From 69a9398e61174a8f7c414fa8471d47a8ee0842ed Mon Sep 17 00:00:00 2001 From: Simon Oakes Date: Tue, 19 Jul 2022 13:12:14 +0100 Subject: [PATCH 01/44] Request facets in the negotiated language. --- ldregistry/templates/main/_page-category.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/main/_page-category.vm b/ldregistry/templates/main/_page-category.vm index 99a03b4..9434c97 100644 --- a/ldregistry/templates/main/_page-category.vm +++ b/ldregistry/templates/main/_page-category.vm @@ -5,7 +5,7 @@ #set($state="") #end - #set($fr=$registry.facetService.query($state)) + #set($fr=$registry.facetService.query($state, $language))
From 1516a9175aacf1da2c1825be4b10c240a92970f3 Mon Sep 17 00:00:00 2001 From: Mike Gormley Date: Wed, 7 Dec 2022 10:05:58 +0000 Subject: [PATCH 02/44] CDF-568 Update query example tutorial documentation. (#59) * Documentation changes to the query tutorial. * Add Identifiers documentation link to the footer * Add table and formatting * Add .idea path to .gitignore --- .gitignore | 3 +- ldregistry/templates/about/querying.vm | 88 ++++++++++++++------- ldregistry/templates/structure/_footer.vm | 5 +- ldregistry/ui/assets/js/querying-example.js | 44 +++++++---- ldregistry/ui/css/ui.css | 12 +-- 5 files changed, 100 insertions(+), 52 deletions(-) diff --git a/.gitignore b/.gitignore index 3c02684..ccaf781 100644 --- a/.gitignore +++ b/.gitignore @@ -11,4 +11,5 @@ /derby.log /cookie-jar .vagrant -/war/ROOT.war \ No newline at end of file +/war/ROOT.war +.idea \ No newline at end of file diff --git a/ldregistry/templates/about/querying.vm b/ldregistry/templates/about/querying.vm index 39a9344..86416b4 100644 --- a/ldregistry/templates/about/querying.vm +++ b/ldregistry/templates/about/querying.vm @@ -3,7 +3,7 @@
-

Populate Contents Tutorial

+

Query Registry Contents Tutorial

@@ -11,24 +11,47 @@ within other implementations.

Contents of a registry may be used as structured information. The registry provides a - query endpoint where queries using the W3 SPARQL query language may be run.

+ query endpoint where queries using the + W3C SPARQL query language may be run.

-

For example, JavaScript may be written to target the service query endpoint and - run a query that obtains all the registers and the current version +

For example, JavaScript may be written to target the service query (/system/query) endpoint and + run a query that obtains all the elements within a specific register and the associated labels for each element. 

 let endpoint = "/system/query";
-let query = "prefix version: 
-            prefix reg: 
-            select * where {
-            ?register a reg:Register; version:currentVersion ?regVer.} limit 10"
+let query = "PREFIX rdfs: <http://www.w3.org/2000/01/rdf-schema#>
+                PREFIX reg: <http://purl.org/linked-data/registry#>
+                PREFIX version: <http://purl.org/linked-data/version#>
+                SELECT ?regdef ?label WHERE {
+                ?item reg:register <http://codes.wmo.int/49-2/AerodromeRecentWeather> ;
+                    version:currentVersion/reg:definition/reg:entity ?regdef ;
+                    version:currentVersion ?itemVer .
+                ?regdef rdfs:label ?label . } LIMIT 10"
+
+ +

The query above obtains the identifying URI and associated label text for each member of the + DataCategories/data-types register of terms. +

+ +

There is a SPARQL interface available from the _Advanced_ menu, which you can use to + experiment with queries and responses. You can try copying this query and running it + through the query web interface page, and also adapting query syntax to meet your needs. +

+ +

+ A JavaScript function can be provided to run the query on the endpoint and return + results that may be processed and presented, used in forms, and applied to other aspects of user + interaction. In this example, an HTML div container is created as the location for the output. +

+ +
+    <div id="results"></div>

- A javascript function can be provided to run the query on the end point and return - results that may be processed and presented, used in forms, and applied to other aspects - of user interaction. + This example creates an HTTP Request against the endpoint, checks for an OK (HTTP 200) response, + and sends the response content to a callback method. 

@@ -38,25 +61,25 @@ function sparqlQueryJson(queryStr, endpoint, callback) {
     // Build the request URI
     let requestUri = endpoint + "?query=" + escape(queryStr) + "&output=json";
 
-    // Get our HTTP request object.
+    // Get our HTTP request object
     if (window.XMLHttpRequest) {
         let xhr = new XMLHttpRequest();
         xhr.open('GET', requestUri, true);
 
-        // Set up callback to get the response asynchronously.
+        // Set up callback to get the response asynchronously
         xhr.onreadystatechange = function () {
             if (xhr.readyState === 4) {
                 if (xhr.status === 200) {
                     // Do something with the results
                     callback(xhr.responseText);
                 } else {
-                    // Some kind of error occurred.
+                    // Some kind of error occurred
                     alert("Sparql query error: " + xhr.status + " " + xhr.responseText);
                 }
             }
         };
 
-        // Send the query to the endpoint.
+        // Send the query to the endpoint
         xhr.send();
     } else {
         divResults.innerHTML = "Your browser does not support XMLHttpRequest";
@@ -65,8 +88,10 @@ function sparqlQueryJson(queryStr, endpoint, callback) {

- Defining a callback function in the script to process results provides easy access to - information from the register. + Defining a callback function in the script to process results provides easy access to information + from the register. The JavaScript below loops through the results of the SPARQL query and outputs + them as rows in an HTML table. Actual usage would depend on the context and usage profile, which + is likely not a plain html table of elements but the general principle remains. 

@@ -74,20 +99,28 @@ function myCallback(str) {
     // Convert result to JSON
     let jsonObj = eval('(' + str + ')');
 
-    // Build up a table of results.
+    // Build up a table of results
     let table = document.createElement("table");
     table.className = "table table-striped table-bordered datatable dataTable";
 
+    // Create table head
+    let tableHead = document.createElement("thead");
+    table.appendChild(tableHead);
+
     // Create column headers
-    let tableHeader = document.createElement("tr");
+    let tableHeadRow = document.createElement("tr");
 
     for (let dataColumn of jsonObj.head.vars) {
         let th = document.createElement("th");
         th.appendChild(document.createTextNode(dataColumn));
-        tableHeader.appendChild(th);
+        tableHeadRow.appendChild(th);
     }
 
-    table.appendChild(tableHeader);
+    tableHead.appendChild(tableHeadRow);
+
+    // Create table body
+    let tableBody = document.createElement("tbody");
+    table.appendChild(tableBody);
 
     // Create result rows
     for (let dataRow of jsonObj.results.bindings) {
@@ -100,7 +133,7 @@ function myCallback(str) {
             tableRow.appendChild(td);
         }
 
-        table.appendChild(tableRow);
+        tableBody.appendChild(tableRow);
     }
 
     // Append the table to the results HTML container
@@ -110,7 +143,7 @@ function myCallback(str) {

- Finally, call the sparqlQueryJson method to initiate the query. + Finally, call the sparqlQueryJson method to initiate the query. 

@@ -119,14 +152,13 @@ sparqlQueryJson(query, endpoint, myCallback);
 
 

   Queries may be structured to deliver the information required for a particular use case,
-  based on knowledge of the
-  targeted register information.
+  based on knowledge of the targeted register information.
 

 
 
Example Results

 

-  Results from this example are presented below. 'browse source' on this page to see this
-  working example code set out.
+    Results from this example are presented below.
+    See the full working example.
 

 
 

@@ -134,4 +166,4 @@ sparqlQueryJson(query, endpoint, myCallback);
 

 
 #set($extraJS="querying-example.js")
-#parse("structure/_footer.vm")
\ No newline at end of file
+#parse("structure/_footer.vm")
diff --git a/ldregistry/templates/structure/_footer.vm b/ldregistry/templates/structure/_footer.vm
index 05c1576..2e26c71 100644
--- a/ldregistry/templates/structure/_footer.vm
+++ b/ldregistry/templates/structure/_footer.vm
@@ -8,7 +8,10 @@
           

             
$msg['footer.support.heading']

             

-		Content negotiation  is supported.
+              Documentation regarding Identifiers and how to identify entities contained in the registry.

