Merge pull request #761 from DiamondLightSource/pre-release/2024-R2.1

Pre release/2024 r2.1

.github/workflows/ci.yml

@@ -80,6 +80,7 @@ jobs:
         # hack the output from the linting steps to avoid these stopping the builds - we are not going to get 
         # to a clean output without considerable effort, but it's useful to see the output
         run: |
+              cp src/js/config_sample.json src/js/config.json
               node --version
               npm ci
               npm run build

.gitignore

@@ -27,6 +27,7 @@ client/index.php
 client/dist
 client/index.html
 client/.env
+client/src/js/config.json
 
 api/config.php
 api/vendor
@@ -38,3 +39,5 @@ entrypoint.bash
 php-fpm.conf
 php-fpm.pid
 php.ini
+
+*~

api/composer.json

@@ -22,8 +22,8 @@
     "ralouphie/getallheaders": "2.0.5",
     "slim/slim": "2.6.2",
     "stomp-php/stomp-php": "3.0.6",
-    "symfony/http-foundation": "^2.8",
-    "symfony/filesystem": "^2.8",
+    "symfony/http-foundation": "^5.4",
+    "symfony/filesystem": "^5.4",
     "mpdf/qrcode": "^1.2",
     "mtcmedia/dhl-api": "dev-master#9b4b6315",
     "maennchen/zipstream-php": "2.1.0"
@@ -45,4 +45,4 @@
       "php": "7.3"
     }
   }
-}
+}

api/config_sample.php

@@ -309,7 +309,7 @@
 
     # These map proposal types to their proposalcode
     # - If these are not defined for a proposal type, the api then uses bl_types below
-    $prop_types = array('mx', 'em');
+    $prop_types = array('mx');
 
     # This maps beamlinename in blsession to a proposal type
     # - Internal maps a beamline to an api "type", there are currently:
@@ -338,6 +338,9 @@
         )
     );
 
+    # Redirects, used internally when incrementally replacing parts of the application
+    $redirects = array('em' => 'https://ebic-pato.diamond.ac.uk');
+
     # Web-conexs URLs
     $conexs_url = '';
     $conexs_mpapi_url = '';
@@ -374,10 +377,9 @@
                                            ),
     );
 
-    # Map of beamlinename to pv prefix
-    $bl_pv_map = array(
-        'i02' => 'BL02I',
-        'i03' => 'BL03I',
+    # Map of beamlinename to puck name pv
+    $bl_puck_names = array(
+        'i03' => "BL03I-MO-ROBOT-01:PUCK_%02d_NAME"
     );
 
     # Dials server values

api/index.php

@@ -70,7 +70,7 @@ function setupApplication($mode): Slim
         global $motd, $authentication_type, $cas_url, $cas_sso, $sso_url, $package_description,
             $facility_courier_countries, $facility_courier_countries_nde,
             $dhl_enable, $dhl_link, $scale_grid, $scale_grid_end_date, $preset_proposal, $timezone,
-            $valid_components, $enabled_container_types, $ifsummary, $synchweb_version;
+            $valid_components, $enabled_container_types, $ifsummary, $synchweb_version, $redirects;
         $app->contentType('application/json');
         $options = $app->container['options'];
         $app->response()->body(json_encode(array(
@@ -91,7 +91,8 @@ function setupApplication($mode): Slim
             'valid_components' => $valid_components,
             'enabled_container_types' => $enabled_container_types,
             'ifsummary' => $ifsummary,
-            'synchweb_version' => $synchweb_version
+            'synchweb_version' => $synchweb_version,
+            'redirects' => $redirects
         )));
     });
     return $app;

api/src/Controllers/AssignController.php

@@ -103,22 +103,21 @@ function getBeamlineVisits($visit = null)
     # BL03I-MO-ROBOT-01:PUCK_01_NAME
     function getPuckNames()
     {
-        global $bl_pv_map;
+        global $bl_puck_names;
         session_write_close();
         if (!$this->has_arg('prop'))
             $this->_error('No proposal specified');
 
         if (!$this->has_arg('bl'))
             $this->_error('No beamline specified');
-        if (!array_key_exists($this->arg('bl'), $bl_pv_map))
+        if (!array_key_exists($this->arg('bl'), $bl_puck_names))
             $this->_error('No such beamline');
-        $pv_prefix = $bl_pv_map[$this->arg('bl')];
+        $pv_names = $bl_puck_names[$this->arg('bl')];
 
         $pvs = array();
         for ($i = 1; $i < 38; $i++)
         {
-            $id = $i < 10 ? '0' . $i : $i;
-            array_push($pvs, $pv_prefix . '-MO-ROBOT-01:PUCK_' . $id . '_NAME');
+            array_push($pvs, sprintf($pv_names, $i));
         }
 
         $rows = $this->assignData->getContainerBarcodesForProposal($this->proposalid);
@@ -132,18 +131,19 @@ function getPuckNames()
         $vals = $this->pv(array_values($pvs), true, true);
         foreach ($vals as $k => $v)
         {
-            if (preg_match('/PUCK_(\d+)_NAME/', $k, $mat))
+            $zero_id = array_search($k, $pvs);
+            if ($zero_id !== false)
             {
                 if (is_array($v) && sizeof($v))
                 {
                     $val = (!in_array($v[0], $codes) && !$this->staff) ? '[Loaded]' : $v[0];
                 }
                 else
                     $val = '';
-                array_push($return, array('id' => intval($mat[1]), 'name' => $val));
+                array_push($return, array('id' => $zero_id+1, 'name' => $val));
             }
         }
 
