Release/2.4.4

.bumpversion.cfg

@@ -1,7 +1,7 @@
 [bumpversion]
 commit = False
 tag = False
-current_version = 2.4.3
+current_version = 2.4.4
 
 [bumpversion:file:README.rst]
 

.github/workflows/oaf-check.yml

@@ -0,0 +1,23 @@
+name: Check Open API Framework Version
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '36 0 * * 0'
+
+jobs:
+  run:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+      - name: Install dependencies
+        run: pip install -U pip-tools
+      - name: Run compile dependencies
+        run: ./bin/compile_dependencies.sh --upgrade-package open-api-framework
+
+      - name: Check git diff
+        run: git diff --exit-code -- requirements/*.txt

CHANGELOG.rst

@@ -2,11 +2,35 @@
 Change history
 ==============
 
+3.0.0 (WIP)
+-----------
+
+**Breaking changes**
+
+* dropped support for v1 endpoints (#453)
+
+
+2.4.4 (2024-10-01)
+------------------
+
+**Bugfixes and QOL**
+
+* fixed CSP errors on the OAS page (#458)
+* fixed OIDC login by making SameSite setting lax (#458)
+* fixed adding permissions in the Admin (#449)
+* fixed ``NOTIFICATIONS_DISABLED`` setting (#452)
+
+**Project maintenance**
+
+* added CI action to check if OAF is up-to-date (#443)
+
+
 2.4.3 (2024-09-18)
 ------------------
 
 **New features**
 
+* added an endpoint to retrieve a specific object version (#328)
 * supported the `in` operator in `data_attrs` to match one element (#414)
 
 **Bugfixes and QOL**
@@ -15,9 +39,9 @@ Change history
 * fixed 2FA app title (#442)
 * bumped setuptools and npm dependencies (#441)
 
-**Project maintaince**
+**Project maintenance**
 
-* disabled cofiguration steps by default (#446)
+* disabled configuration steps by default (#446)
 * increase default values for uwsgi processes and threads (#448)
 
 .. warning::

README.NL.rst

@@ -2,7 +2,7 @@
 Objecten API
 ============
 
-:Version: 2.4.3
+:Version: 2.4.4
 :Source: https://github.com/maykinmedia/objecttypes-api
 :Keywords: objecten, assets, zaakobjecten
 
@@ -38,10 +38,10 @@ Versie          Release datum   API specificatie
 ==============  ==============  =============================
 latest          n/a             `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/master/src/objects/api/v2/openapi.yaml>`_,
                                 `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/master/src/objects/api/v2/openapi.yaml>`_,
-                                (`verschillen <https://github.com/maykinmedia/objects-api/compare/2.4.3..master#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
-2.4.3           2024-03-22      `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.3/src/objects/api/v2/openapi.yaml>`_,
-                                `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.3/src/objects/api/v2/openapi.yaml>`_
-                                (`verschillen <https://github.com/maykinmedia/objects-api/compare/2.3.0..2.4.3#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
+                                (`verschillen <https://github.com/maykinmedia/objects-api/compare/2.4.4..master#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
+2.4.4           2024-03-22      `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.4/src/objects/api/v2/openapi.yaml>`_,
+                                `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.4/src/objects/api/v2/openapi.yaml>`_
+                                (`verschillen <https://github.com/maykinmedia/objects-api/compare/2.3.0..2.4.4#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
 2.3.0           2024-03-15      `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.3.0/src/objects/api/v2/openapi.yaml>`_,
                                 `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.3.0/src/objects/api/v2/openapi.yaml>`_
                                 (`verschillen <https://github.com/maykinmedia/objects-api/compare/2.2.1..2.3.0#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)

README.rst

@@ -2,7 +2,7 @@
 Objects API
 ===========
 
-:Version: 2.4.3
+:Version: 2.4.4
 :Source: https://github.com/maykinmedia/objects-api
 :Keywords: objects, assets, zaakobjecten
 
@@ -36,10 +36,10 @@ Version         Release date    API specification
 ==============  ==============  =============================
 latest          n/a             `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/master/src/objects/api/v2/openapi.yaml>`_,
                                 `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/master/src/objects/api/v2/openapi.yaml>`_,
-                                (`diff <https://github.com/maykinmedia/objects-api/compare/2.4.3..master#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
-2.4.3           2024-03-22      `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.3/src/objects/api/v2/openapi.yaml>`_,
-                                `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.3/src/objects/api/v2/openapi.yaml>`_
-                                (`diff <https://github.com/maykinmedia/objects-api/compare/2.3.0..2.4.3#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
+                                (`diff <https://github.com/maykinmedia/objects-api/compare/2.4.4..master#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
+2.4.4           2024-03-22      `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.4/src/objects/api/v2/openapi.yaml>`_,
+                                `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.4/src/objects/api/v2/openapi.yaml>`_
+                                (`diff <https://github.com/maykinmedia/objects-api/compare/2.3.0..2.4.4#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)
 2.3.0           2024-03-15      `ReDoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.3.0/src/objects/api/v2/openapi.yaml>`_,
                                 `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.3.0/src/objects/api/v2/openapi.yaml>`_
                                 (`diff <https://github.com/maykinmedia/objects-api/compare/2.2.1..2.3.0#diff-b9c28fec6c3f3fa5cff870d24601d6ab7027520f3b084cc767aefd258cb8c40a>`_)