+            

+            

+              Content negotiation  is supported.
diff --git a/ldregistry/ui/assets/js/querying-example.js b/ldregistry/ui/assets/js/querying-example.js index 8d9cc37..678b80e 100644 --- a/ldregistry/ui/assets/js/querying-example.js +++ b/ldregistry/ui/assets/js/querying-example.js @@ -2,60 +2,72 @@ * Querying Example JavaScript used by the /ui/querying page. */ let endpoint = "/system/query"; -let query = "prefix version: \ - prefix reg: \ - select * where {\ - ?register a reg:Register; version:currentVersion ?regVer.} limit 10"; +let query = "PREFIX rdfs: \ + PREFIX reg: \ + PREFIX version: \ + SELECT ?regdef ?label WHERE {\ + ?item reg:register ;\ + version:currentVersion/reg:definition/reg:entity ?regdef ;\ + version:currentVersion ?itemVer .\ + ?regdef rdfs:label ?label . } LIMIT 10"; let divResults = document.getElementById("results"); function sparqlQueryJson(queryStr, endpoint, callback) { // Build the request URI let requestUri = endpoint + "?query=" + escape(queryStr) + "&output=json"; - // Get our HTTP request object. + // Get our HTTP request object if (window.XMLHttpRequest) { let xhr = new XMLHttpRequest(); xhr.open('GET', requestUri, true); - // Set up callback to get the response asynchronously. + // Set up callback to get the response asynchronously xhr.onreadystatechange = function () { if (xhr.readyState === 4) { if (xhr.status === 200) { // Do something with the results callback(xhr.responseText); } else { - // Some kind of error occurred. + // Some kind of error occurred alert("Sparql query error: " + xhr.status + " " + xhr.responseText); } } }; - // Send the query to the endpoint. + // Send the query to the endpoint xhr.send(); } else { alert("Your browser does not support XMLHttpRequest"); } } -// Define a callback function to receive the SPARQL JSON result. +// Define a callback function to receive the SPARQL JSON result function myCallback(str) { // Convert result to JSON let jsonObj = eval('(' + str + ')'); - // Build up a table of results. + // Build up a table of results let table = document.createElement("table"); table.className = "table table-striped table-bordered datatable dataTable"; + // Create table head + let tableHead = document.createElement("thead"); + table.appendChild(tableHead); + // Create column headers - let tableHeader = document.createElement("tr"); + let tableHeadRow = document.createElement("tr"); for (let dataColumn of jsonObj.head.vars) { let th = document.createElement("th"); th.appendChild(document.createTextNode(dataColumn)); - tableHeader.appendChild(th); + tableHeadRow.appendChild(th); } - table.appendChild(tableHeader); + tableHead.appendChild(tableHeadRow); + + // Create table body + let tableBody = document.createElement("tbody"); + table.appendChild(tableBody); // Create result rows for (let dataRow of jsonObj.results.bindings) { @@ -68,7 +80,7 @@ function myCallback(str) { tableRow.appendChild(td); } - table.appendChild(tableRow); + tableBody.appendChild(tableRow); } // Append the table to the results HTML container @@ -76,5 +88,5 @@ function myCallback(str) { divResults.appendChild(table); } -// Make the query. -sparqlQueryJson(query, endpoint, myCallback); \ No newline at end of file +// Make the query +sparqlQueryJson(query, endpoint, myCallback); diff --git a/ldregistry/ui/css/ui.css b/ldregistry/ui/css/ui.css index 1b65f91..b3f911f 100644 --- a/ldregistry/ui/css/ui.css +++ b/ldregistry/ui/css/ui.css @@ -7,11 +7,11 @@ body { } .table { - margin-bottom: 0em; + margin-bottom: 0; } table tr td table { - margin-bottom: 0em; + margin-bottom: 0; } .space-above { @@ -73,8 +73,8 @@ footer { } .formats dl { - margin-bottom: 0px; - margin-top: 0px; + margin-bottom: 0; + margin-top: 0; } .formats table tr td { @@ -98,7 +98,7 @@ footer { } .nav-compact { - margin-bottom: 0px; + margin-bottom: 0; } #registration-dialog { @@ -182,4 +182,4 @@ td.align-right { .hlist-child-box { padding-left: 40px; -} \ No newline at end of file +} From 968bc6d686e8b7b510fb5264e548ed691ccf2e2e Mon Sep 17 00:00:00 2001 From: der Date: Thu, 9 Mar 2023 13:59:15 +0000 Subject: [PATCH 03/44] Fix XSS vuln in create-redirect-page --- ldregistry/templates/actions/_set-status-dialog.vm | 1 + ldregistry/templates/actions/create-redirect-page.vm | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ldregistry/templates/actions/_set-status-dialog.vm b/ldregistry/templates/actions/_set-status-dialog.vm index 9d627bf..50a336c 100644 --- a/ldregistry/templates/actions/_set-status-dialog.vm +++ b/ldregistry/templates/actions/_set-status-dialog.vm @@ -15,6 +15,7 @@ } $.ajax(action,{ type : "POST", + contentType : "application/x-www-form-urlencoded; charset=UTF-8", success : function(data, status, xhr){ $("#status-dialog").modal("hide"); diff --git a/ldregistry/templates/actions/create-redirect-page.vm b/ldregistry/templates/actions/create-redirect-page.vm index d596f1b..1d3bcf2 100644 --- a/ldregistry/templates/actions/create-redirect-page.vm +++ b/ldregistry/templates/actions/create-redirect-page.vm @@ -9,7 +9,7 @@
-

$msg.get('redirect.heading', $entity)

+

$msg.get('redirect.heading', $lib.reg.xssCleanHTML($entity))

From 05384bf1d04f3a506b1ec7f9d6b3b3f4fbae7da9 Mon Sep 17 00:00:00 2001 From: der Date: Thu, 9 Mar 2023 16:51:55 +0000 Subject: [PATCH 04/44] Revert accidental inclusion of separate fix --- ldregistry/templates/actions/_set-status-dialog.vm | 1 - 1 file changed, 1 deletion(-) diff --git a/ldregistry/templates/actions/_set-status-dialog.vm b/ldregistry/templates/actions/_set-status-dialog.vm index 50a336c..9d627bf 100644 --- a/ldregistry/templates/actions/_set-status-dialog.vm +++ b/ldregistry/templates/actions/_set-status-dialog.vm @@ -15,7 +15,6 @@ } $.ajax(action,{ type : "POST", - contentType : "application/x-www-form-urlencoded; charset=UTF-8", success : function(data, status, xhr){ $("#status-dialog").modal("hide"); From b5bf93713639e1182b48eda09fbf25788fce93bb Mon Sep 17 00:00:00 2001 From: der Date: Thu, 9 Mar 2023 16:55:56 +0000 Subject: [PATCH 05/44] Ensure status dialog goes via correct routing --- ldregistry/templates/actions/_set-status-dialog.vm | 1 + 1 file changed, 1 insertion(+) diff --git a/ldregistry/templates/actions/_set-status-dialog.vm b/ldregistry/templates/actions/_set-status-dialog.vm index 9d627bf..50a336c 100644 --- a/ldregistry/templates/actions/_set-status-dialog.vm +++ b/ldregistry/templates/actions/_set-status-dialog.vm @@ -15,6 +15,7 @@ } $.ajax(action,{ type : "POST", + contentType : "application/x-www-form-urlencoded; charset=UTF-8", success : function(data, status, xhr){ $("#status-dialog").modal("hide"); From 425cad0f6bbff55e295c3d3d2b04399123c948fb Mon Sep 17 00:00:00 2001 From: der Date: Thu, 9 Mar 2023 17:04:10 +0000 Subject: [PATCH 06/44] Unpick premature change --- ldregistry/templates/actions/_set-status-dialog.vm | 1 - 1 file changed, 1 deletion(-) diff --git a/ldregistry/templates/actions/_set-status-dialog.vm b/ldregistry/templates/actions/_set-status-dialog.vm index 50a336c..9d627bf 100644 --- a/ldregistry/templates/actions/_set-status-dialog.vm +++ b/ldregistry/templates/actions/_set-status-dialog.vm @@ -15,7 +15,6 @@ } $.ajax(action,{ type : "POST", - contentType : "application/x-www-form-urlencoded; charset=UTF-8", success : function(data, status, xhr){ $("#status-dialog").modal("hide"); From d944aef3a5e235ea91a3d79cdc4113b25568cd5a Mon Sep 17 00:00:00 2001 From: der Date: Thu, 9 Mar 2023 17:05:26 +0000 Subject: [PATCH 07/44] Ensure status dialog goes via correct routing --- ldregistry/templates/actions/_set-status-dialog.vm | 1 + 1 file changed, 1 insertion(+) diff --git a/ldregistry/templates/actions/_set-status-dialog.vm b/ldregistry/templates/actions/_set-status-dialog.vm index 9d627bf..50a336c 100644 --- a/ldregistry/templates/actions/_set-status-dialog.vm +++ b/ldregistry/templates/actions/_set-status-dialog.vm @@ -15,6 +15,7 @@ } $.ajax(action,{ type : "POST", + contentType : "application/x-www-form-urlencoded; charset=UTF-8", success : function(data, status, xhr){ $("#status-dialog").modal("hide"); From 3b36df1e0f8a27598102cc5d9f7a58c57d7ff1f0 Mon Sep 17 00:00:00 2001 From: der Date: Thu, 9 Mar 2023 18:03:10 +0000 Subject: [PATCH 08/44] Improved XSS suppression on login form --- ldregistry/templates/login.vm | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/ldregistry/templates/login.vm b/ldregistry/templates/login.vm index 563d418..d85d7c4 100644 --- a/ldregistry/templates/login.vm +++ b/ldregistry/templates/login.vm @@ -14,8 +14,6 @@ #set( $lroot = $root ) #end -#set( $return = $lib.reg.xssCleanURI($return) ) -
@@ -50,7 +48,7 @@
- +
@@ -66,7 +64,7 @@

$msg['login.oauth.note']

#end #foreach($provider in $oauthProviders) - #oauthLogin($provider, $return) + #oauthLogin($provider, $lib.reg.xssCleanHTMLAtribute($return)) #end
@@ -99,7 +97,7 @@
- +
@@ -114,7 +112,7 @@

$msg['login.register.oauth']

