Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release v2.8.1 #7094

Merged
merged 31 commits into from
Nov 5, 2023
Merged

Release v2.8.1 #7094

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
8b0ec00
Add a job for publishing Python packages upon release (#7013)
SpecLad Oct 23, 2023
6c7ef41
Update release-2.8.0 after v2.8.0
cvat-bot[bot] Oct 24, 2023
bde1207
Merge pull request #7050 from opencv/dev-release-2.8.0
azhavoro Oct 24, 2023
acbb727
manual qa documentation updated (#7028)
mdacoca Oct 24, 2023
55a22e1
Add support for default bucket prefix and ability to search for files…
Marishka17 Oct 24, 2023
a2a452a
Fixed: module 'PIL.Image' has no attribute 'LINEAR' (#7047)
bsekachev Oct 24, 2023
102b0a0
Bump @babel/traverse from 7.20.12 to 7.23.2 (#7024)
dependabot[bot] Oct 24, 2023
f4566eb
Bump @babel/traverse from 7.19.3 to 7.23.2 in /tests (#7023)
dependabot[bot] Oct 24, 2023
c6b660f
Documentation: added headers, fixed cropped text and ordered lists (#…
mdacoca Oct 24, 2023
e894e97
reset password procedure added to the documentation (#7035)
mdacoca Oct 24, 2023
c6682ff
TrackerMIL optimizations (#7032)
klakhov Oct 24, 2023
c19ea38
Fixed: a mask becomes visible even if hidden after changing opacity l…
bsekachev Oct 25, 2023
1b197e4
Remove unneeded steps in the generate_github_pages CI job (#7057)
SpecLad Oct 26, 2023
57dffae
Bump the docker/login-action version (#7056)
SpecLad Oct 26, 2023
08550f8
Support running CVAT with an external database via Docker Compose (#7…
SpecLad Oct 26, 2023
e0d1343
Fix inconsistently-named directory (#7054)
SpecLad Oct 26, 2023
f2748a6
Add Regal for linting Rego (#7038)
anderseknert Oct 26, 2023
d274c18
Race condition for the task data upload request (#7025)
azhavoro Oct 26, 2023
568f0cb
setInterval changed to setTimeout when sending events (#7064)
bsekachev Oct 26, 2023
060fef0
[Snyk] Security upgrade cryptography from 41.0.4 to 41.0.5 (#7068)
nmanovic Oct 27, 2023
fc47f58
Add ability to limit one user to one task at a time (#6975)
Marishka17 Oct 29, 2023
43ff5d4
Added error handling if organizations request is failed (#7063)
bsekachev Oct 30, 2023
ba3db01
Documentation: Need help -> Support (#7070)
mdacoca Oct 30, 2023
6833b37
Documentation retouch: cloud storages and mot data format (#7071)
mdacoca Oct 31, 2023
e1fe140
[Snyk] Security upgrade urllib3 from 1.26.17 to 1.26.18 (#7027)
nmanovic Nov 1, 2023
623476e
[AWS S3] Use local session (#7067)
Marishka17 Nov 2, 2023
d2b5f3d
Compress `changeFrame` events (#7048)
klakhov Nov 2, 2023
1f8d5d3
REST API tests for default bucket prefix (#7079)
Marishka17 Nov 2, 2023
0535d45
Chunk preparation optimization (#7081)
azhavoro Nov 2, 2023
9819e6d
Fixed user email auto verification on accepting organization invitati…
klakhov Nov 3, 2023
20892ec
Prepare release v2.8.1
cvat-bot[bot] Nov 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add Regal for linting Rego (#7038) 
Hello CVAT friends! 👋😃

This PR introduces [Regal](https://github.com/styrainc/regal)) for
linting the Rego included in this project. The policy code here is
generally in a really good shape, so the linter did not have too much to
do. Good work on that!

