From 6ee0d266883437531f10d072fb8263872e183f71 Mon Sep 17 00:00:00 2001
From: gawor <michal.j.gawor@gmail.com>
Date: Tue, 15 Oct 2024 12:45:16 +0200
Subject: [PATCH] vulnerability fix bump django to 4.2.16

---
 dogconfig/dogproject/settings.py       | 10 ++++++-
 dogconfig/dogproject/urls.py           |  6 +++--
 dogui/dogui/forms.py                   |  1 -
 dogui/dogui/templates/UI/_.html        | 10 +++----
 dogui/dogui/templates/UI/_about.html   |  9 ++++---
 dogui/dogui/templates/UI/_contact.html |  7 +++++
 dogui/dogui/templates/UI/_content.html |  8 +++---
 dogui/dogui/templates/UI/_fetch.html   |  9 +++----
 dogui/dogui/templates/UI/_footer.html  |  2 +-
 dogui/dogui/templates/UI/_header.html  | 12 ---------
 dogui/dogui/templates/UI/_navbar.html  | 21 +++++++++++++++
 dogui/dogui/views_ui.py                | 36 +++++++++++++++++++++-----
 pyproject.toml                         |  7 +++--
 13 files changed, 93 insertions(+), 45 deletions(-)
 create mode 100644 dogui/dogui/templates/UI/_contact.html
 delete mode 100644 dogui/dogui/templates/UI/_header.html
 create mode 100644 dogui/dogui/templates/UI/_navbar.html

diff --git a/dogconfig/dogproject/settings.py b/dogconfig/dogproject/settings.py
index 4e97cb8..54b1e06 100644
--- a/dogconfig/dogproject/settings.py
+++ b/dogconfig/dogproject/settings.py
@@ -62,6 +62,9 @@
 hostname, _, ips = socket.gethostbyname_ex("localhost")
 INTERNAL_IPS += [".".join(ip.split(".")[:-1] + ["1"]) for ip in ips]
 
+
+
+
 # Application definition
 INSTALLED_APPS = [
     'django.contrib.admin',
@@ -72,9 +75,11 @@
     'django.contrib.staticfiles',
 
     # 3rd party
-    'debug_toolbar',
+    'bootstrap5',
     'corsheaders',
+    'debug_toolbar',
     'drf_spectacular',
+    'fontawesomefree',
     'rest_framework',
 
     # CLARIN internal dependency
@@ -86,6 +91,9 @@
 
 ]
 
+DTR_ENABLED = False
+
+
 REST_FRAMEWORK = {
     'DEFAULT_RENDERER_CLASSES': [
         'rest_framework.renderers.JSONRenderer',
diff --git a/dogconfig/dogproject/urls.py b/dogconfig/dogproject/urls.py
index a3ec851..eaabee1 100644
--- a/dogconfig/dogproject/urls.py
+++ b/dogconfig/dogproject/urls.py
@@ -5,7 +5,7 @@
 from drf_spectacular.views import SpectacularAPIView, SpectacularJSONAPIView
 
 
-from dogui.views_ui import home, about
+from dogui.views_ui import about, contact, dtr, home
 from dogapi.views_api import (fetch, identify, sniff, is_pid, expand_datatype, get_all_repositories,
                               get_repositories_status)
 
@@ -26,5 +26,7 @@
 
     # UI
     path('', home, name='main'),
-    path('about', about, name='about')
+    path('about', about, name='about'),
+    path('contact', contact, name='contact'),
+    path('dtr', dtr, name='contact')
 ]
diff --git a/dogui/dogui/forms.py b/dogui/dogui/forms.py
index 8b0516c..610d1b1 100644
--- a/dogui/dogui/forms.py
+++ b/dogui/dogui/forms.py
@@ -44,7 +44,6 @@ def __init__(self, *args, **kwargs):
         # ('identify', 'identify'),
         ('fetch', 'fetch'),
         ('ispid', 'is pid'),
-        ('expanddatatype', 'expand MIME data type'),
     ]
     pid_field: PIDField = PIDField(required=True,
                                    widget=forms.TextInput(attrs={'required': 'True'}))
diff --git a/dogui/dogui/templates/UI/_.html b/dogui/dogui/templates/UI/_.html
index 04bab7f..07f0b3e 100644
--- a/dogui/dogui/templates/UI/_.html
+++ b/dogui/dogui/templates/UI/_.html
@@ -15,15 +15,15 @@
         {# @formatter:on #}
 </head>
 <body>
-    {% block header %}
-        {% include 'UI/_header.html' %}
+    {% block navbar %}
+        {% include 'UI/_navbar.html' %}
     {% endblock %}
 
