Merge Dev into Main July 10 2024 #50
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The command to print out Bandit's output directly to the console in the GitHub Actions workflow was removed. Now, the results are only being uploaded as an artifact for review.
Changed the triggering event of Bandit Security Linting workflow from happening on both push and pull_request events to only on pull_request events.
Updated the Bandit Security Linting code to also include 'resources' and 'app.py', expanding the range of files which are scanned for potential security vulnerabilities. Previously, linting was only applied to 'middleware'.
…e_292_bandit Add Bandit Security Linting to Github Actions
Modified SQL queries across multiple sources to use parameterized inputs instead of string formatting. This approach enhances security by preventing potential SQL injection attacks. The updates were applied to queries in files such as `login_queries.py`, `user_queries.py`, `reset_token_queries.py`, and others. Additionally, relevant tests were added to assure correct functioning.
…e_212_paramerize_sql_queries Refactor SQL queries for enhanced security
…named_tuples Replace tuple return type with namedtuple in security middleware
…endpoint_tests Mc add endpoint tests
The query methods in the middleware and resource files are updated to remove the test parameters, leading to simplified code. The code accessibility is improved by not allowing externally supplied test results to be processed, reducing the possibility of incorrect outputs. All functions now rely only on database queries for data, resulting in a more robust system.
This commit mainly addresses the change in import paths for database connection objects and cursors across multiple test files. `tests.middleware.fixtures` has been moved to `tests.fixtures`, resulting in changes to import statements in the affected test files. This provides a cleaner organization and management of test cases, making code more maintainable.
This commit relocates the helper functions from 'tests/middleware' to 'tests', adjusting import paths in various test files accordingly. Additionally, the 'client' fixture in 'test_endpoints' is replaced with a new 'client_with_mock_db' fixture, and a new 'client_with_db' fixture is introduced in 'fixtures.py'. This enhances the organization and maintainability of the test infrastructure.
…e_280_replace_test_query_results Remove test parameters from query functions
…t fixtures This commit moves several helper functions from the `test_archives_queries.py` file to the `helper_functions.py` file which makes the test suite more maintainable and organized. The update also includes the introduction of new `client_with_db` fixture in 'helper_functions.py' for better testing setup.
This commit adds integration tests for various API endpoints such as search tokens, data sources map, data sources by id, and user interactions among others. These tests ensure that the API endpoints work as expected and return the correct data. They also help to identify any failing or incorrectly functioning endpoints promptly.
This update introduces improved readability of an extensive code base by adding docstrings to different functions across multiple pages. It also features some optimizations to several test functions for various endpoints, ensuring code clarity and facilitating easier debugging for future development work.
Refactored the "Authorization" and "Content-Type" headers for request in the integration test_archives.py to enhance readability. This adjustment will make the tests easier to understand and maintain in the future.
This reverts commit c26ced8.
This reverts commit c3abf39.
…e_305_add_integration_tests Mc issue 305 add integration tests
…Data-Accessibility-Project/results-messaging shuffle results messaging
Quick search fix
# Conflicts: # middleware/quick_search_query.py
…_data_generator Create TestDataGenerator
…337_create_database_client
…e_337_create_database_client Mc issue 337 create database client
josh-chamberlain
approved these changes
Jul 10, 2024
josh-chamberlain
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issues Included
All of these prepare us for our v2 project.
regular_api_checks.pydata-sources-app#323http.HTTPStatusdata-sources-app#319DataSourceByIDto not return 404 when a data source is not found data-sources-app#312security.pyand add error message for insufficient permissions data-sources-app#310RefreshSessionpost method data-sources-app#308quick_search_query_logsdata-sources-app#290SearchTokens.pydata-sources-app#285Additional PRs included: