fixed merge conflicts

.gitignore

@@ -221,6 +221,7 @@ yarn-debug.log*
 .yarn-integrity
 
 /config/credentials/development.key
+__pycache__/
 
 # Jupyter notebooks checkpoints
-documentation/apis/Jupyter-Notebooks/.ipynb_checkpoints/
+documentation/apis/Jupyter-Notebooks/.ipynb_checkpoints/

Gemfile

@@ -81,6 +81,7 @@ gem 'loofah', '~> 2.24.0'
 gem 'markdiff', '~> 0.8.1'
 gem 'net-ftp', '~> 0.3.4'
 gem 'net-sftp'
+gem 'newrelic_rpm'
 gem 'noid', '~> 0.9.0'
 gem 'omniauth', '~> 2.1.0'
 gem 'omniauth-google-oauth2', '~> 1.1.1'
@@ -176,14 +177,17 @@ group :development, :test, :dev do
   # Rails application preloader (https://github.com/rails/spring), says not to install in production
   gem 'spring'
   # rspec command for spring (https://github.com/jonleighton/spring-commands-rspec)
-  gem 'bullet'
   gem 'letter_opener'
   gem 'letter_opener_web', '~> 3.0'
-  gem 'rack-mini-profiler', require: false
   gem 'spring-commands-rspec'
 end
 
 group :development, :dev do
   gem 'colorize'
   gem 'web-console'
+  gem 'rack-mini-profiler'
+end
+
+group :development do
+  gem 'bullet'
 end

Gemfile.lock

@@ -438,6 +438,7 @@ GEM
       net-protocol
     net-ssh (7.3.0)
     netrc (0.11.0)
+    newrelic_rpm (9.16.1)
     nio4r (2.7.3)
     noid (0.9.0)
     nokogiri (1.18.1-arm64-darwin)
@@ -829,6 +830,7 @@ DEPENDENCIES
   mysql2 (~> 0.5.6)
   net-ftp (~> 0.3.4)
   net-sftp
+  newrelic_rpm
   noid (~> 0.9.0)
   omniauth (~> 2.1.0)
   omniauth-google-oauth2 (~> 1.1.1)

app/assets/stylesheets/scss/_alert.scss

@@ -88,3 +88,22 @@
 	clear: both;
 	border: 2px solid $red;
 }
+
+#sandbox_banner {
+	@extend %pull-background;
+	margin-top: -10px;
+	margin-bottom: 15px;
+	background-color: #fff2ce; //$lightest-orange
+	font-size: .98rem;
+	.modalClose {
+		margin-bottom: 0;
+		display: flex;
+		justify-content: space-between;
+		text-align: left;
+		button {
+			font-size: 22px;
+			line-height: 0;
+			height: 22px;
+		}
+	}
+}

app/controllers/application_controller.rb

@@ -1,6 +1,5 @@
 class ApplicationController < ActionController::Base
   def process_action(*args)
-    pp request.host
     super
 
     # Show Bad Request Error for bad Content-Type/Accept headers, Invalid URI

app/controllers/stash_api/external_reports_controller.rb

@@ -0,0 +1,49 @@
+# This class is only for internal use and is not exposed to the public since it may include reports for
+# files that we don't own (at Zenodo) and would only be used by our SensitiveData checker or perhaps a view
+# and limited to roles that can access
+
+# expect URLs to look like /api/v2/files/<file-id>/sensitiveDataReport
+# and do only bare output of data for our own use.  Only enable PUT and GET
+module StashApi
+  class ExternalReportsController < ApiApplicationController
+
+    before_action :require_json_headers
+    before_action :force_json_content_type
+    before_action :require_file # this is different for this than for files
+    before_action :doorkeeper_authorize!, only: %i[update]
+    before_action :require_api_user, only: %i[update]
+    before_action :optional_api_user, only: %i[show]
+    before_action :require_viewable_report, only: %i[show]
+    before_action :require_permission, only: %i[update]
+    before_action :require_correct_status, only: %i[update]
+
+    # GET
+    private
+
+    def require_file
+      @stash_file = StashEngine::GenericFile.where(id: params[:file_id]).first
+      @resource = @stash_file&.resource # for require_permission to use
+      render json: { error: 'not-found' }.to_json, status: 404 if @stash_file.nil? || @resource.nil?
+    end
+
+    def require_viewable_report
+      @report = report_object
+      render json: { error: 'not-found' }.to_json, status: 404 if @report.nil? ||
+        !@stash_file.resource.may_view?(ui_user: @user)
+    end
+
+    def require_correct_status
+      return if statuses.include?(params[:status])
+
+      render json: { error: 'incorrect status set' }.to_json, status: 400
+    end
+
+    def report_object
+      raise NotImplementedError, 'Subclasses must implement report_object'
+    end
+
+    def statuses
+      raise NotImplementedError, 'Subclasses must implement report_object'
+    end
+  end
+end

