Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UPLOAD-1695 Show upload status of file in info #475

Merged
merged 51 commits into from
Sep 17, 2024
Merged

UPLOAD-1695 Show upload status of file in info #475

merged 51 commits into from
Sep 17, 2024

Conversation

thetif
Copy link
Contributor

@thetif thetif commented Sep 5, 2024
edited
Loading

  • added upload_status to the /info/ endpoint

  • added a pause/resume button to the progress bar section

  • updated the client to handle the different upload statuses

    • Initialized
      • shows the form as usual
      • once the upload starts
        • hides the form
        • shows the progress bar
        • shows the pause/resume button
        • shows the file info section
    • In Progress
      • checks if the client is the one uploading the file
        • if not
          • shows the file info section
        • if yes
          • shows the resume upload form
          • shows the file info section
          • once the upload resumes
            • hides the form
            • shows the progress bar
            • shows the pause/resume button
      • Complete/default
        • shows the file info section

@thetif thetif marked this pull request as ready for review September 6, 2024 13:19
@thetif thetif marked this pull request as draft September 6, 2024 13:29
thetif and others added 23 commits September 9, 2024 16:38
@thetif
added viewport definition to index.html
236261d
@thetif
pulled in the latest from main
14f58ec
@thetif
fixed merge issue
1b2c3dc
@thetif
trying to remove unnecessary changes to see if that resolves upload v…
a2d4c61 
…alidation error
@thetif
pulled in branch code
54168c3
@thetif
Merge branch 'main' of github.com:CDCgov/data-exchange-upload into UP…
5e2c6c6 
…LOAD-1695/file-upload-status
@thetif
pushing the info result to the upload template
479f644
@Sun-Mountain
header for status
bcfb856
@Sun-Mountain
merge conflicts resolved
903b6f9
@Sun-Mountain
show info
3c08778
@thetif
rewriting the tus script
1a9ac79
@thetif
Merge branch 'UPLOAD-1695/file-upload-status' of github.com:CDCgov/da…
19751eb 
…ta-exchange-upload into UPLOAD-1695/file-upload-status
@thetif
messing with styles
01d5756
@thetif
changes to format of file info section on upload page
af7313d
@thetif
fixed lastChunkReceived bug in the upload status code
3d0c27f
@thetif
added ability to update upload status and last chunk received because…
d0bf314 
… the page is not dynamic
@Sun-Mountain
ui changes
0364ad4
@Sun-Mountain
fix merge conflicts
d3c68cc
@thetif
fixing date locality issue
9d4f40a
@thetif
Merge branch 'UPLOAD-1695/file-upload-status' of github.com:CDCgov/da…
2696daf 
…ta-exchange-upload into UPLOAD-1695/file-upload-status
@Sun-Mountain
updated order
6cea63d
@thetif
tweaks
ffb4992
@Sun-Mountain
add buttons and styling
40be3de
@thetif thetif marked this pull request as ready for review September 16, 2024 19:32
cfarmer-fearless
cfarmer-fearless requested changes Sep 17, 2024
View reviewed changes
Copy link
Contributor

@cfarmer-fearless cfarmer-fearless left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor changes, but looks excellent overall

upload-server/internal/ui/assets/tusclient.js Outdated Show resolved Hide resolved
upload-server/internal/ui/ui.go Outdated Show resolved Hide resolved
upload-server/cmd/cli/info.go Outdated Show resolved Hide resolved
@cfarmer-fearless
Copy link
Contributor

cfarmer-fearless commented Sep 17, 2024
edited
Loading

Seeing this error on initial load of the upload status page
image
Edit: I tried a second time and I think it worked as expected.

@cfarmer-fearless
Copy link
Contributor

All of the values here are being capitalized. They probably don't need to be manipulated.
image

@cfarmer-fearless
Copy link
Contributor

cfarmer-fearless commented Sep 17, 2024
edited
Loading

Got this error when resuming an upload. This usually means the client tried to create a new upload with an empty manifest instead of resume one
image
Edit: Weird, I got this error but the upload did indeed resume and finish.

