, 1, operation)

diff --git a/app/views/api/auth_providers/show.json.jbuilder b/app/views/api/auth_providers/show.json.jbuilder
@@ -22,6 +22,6 @@ end
 
 if @provider.providable_type == SamlProvider.name
   json.providable_attributes do
-    json.extract! @provider.providable, :id, :sp_entity_id, :idp_sso_service_url, :profile_url, :idp_cert_fingerprint, :idp_cert
+    json.extract! @provider.providable, :id, :sp_entity_id, :idp_sso_service_url, :profile_url, :idp_cert_fingerprint, :idp_cert, :idp_slo_service_url
   end
 end
diff --git a/app/views/auth_provider/provider.json.jbuilder b/app/views/auth_provider/provider.json.jbuilder
@@ -23,6 +23,6 @@ end
 
 if provider.providable_type == 'SamlProvider'
   json.providable_attributes do
-    json.extract! provider.providable, :id, :sp_entity_id, :idp_sso_service_url, :profile_url, :idp_cert_fingerprint, :idp_cert
+    json.extract! provider.providable, :id, :sp_entity_id, :idp_sso_service_url, :profile_url, :idp_cert_fingerprint, :idp_cert, :idp_slo_service_url
   end
 end
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -250,6 +250,7 @@
       config.omniauth active_provider.strategy_name.to_sym,
                       sp_entity_id: active_provider.providable.sp_entity_id,
                       idp_sso_service_url: active_provider.providable.idp_sso_service_url,
+                      idp_slo_service_url: active_provider.providable.idp_slo_service_url,
                       idp_cert: active_provider.providable.idp_cert,
                       idp_cert_fingerprint: active_provider.providable.idp_cert_fingerprint,
                       strategy_class: OmniAuth::Strategies::SsoSamlProvider

diff --git a/config/locales/app.admin.de.yml b/config/locales/app.admin.de.yml
@@ -1569,6 +1569,8 @@ de:
           idp_cert: "Identity provider certificate"
           profile_edition_url: "Profil edition URL"
           profile_edition_url_help: "The URL of the page where the user can edit his profile."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Name"
           authentication_type: "Authentifizierungsart"

diff --git a/config/locales/app.admin.en.yml b/config/locales/app.admin.en.yml
@@ -1569,6 +1569,8 @@ en:
           idp_cert: "Identity provider certificate"
           profile_edition_url: "Profil edition URL"
           profile_edition_url_help: "The URL of the page where the user can edit his profile."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Name"
           authentication_type: "Authentication type"

diff --git a/config/locales/app.admin.es-MX.yml b/config/locales/app.admin.es-MX.yml
@@ -1569,6 +1569,8 @@ es-MX:
           idp_cert: "Identity provider certificate"
           profile_edition_url: "Profil edition URL"
           profile_edition_url_help: "The URL of the page where the user can edit his profile."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Nombre"
           authentication_type: "Tipo de autenticación"

diff --git a/config/locales/app.admin.es.yml b/config/locales/app.admin.es.yml
@@ -1569,6 +1569,8 @@ es:
           idp_cert: "Identity provider certificate"
           profile_edition_url: "Profil edition URL"
           profile_edition_url_help: "The URL of the page where the user can edit his profile."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Nombre"
           authentication_type: "Tipo de autenticación"

diff --git a/config/locales/app.admin.fr.yml b/config/locales/app.admin.fr.yml
@@ -1569,6 +1569,8 @@ fr:
           idp_cert: "Certificat de fournisseur d'identité"
           profile_edition_url: "URL d'édition du profil"
           profile_edition_url_help: "L'URL de la page où l'utilisateur peut modifier son profil."
+          idp_slo_service_url: "URL de demande de déconnexion"
+          idp_slo_service_url_help: "L'URL à laquelle la requête d'authentification doit être envoyée. Cela serait sur le fournisseur d'identité."
         provider_form:
           name: "Nom"
           authentication_type: "Type d'authentification"

diff --git a/config/locales/app.admin.it.yml b/config/locales/app.admin.it.yml
@@ -1569,6 +1569,8 @@ it:
           idp_cert: "Identity provider certificate"
           profile_edition_url: "Profil edition URL"
           profile_edition_url_help: "The URL of the page where the user can edit his profile."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Nome"
           authentication_type: "Tipo di autenticazione"

diff --git a/config/locales/app.admin.no.yml b/config/locales/app.admin.no.yml
@@ -1569,6 +1569,8 @@
           idp_cert: "Identity provider certificate"
           profile_edition_url: "Profil edition URL"
           profile_edition_url_help: "The URL of the page where the user can edit his profile."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Name"
           authentication_type: "Authentication type"

diff --git a/config/locales/app.admin.pt.yml b/config/locales/app.admin.pt.yml
@@ -1569,6 +1569,8 @@ pt:
           idp_cert: "Identity provider certificate"
           profile_edition_url: "Profil edition URL"
           profile_edition_url_help: "The URL of the page where the user can edit his profile."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Nome"
           authentication_type: "Tipo de autenticação"

diff --git a/config/locales/app.admin.sv.yml b/config/locales/app.admin.sv.yml
@@ -1569,6 +1569,8 @@ sv:
           idp_cert: "Identitetsleverantörens certifikat"
           profile_edition_url: "URL för Profilutgåva"
           profile_edition_url_help: "URL till sidan där användaren kan redigera sin profil."
+          idp_slo_service_url: "Single logout request URL"
+          idp_slo_service_url_help: "The URL to which the single logout request and response should be sent. This would be on the identity provider."
         provider_form:
           name: "Namn"
           authentication_type: "Autentiseringstyp"

diff --git a/config/locales/app.admin.zu.yml b/config/locales/app.admin.zu.yml
@@ -1569,6 +1569,8 @@ zu:
           idp_cert: "crwdns38158:0crwdne38158:0"
           profile_edition_url: "crwdns38160:0crwdne38160:0"
           profile_edition_url_help: "crwdns38162:0crwdne38162:0"
+          idp_slo_service_url: "crwdns38176:0crwdne38176:0"
+          idp_slo_service_url_help: "crwdns38178:0crwdne38178:0"
         provider_form:
           name: "crwdns26204:0crwdne26204:0"
           authentication_type: "crwdns26206:0crwdne26206:0"

diff --git a/db/migrate/20240220140225_add_idp_slo_service_url_to_saml_providers.rb b/db/migrate/20240220140225_add_idp_slo_service_url_to_saml_providers.rb
@@ -0,0 +1,5 @@
+class AddIdpSloServiceUrlToSamlProviders < ActiveRecord::Migration[7.0]
+  def change
+    add_column :saml_providers, :idp_slo_service_url, :string
+  end
+end
diff --git a/db/structure.sql b/db/structure.sql
@@ -3278,7 +3278,8 @@ CREATE TABLE public.saml_providers (
     updated_at timestamp(6) without time zone NOT NULL,
     profile_url character varying,
     idp_cert character varying,
-    idp_cert_fingerprint character varying
+    idp_cert_fingerprint character varying,
+    idp_slo_service_url character varying
 );
 
 
@@ -9324,6 +9325,7 @@ INSERT INTO "schema_migrations" (version) VALUES
 ('20231108094433'),
 ('20240116163703'),
 ('20240126145351'),
-('20240126192110');
+('20240126192110'),
+('20240220140225');