app/controllers/stash_api/frictionless_reports_controller.rb

@@ -5,19 +5,8 @@
 # expect URLs to look like /api/v2/files/<file-id>/frictionlessReport
 # and do only bare output of data for our own use.  Only enable PUT and GET
 module StashApi
-  class FrictionlessReportsController < ApiApplicationController
+  class FrictionlessReportsController < ExternalReportsController
 
-    before_action :require_json_headers
-    before_action :force_json_content_type
-    before_action :require_file # this is different for this than for files
-    before_action :doorkeeper_authorize!, only: %i[update]
-    before_action :require_api_user, only: %i[update]
-    before_action :optional_api_user, only: %i[show]
-    before_action :require_viewable_report, only: %i[show]
-    before_action :require_permission, only: %i[update]
-    before_action :require_correct_status, only: %i[update]
-
-    # GET
     def show
       @api_report = StashApi::FrictionlessReport.new(file_obj: @stash_file, fric_obj: @report)
       render json: @api_report.metadata
@@ -33,23 +22,14 @@ def update
       render json: @api_report.metadata
     end
 
-    def require_file
-      @stash_file = StashEngine::GenericFile.where(id: params[:file_id]).first
-      @resource = @stash_file&.resource # for require_permission to use
-      render json: { error: 'not-found' }.to_json, status: 404 if @stash_file.nil? || @resource.nil?
-    end
+    private
 
-    def require_viewable_report
-      @report = @stash_file&.frictionless_report
-      render json: { error: 'not-found' }.to_json, status: 404 if @report.nil? ||
-        !@stash_file.resource.may_view?(ui_user: @user)
+    def report_object
+      @stash_file&.frictionless_report
     end
 
-    def require_correct_status
-      return if StashEngine::FrictionlessReport.statuses.keys.include?(params[:status])
-
-      render json: { error: 'incorrect status set' }.to_json, status: 400
+    def statuses
+      StashEngine::FrictionlessReport.statuses.keys
     end
-
   end
 end

app/controllers/stash_api/sensitive_data_reports_controller.rb

@@ -0,0 +1,35 @@
+# This class is only for internal use and is not exposed to the public since it may include reports for
+# files that we don't own (at Zenodo) and would only be used by our SensitiveData checker or perhaps a view
+# and limited to roles that can access
+
+# expect URLs to look like /api/v2/files/<file-id>/sensitiveDataReport
+# and do only bare output of data for our own use.  Only enable PUT and GET
+module StashApi
+  class SensitiveDataReportsController < ExternalReportsController
+    # GET
+    def show
+      @api_report = StashApi::SensitiveDataReport.new(file_obj: @stash_file, result_obj: @report)
+      render json: @api_report.metadata
+    end
+
+    # PUT
+    def update
+      # only json for report and status will be updated, the rest is automatically updated
+      report = @stash_file.sensitive_data_report
+      report = StashEngine::SensitiveDataReport.new(generic_file_id: @stash_file.id) if report.nil?
+      report.update(report: params[:report], status: params[:status])
+      @api_report = StashApi::SensitiveDataReport.new(file_obj: @stash_file, result_obj: report)
+      render json: @api_report.metadata
+    end
+
+    private
+
+    def report_object
+      @stash_file&.sensitive_data_report
+    end
+
+    def statuses
+      StashEngine::SensitiveDataReport.statuses.keys
+    end
+  end
+end