@cfarmer-fearless
Copy link
Contributor

Can probs have some better formatting for the file size
image

@cfarmer-fearless
Copy link
Contributor

Looks like this is showing the current file size based on how many bytes have been uploaded. Can be a future improvement to show total file size here and maybe current number of bytes sent in another place
image

@cfarmer-fearless
Copy link
Contributor

The transition from in progress to complete is a bit jumpy IMO. Again, something else we can iterate on. I think it would be interesting to see how much normal CSS transitions and animations could improve things

cyber-decker
cyber-decker reviewed Sep 17, 2024
View reviewed changes
upload-server/internal/ui/upload.tmpl Outdated
/>
</div>
<div class="input-container">
<label>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We may need an alternative way of labeling here. The accessible name and the button name don't exactly match. I don't think it's necessary to put a Label on the button. For accessibility purposes, the label will override the button text. The accessible name for this button is now "Metadata JSON Object Note: File name will be inferred from each file Choose File: No file chosen".

@fortify-pr-scan fortify-pr-scan
Copy link

Fortify Scan Results

🔴 Status: ❌ Failed (Critical Issues)

Summary

  • 🚨 Critical Issues: 4
  • 🛑 High Issues: 1
  • ⚠️ Medium Issues: 0
  • 🔍 Low Issues: 1

🛠 Action Required

Please address the identified vulnerabilities before merging this pull request.

Expand the "Detailed Results" section below for more information.

Detailed Results

📂 Scanned Path(s)

upload-server

📊 Detailed Scan Results


sourceanalyzer is installed.
FPRUtility is installed.
fortifyclient is installed.
Using Fortify Source Analyzer to scan the code from upload-server. Results will be upload-server.fpr.
Printing the results using Fortify FPRUtility, FPRUtility summarizes and translate results.
Summary of all issues:

Issue counts by category:

 "Cross-Site Request Forgery" => 1 Issues
     internal/ui/index.html:17 (content)
 "Cross-Site Scripting: DOM" => 1 Issues
     internal/ui/assets/tusclient.js:161 (dataflow)
 "Dockerfile Misconfiguration: Default User Privilege" => 1 Issues
     Dockerfile:1 (configuration)
 "Insecure Transport" => 2 Issues
     cmd/main.go:141 (semantic)
     internal/ui/ui.go:261 (semantic)
 "Open Redirect" => 1 Issues
     internal/ui/ui.go:179 (dataflow)

Total for all categories => 6 Issues

****************************************************
Number of critical issues:
4 issues of 4 matched search query.

Issue counts by category:

 "Cross-Site Scripting: DOM" => 1 Issues
     internal/ui/assets/tusclient.js:161 (Data Flow)
 "Insecure Transport" => 2 Issues
     cmd/main.go:141 (Semantic)
     internal/ui/ui.go:261 (Semantic)
 "Open Redirect" => 1 Issues
     internal/ui/ui.go:179 (Data Flow)

Total for all categories => 4 Issues

****************************************************
Number of high issues:
1 issues of 1 matched search query.

Issue counts by category:

 "Dockerfile Misconfiguration: Default User Privilege" => 1 Issues
     Dockerfile:1 (Configuration)

Total for all categories => 1 Issues

****************************************************
Number of medium issues:
No issues matched search query.
****************************************************
Number of low issues:
1 issues of 1 matched search query.

Issue counts by category:

 "Cross-Site Request Forgery" => 1 Issues
     internal/ui/index.html:17 (Content)

Total for all categories => 1 Issues

@fortify-pr-scan fortify-pr-scan
Copy link

Fortify Scan Results

🔴 Status: ❌ Failed (Critical Issues)

Summary

  • 🚨 Critical Issues: 4
  • 🛑 High Issues: 1
  • ⚠️ Medium Issues: 0
  • 🔍 Low Issues: 1

🛠 Action Required

Please address the identified vulnerabilities before merging this pull request.

Expand the "Detailed Results" section below for more information.

Detailed Results

📂 Scanned Path(s)

upload-server

📊 Detailed Scan Results


sourceanalyzer is installed.
FPRUtility is installed.
fortifyclient is installed.
Using Fortify Source Analyzer to scan the code from upload-server. Results will be upload-server.fpr.
Printing the results using Fortify FPRUtility, FPRUtility summarizes and translate results.
Summary of all issues:

Issue counts by category:

