diff --git a/.gitea/workflows/build.yaml b/.gitea/workflows/build.yaml index 732fb75..45aa628 100644 --- a/.gitea/workflows/build.yaml +++ b/.gitea/workflows/build.yaml @@ -13,7 +13,7 @@ jobs: uses: actions/checkout@v3 - run: echo "The ${{ github.repository }} repository has been cloned to the runner." - run: echo "The workflow is now ready to test your code on the runner." - - name: List files in the repository + - name: List files in the repository: run: | ls ${{ github.workspace }} - run: echo "This job's status is ${{ job.status }}." diff --git a/app/Controllers/Http/Admin/mailsettings_controller.ts b/app/Controllers/Http/Admin/mailsettings_controller.ts index 628a9fc..43e9dc7 100644 --- a/app/Controllers/Http/Admin/mailsettings_controller.ts +++ b/app/Controllers/Http/Admin/mailsettings_controller.ts @@ -76,24 +76,23 @@ export default class MailSettingsController { public async sendTestMail({ response, auth }: HttpContext) { const user = auth.user!; const userEmail = user.email; - + // let mailManager = await app.container.make('mail.manager'); - // let iwas = mailManager.use(); + // let iwas = mailManager.use(); // let test = mail.config.mailers.smtp(); if (!userEmail) { return response.badRequest({ message: 'User email is not set. Please update your profile.' }); } try { - await mail.send( - (message) => { - message - // .from(Config.get('mail.from.address')) - .from('tethys@geosphere.at') - .to(userEmail) - .subject('Test Email') - .html('

If you received this email, the email configuration seems to be correct.

'); - }); + await mail.send((message) => { + message + // .from(Config.get('mail.from.address')) + .from('tethys@geosphere.at') + .to(userEmail) + .subject('Test Email') + .html('

If you received this email, the email configuration seems to be correct.

'); + }); return response.json({ success: true, message: 'Test email sent successfully' }); // return response.flash('Test email sent successfully!', 'message').redirect().back(); diff --git a/app/Controllers/Http/Editor/DatasetController.ts b/app/Controllers/Http/Editor/DatasetController.ts index f2a0417..04c450d 100644 --- a/app/Controllers/Http/Editor/DatasetController.ts +++ b/app/Controllers/Http/Editor/DatasetController.ts @@ -188,16 +188,10 @@ export default class DatasetsController { } } - public async approve({ request, inertia, response, auth }: HttpContext) { + public async approve({ request, inertia, response }: HttpContext) { const id = request.param('id'); - - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - // $dataset = Dataset::with('user:id,login')->findOrFail($id); - const dataset = await Dataset.query().where('id', id).where('editor_id', user.id).firstOrFail(); + const dataset = await Dataset.findOrFail(id); const validStates = ['editor_accepted', 'rejected_reviewer']; if (!validStates.includes(dataset.server_state)) { @@ -223,7 +217,7 @@ export default class DatasetsController { }); } - public async approveUpdate({ request, response, auth }: HttpContext) { + public async approveUpdate({ request, response }: HttpContext) { const approveDatasetSchema = vine.object({ reviewer_id: vine.number(), }); @@ -236,11 +230,7 @@ export default class DatasetsController { throw error; } const id = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - const dataset = await Dataset.query().where('id', id).where('editor_id', user.id).firstOrFail(); + const dataset = await Dataset.findOrFail(id); const validStates = ['editor_accepted', 'rejected_reviewer']; if (!validStates.includes(dataset.server_state)) { @@ -271,15 +261,10 @@ export default class DatasetsController { } } - public async reject({ request, inertia, response, auth }: HttpContext) { + public async reject({ request, inertia, response }: HttpContext) { const id = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } const dataset = await Dataset.query() .where('id', id) - .where('editor_id', user.id) // Ensure the user is the editor of the dataset // .preload('titles') // .preload('descriptions') .preload('user', (builder) => { @@ -306,15 +291,10 @@ export default class DatasetsController { public async rejectUpdate({ request, response, auth }: HttpContext) { const authUser = auth.user!; - - if (!authUser) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } const id = request.param('id'); const dataset = await Dataset.query() .where('id', id) - .where('editor_id', authUser.id) // Ensure the user is the editor of the dataset .preload('user', (builder) => { builder.select('id', 'login', 'email'); }) @@ -397,14 +377,9 @@ export default class DatasetsController { public async publish({ request, inertia, response, auth }: HttpContext) { const id = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } const dataset = await Dataset.query() .where('id', id) - .where('editor_id', user.id) // Ensure the user is the editor of the dataset .preload('titles') .preload('authors') // .preload('persons', (builder) => { @@ -433,7 +408,7 @@ export default class DatasetsController { }); } - public async publishUpdate({ request, response, auth }: HttpContext) { + public async publishUpdate({ request, response }: HttpContext) { const publishDatasetSchema = vine.object({ publisher_name: vine.string().trim(), }); @@ -445,12 +420,7 @@ export default class DatasetsController { throw error; } const id = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - - const dataset = await Dataset.query().where('id', id).where('editor_id', user.id).firstOrFail(); + const dataset = await Dataset.findOrFail(id); // let test = await Dataset.getMax('publish_id'); // const maxPublishId = await Database.from('documents').max('publish_id as max_publish_id').first(); @@ -476,16 +446,10 @@ export default class DatasetsController { } } - public async rejectToReviewer({ request, inertia, response, auth }: HttpContext) { + public async rejectToReviewer({ request, inertia, response }: HttpContext) { const id = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - const dataset = await Dataset.query() .where('id', id) - .where('editor_id', user.id) // Ensure the user is the editor of the dataset .preload('reviewer', (builder) => { builder.select('id', 'login', 'email'); }) @@ -511,14 +475,9 @@ export default class DatasetsController { public async rejectToReviewerUpdate({ request, response, auth }: HttpContext) { const authUser = auth.user!; - if (!authUser) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - const id = request.param('id'); const dataset = await Dataset.query() .where('id', id) - .where('editor_id', authUser.id) // Ensure the user is the editor of the dataset .preload('reviewer', (builder) => { builder.select('id', 'login', 'email'); }) @@ -599,16 +558,10 @@ export default class DatasetsController { .toRoute('editor.dataset.list'); } - public async doiCreate({ request, inertia, auth, response }: HttpContext) { + public async doiCreate({ request, inertia }: HttpContext) { const id = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - const dataset = await Dataset.query() .where('id', id) - .where('editor_id', user.id) // Ensure the user is the editor of the dataset .preload('titles') .preload('descriptions') // .preload('identifier') @@ -619,18 +572,11 @@ export default class DatasetsController { }); } - public async doiStore({ request, response, auth }: HttpContext) { + public async doiStore({ request, response }: HttpContext) { const dataId = request.param('publish_id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } // Load dataset with minimal required relationships - const dataset = await Dataset.query() - .where('editor_id', user.id) // Ensure the user is the editor of the dataset - .where('publish_id', dataId) - .firstOrFail(); + const dataset = await Dataset.query().where('publish_id', dataId).firstOrFail(); const prefix = process.env.DATACITE_PREFIX || ''; const base_domain = process.env.BASE_DOMAIN || ''; @@ -712,17 +658,9 @@ export default class DatasetsController { public async show({}: HttpContext) {} - public async edit({ request, inertia, response, auth }: HttpContext) { + public async edit({ request, inertia, response }: HttpContext) { const id = request.param('id'); - - // Check if user is authenticated - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - - // Prefilter by both id AND editor_id to ensure user has permission to edit - const datasetQuery = Dataset.query().where('id', id).where('editor_id', user.id); + const