Skip to content

Commit

Permalink
PPS-588 Fix/csrf (#251)
Browse files Browse the repository at this point in the history 
* add csrf

* add more csrf

* remove unneeded pkg

* fix: missing args

* fix missing

* ask when token ready

* add missing pass over

* remove unneeded logic

* update version

* fix according to suggestions
  • Loading branch information
@mfshao
mfshao authored Dec 18, 2023
1 parent 81558d7 commit f27573f
Show file tree
Hide file tree
Showing 7 changed files with 50 additions and 230 deletions.
1 change: 1 addition & 0 deletions devHelper/scripts/commands.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,7 @@ curl -iv -X PUT "${ESHOST}/${indexName}" \
"some_string_inside_nested": { "type": "keyword", "fields": { "analyzed": {"type": "text", "analyzer": "ngram_analyzer", "search_analyzer": "search_analyzer", "term_vector": "with_positions_offsets"} } }
}
},
"consortium_id": { "type": "integer" },
"some_integer_field": { "type": "integer" },
"some_long_field": { "type": "long" },
"sensitive": { "type": "keyword" }
Expand Down
200 changes: 2 additions & 198 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@gen3/guppy",
"version": "0.17.1",
"version": "0.18.0",
"description": "Server that support GraphQL queries on data from elasticsearch",
"main": "src/server/server.js",
"directories": {
Expand Down Expand Up @@ -34,7 +34,6 @@
"array.prototype.flatmap": "^1.3.2",
"body-parser": "^1.20.2",
"cors": "^2.8.5",
"csurf": "^1.11.0",
"dd-trace": "^4.5.0",
"express": "^4.18.2",
"file-saver": "^2.0.5",
Expand Down
7 changes: 6 additions & 1 deletion src/components/ConnectedFilter/index.jsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ class ConnectedFilter extends React.Component {
this.state.allAsTextAggFields,
this.state.filter,
this.state.accessibility,
this.props.csrfToken,
)
.then((res) => {
if (!res.data) {
Expand Down Expand Up @@ -112,7 +113,7 @@ class ConnectedFilter extends React.Component {
}

/**
* Handler function that is called everytime filter changes
* Handler function that is called every time filter changes
* What this function does:
* 1. Ask guppy for aggregation data using (processed) filter
* 2. After get aggregation response, call `handleReceiveNewAggsData` handler
Expand All @@ -137,6 +138,7 @@ class ConnectedFilter extends React.Component {
this.state.allAsTextAggFields,
mergedFilterResults,
this.state.accessibility,
this.props.csrfToken,
)
.then((res) => {
this.handleReceiveNewAggsData(
Expand Down Expand Up @@ -285,6 +287,7 @@ class ConnectedFilter extends React.Component {
this.props.guppyConfig,
this.arrayFields,
this.props.filterValuesToHide,
this.props.csrfToken,
);
const filterStatus = this.state.filterStatusArray
? this.state.filterStatusArray[index] : null;
Expand Down Expand Up @@ -371,6 +374,7 @@ ConnectedFilter.propTypes = {
userFilterFromURL: PropTypes.object,
hideEmptyFilterSection: PropTypes.bool,
filterValuesToHide: PropTypes.arrayOf(PropTypes.string),
csrfToken: PropTypes.string,
};

ConnectedFilter.defaultProps = {
Expand All @@ -391,6 +395,7 @@ ConnectedFilter.defaultProps = {
userFilterFromURL: {},
hideEmptyFilterSection: false,
filterValuesToHide: [],
csrfToken: '',
};

export default ConnectedFilter;
Loading

0 comments on commit f27573f

Please sign in to comment.