Dev

.github/workflows/cd-workflow.yml

@@ -6,7 +6,7 @@ on:
       - dev
   pull_request:
     branches: 
-      - main
+      - dev
     types: [opened, synchronize, reopened]
 
 jobs:
@@ -46,47 +46,4 @@ jobs:
         docker network create openlxp
         echo "Docker network successfully created"
         echo "Running coverage unit test"
-        docker-compose --env-file ./.env run app sh -c "python manage.py waitdb && coverage run manage.py test --tag=unit && flake8 && coverage report && coverage report --fail-under=80"
-
-  sonarcloud:
-      name: SonarCloud
-      runs-on: ubuntu-latest
-      steps:
-        - uses: actions/checkout@v2
-          with:
-            fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-        - name: SonarCloud Scan
-          uses: SonarSource/sonarcloud-github-action@master
-          env:
-            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
-            SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-  build:
-    # require dependency from step above
-    needs: code-test
-    name: Build Docker Image
-    runs-on: ubuntu-latest
-    steps:
-    - name: Checkout Code
-      uses: actions/checkout@v2
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_REGION }}
-    - name: Login to Amazon ECR
-      id: login-ecr
-      uses: aws-actions/amazon-ecr-login@v1
-      with:
-        mask-password: 'true'
-    - name: Build, tag, and push image to Amazon ECR
-      env:
-        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-        ECR_REPOSITORY: ${{ secrets.ECR_REPO }}
-        IMAGE_TAG: xss
-      run: |
-        echo "Starting docker build"
-        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
-        echo "Pushing image to ECR..."
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+        docker compose --env-file ./.env run app sh -c "python manage.py waitdb && coverage run manage.py test --tag=unit && flake8 && coverage report && coverage report --fail-under=80"

Dockerfile

@@ -1,6 +1,6 @@
 # Dockerfile
 
-FROM python:3.7-buster
+FROM python:3.9-bookworm
 
 # install nginx
 RUN apt-get update && apt-get install nginx vim libxml2-dev libxmlsec1-dev clamav-daemon clamav-freshclam clamav-unofficial-sigs -y --no-install-recommends

README.md

@@ -2,7 +2,7 @@
 
 The Experience Schema Service (XSS) maintains referential representations of domain entities, as well as transformational mappings that describe how to convert an entity from one particular schema representation to another.
 
-This component responsible for managing pertinent object/record metadata schemas, and the mappings for transforming records from a source metadata schema to a target metadata schema. This component will also be used to store and link vocabularies from stored schema.
+This component is responsible for managing pertinent object/record metadata schemas, and the mappings for transforming records from a source metadata schema to a target metadata schema. This component will also be used to store and link vocabularies from stored schema.
 
 
 ## Prerequisites
@@ -31,28 +31,31 @@ Or copy it into one of these folders to install it system-wide:
 ## 1. Clone the project
 Clone the Github repository
 ```
-git clone https://github.com/OpenLXP/openlxp-xss.git
+git clone https://github.com/adlnet/ecc-openlxp-xss.git
 ```  
 
 ## 2. Set up your environment variables
 - Create a `.env` file in the root directory
 - The following environment variables are required:
 