datasetQuery = Dataset.query().where('id', id); datasetQuery .preload('titles', (query) => query.orderBy('id', 'asc')) .preload('descriptions', (query) => query.orderBy('id', 'asc')) @@ -739,7 +677,6 @@ export default class DatasetsController { query.orderBy('sort_order', 'asc'); // Sort by sort_order column }); - // This will throw 404 if editor_id does not match logged in user const dataset = await datasetQuery.firstOrFail(); const validStates = ['editor_accepted', 'rejected_reviewer']; if (!validStates.includes(dataset.server_state)) { @@ -813,16 +750,11 @@ export default class DatasetsController { }); } - public async update({ request, response, session, auth }: HttpContext) { + public async update({ request, response, session }: HttpContext) { // Get the dataset id from the route parameter const datasetId = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - // Retrieve the dataset and load its existing files - const dataset = await Dataset.query().where('id', datasetId).where('editor_id', user.id).firstOrFail(); + const dataset = await Dataset.findOrFail(datasetId); await dataset.load('files'); let trx: TransactionClientContract | null = null; @@ -831,7 +763,7 @@ export default class DatasetsController { trx = await db.transaction(); // const user = (await User.find(auth.user?.id)) as User; // await this.createDatasetAndAssociations(user, request, trx); - // const dataset = await Dataset.findOrFail(datasetId); + const dataset = await Dataset.findOrFail(datasetId); // save the licenses const licenses: number[] = request.input('licenses', []); @@ -1017,15 +949,10 @@ export default class DatasetsController { } } - public async categorize({ inertia, request, response, auth }: HttpContext) { + public async categorize({ inertia, request, response }: HttpContext) { const id = request.param('id'); - // Check if user is authenticated - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } // Preload dataset and its "collections" relation - const dataset = await Dataset.query().where('id', id).where('editor_id', user.id).preload('collections').firstOrFail(); + const dataset = await Dataset.query().where('id', id).preload('collections').firstOrFail(); const validStates = ['editor_accepted', 'rejected_reviewer']; if (!validStates.includes(dataset.server_state)) { // session.flash('errors', 'Invalid server state!'); @@ -1053,15 +980,10 @@ export default class DatasetsController { }); } - public async categorizeUpdate({ request, response, session, auth }: HttpContext) { + public async categorizeUpdate({ request, response, session }: HttpContext) { // Get the dataset id from the route parameter const id = request.param('id'); - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - // Retrieve the dataset and load its existing files - const dataset = await Dataset.query().preload('files').where('id', id).where('editor_id', user.id).firstOrFail(); + const dataset = await Dataset.query().preload('files').where('id', id).firstOrFail(); const validStates = ['editor_accepted', 'rejected_reviewer']; if (!validStates.includes(dataset.server_state)) { @@ -1266,7 +1188,7 @@ export default class DatasetsController { } // return cache.getDomDocument(); - const xmlDocument: XMLBuilder | null = await serializer.toXmlDocument(); + const xmlDocument : XMLBuilder | null = await serializer.toXmlDocument(); return xmlDocument; } } diff --git a/app/Controllers/Http/Submitter/DatasetController.ts b/app/Controllers/Http/Submitter/DatasetController.ts index d666e6f..cda7da6 100644 --- a/app/Controllers/Http/Submitter/DatasetController.ts +++ b/app/Controllers/Http/Submitter/DatasetController.ts @@ -824,20 +824,13 @@ export default class DatasetController { }; // public async release({ params, view }) { - public async release({ request, inertia, response, auth }: HttpContext) { + public async release({ request, inertia, response }: HttpContext) { const id = request.param('id'); - const user = auth.user; - - // Check if user is authenticated - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } const dataset = await Dataset.query() .preload('user', (builder) => { builder.select('id', 'login'); }) - .where('account_id', user.id) // Only