@openneuro/server 4.47.3 → 4.47.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@openneuro/server",
|
|
3
|
-
"version": "4.47.
|
|
3
|
+
"version": "4.47.4",
|
|
4
4
|
"description": "Core service for the OpenNeuro platform.",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"main": "src/server.js",
|
|
@@ -21,7 +21,7 @@
|
|
|
21
21
|
"@elastic/elasticsearch": "8.13.1",
|
|
22
22
|
"@graphql-tools/schema": "^10.0.0",
|
|
23
23
|
"@keyv/redis": "^4.5.0",
|
|
24
|
-
"@openneuro/search": "^4.47.
|
|
24
|
+
"@openneuro/search": "^4.47.4",
|
|
25
25
|
"@sentry/node": "^10.37.0",
|
|
26
26
|
"@sentry/profiling-node": "^10.37.0",
|
|
27
27
|
"base64url": "^3.0.0",
|
|
@@ -89,5 +89,5 @@
|
|
|
89
89
|
"publishConfig": {
|
|
90
90
|
"access": "public"
|
|
91
91
|
},
|
|
92
|
-
"gitHead": "
|
|
92
|
+
"gitHead": "fee430e60d713799a1c304676d0eaa758fa578ff"
|
|
93
93
|
}
|
|
@@ -7,11 +7,53 @@ function isValidOrcid(orcid: string): boolean {
|
|
|
7
7
|
return /^[0-9]{4}-[0-9]{4}-[0-9]{4}-[0-9]{3}[0-9X]$/.test(orcid || "")
|
|
8
8
|
}
|
|
9
9
|
|
|
10
|
+
// TODO - Use GraphQL codegen
|
|
11
|
+
type GraphQLUserType = {
|
|
12
|
+
id: string
|
|
13
|
+
provider: "orcid" | "google"
|
|
14
|
+
avatar: string
|
|
15
|
+
orcid: string
|
|
16
|
+
created: Date
|
|
17
|
+
modified: Date
|
|
18
|
+
lastSeen: Date
|
|
19
|
+
email: string
|
|
20
|
+
name: string
|
|
21
|
+
admin: boolean
|
|
22
|
+
blocked: boolean
|
|
23
|
+
location: string
|
|
24
|
+
institution: string
|
|
25
|
+
github: string
|
|
26
|
+
githubSynced: Date
|
|
27
|
+
links: [string]
|
|
28
|
+
notifications: [Record<string, unknown>]
|
|
29
|
+
orcidConsent: boolean
|
|
30
|
+
}
|
|
31
|
+
|
|
10
32
|
export async function user(
|
|
11
33
|
obj,
|
|
12
34
|
{ id },
|
|
13
35
|
{ userInfo }: { userInfo?: Record<string, unknown> } = {},
|
|
14
|
-
) {
|
|
36
|
+
): Promise<Partial<GraphQLUserType> | null> {
|
|
37
|
+
if (userInfo.reviewer) {
|
|
38
|
+
const oneWeekAgo = new Date()
|
|
39
|
+
oneWeekAgo.setDate(oneWeekAgo.getDate() - 7)
|
|
40
|
+
return {
|
|
41
|
+
id: "reviewer",
|
|
42
|
+
name: "Anonymous Reviewer",
|
|
43
|
+
email: "reviewer@openneuro.org",
|
|
44
|
+
provider: "orcid",
|
|
45
|
+
orcid: "0000-0000-0000-0000",
|
|
46
|
+
admin: false,
|
|
47
|
+
blocked: false,
|
|
48
|
+
location: "",
|
|
49
|
+
institution: "",
|
|
50
|
+
orcidConsent: true,
|
|
51
|
+
created: oneWeekAgo,
|
|
52
|
+
lastSeen: new Date(),
|
|
53
|
+
modified: oneWeekAgo,
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
|
|
15
57
|
let user
|
|
16
58
|
if (isValidOrcid(id)) {
|
|
17
59
|
user = await User.findOne({
|
|
@@ -189,7 +231,12 @@ export const setBlocked = (obj, { id, blocked }, { userInfo }) => {
|
|
|
189
231
|
export const updateUser = async (
