Merge remote-tracking branch 'cos/develop' into feature/ror-migration

Author: felliott

CHANGELOG

@@ -2,6 +2,18 @@
 
 We follow the CalVer (https://calver.org/) versioning scheme: YY.MINOR.MICRO.
 
+26.2.1 (2026-02-09)
+===================
+
+- Permanently update two notification types
+- Link digest to types and fix/log incorrect usage
+- Update notifiction dedupe command
+
+26.2.0
+======
+
+- TODO: add date and log
+
 26.1.6 (2026-01-14)
 ===================
 

admin/nodes/views.py

@@ -53,6 +53,7 @@
 from scripts.approve_registrations import approve_past_pendings
 
 from website import settings, search
+from website.archiver.tasks import force_archive
 
 
 class NodeMixin(PermissionRequiredMixin):
@@ -705,6 +706,12 @@ class NodeReindexShare(NodeMixin, View):
     def post(self, request, *args, **kwargs):
         node = self.get_object()
         update_share(node)
+        messages.success(
+            request,
+            'Reindex request has been sent to SHARE. '
+            'Changes typically appear in OSF Search within about 5 minutes, '
+            'subject to background queue load and SHARE availability.'
+        )
         update_admin_log(
             user_id=self.request.user.id,
             object_id=node._id,
@@ -830,16 +837,20 @@ class CheckArchiveStatusRegistrationsView(NodeMixin, View):
 
     def get(self, request, *args, **kwargs):
         # Prevents circular imports that cause admin app to hang at startup
-        from osf.management.commands.force_archive import check
+        from osf.management.commands.force_archive import check, DEFAULT_PERMISSIBLE_ADDONS
 
         registration = self.get_object()
 
         if registration.archived:
             messages.success(request, f"Registration {registration._id} is archived.")
             return redirect(self.get_success_url())
 
+        addons = set(DEFAULT_PERMISSIBLE_ADDONS)
+        for reg in registration.node_and_primary_descendants():
+            addons.update(reg.registered_from.get_addon_names())
+
         try:
-            archive_status = check(registration)
+            archive_status = check(registration, permissible_addons=addons, verify_addons=False)
             messages.success(request, archive_status)
         except RegistrationStuckError as exc:
             messages.error(request, str(exc))
@@ -860,7 +871,7 @@ class ForceArchiveRegistrationsView(NodeMixin, View):
 
     def post(self, request, *args, **kwargs):
         # Prevents circular imports that cause admin app to hang at startup
-        from osf.management.commands.force_archive import verify, archive, DEFAULT_PERMISSIBLE_ADDONS
+        from osf.management.commands.force_archive import verify, DEFAULT_PERMISSIBLE_ADDONS
 
         registration = self.get_object()
         force_archive_params = request.POST
@@ -871,32 +882,33 @@ def post(self, request, *args, **kwargs):
 
         allow_unconfigured = force_archive_params.get('allow_unconfigured', False)
 
-        addons = set(registration.registered_from.get_addon_names())
-        addons.update(DEFAULT_PERMISSIBLE_ADDONS)
+        addons = set(DEFAULT_PERMISSIBLE_ADDONS)
+        for reg in registration.node_and_primary_descendants():
+            addons.update(reg.registered_from.get_addon_names())
 
-        try:
-            verify(registration, permissible_addons=addons, raise_error=True)
-        except ValidationError as exc:
-            messages.error(request, str(exc))
-            return redirect(self.get_success_url())
+        # No need to verify addons during force archive,
+        # because we fetched all permissible addons above
+        verify_addons = False
 