         $this->_output($return);
     }
-}
+}

api/src/Controllers/AuthenticationController.php

@@ -161,12 +161,19 @@ private function processOneTimeUseTokens(): bool
         $tokenId = $this->app->request()->get('token');
         if ($tokenId)
         {
-            # Remove tokens more than 10 seconds old, they should have been used
-            $this->dataLayer->deleteOldOneTimeUseTokens();
+            $max_token_age = 10;
             $token = $this->dataLayer->getOneTimeUseToken($tokenId);
             if (sizeof($token))
             {
                 $token = $token[0];
+                if ($token['AGE'] > $max_token_age)
+                {
+                    $err = 'Authorisation token too old. Please press back and then try again.';
+                    $err .= ' If this problem persists, please try clearing your cookies or using a different browser.';
+                    error_log('Authorisation token too old. Age: '.$token['AGE'].'s. Max age: '.$max_token_age.'s.');
+                    error_log('User-agent: ' . $_SERVER['HTTP_USER_AGENT']);
+                    $this->returnError(400, $err);
+                }
                 $qs = $_SERVER['QUERY_STRING'] ? (preg_replace('/(&)?token=\w+/', '', str_replace('&', '&', $_SERVER['QUERY_STRING']))) : null;
                 if ($qs)
                     $qs = '?' . $qs;
@@ -178,13 +185,26 @@ private function processOneTimeUseTokens(): bool
                     $need_auth = false;
                     $this->dataLayer->deleteOneTimeUseToken($tokenId);
                 }
+                else
+                {
+                    error_log('Authorisation token not valid for this URL.');
+                    error_log('Requested site: ' . $this->app->request->getResourceUri() . $qs);
+                    error_log('Token valid for: ' . $token['VALIDITY']);
+                    $err = 'Invalid one-time authorisation token.';
+                    $this->returnError(400, $err);
+                }
             }
             else
             {
-                $this->returnError(400, 'Invalid one time authorisation token');
+                $err = 'No authorisation token found. ';
+                $err .= 'If this error persists, please try clearing your cookies or using a different browser.';
+                error_log('No authorisation token found.');
+                error_log('User-agent: ' . $_SERVER['HTTP_USER_AGENT']);
+                $this->returnError(400, $err);
             }
+            # Remove tokens more than $max_token_age seconds old, they should have been used
+            $this->dataLayer->deleteOldOneTimeUseTokens($max_token_age);
         }
-
         return $need_auth;
     }
 
@@ -396,4 +416,4 @@ private function authenticateByType() {
         }
     }
 
-}
+}

api/src/Model/Services/AuthenticationData.php

@@ -28,7 +28,8 @@ function isUserLoggedIn($userId): bool
 
     function getOneTimeUseToken($tokenId)
     {
-        return $this->db->pq("SELECT o.validity, pe.personid, pe.login, CONCAT(p.proposalcode, p.proposalnumber) as prop 
+        return $this->db->pq("SELECT o.validity, pe.personid, pe.login, CONCAT(p.proposalcode, p.proposalnumber) as prop,
+                    NOW() - o.recordTimeStamp as age
 		    		FROM SW_onceToken o
 		    		INNER JOIN proposal p ON p.proposalid = o.proposalid
 		    		INNER JOIN person pe ON pe.personid = o.personid
@@ -40,10 +41,10 @@ function deleteOneTimeUseToken($tokenId)
         $this->db->pq("DELETE FROM SW_onceToken WHERE token=:1", array($tokenId));
     }
 
-    function deleteOldOneTimeUseTokens()
+    function deleteOldOneTimeUseTokens($max_token_age)
     {
-        # Remove tokens more than 10 seconds old, they should have been used
-        $this->db->pq("DELETE FROM SW_onceToken WHERE recordTimeStamp < NOW() - INTERVAL 10 SECOND");
+        # Remove tokens more than $max_token_age seconds old, they should have been used
+        $this->db->pq("DELETE FROM SW_onceToken WHERE recordTimeStamp < NOW() - INTERVAL :1 SECOND", array($max_token_age));
     }
 
 
@@ -100,4 +101,4 @@ function updateActivityTimestamp($loginId)
             }
         }
     }
-}
+}

api/src/Page.php

@@ -161,10 +161,10 @@ function _get_type_from_beamline($bl)
     }
 
     /**
-     * Return a list of beamlines based on the type/group (mx, em, gen)
+     * Return a list of beamlines based on the type/group (mx, gen)
      * The return value can be checked with empty() if required
      *
-     * @param String $ty Beamline type/group 'mx', 'em', etc. or 'all' to get all beamlines
+     * @param String $ty Beamline type/group 'mx', etc. or 'all' to get all beamlines
      * @param bool $archived Default: false. Flag that allows archived beamlines to be included in result
      * @return Array Returns list of beamlines that are part of the beamline type
      */