|
|
190
232
|
obj,
|
|
191
233
|
{ id, location, institution, links, orcidConsent },
|
|
234
|
+
{ userInfo },
|
|
192
235
|
) => {
|
|
236
|
+
if (!userInfo) {
|
|
237
|
+
throw new Error("You must be logged in to update a user")
|
|
238
|
+
}
|
|
239
|
+
|
|
193
240
|
try {
|
|
194
241
|
let user
|
|
195
242
|
|
|
@@ -205,6 +252,11 @@ export const updateUser = async (
|
|
|
205
252
|
throw new Error("User not found")
|
|
206
253
|
}
|
|
207
254
|
|
|
255
|
+
// Only allow users to update their own profile, or admins to update any
|
|
256
|
+
if (user.id !== userInfo.id && !userInfo.admin) {
|
|
257
|
+
throw new Error("You are not authorized to update this user")
|
|
258
|
+
}
|
|
259
|
+
|
|
208
260
|
// Update user fields (optional values based on provided inputs)
|
|
209
261
|
if (location !== undefined) user.location = location
|
|
210
262
|
if (institution !== undefined) user.institution = institution
|
|
@@ -226,6 +278,11 @@ export const updateUser = async (
|
|
|
226
278
|
export async function notifications(obj, _, { userInfo }) {
|
|
227
279
|
const userId = obj.id
|
|
228
280
|
|
|
281
|
+
// Reviewers never have notifications
|
|
282
|
+
if (userInfo.reviewer) {
|
|
283
|
+
return []
|
|
284
|
+
}
|
|
285
|
+
|
|
229
286
|
// --- authorization ---
|
|
230
287
|
if (!userInfo || (userInfo.id !== userId && !userInfo.admin)) {
|
|
231
288
|
throw new Error("Not authorized to view these notifications.")
|
|
@@ -8,25 +8,33 @@ import * as Sentry from "@sentry/node"
|
|
|
8
8
|
* @param datasetId Dataset to index
|
|
9
9
|
*/
|
|
10
10
|
export function queueIndexDataset(datasetId: string) {
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
11
|
+
try {
|
|
12
|
+
const msg = new ProducibleMessage()
|
|
13
|
+
msg.setQueue(OpenNeuroQueues.INDEXING).setBody({ datasetId })
|
|
14
|
+
producer.produce(msg, (err) => {
|
|
15
|
+
if (err) {
|
|
16
|
+
Sentry.captureException(err)
|
|
17
|
+
}
|
|
18
|
+
})
|
|
19
|
+
} catch (err) {
|
|
20
|
+
Sentry.captureException(err)
|
|
21
|
+
}
|
|
18
22
|
}
|
|
19
23
|
|
|
20
24
|
/**
|
|
21
|
-
* Queue
|
|
22
|
-
* @param datasetId Dataset to
|
|
25
|
+
* Queue data retention check for a dataset
|
|
26
|
+
* @param datasetId Dataset to check
|
|
23
27
|
*/
|
|
24
28
|
export function queueDataRetentionCheck(datasetId: string) {
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
try {
|
|
30
|
+
const msg = new ProducibleMessage()
|
|
31
|
+
msg.setQueue(OpenNeuroQueues.DATARETENTION).setBody({ datasetId })
|
|
32
|
+
producer.produce(msg, (err) => {
|
|
33
|
+
if (err) {
|
|
34
|
+
Sentry.captureException(err)
|
|
35
|
+
}
|
|
36
|
+
})
|
|
37
|
+
} catch (err) {
|
|
38
|
+
Sentry.captureException(err)
|
|
39
|
+
}
|
|
32
40
|
}
|