app/controllers/stash_datacite/resources_controller.rb

@@ -39,7 +39,7 @@ def review
           @resource.reload
           if @resource.identifier.payment_type.blank? || @resource.identifier.payment_type == 'unknown'
             @target_page = stash_url_helpers.review_resource_path(@resource.id)
-            @aff_tenant = StashEngine::Tenant.find_by_ror_id(@resource.identifier&.submitter_affiliation&.ror_id).partner_list.first
+            @aff_tenant = StashEngine::Tenant.find_by_ror_id(@resource.identifier&.submitter_affiliation&.ror_id).connect_list.first
           end
         end
       end

app/controllers/stash_engine/admin_dashboard_controller.rb

@@ -269,7 +269,7 @@ def journal_filter
       journal_ids = @filters.dig(:journal, :value)&.to_i
       journal_ids = (@journal_limit.map(&:id).include?(journal_ids) ? journal_ids : @journal_limit.map(&:id)) if @journal_limit.present?
 
-      @datasets = @datasets.joins(:journal).where('stash_engine_journals.id': journal_ids) if journal_ids.present?
+      @datasets = @datasets.joins(:journals).where('stash_engine_journals.id': journal_ids) if journal_ids.present?
     end
 
     def sponsor_filter
@@ -278,7 +278,7 @@ def sponsor_filter
       sponsor_ids = @filters[:sponsor]&.to_i
       sponsor_ids = (@sponsor_limit.map(&:id).include?(sponsor_ids) ? sponsor_ids : @sponsor_limit.map(&:id)) if @sponsor_limit.present?
 
-      @datasets = @datasets.joins(:journal).where('stash_engine_journals.sponsor_id': sponsor_ids) if sponsor_ids.present?
+      @datasets = @datasets.joins(:journals).where('stash_engine_journals.sponsor_id': sponsor_ids) if sponsor_ids.present?
     end
 
     def funder_filter

app/controllers/stash_engine/admin_datasets_controller.rb

@@ -16,7 +16,11 @@ def popup
         )
       when 'publication'
         authorize %i[stash_engine admin_datasets], :data_popup?
-        @publication = StashEngine::ResourcePublication.find_or_create_by(resource_id: @identifier.latest_resource.id)
+        @publication = StashEngine::ResourcePublication.find_or_create_by(resource_id: @identifier.latest_resource.id, pub_type: :primary_article)
+      when 'preprint'
+        authorize %i[stash_engine admin_datasets], :data_popup?
+        @publication = StashEngine::ResourcePublication.find_or_create_by(resource_id: @identifier.latest_resource.id, pub_type: :preprint)
+        @field = 'publication'
       when 'data'
         authorize %i[stash_engine admin_datasets], :data_popup?
         setup_internal_data_list

app/controllers/stash_engine/application_controller.rb

@@ -13,12 +13,6 @@ class ApplicationController < ::ApplicationController
 
     rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
 
-    if Rails.env.development?
-      before_action do
-        Rack::MiniProfiler.authorize_request
-      end
-    end
-
     # returns the :return_to_path set in the session or else goes back to the path supplied
     def return_to_path_or(default_path)
       return session.delete(:return_to_path) if session[:return_to_path]
@@ -51,6 +45,5 @@ def redirect_url_for(original_url, host, port)
       uri.port = port if port
       uri.to_s
     end
-
   end
 end

app/controllers/stash_engine/sessions_controller.rb

@@ -101,7 +101,7 @@ def test_login
 
     def choose_sso
       set_default_tenant
-      tenants = StashEngine::Tenant.partner_list.map { |t| { id: t.id, name: t.short_name } }
+      tenants = StashEngine::Tenant.connect_list.map { |t| { id: t.id, name: t.short_name } }
       # If no tenants are defined redirect to the no_parter path
       if tenants.empty?
         redirect_to :no_partner, method: :post

app/controllers/stash_engine/tenant_admin_controller.rb

@@ -18,7 +18,7 @@ def index
                                   "%#{q}%", "%#{q}%", "%#{q}%")
       end
 