-    {% block content %}{% endblock %}
+    {% block content %}
+    {% endblock %}
 
     {% block footer %}
         {% include 'UI/_footer.html' %}
     {% endblock %}
-</div>
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/dogui/dogui/templates/UI/_about.html b/dogui/dogui/templates/UI/_about.html
index ec627fe..72aa402 100644
--- a/dogui/dogui/templates/UI/_about.html
+++ b/dogui/dogui/templates/UI/_about.html
@@ -9,15 +9,15 @@ <h1>About the CLARIN ERIC Digital Object Gateway</h1>
         <a href='https://infra.clarin.eu/apis/?urls.primaryName=Digital%20Object%20Gateway%20API%20(alpha)'>application programming interface</a>. </p>
     <h2>Source code</h2>
     <h3>Source code and issue tracking</h3>
-    <p>The source code of the DOG library: <a href='https://github.com/clarin-eric/DOGlib'>DOGlib GitHub repository</a>.
-    The source code of the DOG application: <a href='https://github.com/clarin-eric/DOGapp'>DOGapp GitHub repository</a>. </p>
+    <p>The source code of DOG library: <a href='https://github.com/clarin-eric/DOGlib'>DOGlib GitHub repository</a>. </p>
+    <p>The source code of DOG application: <a href='https://github.com/clarin-eric/DOGapp'>DOGapp GitHub repository</a>. </p>
     <h2>Credits</h2>
     <h3>Maintainers</h3>
     <ul>
         <li>Michał Gawor <sup><a href='https://www.clarin.eu/applications/'>CLARIN ERIC</a></sup></li>
         <li>André Moreira <sup><a href='https://www.clarin.eu/applications/'>CLARIN ERIC</a></sup></li>
     </ul>
-    <h3>Original Developers</h3>
+    <h3>Developers</h3>
     <ul>
         <li>Michał Gawor <sup><a href='https://www.clarin.eu/applications/'>CLARIN ERIC</a></sup></li>
     </ul>
@@ -26,9 +26,10 @@ <h2>Licenses</h2>
         <a href='https://clarin.eu/content/development-information'>Get to work with CLARIN applications' source code and documentation</a>.
     </p>
     <h3>Technology used</h3>
+    Notable dependencies
     <ul>
         <li><a href='https://github.com/django/django/blob/master/LICENSE'>django</a></li>
-        <li><a href='https://github.com/django-debug-toolbar/django-debug-toolbar/blob/master/LICENSE'>django-debug-toolbar</a></li>
+        <li><a href='https://www.django-rest-framework.org/#license'>django-rest-framework</a></li>
         <li><a href='https://github.com/SeleniumHQ/selenium/blob/trunk/LICENSE'>Selenium WebDriver Python bindings</a></li>
         <li><a href='https://github.com/memcached/memcached/blob/master/LICENSE'>memecache</a></li>
     </ul>
diff --git a/dogui/dogui/templates/UI/_contact.html b/dogui/dogui/templates/UI/_contact.html
new file mode 100644
index 0000000..54ba4c5
--- /dev/null
+++ b/dogui/dogui/templates/UI/_contact.html
@@ -0,0 +1,7 @@
+{% extends 'UI/_.html' %}
+{% block content %}
+<div id="content">
+    <h2>Contacting CLARIN ERIC about the Digital Object Gateway</h2>
+    <p>Contact <a href="mailto:dog@clarin.eu">by e-mail &#128231;</a></p>
+</div>
+{% endblock content %}
diff --git a/dogui/dogui/templates/UI/_content.html b/dogui/dogui/templates/UI/_content.html
index 1dc4dcf..4bd2c32 100644
--- a/dogui/dogui/templates/UI/_content.html
+++ b/dogui/dogui/templates/UI/_content.html
@@ -2,12 +2,14 @@
 {% block content %}
 <div id="content">
     Welcome to CLARIN ERIC Digital Object Gateway. The goal of DOG is to ease access to referenced resources in metadata.
-    Currently, DOG supports 4 functionalities:
+    Currently, DOG supports {% if DTR_ENABLED %} 4 {% else %} 3 {% endif %} functionalities:
     <ul>
         <li>sniff - checks if input PID points to a registered repository</li>
         <li>fetch - fetches all PIDs of references resources in the metadata </li>
         <li>is pid - checks if input string is a DOG parsable PID</li>
-        <li>expand data type - returns MIME Data Type taxonomy from <a href="">Data Type Registry</a></li>
+        {% if DTR_ENABLED %}
+        <li>expand data type - expands MIME Data Type to taxonomy from <a href="">Data Type Registry</a></li>
+        {% endif %}
     </ul>
 