#end #foreach($provider in $oauthProviders) - #oauthRegister($provider, $return) + #oauthRegister($provider, $lib.reg.xssCleanHTMLAtribute($return)) #end
@@ -134,7 +132,7 @@
- $msg['ui.close'] + $msg['ui.close']
From ddf0695bc883ba37a5565b5f5d442ae15930b582 Mon Sep 17 00:00:00 2001 From: der Date: Thu, 9 Mar 2023 19:36:19 +0000 Subject: [PATCH 09/44] Fix slect label ids --- ldregistry/templates/actions/create-register-page.vm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ldregistry/templates/actions/create-register-page.vm b/ldregistry/templates/actions/create-register-page.vm index 0a5a5e1..ee5ce64 100644 --- a/ldregistry/templates/actions/create-register-page.vm +++ b/ldregistry/templates/actions/create-register-page.vm @@ -65,8 +65,8 @@ #foreach( $tagindex in $registerTagSets ) #set( $tag = $registerTagSepecs[$tagindex] )
- - #foreach( $option in $lib.reg.listMembers( $tag.register ) ) From 8856b482602e7a466a88723af9089d9f780e8456 Mon Sep 17 00:00:00 2001 From: Mike Gormley Date: Fri, 10 Mar 2023 12:21:27 +0000 Subject: [PATCH 10/44] Add Pull Request template --- pull_request_template.md | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 pull_request_template.md diff --git a/pull_request_template.md b/pull_request_template.md new file mode 100644 index 0000000..397d1e0 --- /dev/null +++ b/pull_request_template.md @@ -0,0 +1,8 @@ +JIRA: [CDF-](https://metoffice.atlassian.net/browse/CDF-) +Description: _A summary description of your changes._ + +Tasks: +- [x] Task 1 +- [ ] Task 2 +- [ ] Created tests +- [ ] Updated documentation From 577462ee0935bc14bc29e77b0a0dfde616e384d7 Mon Sep 17 00:00:00 2001 From: Mike Gormley Date: Wed, 26 Apr 2023 15:18:53 +0100 Subject: [PATCH 11/44] Update Jira backlog in PR template --- pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pull_request_template.md b/pull_request_template.md index 397d1e0..68fbdc3 100644 --- a/pull_request_template.md +++ b/pull_request_template.md @@ -1,4 +1,4 @@ -JIRA: [CDF-](https://metoffice.atlassian.net/browse/CDF-) +Jira: [JAG-](https://metoffice.atlassian.net/browse/JAG-) Description: _A summary description of your changes._ Tasks: From 550a4a8db3685cda144325b849702b20e6b8206b Mon Sep 17 00:00:00 2001 From: der Date: Tue, 2 May 2023 16:14:21 +0100 Subject: [PATCH 12/44] Fix incorrect xss clean of hrefs Addresses: UKGovLD/registry-core#185 --- ldregistry/templates/login.vm | 2 +- ldregistry/templates/macros.vm | 2 +- ldregistry/templates/registry-compare.vm | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ldregistry/templates/login.vm b/ldregistry/templates/login.vm index d85d7c4..b2f28da 100644 --- a/ldregistry/templates/login.vm +++ b/ldregistry/templates/login.vm @@ -132,7 +132,7 @@
- $msg['ui.close'] + $msg['ui.close']
diff --git a/ldregistry/templates/macros.vm b/ldregistry/templates/macros.vm index fa098a2..2ac0fcf 100644 --- a/ldregistry/templates/macros.vm +++ b/ldregistry/templates/macros.vm @@ -48,7 +48,7 @@ #end ## Determine the href value to use in a link to the given resource, reference URIs go external -#macro(linkhref $res)#if($res.uRI.startsWith($registry.baseURI))$root$lib.reg.xssCleanURI($res.uRI.substring($registry.baseURI.length()))#else#set($href = $lib.reg.xssCleanURI($res.uRI))#if($href.startsWith("javascript:"))#[[#]]##else$href#end#end#end +#macro(linkhref $res)#if($res.uRI.startsWith($registry.baseURI))$root$lib.reg.xssCleanHTMLAtribute($res.uRI.substring($registry.baseURI.length()))#else#set($href = $lib.reg.xssCleanHTMLAtribute($res.uRI))#if($href.startsWith("javascript:"))#[[#]]##else$href#end#end#end ## Determine the href value to use in a link to the given resource, reference URIs go internal #macro(linkhrefInt $res)#if($res.uRI.startsWith($registry.baseURI))${root}$res.uRI.substring($registry.baseURI.length())#else${root}/?entity=$lib.pathEncode($res.getURI())#end#end diff --git a/ldregistry/templates/registry-compare.vm b/ldregistry/templates/registry-compare.vm index b49355b..3422646 100644 --- a/ldregistry/templates/registry-compare.vm +++ b/ldregistry/templates/registry-compare.vm @@ -10,12 +10,12 @@ #macro( resultRowValues $item ) #set( $itemEntity = $item.getPropertyValue("reg:definition").getPropertyValue("reg:entity") ) - $item.name + $item.name #set( $registerPath = $item.getPropertyValue("reg:register").uRI.substring($registry.baseURI.length()) ) #set( $registerUri = "$root$registerPath" ) - $registerPath + $registerPath #foreach($ty in $itemEntity.listPropertyValues("rdf:type")) From 3e46b68571ed0728decbdc90466ef6c785f15521 Mon Sep 17 00:00:00 2001 From: der Date: Sun, 14 May 2023 18:44:50 +0100 Subject: [PATCH 13/44] Fix xss regressions - revert incorrect xss clean for loging close button - trap cases of non-existent external references Addresses comments in #185 --- ldregistry/templates/login.vm | 2 +- ldregistry/templates/main/_fetch_item.vm | 69 ++++++++++++------------ 2 files changed, 37 insertions(+), 34 deletions(-) diff --git a/ldregistry/templates/login.vm b/ldregistry/templates/login.vm index b2f28da..d85d7c4 100644 --- a/ldregistry/templates/login.vm +++ b/ldregistry/templates/login.vm @@ -132,7 +132,7 @@
- $msg['ui.close'] + $msg['ui.close']
diff --git a/ldregistry/templates/main/_fetch_item.vm b/ldregistry/templates/main/_fetch_item.vm index 465f4f4..b94d9d9 100644 --- a/ldregistry/templates/main/_fetch_item.vm +++ b/ldregistry/templates/main/_fetch_item.vm @@ -56,46 +56,49 @@ #set( $render = "error" ) #else - ## At this point should have a successful RDF description - ## $target will be set to the URI of the target resource - ## $verionNumber will be set to a version number for the resource, if any - #set( $render = "item" ) - #set( $model = $response.entity ) - $model.setLanguage( $language ) - #set( $node = $model.getNode($target) ) + #if(${model.model.size()} == 0) + #set( $render = "not-found" ) + #else + ## At this point should have a successful RDF description + ## $target will be set to the URI of the target resource + ## $verionNumber will be set to a version number for the resource, if any + #set( $render = "item" ) - #if($node.hasResourceValue("rdf:type","reg:Register")) - ## A register - #set( $register = $node ) - #set( $entity = $register ) - #set( $item = $model.getNode($node.uRI.replaceAll("/([^/]*)$", "/_$1")) ) + $model.setLanguage( $language ) + #set( $node = $model.getNode($target) ) - #elseif($node.hasResourceValue("rdf:type","reg:RegisterItem")) - ## a RegisterItem which might in turn point to a register or a real entity - #set( $item = $node ) - #set( $entity = $item.connectedNodes("reg:definition/reg:entity").get(0) ) - #if( $entity.hasResourceValue("rdf:type","reg:Register") ) - ## Render as a register - #set( $register = $entity ) - #end + #if($node.hasResourceValue("rdf:type","reg:Register")) + ## A register + #set( $register = $node ) + #set( $entity = $register ) + #set( $item = $model.getNode($node.uRI.replaceAll("/([^/]*)$", "/_$1")) ) - #else - ## An entity - may be an external resource entity or may be an registerItem in disguise - #set( $entity = $node) - #set( $items = $node.connectedNodes("^reg:entity/^reg:definition") ) - #if( !$items.isEmpty() ) - ## It's an entity for which we've now found the corresponding RegisterItem - #set( $item = $items.get(0) ) - #if( $item.isAnon() ) - ## No URI to work with so render as a pure (external) resource - #set( $render = "resource" ) + #elseif($node.hasResourceValue("rdf:type","reg:RegisterItem")) + ## a RegisterItem which might in turn point to a register or a real entity + #set( $item = $node ) + #set( $entity = $item.connectedNodes("reg:definition/reg:entity").get(0) ) + #if( $entity.hasResourceValue("rdf:type","reg:Register") ) + ## Render as a register + #set( $register = $entity ) #end + #else - ## No corresponding RegisterItem so render as a pure (external) resource - #set( $render = "resource" ) + ## An entity - may be an external resource entity or may be an registerItem in disguise + #set( $entity = $node) + #set( $items = $node.connectedNodes("^reg:entity/^reg:definition") ) + #if( !$items.isEmpty() ) + ## It's an entity for which we've now found the corresponding RegisterItem + #set( $item = $items.get(0) ) + #if( $item.isAnon() ) + ## No URI to work with so render as a pure (external) resource + #set( $render = "resource" ) + #end + #else + ## No corresponding RegisterItem so render as a pure (external) resource + #set( $render = "resource" ) + #end #end - #end #end From 5240d107a79747dc75fa02b4dba3c4c1c8a0fbeb Mon Sep 17 00:00:00 2001 From: der Date: Sun, 14 May 2023 18:44:50 +0100 Subject: [PATCH 14/44] Fix xss regressions - revert incorrect xss clean for loging close button - trap cases of non-existent external references Addresses UKGovLD/registry-core#/185 comment https://github.com/UKGovLD/registry-core/issues/185#issuecomment-1545866128 --- ldregistry/templates/login.vm | 2 +- ldregistry/templates/main/_fetch_item.vm | 69 ++++++++++++------------ 2 files changed, 37 insertions(+), 34 deletions(-) diff --git a/ldregistry/templates/login.vm b/ldregistry/templates/login.vm index b2f28da..d85d7c4 100644 --- a/ldregistry/templates/login.vm +++ b/ldregistry/templates/login.vm @@ -132,7 +132,7 @@
- $msg['ui.close'] + $msg['ui.close']
diff --git a/ldregistry/templates/main/_fetch_item.vm b/ldregistry/templates/main/_fetch_item.vm index 465f4f4..b94d9d9 100644 --- a/ldregistry/templates/main/_fetch_item.vm +++ b/ldregistry/templates/main/_fetch_item.vm @@ -56,46 +56,49 @@ #set( $render = "error" ) #else - ## At this point should have a successful RDF description - ## $target will be set to the URI of the target resource - ## $verionNumber will be set to a version number for the resource, if any - #set( $render = "item" ) - #set( $model = $response.entity ) - $model.setLanguage( $language ) - #set( $node = $model.getNode($target) ) + #if(${model.model.size()} == 0) + #set( $render = "not-found" ) + #else + ## At this point should have a successful RDF description + ## $target will be set to the URI of the target resource + ## $verionNumber will be set to a version number for the resource, if any + #set( $render = "item" ) - #if($node.hasResourceValue("rdf:type","reg:Register")) - ## A register - #set( $register = $node ) - #set( $entity = $register ) - #set( $item = $model.getNode($node.uRI.replaceAll("/([^/]*)$", "/_$1")) ) + $model.setLanguage( $language ) + #set( $node = $model.getNode($target) ) - #elseif($node.hasResourceValue("rdf:type","reg:RegisterItem")) - ## a RegisterItem which might in turn point to a register or a real entity - #set( $item = $node ) - #set( $entity = $item.connectedNodes("reg:definition/reg:entity").get(0) ) - #if( $entity.hasResourceValue("rdf:type","reg:Register") ) - ## Render as a register - #set( $register = $entity ) - #end + #if($node.hasResourceValue("rdf:type","reg:Register")) + ## A register + #set( $register = $node ) + #set( $entity = $register ) + #set( $item = $model.getNode($node.uRI.replaceAll("/([^/]*)$", "/_$1")) ) - #else - ## An entity - may be an external resource entity or may be an registerItem in disguise - #set( $entity = $node) - #set( $items = $node.connectedNodes("^reg:entity/^reg:definition") ) - #if( !$items.isEmpty() ) - ## It's an entity for which we've now found the corresponding RegisterItem - #set( $item = $items.get(0) ) - #if( $item.isAnon() ) - ## No URI to work with so render as a pure (external) resource - #set( $render = "resource" ) + #elseif($node.hasResourceValue("rdf:type","reg:RegisterItem")) + ## a RegisterItem which might in turn point to a register or a real entity + #set( $item = $node ) + #set( $entity = $item.connectedNodes("reg:definition/reg:entity").get(0) ) + #if( $entity.hasResourceValue("rdf:type","reg:Register") ) + ## Render as a register + #set( $register = $entity ) #end + #else - ## No corresponding RegisterItem so render as a pure (external) resource - #set( $render = "resource" ) + ## An entity - may be an external resource entity or may be an registerItem in disguise + #set( $entity = $node) + #set( $items = $node.connectedNodes("^reg:entity/^reg:definition") ) + #if( !$items.isEmpty() ) + ## It's an entity for which we've now found the corresponding RegisterItem + #set( $item = $items.get(0) ) + #if( $item.isAnon() ) + ## No URI to work with so render as a pure (external) resource + #set( $render = "resource" ) + #end + #else + ## No corresponding RegisterItem so render as a pure (external) resource + #set( $render = "resource" ) + #end #end - #end #end From 6ac656c364a7c8b11867ab7211eaf6f05a9ba803 Mon Sep 17 00:00:00 2001 From: der Date: Mon, 15 May 2023 20:33:34 +0100 Subject: [PATCH 15/44] Remove use of entity redirection --- ldregistry/templates/macros.vm | 2 +- ldregistry/templates/main/_fetch_item.vm | 36 ++++++++++-------------- 2 files changed, 16 insertions(+), 22 deletions(-) diff --git a/ldregistry/templates/macros.vm b/ldregistry/templates/macros.vm index 2ac0fcf..aa861cc 100644 --- a/ldregistry/templates/macros.vm +++ b/ldregistry/templates/macros.vm @@ -51,7 +51,7 @@ #macro(linkhref $res)#if($res.uRI.startsWith($registry.baseURI))$root$lib.reg.xssCleanHTMLAtribute($res.uRI.substring($registry.baseURI.length()))#else#set($href = $lib.reg.xssCleanHTMLAtribute($res.uRI))#if($href.startsWith("javascript:"))#[[#]]##else$href#end#end#end ## Determine the href value to use in a link to the given resource, reference URIs go internal -#macro(linkhrefInt $res)#if($res.uRI.startsWith($registry.baseURI))${root}$res.uRI.substring($registry.baseURI.length())#else${root}/?entity=$lib.pathEncode($res.getURI())#end#end +#macro(linkhrefInt $res)#if($res.uRI.startsWith($registry.baseURI))${root}$res.uRI.substring($registry.baseURI.length())#else$res.uRI#end#end ## Inject a link to the given resource ###macro(linkfor $res) diff --git a/ldregistry/templates/main/_fetch_item.vm b/ldregistry/templates/main/_fetch_item.vm index b94d9d9..3b9d752 100644 --- a/ldregistry/templates/main/_fetch_item.vm +++ b/ldregistry/templates/main/_fetch_item.vm @@ -3,7 +3,7 @@ ## ## Input parameters: ## $uri - the requested URI, relative to the registry root (generated by registry-core) -## $entity - the URI of a external entity to be displayed, passed as a query parameter, overrides the $uri (confusing choice given $entity is also used internally) +## $entity - now ignored, entity checks possible via check URI function ## $language - the language to display (extracted from browser request local?) ## $showStatus - option parameter to set level of item status to show ## @@ -22,30 +22,24 @@ #set( $paging="firstPage" ) #end - #if($entity) - #set( $response = $registry.perform("Read","$uri?entity=$entity&_view=with_metadata&status=any&$paging", $requestor) ) - #set( $target = $entity ) - #set( $uri = $entity ) + #if( $subject.isAuthenticated() ) + #set( $visibleStatus = "any" ) #else - #if( $subject.isAuthenticated() ) - #set( $visibleStatus = "any" ) - #else - #if( ! $showStatus ) - #set( $showStatus = "accepted" ) - #if( $registry.configExtensions.showStatus ) - #set( $showStatus = $registry.configExtensions.showStatus ) - #end - #set ( $visibleStatus = $showStatus ) + #if( ! $showStatus ) + #set( $showStatus = "accepted" ) + #if( $registry.configExtensions.showStatus ) + #set( $showStatus = $registry.configExtensions.showStatus ) #end + #set ( $visibleStatus = $showStatus ) #end - #set( $response = $registry.perform("Read","$uri?_view=with_metadata&status=$visibleStatus&$paging", $requestor) ) - #set( $versionNumber = $lib.regex($uri,".*:(\d+)$") ) - #if( $versionNumber ) - #set( $versionNumber = $versionNumber[0] ) - #set( $uri = $lib.replaceAll($uri,":\d+$","") ) - #end - #set( $target = "$registry.baseURI/$uri" ) #end + #set( $response = $registry.perform("Read","$uri?_view=with_metadata&status=$visibleStatus&$paging", $requestor) ) + #set( $versionNumber = $lib.regex($uri,".*:(\d+)$") ) + #if( $versionNumber ) + #set( $versionNumber = $versionNumber[0] ) + #set( $uri = $lib.replaceAll($uri,":\d+$","") ) + #end + #set( $target = "$registry.baseURI/$uri" ) ## Parse the view response From b56de18a9b7c4a3d9f7fd1ef3b26c6b322bf42ac Mon Sep 17 00:00:00 2001 From: der Date: Mon, 15 May 2023 21:52:16 +0100 Subject: [PATCH 16/44] Address further potential xss loopholes --- ldregistry/templates/actions/create-manual-page.vm | 2 +- ldregistry/templates/actions/create-register-page.vm | 2 +- ldregistry/templates/actions/edit-page.vm | 2 +- ldregistry/templates/actions/register-page.vm | 4 ++-- ldregistry/templates/main.vm | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ldregistry/templates/actions/create-manual-page.vm b/ldregistry/templates/actions/create-manual-page.vm index 67d6797..22b6f1d 100644 --- a/ldregistry/templates/actions/create-manual-page.vm +++ b/ldregistry/templates/actions/create-manual-page.vm @@ -9,7 +9,7 @@
-