-        dry_mode = force_archive_params.get('dry_mode', False)
-
-        if dry_mode:
-            messages.success(request, f"Registration {registration._id} can be archived.")
-        else:
+        if force_archive_params.get('dry_mode', False):
+            # For dry mode, verify synchronously to provide immediate feedback
             try:
-                archive(
-                    registration,
-                    permissible_addons=addons,
-                    allow_unconfigured=allow_unconfigured,
-                    skip_collisions=skip_collision,
-                    delete_collisions=delete_collision,
-                )
-                messages.success(request, 'Registration archive process has finished.')
-            except Exception as exc:
-                messages.error(request, f'This registration cannot be archived due to {exc.__class__.__name__}: {str(exc)}. '
-                                        f'If the problem persists get a developer to fix it.')
+                verify(registration, permissible_addons=addons, verify_addons=verify_addons, raise_error=True)
+                messages.success(request, f"Registration {registration._id} can be archived.")
+            except ValidationError as exc:
+                messages.error(request, str(exc))
+                return redirect(self.get_success_url())
+        else:
+            # For actual archiving, skip synchronous verification to avoid 502 timeouts
+            # Verification will be performed asynchronously in the task
+            force_archive_task = force_archive.delay(
+                str(registration._id),
+                permissible_addons=list(addons),
+                allow_unconfigured=allow_unconfigured,
+                skip_collisions=skip_collision,
+                delete_collisions=delete_collision,
+            )
+            messages.success(request, f'Registration archive process has started. Task id: {force_archive_task.id}.')
 
         return redirect(self.get_success_url())
 

admin/preprints/views.py

@@ -184,6 +184,12 @@ class PreprintReindexShare(PreprintMixin, View):
     def post(self, request, *args, **kwargs):
         preprint = self.get_object()
         update_share(preprint)
+        messages.success(
+            request,
+            'Reindex request has been sent to SHARE. '
+            'Changes typically appear in OSF Search within about 5 minutes, '
+            'subject to background queue load and SHARE availability.'
+        )
         update_admin_log(
             user_id=self.request.user.id,
             object_id=preprint._id,

admin/templates/users/reindex_user_share.html

@@ -0,0 +1,21 @@
+<a data-toggle="modal" data-target="#confirmReindexShareUser" class="btn btn-default">SHARE Reindex User Content</a>
+<div class="modal" id="confirmReindexShareUser">
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <form class="well" method="post" action="{% url 'users:reindex-share-user' guid=user.guid %}">
+                <div class="modal-header">
+                    <button type="button" class="close" data-dismiss="modal">x</button>
+                    <h3>Are you sure you want to SHARE reindex all content for this user? {{ user.guid }}</h3>
+                    <p>This will trigger SHARE reindexing for all nodes and preprints where this user is a contributor.</p>
+                </div>
+                {% csrf_token %}
+                <div class="modal-footer">
+                    <input class="btn btn-danger" type="submit" value="Confirm" />
+                    <button type="button" class="btn btn-default" data-dismiss="modal">
+                        Cancel
+                    </button>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>

admin/templates/users/user.html

@@ -37,6 +37,7 @@
                 {% include "users/disable_user.html" with user=user %}
                 {% include "users/mark_spam.html" with user=user %}
                 {% include "users/reindex_user_elastic.html" with user=user %}
+                {% include "users/reindex_user_share.html" with user=user %}
             </div>
         </div>
     </div>

admin/users/urls.py

@@ -26,6 +26,8 @@
     re_path(r'^(?P<guid>[a-z0-9]+)/get_reset_password/$', views.GetPasswordResetLink.as_view(), name='get-reset-password'),
     re_path(r'^(?P<guid>[a-z0-9]+)/reindex_elastic_user/$', views.UserReindexElastic.as_view(),
         name='reindex-elastic-user'),
+    re_path(r'^(?P<guid>[a-z0-9]+)/reindex_share_user/$', views.UserShareReindex.as_view(),
+        name='reindex-share-user'),
     re_path(r'^(?P<guid>[a-z0-9]+)/merge_accounts/$', views.UserMergeAccounts.as_view(), name='merge-accounts'),
     re_path(r'^(?P<guid>[a-z0-9]+)/draft_registrations/$', views.UserDraftRegistrationsList.as_view(), name='draft-registrations'),
 ]

admin/users/views.py

@@ -38,6 +38,7 @@
     CONFIRM_HAM,
     UNFLAG_SPAM,
     REINDEX_ELASTIC,
+    REINDEX_SHARE,
 )
 
 from admin.users.forms import (
@@ -560,6 +561,44 @@ def post(self, request, *args, **kwargs):
         return redirect(self.get_success_url())
 