docs/api/index.rst

@@ -14,9 +14,9 @@ API                     Specification version(s)
                         `Redoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objecttypes-api/2.0.0/src/objecttypes/api/v2/openapi.yaml>`__,
                         `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objecttypes-api/2.0.0/src/objecttypes/api/v2/openapi.yaml>`__
                         )
-`Objects API`_          2.4.3 (
-                        `Redoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.3/src/objects/api/v2/openapi.yaml>`__,
-                        `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.3/src/objects/api/v2/openapi.yaml>`__
+`Objects API`_          2.4.4 (
+                        `Redoc <https://redocly.github.io/redoc/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.4/src/objects/api/v2/openapi.yaml>`__,
+                        `Swagger <https://petstore.swagger.io/?url=https://raw.githubusercontent.com/maykinmedia/objects-api/2.4.4/src/objects/api/v2/openapi.yaml>`__
                         )
 ======================  ==========================================
 

docs/installation/config.rst

@@ -16,7 +16,7 @@ Available environment variables
 Required
 --------
 
-* ``SECRET_KEY``: Secret key that's used for certain cryptographic utilities. You should generate one via `miniwebtool <https://www.miniwebtool.com/django-secret-key-generator>`_.
+* ``SECRET_KEY``: Secret key that's used for certain cryptographic utilities. .
 * ``ALLOWED_HOSTS``: a comma separated (without spaces!) list of domains that serve the installation. Used to protect against Host header attacks. Defaults to: ``(empty string)``.
 * ``CACHE_DEFAULT``: redis cache address for the default cache (this **MUST** be set when using Docker). Defaults to: ``localhost:6379/0``.
 * ``CACHE_AXES``: redis cache address for the brute force login protection cache (this **MUST** be set when using Docker). Defaults to: ``localhost:6379/0``.
@@ -86,7 +86,7 @@ Optional
 * ``LOG_LEVEL``: control the verbosity of logging output. Available values are ``CRITICAL``, ``ERROR``, ``WARNING``, ``INFO`` and ``DEBUG``. Defaults to: ``WARNING``.
 * ``LOG_QUERIES``: enable (query) logging at the database backend level. Note that you must also set ``DEBUG=1``, which should be done very sparingly!. Defaults to: ``False``.
 * ``LOG_REQUESTS``: enable logging of the outgoing requests. Defaults to: ``False``.
-* ``SESSION_COOKIE_SAMESITE``: The value of the SameSite flag on the session cookie. This flag prevents the cookie from being sent in cross-site requests thus preventing CSRF attacks and making some methods of stealing session cookie impossible. Defaults to: ``Strict``.
+* ``SESSION_COOKIE_SAMESITE``: The value of the SameSite flag on the session cookie. This flag prevents the cookie from being sent in cross-site requests thus preventing CSRF attacks and making some methods of stealing session cookie impossible.Currently interferes with OIDC. Keep the value set at Lax if used. Defaults to: ``Lax``.
 * ``CSRF_COOKIE_SAMESITE``: The value of the SameSite flag on the CSRF cookie. This flag prevents the cookie from being sent in cross-site requests. Defaults to: ``Strict``.
 * ``ENVIRONMENT``: An identifier for the environment, displayed in the admin depending on the settings module used and included in the error monitoring (see ``SENTRY_DSN``). The default is set according to ``DJANGO_SETTINGS_MODULE``.
 * ``SUBPATH``: If hosted on a subpath, provide the value here. If you provide ``/gateway``, the component assumes its running at the base URL: ``https://somedomain/gateway/``. Defaults to an empty string. Defaults to: ``None``.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "objects",
-  "version": "2.4.3",
+  "version": "2.4.4",
   "description": "objects project",
   "main": "src/objects/static/bundles/objects-js.js",
   "directories": {

publiccode.yaml

@@ -7,7 +7,7 @@ publiccodeYmlVersion: '0.2'
 name: Objects API
 url: 'http://github.com/maykinmedia/objects-api.git'
 softwareType: standalone/backend
-softwareVersion: 2.4.3
+softwareVersion: 2.4.4
 releaseDate: '2021-01-13'
 logo: 'https://github.com/maykinmedia/objects-api/blob/master/docs/logo.png'
 platforms:

requirements/base.txt

@@ -97,6 +97,7 @@ django==4.2.15
     #   djangorestframework-inclusions
     #   drf-nested-routers
     #   drf-spectacular
+    #   drf-spectacular-sidecar
     #   drf-yasg
     #   maykin-2fa
     #   mozilla-django-oidc
@@ -177,8 +178,12 @@ djangorestframework-inclusions==1.2.0
     # via open-api-framework
 drf-nested-routers==0.93.3
     # via commonground-api-common
-drf-spectacular==0.27.2
-    # via open-api-framework
+drf-spectacular[sidecar]==0.27.2
+    # via
+    #   drf-spectacular
+    #   open-api-framework
+drf-spectacular-sidecar==2024.7.1
+    # via drf-spectacular
 drf-yasg==1.21.7
     # via commonground-api-common
 ecs-logging==2.1.0
@@ -238,7 +243,7 @@ notifications-api-common==0.2.2
     # via
     #   -r requirements/base.in
     #   commonground-api-common
-open-api-framework==0.8.0
+open-api-framework==0.8.1
     # via -r requirements/base.in
 orderedmultidict==1.0.1
     # via furl

requirements/ci.txt

@@ -139,6 +139,7 @@ django==4.2.15
     #   djangorestframework-inclusions
     #   drf-nested-routers
     #   drf-spectacular
+    #   drf-spectacular-sidecar
     #   drf-yasg
     #   maykin-2fa
     #   mozilla-django-oidc
@@ -271,10 +272,15 @@ drf-nested-routers==0.93.3
     # via
     #   -r requirements/base.txt
     #   commonground-api-common
-drf-spectacular==0.27.2
+drf-spectacular[sidecar]==0.27.2
     # via
     #   -r requirements/base.txt
+    #   drf-spectacular
     #   open-api-framework
+drf-spectacular-sidecar==2024.7.1
+    # via
+    #   -r requirements/base.txt
+    #   drf-spectacular
 drf-yasg==1.21.7
     # via
     #   -r requirements/base.txt
@@ -381,7 +387,7 @@ notifications-api-common==0.2.2
     # via
     #   -r requirements/base.txt
     #   commonground-api-common
-open-api-framework==0.8.0
+open-api-framework==0.8.1
     # via -r requirements/base.txt
 orderedmultidict==1.0.1
     # via

requirements/dev.txt

@@ -161,6 +161,7 @@ django==4.2.15
     #   djangorestframework-inclusions
     #   drf-nested-routers
     #   drf-spectacular
+    #   drf-spectacular-sidecar
     #   drf-yasg
     #   maykin-2fa
     #   mozilla-django-oidc
@@ -303,10 +304,15 @@ drf-nested-routers==0.93.3
     # via
     #   -r requirements/ci.txt
     #   commonground-api-common
-drf-spectacular==0.27.2
+drf-spectacular[sidecar]==0.27.2
     # via
     #   -r requirements/ci.txt
+    #   drf-spectacular
     #   open-api-framework
+drf-spectacular-sidecar==2024.7.1
+    # via
+    #   -r requirements/ci.txt
+    #   drf-spectacular
 drf-yasg==1.21.7
     # via
     #   -r requirements/ci.txt
@@ -430,7 +436,7 @@ notifications-api-common==0.2.2
     # via
     #   -r requirements/ci.txt
     #   commonground-api-common
-open-api-framework==0.8.0
+open-api-framework==0.8.1
     # via -r requirements/ci.txt
 orderedmultidict==1.0.1
     # via

src/objects/__init__.py

@@ -1,6 +1,6 @@
 from .celery import app as celery_app
 
 __all__ = ("celery_app",)
-__version__ = "2.4.3"
+__version__ = "2.4.4"
 __author__ = "Maykin Media"
 __homepage__ = "https://github.com/maykinmedia/objects-api"

src/objects/api/v2/openapi.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.3
 info:
   title: Objects API
-  version: 2.4.3 (v2)
+  version: 2.4.4 (v2)
   description: |
     An API to manage Objects.
 

src/objects/conf/api.py

@@ -1,7 +1,5 @@
-from vng_api_common.conf.api import *  # noqa - imports white-listed
-
-API_VERSION = "2.4.3"
-VERSIONS = {"v1": "1.3.0", "v2": "2.4.3"}
+API_VERSION = "2.4.4"
+VERSIONS = {"v1": "1.3.0", "v2": "2.4.4"}
 
 # api settings
 REST_FRAMEWORK = {
@@ -89,6 +87,7 @@
 """
 
 SPECTACULAR_SETTINGS = {
+    "REDOC_DIST": "SIDECAR",
     "SCHEMA_PATH_PREFIX": r"/api/v[1-9]+",
     "SCHEMA_PATH_PREFIX_TRIM": True,
     "TITLE": "Objects API",

src/objects/token/admin.py

@@ -52,6 +52,10 @@ def get_data_field_choices(self):
             except requests.JSONDecodeError:
                 continue
 
+            # TODO: remove check once API V1 is removed
+            if "results" in response_data:
+                response_data = response_data["results"]
+
             # use only first level of properties
             data_fields[object_type.id] = {
                 version["version"]: {