Violations of a few rules were fixed as part of this PR, as they do not
change the semantics of evaluation:

* [line-length](https://docs.styra.com/regal/rules/style/line-length)
*
[unconditional-assignment](https://docs.styra.com/regal/rules/style/unconditional-assignment)
*
[use-assignment-operator](https://docs.styra.com/regal/rules/style/use-assignment-operator)

A few other ones were ignored using Regal's configuration file. Whether
some of them should be fixed in the future I'll leave up to the
project's maintainers.

I've also added Regal as a build workflow, along with some
documentation. Let me know if I missed anything!


Signed-off-by: Anders Eknert <anders@styra.com>
  • Loading branch information
@anderseknert
anderseknert committed Oct 26, 2023
commit f2748a6cc37dae520c41e5b54568313dce8fa65c
12 changes: 12 additions & 0 deletions .github/workflows/regallint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
name: Regal
on: pull_request
jobs:
Linter:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Regal
uses: StyraInc/setup-regal@v0.2.0
with:
version: v0.11.0
- run: regal lint --format=github cvat/apps/iam/rules
33 changes: 33 additions & 0 deletions cvat/apps/iam/rules/.regal/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
ignore:
files:
- "*_test.gen.rego"
rules:
custom:
naming-convention:
conventions:
- pattern: '^[a-z_]+$|^[A-Z_]+$'
targets:
- rule
- function
- variable
level: error
idiomatic:
no-defined-entrypoint:
# This would likely be the allow rule in each package
# Not critical though, so ignoring for the time being
level: ignore
style:
avoid-get-and-list-prefix:
# Mainly a style preference
# https://docs.styra.com/regal/rules/style/avoid-get-and-list-prefix
level: ignore
opa-fmt:
# https://docs.styra.com/regal/rules/style/opa-fmt
level: ignore
prefer-snake-case:
# Disabled in favor of custom naming-convention rule above
level: ignore
rule-length:
# Many rules longer than the default limit of 30 lines
level: error
max-rule-length: 60
2 changes: 1 addition & 1 deletion cvat/apps/iam/rules/analytics.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ import data.utils
# }
# }

default allow = false
default allow := false

allow {
utils.is_admin
Expand Down
3 changes: 2 additions & 1 deletion cvat/apps/iam/rules/analytics_reports.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,8 @@ import data.organizations
# }
# }

default allow = false
default allow := false

allow {
utils.is_admin
}
Expand Down
2 changes: 1 addition & 1 deletion cvat/apps/iam/rules/annotationguides.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ is_target_staff {
is_target_assignee
}

default allow = false
default allow := false

allow {
utils.is_admin
Expand Down
12 changes: 6 additions & 6 deletions cvat/apps/iam/rules/cloudstorages.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ import data.organizations
# }
# }

default allow = false
default allow := false

# Admin has no restrictions
allow {
Expand Down Expand Up @@ -56,20 +56,20 @@ allow {
organizations.is_member
}

filter = [] { # Django Q object to filter list of entries
filter := [] { # Django Q object to filter list of entries
utils.is_admin
utils.is_sandbox
} else = qobject {
} else := qobject {
utils.is_admin
qobject := [ {"organization": input.auth.organization.id} ]
} else = qobject {
} else := qobject {
utils.has_perm(utils.USER)
organizations.has_perm(organizations.SUPERVISOR)
qobject := [ {"organization": input.auth.organization.id} ]
} else = qobject {
} else := qobject {
utils.is_sandbox
qobject := [ {"owner": input.auth.user.id} ]
} else = qobject {
} else := qobject {
utils.is_organization
qobject := [ {"owner": input.auth.user.id}, {"organization": input.auth.organization.id}, "&" ]
}
Expand Down
12 changes: 6 additions & 6 deletions cvat/apps/iam/rules/comments.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ is_comment_staff {
is_comment_owner
}

default allow = false
default allow := false

allow {
utils.is_admin
Expand Down Expand Up @@ -161,18 +161,18 @@ allow {
organizations.is_member
}