fetch if user owns it .where('id', id) .firstOrFail(); @@ -858,20 +851,9 @@ export default class DatasetController { }); } - public async releaseUpdate({ request, response, auth }: HttpContext) { + public async releaseUpdate({ request, response }: HttpContext) { const id = request.param('id'); - const user = auth.user; - - // Check if user is authenticated - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - - const dataset = await Dataset.query() - .preload('files') - .where('id', id) - .where('account_id', user.id) // Only fetch if user owns it - .firstOrFail(); + const dataset = await Dataset.query().preload('files').where('id', id).firstOrFail(); const validStates = ['inprogress', 'rejected_editor']; if (!validStates.includes(dataset.server_state)) { @@ -951,15 +933,7 @@ export default class DatasetController { public async edit({ request, inertia, response, auth }: HttpContext) { const id = request.param('id'); - const user = auth.user; - - // Check if user is authenticated - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - - // Prefilter by both id AND account_id - const datasetQuery = Dataset.query().where('id', id).where('account_id', user.id); // Only fetch if user owns it + const datasetQuery = Dataset.query().where('id', id); datasetQuery .preload('titles', (query) => query.orderBy('id', 'asc')) .preload('descriptions', (query) => query.orderBy('id', 'asc')) @@ -975,9 +949,8 @@ export default class DatasetController { .preload('files', (query) => { query.orderBy('sort_order', 'asc'); // Sort by sort_order column }); - // This will throw 404 if dataset doesn't exist OR user doesn't own it - const dataset = await datasetQuery.firstOrFail(); + const dataset = await datasetQuery.firstOrFail(); const validStates = ['inprogress', 'rejected_editor']; if (!validStates.includes(dataset.server_state)) { // session.flash('errors', 'Invalid server state!'); @@ -1041,30 +1014,11 @@ export default class DatasetController { }); } - public async update({ request, response, session, auth }: HttpContext) { + public async update({ request, response, session }: HttpContext) { // Get the dataset id from the route parameter const datasetId = request.param('id'); - const user = auth.user; - - // Check if user is authenticated - if (!user) { - return response.flash('You must be logged in to update a dataset.', 'error').redirect().toRoute('app.login.show'); - } - - // Prefilter by both id AND account_id - const dataset = await Dataset.query() - .where('id', datasetId) - .where('account_id', user.id) // Only fetch if user owns it - .firstOrFail(); - - // // Check if the authenticated user is the owner of the dataset - // if (dataset.account_id !== user.id) { - // return response - // .flash(`Unauthorized access. You are not the owner of dataset with id ${id}.`, 'error') - // .redirect() - // .toRoute('dataset.list'); - // } - + // Retrieve the dataset and load its existing files + const dataset = await Dataset.findOrFail(datasetId); await dataset.load('files'); // Accumulate the size of the already related files // const preExistingFileSize = dataset.files.reduce((acc, file) => acc + file.fileSize, 0); @@ -1488,26 +1442,16 @@ export default class DatasetController { } } - public async delete({ request, inertia, response, session, auth }: HttpContext) { + public async delete({ request, inertia, response, session }: HttpContext) { const id = request.param('id'); - const user = auth.user; - - // Check if user is authenticated - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - try { - // This will throw 404 if dataset doesn't exist OR user doesn't own it const dataset = await Dataset.query() .preload('user', (builder) => { builder.select('id', 'login'); }) .where('id', id) - .where('account_id', user.id) // Only fetch if user owns it .preload('files') .firstOrFail(); - const validStates = ['inprogress', 'rejected_editor']; if (!validStates.includes(dataset.server_state)) { // session.flash('errors', 'Invalid server state!'); @@ -1532,27 +1476,9 @@ export default class DatasetController { } } - public async deleteUpdate({ params, session, response, auth }: HttpContext) { + public async deleteUpdate({ params, session, response }: HttpContext) { try { - const user = auth.user; - if (!user) { - return response.flash('You must be logged in to edit a dataset.', 'error').redirect().toRoute('app.login.show'); - } - - // This will throw 404 if dataset doesn't exist OR user doesn't own it - const dataset = await Dataset.query() - .where('id', params.id) - .where('account_id', user.id) // Only fetch if user owns it - .preload('files') - .firstOrFail(); - - // // Check if the authenticated user is the owner of the dataset - // if (dataset.account_id !== user.id) { - // return response - // .flash(`Unauthorized access. You are not the owner of dataset with id ${params.id}.`, 'error') - // .redirect() - // .toRoute('dataset.list'); - // } + const dataset = await Dataset.query().where('id', params.id).preload('files').firstOrFail(); const validStates = ['inprogress', 'rejected_editor']; if (validStates.includes(dataset.server_state)) { diff --git a/config/mail.ts b/config/mail.ts index a97489f..8016c29 100644 --- a/config/mail.ts +++ b/config/mail.ts @@ -16,7 +16,7 @@ const mailConfig = defineConfig({ host: env.get('SMTP_HOST', ''), port: env.get('SMTP_PORT'), secure: false, - ignoreTLS: true, + // ignoreTLS: true, requireTLS: false, /** diff --git a/resources/js/Components/CardBox.vue b/resources/js/Components/CardBox.vue index dbdee01..c2d200e 100644 --- a/resources/js/Components/CardBox.vue +++ b/resources/js/Components/CardBox.vue @@ -67,7 +67,7 @@ const submit = (e) => { {{ title }} - diff --git a/resources/js/Components/Map/map.component.vue b/resources/js/Components/Map/map.component.vue index 0edd1db..353162b 100644 --- a/resources/js/Components/Map/map.component.vue +++ b/resources/js/Components/Map/map.component.vue @@ -87,10 +87,8 @@ import BaseIcon from '@/Components/BaseIcon.vue'; import { MapOptions } from './MapOptions'; import { LayerOptions, LayerMap } from './LayerOptions'; import { MapService } from '@/Stores/map.service'; -// import ZoomControlComponent from '@/Components/Map/zoom.component.vue'; -// import DrawControlComponent from '@/Components/Map/draw.component.vue'; -import ZoomControlComponent from './zoom.component.vue'; -import DrawControlComponent from './draw.component.vue'; +import { ZoomControlComponent } from './zoom.component.vue'; +import { DrawControlComponent } from './draw.component.vue'; import { Coverage } from '@/Dataset'; import { canvas } from 'leaflet/src/layer/vector/Canvas'; import { svg } from 'leaflet/src/layer/vector/SVG'; @@ -139,7 +137,7 @@ const DEFAULT_BASE_LAYER_ATTRIBUTION = '© -
+
{{ currentPage * perPage + 1 }}-{{ Math.min((currentPage + 1) * perPage, items.length) }} of {{ items.length }} @@ -208,18 +204,10 @@ const perPageOptions = [ # Type First Name - - Last Name / Org - + Last Name / Org ORCID Email - - Role - + Role Actions @@ -235,9 +223,7 @@ const perPageOptions = [ handle=".drag-handle" > @@ -595,4 +568,4 @@ const perPageOptions = [ padding: 0.5rem !important; } } - + \ No newline at end of file diff --git a/resources/js/Pages/Editor/Dataset/Edit.vue b/resources/js/Pages/Editor/Dataset/Edit.vue index bbaf3c1..9a2385c 100644 --- a/resources/js/Pages/Editor/Dataset/Edit.vue +++ b/resources/js/Pages/Editor/Dataset/Edit.vue @@ -13,7 +13,7 @@ - +
diff --git a/resources/js/Pages/Submitter/Dataset/Edit.vue b/resources/js/Pages/Submitter/Dataset/Edit.vue index 4271e72..027bbc2 100644 --- a/resources/js/Pages/Submitter/Dataset/Edit.vue +++ b/resources/js/Pages/Submitter/Dataset/Edit.vue @@ -3,6 +3,7 @@ +
@@ -16,7 +17,7 @@ You have unsaved changes
- +
@@ -46,18 +47,18 @@ {{ flash.message }} - + + - - - @@ -419,7 +420,7 @@ title="Creators" :icon="mdiBookOpenPageVariant" :header-icon="mdiPlusCircle" - v-on:header-icon-click="addNewAuthor()" + @header-icon-click="addNewAuthor()" >
Add contributors by searching existing persons or manually adding new ones. @@ -933,7 +934,6 @@ import FileUploadComponent from '@/Components/FileUpload.vue'; import { MapOptions } from '@/Components/Map/MapOptions'; import { LatLngBoundsExpression } from 'leaflet'; import { LayerOptions } from '@/Components/Map/LayerOptions'; -import BaseIcon from '@/Components/BaseIcon.vue'; import { mdiImageText, mdiArrowLeftBoldOutline,