 "Cross-Site Request Forgery" => 1 Issues
     internal/ui/index.html:17 (content)
 "Cross-Site Scripting: DOM" => 1 Issues
     internal/ui/assets/tusclient.js:161 (dataflow)
 "Dockerfile Misconfiguration: Default User Privilege" => 1 Issues
     Dockerfile:1 (configuration)
 "Insecure Transport" => 2 Issues
     cmd/main.go:141 (semantic)
     internal/ui/ui.go:261 (semantic)
 "Open Redirect" => 1 Issues
     internal/ui/ui.go:179 (dataflow)

Total for all categories => 6 Issues

****************************************************
Number of critical issues:
4 issues of 4 matched search query.

Issue counts by category:

 "Cross-Site Scripting: DOM" => 1 Issues
     internal/ui/assets/tusclient.js:161 (Data Flow)
 "Insecure Transport" => 2 Issues
     cmd/main.go:141 (Semantic)
     internal/ui/ui.go:261 (Semantic)
 "Open Redirect" => 1 Issues
     internal/ui/ui.go:179 (Data Flow)

Total for all categories => 4 Issues

****************************************************
Number of high issues:
1 issues of 1 matched search query.

Issue counts by category:

 "Dockerfile Misconfiguration: Default User Privilege" => 1 Issues
     Dockerfile:1 (Configuration)

Total for all categories => 1 Issues

****************************************************
Number of medium issues:
No issues matched search query.
****************************************************
Number of low issues:
1 issues of 1 matched search query.

Issue counts by category:

 "Cross-Site Request Forgery" => 1 Issues
     internal/ui/index.html:17 (Content)

Total for all categories => 1 Issues

@thetif
changed the refresh back to location.reload for security, updated css…
b42bec9 
… to not show border-top on file details if the form is hidden
@fortify-pr-scan fortify-pr-scan
Copy link

Fortify Scan Results

🔴 Status: ❌ Failed (Critical Issues)

Summary

  • 🚨 Critical Issues: 3
  • 🛑 High Issues: 1
  • ⚠️ Medium Issues: 0
  • 🔍 Low Issues: 1

🛠 Action Required

Please address the identified vulnerabilities before merging this pull request.

Expand the "Detailed Results" section below for more information.

Detailed Results

📂 Scanned Path(s)

upload-server

📊 Detailed Scan Results


sourceanalyzer is installed.
FPRUtility is installed.
fortifyclient is installed.
Using Fortify Source Analyzer to scan the code from upload-server. Results will be upload-server.fpr.
Printing the results using Fortify FPRUtility, FPRUtility summarizes and translate results.
Summary of all issues:

Issue counts by category:

 "Cross-Site Request Forgery" => 1 Issues
     internal/ui/index.html:17 (content)
 "Dockerfile Misconfiguration: Default User Privilege" => 1 Issues
     Dockerfile:1 (configuration)
 "Insecure Transport" => 2 Issues
     cmd/main.go:141 (semantic)
     internal/ui/ui.go:261 (semantic)
 "Open Redirect" => 1 Issues
     internal/ui/ui.go:179 (dataflow)

Total for all categories => 5 Issues

****************************************************
Number of critical issues:
3 issues of 3 matched search query.

Issue counts by category:

 "Insecure Transport" => 2 Issues
     cmd/main.go:141 (Semantic)
     internal/ui/ui.go:261 (Semantic)
 "Open Redirect" => 1 Issues
     internal/ui/ui.go:179 (Data Flow)

Total for all categories => 3 Issues

****************************************************
Number of high issues:
1 issues of 1 matched search query.

Issue counts by category:

 "Dockerfile Misconfiguration: Default User Privilege" => 1 Issues
     Dockerfile:1 (Configuration)

Total for all categories => 1 Issues

****************************************************
Number of medium issues:
No issues matched search query.
****************************************************
Number of low issues:
1 issues of 1 matched search query.

Issue counts by category:

 "Cross-Site Request Forgery" => 1 Issues
     internal/ui/index.html:17 (Content)

Total for all categories => 1 Issues

@thetif thetif merged commit 78b0695 into main Sep 17, 2024
3 checks passed
@thetif thetif deleted the UPLOAD-1695/file-upload-status branch September 17, 2024 21:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cfarmer-fearless cfarmer-fearless cfarmer-fearless approved these changes

@whytheplatypus whytheplatypus Awaiting requested review from whytheplatypus

@cyber-decker cyber-decker Awaiting requested review from cyber-decker

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@thetif @cfarmer-fearless @cyber-decker @Sun-Mountain