filter = [] { # Django Q object to filter list of entries
filter := [] { # Django Q object to filter list of entries
utils.is_admin
utils.is_sandbox
} else = qobject {
} else := qobject {
utils.is_admin
utils.is_organization
org := input.auth.organization
qobject := [
{"issue__job__segment__task__organization": org.id},
{"issue__job__segment__task__project__organization": org.id}, "|"
]
} else = qobject {
} else := qobject {
utils.is_sandbox
user := input.auth.user
qobject := [
Expand All @@ -185,7 +185,7 @@ filter = [] { # Django Q object to filter list of entries
{"issue__job__segment__task__project__owner": user.id}, "|",
{"issue__job__segment__task__project__assignee": user.id}, "|"
]
} else = qobject {
} else := qobject {
utils.is_organization
utils.has_perm(utils.USER)
organizations.has_perm(organizations.MAINTAINER)
Expand All @@ -194,7 +194,7 @@ filter = [] { # Django Q object to filter list of entries
{"issue__job__segment__task__organization": org.id},
{"issue__job__segment__task__project__organization": org.id}, "|"
]
} else = qobject {
} else := qobject {
organizations.has_perm(organizations.WORKER)
user := input.auth.user
org := input.auth.organization
Expand Down
12 changes: 6 additions & 6 deletions cvat/apps/iam/rules/conflicts.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ import data.organizations
# }
# }

default allow = false
default allow := false

allow {
utils.is_admin
Expand All @@ -58,10 +58,10 @@ allow {
organizations.is_member
}

filter = [] { # Django Q object to filter list of entries
filter := [] { # Django Q object to filter list of entries
utils.is_admin
utils.is_sandbox
} else = qobject {
} else := qobject {
utils.is_admin
utils.is_organization
org := input.auth.organization
Expand All @@ -71,7 +71,7 @@ filter = [] { # Django Q object to filter list of entries
{"report__task__organization": org.id}, "|",
{"report__task__project__organization": org.id}, "|",
]
} else = qobject {
} else := qobject {
utils.is_sandbox
user := input.auth.user
qobject := [
Expand All @@ -84,7 +84,7 @@ filter = [] { # Django Q object to filter list of entries
{"report__task__project__owner_id": user.id}, "|",
{"report__task__project__assignee_id": user.id}, "|",
]
} else = qobject {
} else := qobject {
utils.is_organization
utils.has_perm(utils.USER)
organizations.has_perm(organizations.MAINTAINER)
Expand All @@ -95,7 +95,7 @@ filter = [] { # Django Q object to filter list of entries
{"report__task__organization": org.id}, "|",
{"report__task__project__organization": org.id}, "|",
]
} else = qobject {
} else := qobject {
organizations.has_perm(organizations.WORKER)
user := input.auth.user
org := input.auth.organization
Expand Down
12 changes: 6 additions & 6 deletions cvat/apps/iam/rules/events.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import data.organizations
# }
# }

default allow = false
default allow := false

allow {
utils.is_admin
Expand All @@ -43,22 +43,22 @@ allow {
organizations.has_perm(organizations.WORKER)
}

filter = [] {
filter := [] {
utils.is_admin
utils.is_sandbox
} else = qobject {
} else := qobject {
utils.is_admin
utils.is_organization
qobject := [ {"org_id": input.auth.organization.id} ]
} else = qobject {
} else := qobject {
utils.is_sandbox
qobject := [ {"user_id": input.auth.user.id} ]
} else = qobject {
} else := qobject {
utils.is_organization
utils.has_perm(utils.USER)
organizations.has_perm(organizations.MAINTAINER)
qobject := [ {"org_id": input.auth.organization.id} ]
} else = qobject {
} else := qobject {
utils.is_organization
utils.has_perm(utils.USER)
organizations.has_perm(organizations.WORKER)
Expand Down
13 changes: 7 additions & 6 deletions cvat/apps/iam/rules/invitations.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,8 @@ import data.organizations
# } or null,
# }