     Swagger available <a href="https://infra.clarin.eu/apis/">here</a>
@@ -35,5 +37,3 @@ <h4> Currently registered repositories within DOG </h4>
     </div>
 </div>
 {% endblock content %}
-
-
diff --git a/dogui/dogui/templates/UI/_fetch.html b/dogui/dogui/templates/UI/_fetch.html
index 2775737..e02dfb0 100644
--- a/dogui/dogui/templates/UI/_fetch.html
+++ b/dogui/dogui/templates/UI/_fetch.html
@@ -37,8 +37,8 @@
                             <table>
                                 <thead>
                                 <tr>
-                                    <th>Data type</th>
-                                    <th>PID</th>
+                                    <th>Resource type</th>
+                                    <th>PID (MIME type)</th>
                                 </tr>
                                 </thead>
                                 {% for ref_resources in fetch_result.ref_files %}
@@ -48,13 +48,10 @@
                                         </td>
                                         <td>
                                             {% for ref_resource in ref_resources.ref_resources %}
-                                                <a href="{{ ref_resource.pid }}">{{ ref_resource.pid }}</a>
+                                                <a href="{{ ref_resource.pid }}">{{ ref_resource.pid }}</a> {% if ref_resource.data_type %} ({{ ref_resource.data_type }}) {% else %} (unknown) {% endif %}
                                                     {% if not forloop.last %}
                                                         <br>
                                                     {% endif %}
-                                            {% comment %}
-                                            TODO INCLUDE DATA TYPE ALONG PID
-                                            {% endcomment %}
                                             {% endfor %}
                                         </td>
                                     </tr>
diff --git a/dogui/dogui/templates/UI/_footer.html b/dogui/dogui/templates/UI/_footer.html
index b438266..e9188f0 100644
--- a/dogui/dogui/templates/UI/_footer.html
+++ b/dogui/dogui/templates/UI/_footer.html
@@ -9,6 +9,6 @@
         <img src="{% static 'dogui/style/CLARIN-Logo_4C14pure3_noextraneouscanvas.png' %}"
              alt='CLARIN ERIC logo'></a>{# @formatter:on #}
     <a title='contacting us'
-       href='/contacting'>&#128236; Contacting us</a>
+       href='/contact'>&#128236; Contacting us</a>
 </div>
 {% endblock footer %}
\ No newline at end of file
diff --git a/dogui/dogui/templates/UI/_header.html b/dogui/dogui/templates/UI/_header.html
deleted file mode 100644
index 79be55b..0000000
--- a/dogui/dogui/templates/UI/_header.html
+++ /dev/null
@@ -1,12 +0,0 @@
-{% block header %}
-<div id='header'
-     class='periphery'
-     role='navigation'>
-    <div id='brand'>
-        <a href='/'><span>Digital Object Gateway</span></a>
-    </div>
-    <div id='menu'>
-
-    </div>
-</div>
-{% endblock header %}
diff --git a/dogui/dogui/templates/UI/_navbar.html b/dogui/dogui/templates/UI/_navbar.html
new file mode 100644
index 0000000..261b6be
--- /dev/null
+++ b/dogui/dogui/templates/UI/_navbar.html
@@ -0,0 +1,21 @@
+{% block navbar %}
+<div id='header'
+         class='periphery'
+         role='navigation'>
+    <div id='brand'>
+        <a href='/'><span>Digital Object Gateway</span></a>
+    </div>
+    <div id='menu'>
+        <a class='{% if view == "home" or view == "sniff" or view == "fetch" or view == "ispid" %}active{% endif %}'
+           href='/'>DOG</a>
+        {% if DTR_ENABLED %}
+            <a class='{% if view == "dtr" %}active{% endif %}'
+                href='/dtr'>DTR</a>
+        {% endif %}
+        <a class='{% if view == "about" %}active{% endif %}'
+           href='/about'>About</a>
+        <a class='{% if view == "contact" %}active{% endif %}'
+           href='/contact'>Contact</a>
+    </div>
+</div>
+{% endblock navbar %}
diff --git a/dogui/dogui/views_ui.py b/dogui/dogui/views_ui.py
index 5b3dcc4..bb384de 100644
--- a/dogui/dogui/views_ui.py
+++ b/dogui/dogui/views_ui.py
@@ -11,6 +11,7 @@
 