-      ord = helpers.sortable_table_order(whitelist: %w[id short_name long_name authentication partner_display enabled])
+      ord = helpers.sortable_table_order(whitelist: %w[id short_name long_name authentication covers_dpc partner_display enabled])
       @tenants = @tenants.order(ord)
 
       @tenants = @tenants.where('id = ? or sponsor_id= ?', params[:sponsor], params[:sponsor]) if params[:sponsor].present?
@@ -29,7 +29,8 @@ def index
 
     def popup
       strings = { campus_contacts: 'contacts', partner_display: 'member display', ror_orgs: 'ROR organizations', enabled: 'active membership',
-                  logo: 'logo', short_name: 'member name', long_name: 'full member name', authentication: 'authentication strategy' }
+                  covers_dpc: 'payment', short_name: 'member name', long_name: 'full member name',
+                  sponsor_id: 'sponsor', logo: 'logo', authentication: 'authentication strategy' }
       @desc = strings[@field.to_sym]
       respond_to(&:js)
     end
@@ -76,8 +77,9 @@ def load
     end
 
     def update_hash
-      valid = %i[partner_display enabled short_name long_name]
+      valid = %i[covers_dpc partner_display enabled short_name long_name sponsor_id]
       update = edit_params.slice(*valid)
+      update[:sponsor_id] = nil if edit_params.key?(:sponsor_id) && edit_params[:sponsor_id].blank?
       update[:campus_contacts] = edit_params[:campus_contacts].split("\n").map(&:strip).to_json if edit_params.key?(:campus_contacts)
       if edit_params.key?(:authentication)
         auth = {
@@ -108,7 +110,7 @@ def update_associations
     end
 
     def edit_params
-      params.permit(:id, :field, :short_name, :long_name, :logo, :campus_contacts, :partner_display, :enabled, :ror_orgs,
+      params.permit(:id, :field, :short_name, :long_name, :logo, :campus_contacts, :covers_dpc, :partner_display, :enabled, :ror_orgs, :sponsor_id,
                     authentication: %i[strategy ranges entity_id entity_domain])
     end
 

app/controllers/stash_engine/user_admin_controller.rb

@@ -154,7 +154,7 @@ def setup_facets
 
     def setup_tenants
       @tenants = [OpenStruct.new(id: '', name: '')]
-      @tenants << StashEngine::Tenant.enabled.map do |t|
+      @tenants << StashEngine::Tenant.all.sort_by(&:short_name).map do |t|
         OpenStruct.new(id: t.id, name: t.short_name)
       end
       @tenants.flatten!

app/helpers/stash_engine/application_helper.rb

@@ -18,7 +18,7 @@ def institution_select
     end
 
     def tenant_select
-      StashEngine::Tenant.partner_list.map { |t| { id: t.id, name: t.short_name } }
+      StashEngine::Tenant.connect_list.map { |t| { id: t.id, name: t.short_name } }
     end
 
     # no decimal removes the after decimal bits

app/models/stash_api/sensitive_data_report.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require_relative 'presenter'
+module StashApi
+  class SensitiveDataReport
+    include Presenter
+
+    def initialize(file_obj:, result_obj:)
+      @se_data_file = file_obj
+      @resource = @se_data_file.resource
+      @se_report = result_obj
+    end
+
+    def metadata
+      { _links: links }.merge(report: @se_report.report,
+                              createdAt: @se_report.created_at,
+                              updatedAt: @se_report.updated_at,
+                              status: @se_report.status).recursive_compact
+    end
+
+    def links
+      basic_links.compact.merge(stash_curie)
+    end
+
+    def parent_version
+      @version ||= Version.new(resource_id: @se_data_file.resource_id)
+    end
+
+    private
+
+    def basic_links
+      {
+        self: { href: api_url_helper.file_sensitive_data_report_path(@se_data_file.id) },
+        'stash:dataset': { href: parent_version.parent_dataset.self_path },
+        'stash:version': { href: parent_version.self_path },
+        'stash:files': { href: parent_version.files_path }
+      }
+    end
+  end
+end