$msg.get('registerItem.createManual.heading', $register)

+

$msg.get('registerItem.createManual.heading', $lib.reg.xssCleanHTML($register))

diff --git a/ldregistry/templates/actions/create-register-page.vm b/ldregistry/templates/actions/create-register-page.vm index ee5ce64..b396a54 100644 --- a/ldregistry/templates/actions/create-register-page.vm +++ b/ldregistry/templates/actions/create-register-page.vm @@ -11,7 +11,7 @@
-

$msg.get('register.createManual.heading', $register)

+

$msg.get('register.createManual.heading', $lib.reg.xssCleanHTML($register))

diff --git a/ldregistry/templates/actions/edit-page.vm b/ldregistry/templates/actions/edit-page.vm index 5aa3ecc..8310752 100644 --- a/ldregistry/templates/actions/edit-page.vm +++ b/ldregistry/templates/actions/edit-page.vm @@ -10,7 +10,7 @@
-

$msg.get('registerItem.edit.heading', $target)

+

$msg.get('registerItem.edit.heading', $lib.reg.xssCleanHTML($target))

diff --git a/ldregistry/templates/actions/register-page.vm b/ldregistry/templates/actions/register-page.vm index ae8c85f..eda363c 100644 --- a/ldregistry/templates/actions/register-page.vm +++ b/ldregistry/templates/actions/register-page.vm @@ -23,7 +23,7 @@
-
+
- $msg['ui.close'] + $msg['ui.close']
diff --git a/ldregistry/templates/main.vm b/ldregistry/templates/main.vm index 811ffa5..cb2f04d 100644 --- a/ldregistry/templates/main.vm +++ b/ldregistry/templates/main.vm @@ -2,7 +2,7 @@ ## ## Input parameters: ## $uri - the requested URI, relative to the registry root (generated by registry-core) -## $entity - the URI of a external entity to be displayed, passed as a query parameter, optional +## $entity - no longer supported ## $_browse - flag (query parameter) to indicate user has selected "browse" to override landing page, optional #set( $isLandingPage = $uri.isEmpty() && !$entity && !${_browse} ) From 194b8121103187ca9f3190a03f12b524143c49c3 Mon Sep 17 00:00:00 2001 From: der Date: Mon, 15 May 2023 22:53:56 +0100 Subject: [PATCH 17/44] Further xss loopholes --- ldregistry/templates/actions/create-register-page.vm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ldregistry/templates/actions/create-register-page.vm b/ldregistry/templates/actions/create-register-page.vm index b396a54..649ae1c 100644 --- a/ldregistry/templates/actions/create-register-page.vm +++ b/ldregistry/templates/actions/create-register-page.vm @@ -17,7 +17,7 @@
- + @@ -83,7 +83,7 @@
- $msg['ui.close'] + $msg['ui.close']
From d9ffff6494e5c8b21d76906d1d8d396160428b70 Mon Sep 17 00:00:00 2001 From: der Date: Mon, 15 May 2023 23:01:21 +0100 Subject: [PATCH 18/44] Further xss loopholes --- ldregistry/templates/actions/edit-page.vm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ldregistry/templates/actions/edit-page.vm b/ldregistry/templates/actions/edit-page.vm index 8310752..650efcc 100644 --- a/ldregistry/templates/actions/edit-page.vm +++ b/ldregistry/templates/actions/edit-page.vm @@ -88,8 +88,8 @@
- - $msg['ui.close'] + + $msg['ui.close']
@@ -98,7 +98,7 @@
-

$msg.get('registerItem.edit.heading', $target)

+

$msg.get('registerItem.edit.heading', $lib.reg.xssCleanHTML($target))

#parse("structure/_footer.vm") From 1a0967f2c50eadcafdcc2a094de6225cd87a2323 Mon Sep 17 00:00:00 2001 From: der Date: Tue, 16 May 2023 08:08:05 +0100 Subject: [PATCH 19/44] Disable admin page templates --- ldregistry/templates/actions/create-manual-page.vm | 8 +++++++- ldregistry/templates/actions/create-redirect-page.vm | 7 +++++++ ldregistry/templates/actions/create-register-page.vm | 6 ++++++ ldregistry/templates/actions/edit-page.vm | 6 ++++++ ldregistry/templates/actions/register-page.vm | 6 ++++++ 5 files changed, 32 insertions(+), 1 deletion(-) diff --git a/ldregistry/templates/actions/create-manual-page.vm b/ldregistry/templates/actions/create-manual-page.vm index 22b6f1d..592073d 100644 --- a/ldregistry/templates/actions/create-manual-page.vm +++ b/ldregistry/templates/actions/create-manual-page.vm @@ -5,6 +5,10 @@ #parse("structure/_preamble.vm") +#if(! $subject.isAuthenticated()) +

Not authenticated

+#else +
@@ -64,5 +68,7 @@ }); - + +#end ## auth check + #parse("structure/_footer.vm") diff --git a/ldregistry/templates/actions/create-redirect-page.vm b/ldregistry/templates/actions/create-redirect-page.vm index 1d3bcf2..0f79a4b 100644 --- a/ldregistry/templates/actions/create-redirect-page.vm +++ b/ldregistry/templates/actions/create-redirect-page.vm @@ -5,6 +5,11 @@ #parse("structure/_preamble.vm") + +#if(! $subject.isAuthenticated()) +

Not authenticated

+#else +
@@ -27,4 +32,6 @@
+#end ## auth check + #parse("structure/_footer.vm") diff --git a/ldregistry/templates/actions/create-register-page.vm b/ldregistry/templates/actions/create-register-page.vm index 649ae1c..f588200 100644 --- a/ldregistry/templates/actions/create-register-page.vm +++ b/ldregistry/templates/actions/create-register-page.vm @@ -5,6 +5,10 @@ #parse("structure/_preamble.vm") +#if(! $subject.isAuthenticated()) +

Not authenticated

+#else + #parse( "actions/_configure-create-register.vm" )
@@ -156,4 +160,6 @@ $(function() { }); +#end ## auth check + #parse("structure/_footer.vm") diff --git a/ldregistry/templates/actions/edit-page.vm b/ldregistry/templates/actions/edit-page.vm index 650efcc..e9d2b71 100644 --- a/ldregistry/templates/actions/edit-page.vm +++ b/ldregistry/templates/actions/edit-page.vm @@ -6,6 +6,10 @@ #parse("structure/_preamble.vm") +#if(! $subject.isAuthenticated()) +

Not authenticated

+#else +
@@ -101,4 +105,6 @@

$msg.get('registerItem.edit.heading', $lib.reg.xssCleanHTML($target))

+#end ## auth check + #parse("structure/_footer.vm") diff --git a/ldregistry/templates/actions/register-page.vm b/ldregistry/templates/actions/register-page.vm index eda363c..213099d 100644 --- a/ldregistry/templates/actions/register-page.vm +++ b/ldregistry/templates/actions/register-page.vm @@ -5,6 +5,10 @@ #parse("structure/_preamble.vm") +#if(! $subject.isAuthenticated()) +

Not authenticated

+#else +
@@ -123,4 +127,6 @@ $(function() { }); +#end ## auth check + #parse("structure/_footer.vm") From 624e9ca2ab3be06aeb67d869fa1e16495d26d5a3 Mon Sep 17 00:00:00 2001 From: der Date: Tue, 16 May 2023 08:24:32 +0100 Subject: [PATCH 20/44] Fix further xss risks --- ldregistry/templates/actions/_form-for.vm | 2 +- .../templates/actions/create-manual-page.vm | 2 +- .../templates/actions/create-redirect-page.vm | 2 +- ldregistry/templates/macros.vm | 4 +- ldregistry/templates/obsolete/_item-view.vm | 101 ------ ldregistry/templates/obsolete/admin-panel.vm | 336 ------------------ .../templates/obsolete/concept-render.vm | 38 -- .../obsolete/concept-scheme-render.vm | 15 - ldregistry/templates/obsolete/registration.vm | 150 -------- ldregistry/templates/reset-password.vm | 7 + ldregistry/templates/user-register.vm | 4 +- 11 files changed, 14 insertions(+), 647 deletions(-) delete mode 100644 ldregistry/templates/obsolete/_item-view.vm delete mode 100644 ldregistry/templates/obsolete/admin-panel.vm delete mode 100644 ldregistry/templates/obsolete/concept-render.vm delete mode 100644 ldregistry/templates/obsolete/concept-scheme-render.vm delete mode 100644 ldregistry/templates/obsolete/registration.vm diff --git a/ldregistry/templates/actions/_form-for.vm b/ldregistry/templates/actions/_form-for.vm index 24a8cb1..aac29e9 100644 --- a/ldregistry/templates/actions/_form-for.vm +++ b/ldregistry/templates/actions/_form-for.vm @@ -3,7 +3,7 @@ ## $register - the register to which the form should be sent ## $return - URL to return to - +

diff --git a/ldregistry/templates/actions/create-manual-page.vm b/ldregistry/templates/actions/create-manual-page.vm index 592073d..88a6fb2 100644 --- a/ldregistry/templates/actions/create-manual-page.vm +++ b/ldregistry/templates/actions/create-manual-page.vm @@ -41,7 +41,7 @@

- $msg['ui.close'] + $msg['ui.close']
diff --git a/ldregistry/templates/actions/create-redirect-page.vm b/ldregistry/templates/actions/create-redirect-page.vm index 0f79a4b..344614b 100644 --- a/ldregistry/templates/actions/create-redirect-page.vm +++ b/ldregistry/templates/actions/create-redirect-page.vm @@ -25,7 +25,7 @@
- $msg['ui.close'] + $msg['ui.close']
diff --git a/ldregistry/templates/macros.vm b/ldregistry/templates/macros.vm index aa861cc..4d2e2ba 100644 --- a/ldregistry/templates/macros.vm +++ b/ldregistry/templates/macros.vm @@ -273,7 +273,7 @@
- +
@@ -283,7 +283,7 @@
- +
diff --git a/ldregistry/templates/obsolete/_item-view.vm b/ldregistry/templates/obsolete/_item-view.vm deleted file mode 100644 index 76a9fb7..0000000 --- a/ldregistry/templates/obsolete/_item-view.vm +++ /dev/null @@ -1,101 +0,0 @@ -## Fetch and render data for the URI or entity -## -## Input parameters: -## $uri - the requested URI, relative to the registry root (generated by registry-core) -## $entity - the URI of a external entity to be displayed, passed as a query parameter, overrides the $uri (confusing choice given $entity is also used internally) -## $language - the language to display (extracted from browser request local?) -## -## Sets up the parameters to be passed into the item rendering -## $item - RDF node for the RegisterItem being viewed -## $entity - RDF node for the entity corresponding to this item -## $register - if the entity is a register then this the RDF node for the register - -## Fetch the appropriate RDF view of the item - - #if($page) - #set( $paging="_page=$page" ) - #else - #set( $paging="firstPage" ) - #end - - #if($entity) - #set( $response = $registry.perform("Read","$uri?entity=$entity&_view=with_metadata&status=any&$paging", $requestor) ) - #set( $target = $entity ) - #set( $uri = $entity ) - #else - #if( $subject.isAuthenticated() ) - #set( $response = $registry.perform("Read","$uri?_view=with_metadata&status=any&$paging", $requestor) ) - #else - #set( $response = $registry.perform("Read","$uri?_view=with_metadata&status=accepted&$paging", $requestor) ) - #end - #set( $versionNumber = $lib.regex($uri,".*:(\d+)$") ) - #if( $versionNumber ) - #set( $versionNumber = $versionNumber[0] ) - #set( $uri = $lib.replaceAll($uri,":\d+$","") ) - #end - #set( $target = "$registry.baseURI/$uri" ) - #end - -## Parse the view response - - #if($response.status == 404) - #parse( "main/_not-found.vm" ) - - #elseif($response.status >= 500) - #parse( "main/_internal-error.vm" ) - - #else - ## At this point should have a successful RDF description - ## $target will be set to the URI of the target resource - ## $verionNumber will be set to a version number for the resource, if any - - #set( $model = $response.entity ) - $model.setLanguage( $language ) - #set( $node = $model.getNode($target) ) - - #if($node.hasResourceValue("rdf:type","reg:Register")) - ## A register - #set( $register = $node ) - #set( $entity = $register ) - #set( $item = $model.getNode($node.uRI.replaceAll("/([^/]*)$", "/_$1")) ) - - #parse( "main/_item-render.vm" ) - - #elseif($node.hasResourceValue("rdf:type","reg:RegisterItem")) - ## a RegisterItem which might in turn point to a register or a real entity - #set( $item = $node ) - #set( $entity = $item.connectedNodes("reg:definition/reg:entity").get(0) ) - #if( $entity.hasResourceValue("rdf:type","reg:Register") ) - ## Render as a register - #set( $register = $entity ) - #parse( "main/_item-render.vm" ) - - #else - #parse( "main/_item-render.vm" ) - #end - - #else - ## An entity - may be an external resource entity or may be an registerItem in disguise - #set( $entity = $node) - #set( $items = $node.connectedNodes("^reg:entity/^reg:definition") ) - #if( !$items.isEmpty() ) - ## It's an entity for which we've now found the corresponding RegisterItem - #set( $item = $items.get(0) ) - #if( $item.isAnon() ) - ## No URI to work with so render as a pure (external) resource - #parse("main/_resource-render.vm") - - #else - #parse( "main/_item-render.vm" ) - - #end - - #else - ## No corresponding RegisterItem so render as a pure (external) resource - #parse("main/_resource-render.vm") - - #end - - #end - - #end \ No newline at end of file diff --git a/ldregistry/templates/obsolete/admin-panel.vm b/ldregistry/templates/obsolete/admin-panel.vm deleted file mode 100644 index 713718e..0000000 --- a/ldregistry/templates/obsolete/admin-panel.vm +++ /dev/null @@ -1,336 +0,0 @@ -## Generate the controls for the main admin actions on an item - -## Macro to generate one of the admin dialogs - -#macro(grantdialog $grant $gdid) - -#end -## of macro - -

Actions

- - ## Status setting - - #if($lib.reg.isPermitted("StatusUpdate", $uri)) - #startActionSection( "Status" ) - #action( "set-status" ) - #if( $register ) - #action( "set-status-content" ) - #end - #endActionSection() - #end - - ## Register or patch - #if($register && $lib.reg.isPermitted("Register", $uri)) - #startActionSection( "Register" ) - #action( "register" ) - #endActionSection() - #end - - #set( $foundAction = false ) - - - ## Add a new item to a register - #if($register && $lib.reg.isPermitted("Register", $uri)) - #if(!$foundAction) -

Actions

-

- #set($foundAction=true) - #end - Add registration - - Patch - #set($patchDialog=true) - #end - - ## Editing entity, metadata and annotations - #if($item && $lib.reg.isPermitted("Update", $uri)) - #if(!$foundAction) -

Actions

- #set($foundAction=true) - #else -

- #end -

-## #if(!$register) - Edit -## #end - - Edit metadata - - Attach graph - #set($annotateDialog=true) - #end - - ## Import - #if($register && $lib.reg.isPermitted("RealDelete", $uri) && $uri != "_") - Import - #set($importDialog=true) - #end - - ## Real delete - #if($item && $lib.reg.isPermitted("RealDelete", $uri) && $uri != "_") -

- -
- #end - - #if($foundAction) -

- - #if($itemStatusDialog) - #statusSet("status-dialog", "Set status of $entity.name to ...", $item, $item) - #end - - #if($sample) - #statusSet("status-dialog2", "Set status of register contents to ...", $sample, $register) - #end - - #if($annotateDialog) - - #end - - #if($patchDialog) - - #end - - #if($importDialog) - - #end - - #end - - #set($isAdministrator=$lib.reg.isPermitted("Grant", $uri)) - #if($isAdministrator) -

Administrators for this item

- - #set($path="/" + $uri) - #set($auths=$registry.userStore.authorizedOn($path)) - #if($register) - #set($grant="Manager") - #else - #set($grant="Maintainer") - #end - #if($auths.isEmpty()) -

No local authorizations found

- #else - - - #foreach($auth in $auths) - #set($user = $auth.user) - - - - - - #end - - -
- $user.name - - $auth.permissions - -
- - - -
-
- #end - - #if($register) -
-
- $grant - Submitter - Reviewer -
-
-
- - - - -
-
-
-
- - - - -
-
-
- #else -
-
- $grant -
-
- #end - - #grantdialog($grant, "grant-user-dialog") - #if($register) - #grantdialog("Submitter", "grant-submitter") - #grantdialog("Reviewer", "grant-reviewer") - #end - - #end - - #renderDialogs() - - \ No newline at end of file diff --git a/ldregistry/templates/obsolete/concept-render.vm b/ldregistry/templates/obsolete/concept-render.vm deleted file mode 100644 index cc71da6..0000000 --- a/ldregistry/templates/obsolete/concept-render.vm +++ /dev/null @@ -1,38 +0,0 @@ -

Description

-#description($entity, "

no description supplied

") - -#set($r=false) -#set($r = $entity.getPropertyValue("skos:topConceptOf") ) -#if($r) -

Is a top concept in scheme

-
    -
  • #linkfor($r)
    • -
-#end - -#if($entity.getPropertyValue("skos:narrower")) -

Narrower concepts

-
    - #foreach($r in $entity.listPropertyValues("skos:narrower")) -
  • #linkfor($r)
    • - #end -
-#end - -#if($entity.getPropertyValue("skos:broader")) -

Broader concepts

-
    - #foreach($r in $entity.listPropertyValues("skos:broader")) -
  • #linkfor($r)
    • - #end -
-#end - -#if($entity.getPropertyValue("skos:related")) -

Related concepts

-
    - #foreach($r in $entity.listPropertyValues("skos:related")) -
  • #linkfor($r)
    • - #end -
-#end diff --git a/ldregistry/templates/obsolete/concept-scheme-render.vm b/ldregistry/templates/obsolete/concept-scheme-render.vm deleted file mode 100644 index 085e343..0000000 --- a/ldregistry/templates/obsolete/concept-scheme-render.vm +++ /dev/null @@ -1,15 +0,0 @@ -

Top concepts in $entity.name

- -
    - #foreach($concept in $entity.connectedNodes("skos:hasTopConcept|^skos:topConceptOf")) - - #set($conceptItemL = $concept.connectedNodes("^reg:entity/^reg:definition")) - #if($conceptItemL.isEmpty()) - #set($conceptItem = false) - #else - #set($conceptItem = $conceptItemL[0]) - #end - - #showMember($conceptItem, $concept) - #end -
diff --git a/ldregistry/templates/obsolete/registration.vm b/ldregistry/templates/obsolete/registration.vm deleted file mode 100644 index eaca85c..0000000 --- a/ldregistry/templates/obsolete/registration.vm +++ /dev/null @@ -1,150 +0,0 @@ -## Generate the registration dialog -## Parameters: -## $return the page to return to (or is that just referrer) -## $register the relative URI of the target register - -#parse("structure/_preamble.vm") - -
-
- -
-

Register in $register

-

Choose registration option ...

-
- -
- - - -
-
-
-
- - -
- - -
-
-
- -
-
-
- - -
- - -
-
-
- -
-
-
- - -
- - -
-
-
- -
-
- #set($spec=$lib.reg.getResource("/system/form-templates/register")) - #parse( "actions/_form-for.vm" ) -
- -
-
- #set($spec=$lib.reg.getResource("/system/form-templates/forward")) - #parse( "actions/_form-for.vm" ) -
- - -
- - #foreach($form in $lib.reg.listMembers("/system/form-templates")) - #if(!$form.entityURI.endsWith("/forward") && !$form.entityURI.endsWith("/register")) - #set($label = $form.labels.iterator().next().lexicalForm) - - - - #end - #end -
- -
- #set($spec=$lib.reg.getResource("/system/form-templates/concept")) - #parse( "actions/_form-for.vm" ) -
-
- - -
-
- - -
- Close -
- -
-
- -
- -
- - - -#parse("structure/_footer.vm") - diff --git a/ldregistry/templates/reset-password.vm b/ldregistry/templates/reset-password.vm index a6c4512..04b6173 100644 --- a/ldregistry/templates/reset-password.vm +++ b/ldregistry/templates/reset-password.vm @@ -5,6 +5,10 @@ #set($nav="admin") #parse("structure/_preamble.vm") +#if(! $subject.isAuthenticated()) +

Not authenticated

+#else +
@@ -58,4 +62,7 @@
#set( $extraJS = "jquery.validate.min.js,validate-password.js" ) + +#end ## auth check + #parse("structure/_footer.vm") diff --git a/ldregistry/templates/user-register.vm b/ldregistry/templates/user-register.vm index b91e7a7..54e18e4 100644 --- a/ldregistry/templates/user-register.vm +++ b/ldregistry/templates/user-register.vm @@ -42,7 +42,7 @@
- +
@@ -65,7 +65,7 @@
- $msg['ui.close'] + $msg['ui.close']
From 6b573012f090200febe7ddd56ff450115de5d013 Mon Sep 17 00:00:00 2001 From: der Date: Tue, 16 May 2023 08:33:35 +0100 Subject: [PATCH 21/44] Fix regster page xss Belt an braces since auth protected anyway --- ldregistry/templates/reset-password.vm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ldregistry/templates/reset-password.vm b/ldregistry/templates/reset-password.vm index 04b6173..ec985b5 100644 --- a/ldregistry/templates/reset-password.vm +++ b/ldregistry/templates/reset-password.vm @@ -36,7 +36,7 @@
- +
@@ -52,7 +52,7 @@
- Close + Close
From 58ae68d02d0b85f2f4ea5df21d032d12ee9db512 Mon Sep 17 00:00:00 2001 From: der Date: Tue, 16 May 2023 16:28:38 +0100 Subject: [PATCH 22/44] Remove reference to ?entity --- ldregistry/templates/main.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/main.vm b/ldregistry/templates/main.vm index cb2f04d..8b46ea4 100644 --- a/ldregistry/templates/main.vm +++ b/ldregistry/templates/main.vm @@ -5,7 +5,7 @@ ## $entity - no longer supported ## $_browse - flag (query parameter) to indicate user has selected "browse" to override landing page, optional -#set( $isLandingPage = $uri.isEmpty() && !$entity && !${_browse} ) +#set( $isLandingPage = $uri.isEmpty() && !${_browse} ) #set( $nav = "#if( $isLandingPage )landing#{else}browse#end" ) From 9db39fee5378dfd305b9a5168611cba7ff8e0db5 Mon Sep 17 00:00:00 2001 From: der Date: Tue, 16 May 2023 16:28:59 +0100 Subject: [PATCH 23/44] Omit target text from Not Found message --- ldregistry/templates/main/_not-found.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/main/_not-found.vm b/ldregistry/templates/main/_not-found.vm index f23c164..68fc7ac 100644 --- a/ldregistry/templates/main/_not-found.vm +++ b/ldregistry/templates/main/_not-found.vm @@ -1,6 +1,6 @@

$msg['error.notFound.heading']

- $msg.get('error.notFound.note', $target, $lib.escapeHtml($target)) + $msg.get('error.notFound.note')

\ No newline at end of file From 549e076006911fca13fbd7ada13245894bd65f3d Mon Sep 17 00:00:00 2001 From: der Date: Tue, 16 May 2023 21:01:47 +0100 Subject: [PATCH 24/44] Fix not-found message --- ldregistry/config/language/messages/en.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/config/language/messages/en.properties b/ldregistry/config/language/messages/en.properties index 706df90..c98e9db 100644 --- a/ldregistry/config/language/messages/en.properties +++ b/ldregistry/config/language/messages/en.properties @@ -63,7 +63,7 @@ checkUri.label=Check URI checkUri.heading=Check whether a URI is registered checkUri.button=Check checkUri.uri=URI to check -checkUri.notFound=Not found. URI <{0}> does not seem to be registered. +checkUri.notFound=Not found. =Sorry, the requested URI was not found on this site. checkUri.registered=URI is registered: compare.item.new.label=New From 310224d66b123ba673811f4702a74c94676713ec Mon Sep 17 00:00:00 2001 From: Dave Reynolds Date: Wed, 17 May 2023 15:23:16 +0100 Subject: [PATCH 25/44] Update ldregistry/config/language/messages/en.properties Co-authored-by: Mike Gormley --- ldregistry/config/language/messages/en.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/config/language/messages/en.properties b/ldregistry/config/language/messages/en.properties index c98e9db..cc0f3d5 100644 --- a/ldregistry/config/language/messages/en.properties +++ b/ldregistry/config/language/messages/en.properties @@ -63,7 +63,7 @@ checkUri.label=Check URI checkUri.heading=Check whether a URI is registered checkUri.button=Check checkUri.uri=URI to check -checkUri.notFound=Not found. =Sorry, the requested URI was not found on this site. +checkUri.notFound=Not found. Sorry, the requested URI was not found on this site. checkUri.registered=URI is registered: compare.item.new.label=New From d87c4f7356556902015290b34ac965f9b10f30b4 Mon Sep 17 00:00:00 2001 From: der Date: Wed, 17 May 2023 15:29:50 +0100 Subject: [PATCH 26/44] Fix not-found message --- ldregistry/config/language/messages/en.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/config/language/messages/en.properties b/ldregistry/config/language/messages/en.properties index cc0f3d5..47544d4 100644 --- a/ldregistry/config/language/messages/en.properties +++ b/ldregistry/config/language/messages/en.properties @@ -77,7 +77,7 @@ error.heading=Sorry error.internal.title=Internal error {0} error.internal.description=Sorry, an internal error has occurred. error.notFound.heading=Not found (404) -error.notFound.note=Sorry, the URI {1} was not found on this site. +error.notFound.note=Sorry, the requested URI was not found on this site. footer.support.heading=Support footer.about.heading=About this page From f421a34c3ae180d0fcc4f9ecc7112692cc39fee9 Mon Sep 17 00:00:00 2001 From: Henry Booth Date: Mon, 22 May 2023 15:04:22 +0100 Subject: [PATCH 27/44] add google ci tag --- ldregistry/templates/structure/_header.vm | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ldregistry/templates/structure/_header.vm b/ldregistry/templates/structure/_header.vm index 4fb04f2..f524b8c 100644 --- a/ldregistry/templates/structure/_header.vm +++ b/ldregistry/templates/structure/_header.vm @@ -21,6 +21,15 @@ + + + From 378e51f407f08f28f4a26549bb16a6ef486075c0 Mon Sep 17 00:00:00 2001 From: Mike Gormley Date: Tue, 23 May 2023 11:35:39 +0100 Subject: [PATCH 28/44] Fix routing issues on login modal --- ldregistry/config/app.conf | 2 +- ldregistry/templates/nav/_menu-advanced.vm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ldregistry/config/app.conf b/ldregistry/config/app.conf index 4455161..6fa5ccd 100644 --- a/ldregistry/config/app.conf +++ b/ldregistry/config/app.conf @@ -62,7 +62,7 @@ config.oauth2 = $oauth2 # The Registry configuration itself registry = com.epimorphics.registry.core.Registry -registry.baseUri = http://codes.wmo.int/ +registry.baseUri = http://codes.wmo.int registry.store = $storeapi registry.cacheSize = 100 registry.pageSize = 9000 diff --git a/ldregistry/templates/nav/_menu-advanced.vm b/ldregistry/templates/nav/_menu-advanced.vm index 7861e38..078743e 100644 --- a/ldregistry/templates/nav/_menu-advanced.vm +++ b/ldregistry/templates/nav/_menu-advanced.vm @@ -4,7 +4,7 @@ $msg['nav.advanced.label']
    #if( ! $subject.isAuthenticated() ) -
  • $msg['login.button']
    • +
  • $msg['login.button']
    • #end #if( $subject.isAuthenticated() ) From 9965d010772e35536a80810d8ffee5bc266252a6 Mon Sep 17 00:00:00 2001 From: Mike Gormley Date: Tue, 30 May 2023 14:46:20 +0100 Subject: [PATCH 29/44] JAG-59 Remove hard coded WMO URL from sparql query form --- ldregistry/templates/sparql-form.vm | 4 +++- ldregistry/ui/assets/js/app/qconfig.js | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ldregistry/templates/sparql-form.vm b/ldregistry/templates/sparql-form.vm index b7d4ac0..173aa0b 100644 --- a/ldregistry/templates/sparql-form.vm +++ b/ldregistry/templates/sparql-form.vm @@ -1,11 +1,12 @@ #set($pageTitle=$msg['sparql.title']) #set($extraCSS="qonsole.css,codemirror.css") #set($nav="sparql") +#set($baseURI=$registry.baseURI) #parse("structure/_preamble.vm")
    @@ -32,6 +33,7 @@
    +
    diff --git a/ldregistry/ui/assets/js/app/qconfig.js b/ldregistry/ui/assets/js/app/qconfig.js index 952dfcf..4938f7e 100644 --- a/ldregistry/ui/assets/js/app/qconfig.js +++ b/ldregistry/ui/assets/js/app/qconfig.js @@ -1,5 +1,6 @@ // configuration - var config = { + let baseURI = $("#baseUri").val(); + let config = { endpoints: { "default": "/system/query", }, @@ -27,7 +28,7 @@ } , { "name": "List items in a register", "query": "select *\nwhere {\n" + - " ?item reg:register ;\n" + + " ?item reg:register <" + baseURI + "/system/prefixes>;\n" + " version:currentVersion ?itemVer.\n}" } ] From b37a8fb3e3e9bf25c94a29436df5d5d2afedca21 Mon Sep 17 00:00:00 2001 From: Mike Gormley Date: Fri, 16 Jun 2023 10:05:53 +0100 Subject: [PATCH 30/44] Add Code Owners file --- .github/CODEOWNERS | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..acb0990 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,4 @@ +# GitHub Code Owners Configuration + +# All files owned by the Data Services - Jaguar GitHub Organisation Team +* @MetOffice/data-services-jaguar From 1ad82be353dc07ccaa1509d78f3b2a774b08ba3d Mon Sep 17 00:00:00 2001 From: James Long Date: Tue, 27 Jun 2023 14:17:48 +0100 Subject: [PATCH 31/44] L18 Authoritative terms link --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 7c2c2ec..9f6d32b 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -15,7 +15,7 @@

    -The WMO Codes Registry is the mechanism through which the authoritative terms required for WMO AvXML are published as web accessible resources. +The WMO Codes Registry is the mechanism through which the authoritative terms required for WMO AvXML are published as web accessible resources.

    From d39c986f5d1cd93a688f0cc9ff354c0af5ab0d8f Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 07:57:57 +0100 Subject: [PATCH 32/44] New page for MO and Other WMO site --- ldregistry/templates/about/expectations.vm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 9f6d32b..9cd6495 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -15,11 +15,11 @@

    -The WMO Codes Registry is the mechanism through which the authoritative terms required for WMO AvXML are published as web accessible resources. +The WMO Codes Registry is the mechanism through which the authoritative terms required for WMO AvXML are published as web accessible resources.

    -The Met Office operates this service on behalf of WMO. The Met Office does not anticipate that operational services will have a direct dependency on this service and therefore does not offer any assurances regarding the availability or accuracy of the service. +The Met Office operates this service on behalf of WMO. The Met Office does not anticipate that operational services will have a direct dependency on this service and therefore does not offer any assurances regarding the availability or accuracy of the service.

    The Met Office aims to ensure that information provided within the service is accurate, albeit incomplete in comparison to the scope of the WMO Technical Regulations. The initial set of authoritative terms is deemed sufficient to support the WMO AvXML data exchange standard. It is anticipated that the scope of content available through this service will expand during the life of the service. From 0d3faa11f08b7a2614e2d0dfcee9f7936d8228c0 Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 08:00:31 +0100 Subject: [PATCH 33/44] link updated Paragraph 3 --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 9cd6495..ed0ca0f 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -22,7 +22,7 @@ The WMO Codes Registry is the mechanism through which the authoritative terms re The Met Office operates this service on behalf of WMO. The Met Office does not anticipate that operational services will have a direct dependency on this service and therefore does not offer any assurances regarding the availability or accuracy of the service.

    -The Met Office aims to ensure that information provided within the service is accurate, albeit incomplete in comparison to the scope of the WMO Technical Regulations. The initial set of authoritative terms is deemed sufficient to support the WMO AvXML data exchange standard. It is anticipated that the scope of content available through this service will expand during the life of the service. +The Met Office aims to ensure that information provided within the service is accurate, albeit incomplete in comparison to the scope of the WMO Technical Regulations. The initial set of authoritative terms is deemed sufficient to support the WMO AvXML data exchange standard. It is anticipated that the scope of content available through this service will expand during the life of the service.

    Contributions are encouraged from interested parties, see contributing to the content of the WMO Codes Registry service for more details. For example, the site is not yet multi-lingual. From 2896674a2e74f0a70e1d963a671443803e7f9c92 Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 08:01:48 +0100 Subject: [PATCH 34/44] google docs opens new page --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index ed0ca0f..a0ac573 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -32,7 +32,7 @@ Contributions are encouraged from interested parties, see WMO Codes List Registry) for discussion about the service and content provided. +The WMO provides a Google Group (WMO Codes List Registry) for discussion about the service and content provided.

    If you encounter technical issues, please contact the Met Office Weather Desk during UK business hours. From 592ae268d3cab25720de637b6e4cf0111aae1436 Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 08:03:27 +0100 Subject: [PATCH 35/44] weather desk opens new page --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index a0ac573..3cc31e8 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -35,7 +35,7 @@ The Met Office will endeavour that the service is available, 24 hours a day, 7 d The WMO provides a Google Group (WMO Codes List Registry) for discussion about the service and content provided.

    -If you encounter technical issues, please contact the Met Office Weather Desk during UK business hours. +If you encounter technical issues, please contact the Met Office Weather Desk during UK business hours. For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    From ae0933e82c2c40b848413e524cacfc6c71cd27bb Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 08:21:15 +0100 Subject: [PATCH 36/44] MO and github link new page --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 3cc31e8..9d19f1a 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -36,7 +36,7 @@ The WMO provides a Google Group (Met Office Weather Desk during UK business hours. -For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license). +For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group. From 46197500aa11115de23d217221566eb9e9998f5f Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 08:23:05 +0100 Subject: [PATCH 37/44] Apache link new page --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 9d19f1a..3973e7d 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -36,7 +36,7 @@ The WMO provides a Google Group (Met Office Weather Desk during UK business hours. -For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license). +For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group. From 452731b1f0b6f3ca304362e3c0de64440f17600a Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 08:57:33 +0100 Subject: [PATCH 38/44] WMO secretariat --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 3973e7d..5157622 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -39,7 +39,7 @@ If you encounter technical issues, please contact the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    -The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group. +The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group.

    To notify the service administrators of inappropriate information, please contact the Met Office Weather desk. From adeabe58631f8a11435c63dd4fe14182b1fb1e0f Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 08:58:50 +0100 Subject: [PATCH 39/44] WMO code list --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 5157622..2650022 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -39,7 +39,7 @@ If you encounter technical issues, please contact the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    -The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group. +The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group.

    To notify the service administrators of inappropriate information, please contact the Met Office Weather desk. From 80da3b8f55c647208046b817345b7b30c68363b7 Mon Sep 17 00:00:00 2001 From: James Long Date: Thu, 29 Jun 2023 09:04:16 +0100 Subject: [PATCH 40/44] final links updated --- ldregistry/templates/about/expectations.vm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 2650022..4394392 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -42,13 +42,13 @@ For technical information about the Registry software implementation and API, pl The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group.

    -To notify the service administrators of inappropriate information, please contact the Met Office Weather desk. +To notify the service administrators of inappropriate information, please contact the Met Office Weather desk.

    -To notify the service administrators of erroneous information, please post to the WMO Codes List Registry group. +To notify the service administrators of erroneous information, please post to the WMO Codes List Registry group.

    -The primary purpose of this service is to support the new data exchange standard developed by WMO in support of Amendment 76 to ICAO Annex 3 "Meteorological services for International Air Navigation". This new data exchange standard (WMO AvXML) enables exchange of operational aeronautical meteorological (OPMET) in XML format. It depends on availability of authoritative terms from WMO technical regulation - most notably WMO No. 306 Manual on Codes - as web accessible resources that can be referenced from WMO AvXML-compliant data products. +The primary purpose of this service is to support the new data exchange standard developed by WMO in support of Amendment 76 to ICAO Annex 3 "Meteorological services for International Air Navigation". This new data exchange standard (WMO AvXML) enables exchange of operational aeronautical meteorological (OPMET) in XML format. It depends on availability of authoritative terms from WMO technical regulation - most notably WMO No. 306 Manual on Codes - as web accessible resources that can be referenced from WMO AvXML-compliant data products.

    From 72efdf0425c0a817c742fc86c92ea35ff59b286f Mon Sep 17 00:00:00 2001 From: James Long Date: Mon, 3 Jul 2023 01:50:27 +0100 Subject: [PATCH 41/44] Updates based on comments --- ldregistry/templates/about/expectations.vm | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 4394392..e3aff1e 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -15,14 +15,14 @@

    -The WMO Codes Registry is the mechanism through which the authoritative terms required for WMO AvXML are published as web accessible resources. +The WMO Codes Registry is the mechanism through which the authoritative terms required for WMO AvXML are published as web accessible resources.

    -The Met Office operates this service on behalf of WMO. The Met Office does not anticipate that operational services will have a direct dependency on this service and therefore does not offer any assurances regarding the availability or accuracy of the service. +The Met Office operates this service on behalf of WMO. The Met Office does not anticipate that operational services will have a direct dependency on this service and therefore does not offer any assurances regarding the availability or accuracy of the service.

    -The Met Office aims to ensure that information provided within the service is accurate, albeit incomplete in comparison to the scope of the WMO Technical Regulations. The initial set of authoritative terms is deemed sufficient to support the WMO AvXML data exchange standard. It is anticipated that the scope of content available through this service will expand during the life of the service. +The Met Office aims to ensure that information provided within the service is accurate, albeit incomplete in comparison to the scope of the WMO Technical Regulations. The initial set of authoritative terms is deemed sufficient to support the WMO AvXML data exchange standard. It is anticipated that the scope of content available through this service will expand during the life of the service.

    Contributions are encouraged from interested parties, see contributing to the content of the WMO Codes Registry service for more details. For example, the site is not yet multi-lingual. @@ -36,10 +36,10 @@ The WMO provides a Google Group (Met Office Weather Desk during UK business hours. -For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license). +For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    -The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group. +The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group.

    To notify the service administrators of inappropriate information, please contact the Met Office Weather desk. @@ -48,7 +48,7 @@ To notify the service administrators of inappropriate information, please contac To notify the service administrators of erroneous information, please post to the WMO Codes List Registry group.

    -The primary purpose of this service is to support the new data exchange standard developed by WMO in support of Amendment 76 to ICAO Annex 3 "Meteorological services for International Air Navigation". This new data exchange standard (WMO AvXML) enables exchange of operational aeronautical meteorological (OPMET) in XML format. It depends on availability of authoritative terms from WMO technical regulation - most notably WMO No. 306 Manual on Codes - as web accessible resources that can be referenced from WMO AvXML-compliant data products. +The primary purpose of this service is to support the new data exchange standard developed by WMO in support of Amendment 76 to ICAO Annex 3 "Meteorological services for International Air Navigation". This new data exchange standard (WMO AvXML) enables exchange of operational aeronautical meteorological (OPMET) in XML format. It depends on availability of authoritative terms from WMO technical regulation - most notably WMO No. 306 Manual on Codes - as web accessible resources that can be referenced from WMO AvXML-compliant data products.

    From 70e4e3024462ac9c1e4fa7460f8701dec4e6bf67 Mon Sep 17 00:00:00 2001 From: James Long Date: Mon, 3 Jul 2023 01:54:05 +0100 Subject: [PATCH 42/44] Changing link to HTTPS --- ldregistry/templates/about/expectations.vm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index e3aff1e..83ffba6 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -35,14 +35,14 @@ The Met Office will endeavour that the service is available, 24 hours a day, 7 d The WMO provides a Google Group (WMO Codes List Registry) for discussion about the service and content provided.

    -If you encounter technical issues, please contact the Met Office Weather Desk during UK business hours. +If you encounter technical issues, please contact the Met Office Weather Desk during UK business hours. For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group.

    -To notify the service administrators of inappropriate information, please contact the Met Office Weather desk. +To notify the service administrators of inappropriate information, please contact the Met Office Weather desk.

    To notify the service administrators of erroneous information, please post to the WMO Codes List Registry group. From 558697238096e31f4f40d8543436ec0532d727cd Mon Sep 17 00:00:00 2001 From: mo-james-long <110169326+mo-james-long@users.noreply.github.com> Date: Wed, 5 Jul 2023 09:20:54 +0100 Subject: [PATCH 43/44] Update ldregistry/templates/about/expectations.vm Co-authored-by: Mike Gormley --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index 83ffba6..d0d27ff 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -19,7 +19,7 @@ The WMO Codes Registry is the mechanism through which the authoritative terms re

    -The Met Office operates this service on behalf of WMO. The Met Office does not anticipate that operational services will have a direct dependency on this service and therefore does not offer any assurances regarding the availability or accuracy of the service. +The Met Office operates this service on behalf of WMO. The Met Office does not anticipate that operational services will have a direct dependency on this service and therefore does not offer any assurances regarding the availability or accuracy of the service.

    The Met Office aims to ensure that information provided within the service is accurate, albeit incomplete in comparison to the scope of the WMO Technical Regulations. The initial set of authoritative terms is deemed sufficient to support the WMO AvXML data exchange standard. It is anticipated that the scope of content available through this service will expand during the life of the service. From 6b36b0625358610b2d42ec4d6fa406ba60c4f3db Mon Sep 17 00:00:00 2001 From: mo-james-long <110169326+mo-james-long@users.noreply.github.com> Date: Wed, 5 Jul 2023 09:21:11 +0100 Subject: [PATCH 44/44] Update ldregistry/templates/about/expectations.vm Co-authored-by: Mike Gormley --- ldregistry/templates/about/expectations.vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ldregistry/templates/about/expectations.vm b/ldregistry/templates/about/expectations.vm index d0d27ff..c396acd 100755 --- a/ldregistry/templates/about/expectations.vm +++ b/ldregistry/templates/about/expectations.vm @@ -36,7 +36,7 @@ The WMO provides a Google Group (Met Office Weather Desk during UK business hours. -For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license). +For technical information about the Registry software implementation and API, please refer to the documentation provided at the UKGovLD Registry project wiki (note that the UKGovLD Registry software and API are open source and published under the Apache 2 license).

    The information provided by the service will be maintained by nominated members of WMO Expert Teams and the WMO Secretariat. To request the provision of additional content from WMO Technical Regulation to be published via this service please post to the WMO Codes List Registry group.