 logging.config.dictConfig(settings.LOGGING)
 API_NETLOC = settings.API_NETLOC
+DTR_ENABLED = settings.DTR_ENABLED
 
 
 def home(request: HttpRequest) -> HttpResponse:
@@ -22,6 +23,7 @@ def home(request: HttpRequest) -> HttpResponse:
                                             verify=settings.VERIFY_SSL)
 
     context.push({"repos_status": all_repo_status_response.json()})
+    context.push({"DTR_ENABLED": DTR_ENABLED})
 
     if pid_form.is_valid():
         context.push({"pid_form": pid_form})
@@ -36,21 +38,41 @@ def home(request: HttpRequest) -> HttpResponse:
         #     api_url += "&use_dtr=" + use_dtr
 
         api_response = requests.get(api_url, verify=settings.VERIFY_SSL)
-        logging.critical("API RESPONSE")
-        logging.critical(api_response)
-        if functionality == 'expanddatatype':
-            taxonomy_tree = TaxonomyTree(api_response.json())
-            context.push({"taxonomy_tree": taxonomy_tree})
-        else:
-            context.push({f"{functionality}_response": api_response.json()})
 
+        #TODO move DTR to separate application
+        # if functionality == 'expanddatatype':
+        #     taxonomy_tree = TaxonomyTree(api_response.json())
+        #     context.push({"taxonomy_tree": taxonomy_tree})
+        # else:
+        #     context.push({f"{functionality}_response": api_response.json()})
+
+        context.push({f"{functionality}_response": api_response.json()})
+
+        context.push({"view": functionality})
         return render(request, f"UI/_{functionality}.html", context.flatten())
     else:
         pid_form: PIDForm = PIDForm(initial={'functionality_field': 'sniff'})
         context.push({"pid_form": pid_form})
+        context.push({"view": "home"})
         return render(request, "UI/_content.html", context.flatten())
 
 
 def about(request: HttpRequest) -> HttpResponse:
     context: RequestContext = RequestContext(request)
+    context.push({"view": "about"})
+    context.push({"DTR_ENABLED": DTR_ENABLED})
     return render(request, "UI/_about.html", context.flatten())
+
+
+def contact(request: HttpRequest) -> HttpResponse:
+    context: RequestContext = RequestContext(request)
+    context.push({"view": "contact"})
+    context.push({"DTR_ENABLED": DTR_ENABLED})
+    return render(request, "UI/_contact.html", context.flatten())
+
+
+def dtr(request: HttpRequest) -> HttpResponse:
+    context: RequestContext = RequestContext(request)
+    context.push({"view": "dtr"})
+    context.push({"DTR_ENABLED": DTR_ENABLED})
+    return render(request, "UI/_dtr.html", context.flatten())
diff --git a/pyproject.toml b/pyproject.toml
index e500126..55d321f 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -26,12 +26,15 @@ homepage = ""
 repository = "https://github.com/clarin-eric/DOGapp/"
 
 [tool.poetry.dependencies]
-doglib = { url = "https://github.com/clarin-eric/DOGlib/releases/download/1.0.10-a2/doglib-1.0.10a2-py3-none-any.whl" }
-Django = '4.2.15'
+# CLARIN DOGlib
+doglib = { url = "https://github.com/clarin-eric/DOGlib/releases/download/1.0.10/doglib-1.0.10-py3-none-any.whl" }
+# 3rd party
+Django = '4.2.16'
 django-cors-headers = '4.4.0'
 django-debug-toolbar = '4.4.6'
 djangorestframework = '3.15.2'
 drf-spectacular = "0.27.2"
+fontawesomefree = "6.6.0"
 python = '>=3.11.*,<4.0'
 pymemcache = '4.0.0'
 requests = '2.32.3'