default allow = false
default allow := false

allow {
utils.is_admin
}
Expand All @@ -42,23 +43,23 @@ allow {
organizations.is_member
}

filter = [] { # Django Q object to filter list of entries
filter := [] { # Django Q object to filter list of entries
utils.is_sandbox
utils.is_admin
} else = qobject {
} else := qobject {
utils.is_sandbox
user := input.auth.user
qobject := [ {"owner": user.id}, {"membership__user": user.id}, "|" ]
} else = qobject {
} else := qobject {
utils.is_organization
utils.is_admin
qobject := [ {"membership__organization": input.auth.organization.id} ]
} else = qobject {
} else := qobject {
utils.is_organization
organizations.is_staff
utils.has_perm(utils.USER)
qobject := [ {"membership__organization": input.auth.organization.id} ]
} else = qobject {
} else := qobject {
utils.is_organization
user := input.auth.user
org_id := input.auth.organization.id
Expand Down
12 changes: 6 additions & 6 deletions cvat/apps/iam/rules/issues.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ is_issue_staff {
is_issue_assignee
}

default allow = false
default allow := false

allow {
utils.is_admin
Expand Down Expand Up @@ -154,18 +154,18 @@ allow {
organizations.is_member
}

filter = [] { # Django Q object to filter list of entries
filter := [] { # Django Q object to filter list of entries
utils.is_admin
utils.is_sandbox
} else = qobject {
} else := qobject {
utils.is_admin
utils.is_organization
org := input.auth.organization
qobject := [
{"job__segment__task__organization": org.id},
{"job__segment__task__project__organization": org.id}, "|"
]
} else = qobject {
} else := qobject {
utils.is_sandbox
user := input.auth.user
qobject := [
Expand All @@ -176,7 +176,7 @@ filter = [] { # Django Q object to filter list of entries
{"job__segment__task__project__owner": user.id}, "|",
{"job__segment__task__project__assignee": user.id}, "|"
]
} else = qobject {
} else := qobject {
utils.is_organization
utils.has_perm(utils.USER)
organizations.has_perm(organizations.MAINTAINER)
Expand All @@ -185,7 +185,7 @@ filter = [] { # Django Q object to filter list of entries
{"job__segment__task__organization": org.id},
{"job__segment__task__project__organization": org.id}, "|"
]
} else = qobject {
} else := qobject {
organizations.has_perm(organizations.WORKER)
user := input.auth.user
org := input.auth.organization
Expand Down
12 changes: 6 additions & 6 deletions cvat/apps/iam/rules/jobs.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ is_job_staff {
is_job_assignee
}

default allow = false
default allow := false

allow {
utils.is_admin
Expand All @@ -101,16 +101,16 @@ allow {
}


filter = [] { # Django Q object to filter list of entries
filter := [] { # Django Q object to filter list of entries
utils.is_admin
utils.is_sandbox
} else = qobject {
} else := qobject {
utils.is_admin
utils.is_organization
qobject := [
{"segment__task__organization": input.auth.organization.id},
{"segment__task__project__organization": input.auth.organization.id}, "|" ]
} else = qobject {
} else := qobject {
utils.is_sandbox
user := input.auth.user
qobject := [
Expand All @@ -119,14 +119,14 @@ filter = [] { # Django Q object to filter list of entries
{"segment__task__assignee_id": user.id}, "|",
{"segment__task__project__owner_id": user.id}, "|",
{"segment__task__project__assignee_id": user.id}, "|"]
} else = qobject {
} else := qobject {
utils.is_organization
utils.has_perm(utils.USER)
organizations.has_perm(organizations.MAINTAINER)
qobject := [
{"segment__task__organization": input.auth.organization.id},
{"segment__task__project__organization": input.auth.organization.id}, "|"]
} else = qobject {
} else := qobject {
organizations.has_perm(organizations.WORKER)
user := input.auth.user
qobject := [
Expand Down
Loading
Loading