 
+class UserShareReindex(UserMixin, View):
+    permission_required = 'osf.change_osfuser'
+
+    def post(self, request, *args, **kwargs):
+        from api.share.utils import update_share
+        user = self.get_object()
+
+        nodes_count = user.contributed.count()
+        preprints_count = user.preprints.filter(deleted=None).count()
+
+        for node in user.contributed:
+            try:
+                update_share(node)
+            except Exception as e:
+                messages.error(request, f'Failed to SHARE reindex node {node._id}: {e}')
+
+        for preprint in user.preprints.filter(deleted=None):
+            try:
+                update_share(preprint)
+            except Exception as e:
+                messages.error(request, f'Failed to SHARE reindex preprint {preprint._id}: {e}')
+
+        messages.success(
+            request,
+            f'Triggered SHARE reindexing for {nodes_count} nodes and {preprints_count} preprints'
+        )
+
+        update_admin_log(
+            user_id=self.request.user.id,
+            object_id=user._id,
+            object_repr='User',
+            message=f'SHARE reindexed all content for user {user._id}',
+            action_flag=REINDEX_SHARE
+        )
+
+        return redirect(self.get_success_url())
+
+
 class UserDraftRegistrationsList(UserMixin, ListView):
     template_name = 'users/draft-registrations.html'
     permission_required = 'osf.view_draftregistration'

admin_tests/nodes/test_views.py

@@ -303,6 +303,7 @@ class TestNodeReindex(AdminTestCase):
     def setUp(self):
         super().setUp()
         self.request = RequestFactory().post('/fake_path')
+        patch_messages(self.request)
 
         self.user = AuthUserFactory()
         self.node = ProjectFactory(creator=self.user)

admin_tests/preprints/test_views.py

@@ -364,6 +364,7 @@ def test_reindex_preprint_share(self, preprint, req, mock_update_share):
         preprint.provider.save()
 
         count = AdminLogEntry.objects.count()
+        patch_messages(req)
         view = views.PreprintReindexShare()
         view = setup_log_view(view, req, guid=preprint._id)
         mock_update_share.reset_mock()

api/actions/permissions.py

@@ -46,12 +46,20 @@ def has_object_permission(self, request, view, obj):
         else:
             # Moderators and node admins can trigger state changes.
             is_node_admin = target is not None and target.has_permission(auth.user, osf_permissions.ADMIN)
-            if not (is_node_admin or auth.user.has_perm('view_submissions', provider)):
-                return False
+            is_write_contributor = target is not None and target.has_permission(auth.user, osf_permissions.WRITE)
 
-            # User can trigger state changes on this reviewable, but can they use this trigger in particular?
+            # Validate serializer once and extract trigger
             serializer = view.get_serializer(data=request.data)
             serializer.is_valid(raise_exception=True)
             trigger = serializer.validated_data.get('trigger')
+
+            provisional_write_allowed = is_write_contributor and trigger == ReviewTriggers.SUBMIT.value
+
+            if not (is_node_admin or auth.user.has_perm('view_submissions', provider) or provisional_write_allowed):
+                return False
+
+            # User can trigger state changes on this reviewable, but can they use this trigger in particular?
             permission = TRIGGER_PERMISSIONS[trigger]
+            if permission is None and is_write_contributor and trigger == ReviewTriggers.SUBMIT.value:
+                return True
             return permission is None or request.user.has_perm(permission, target.provider)