-| Environment Variable      | Description |
-| ------------------------- | ----------- |
-| AWS_ACCESS_KEY_ID         | The Access Key ID for AWS  |
-| AWS_SECRET_ACCESS_KEY     | The Secret Access Key for AWS  |
-| AWS_DEFAULT_REGION        | The region for AWS |
-| DB_HOST                   | The host name, IP, or docker container name of the database |
-| DB_NAME                   | The name to give the database |
-| DB_PASSWORD               | The password for the user to access the database |
-| DB_ROOT_PASSWORD          | The password for the root user to access the database, should be the same as `DB_PASSWORD` if using the root user |
+| Environment Variable      | Description                                                                                                                 |
+| ------------------------- | --------------------------------------------------------------------------------------------------------------------------- |
+| CORS_ALLOWED_ORIGINS      | List of trusted origins that are allowed to make cross-origin requests to the server                                        |
+| CSRF_TRUSTED_ORIGINS      | A trusted origin for unsafe requests                                                                                        |
+| DB_HOST                   | The host name, IP, or docker container name of the database                                                                 |
+| DB_NAME                   | The name to give the database                                                                                               |
+| DB_PASSWORD               | The password for the user to access the database                                                                            |
+| DB_ROOT_PASSWORD          | The password for the root user to access the database, should be the same as `DB_PASSWORD` if using the root user           |
 | DB_USER                   | The name of the user to use when connecting to the database. When testing use root to allow the creation of a test database |
-| DJANGO_SUPERUSER_EMAIL    | The email of the superuser that will be created in the application |
-| DJANGO_SUPERUSER_PASSWORD | The password of the superuser that will be created in the application |
-| DJANGO_SUPERUSER_USERNAME | The username of the superuser that will be created in the application |
-| LOG_PATH                  | The path to the log file to use |
-| SECRET_KEY_VAL            | The Secret Key for Django |
+| DJANGO_SUPERUSER_EMAIL    | The email of the superuser that will be created in the application                                                          |
+| DJANGO_SUPERUSER_PASSWORD | The password of the superuser that will be created in the application                                                       |
+| DJANGO_SUPERUSER_USERNAME | The username of the superuser that will be created in the application                                                       |
+| ENTITY_ID                 | The Entity ID used to identify this application to Identity Providers when using Single Sign On                             |
+| HOSTS                     | A list of host names, separated by semicolons, that the application should accept requests for                              |
+| LOG_PATH                  | The path to the log file to use                                                                                             |
+| SECRET_KEY_VAL            | The Secret Key for Django                                                                                                   |
+| SP_PRIVATE_KEY            | The Private Key to use when this application communicates with Identity Providers to use Single Sign On                     |
+| SP_PUBLIC_CERT            | The Public Key to use when this application communicates with Identity Providers to use Single Sign On                      |
 
 ## 3. Deployment
 1. Create the OpenLXP docker network. Open a terminal and run the following command in the root directory of the project
@@ -133,22 +136,39 @@ git clone https://github.com/OpenLXP/openlxp-xss.git
 
                 - `Name` Term title
 
-                - `Desciption` Term entity's description
+                - `Description` Term entity's description
 
                 - `Status` Select if the Term set is Published or Retired
 
                 - `Data Type` Term entity's corresponding data type
 
                 - `Use` Term entity's corresponding use case
+
+                - `Multiple Expected` Whether the Term should be a singular value or a list
 
                 - `Source` Term entity's corresponding source
 
-                - `term set` Select the reference to the parent term set from the drop down
+                - `Term Set` Select the reference to the parent term set from the drop down
 
                 - `Mapping` Add mappings between terms entity's of different parent term set
 
                 - `Updated by` User that creates/updates the term
 
+3. <u>[OPENLXP AUTHENTICATION](https://pypi.org/project/openlxp-authentication/)</u>
+    - Saml configurations: Configure Security Assertion Markup Language (SAML)
+        1. Click on `Saml configurations` > `Add Saml configuration`
+            - Enter configurations below:
+
+                - `Name`: The name that will be used to identify the IdP in the URL.
+
+                - `Entity id`: The unique name provided by the IdP.
+
+                - `Url`: The connection URL to connect to the IdP at.
+
+                - `Cert`: The public cert used to connect to the IdP.
+
+                - `Attribute mapping`: The JSON formatted mapping to convert attributes provided by the IdP, to a User in this system.
+
 ## 5. Removing Deployment
 To destroy the created resources, simply run the command below in your terminal:
 
@@ -164,7 +184,7 @@ Query string parameter: `name` `version` `iri`
 
 
 
-**Note:This API fetches the required schema from the repository using the Name and Version or IRI parameters**
+*Note:This API fetches the required schema from the repository using the Name and Version or IRI parameters*
 
 Query string parameter: `sourceName` `sourceVersion` `sourceIRI` `targetName` `targetVersion` `targetIRI`
 
@@ -183,7 +203,19 @@ Test coverage information will be stored in an htmlcov directory
 docker-compose --env-file .env run app sh -c "coverage run manage.py test && coverage html && flake8"
 ```
 
+## Authentication
+
+While XSS supports authentication and authorization, the schema and mapping APIs do not require authentication to use, as it is believed that they should be easily accessible shared resources.
+
+The Django settings `SP_PUBLIC_CERT`, `SP_PRIVATE_KEY` , and `SP_ENTITY_ID` must be defined (if using docker-compose the variables can be passed through).
+
+Information on the settings for the authentication module can be found on the [OpenLXP-Authentication repo](https://github.com/adlnet/openlxp-authentication).
+
+## Additional Info
+
+Additional information about ECC can be found in our [ECC wiki](https://github.com/adlnet/ecc-openlxp-xds-ui/wiki)
+
 ## License
 
- This project uses the [MIT](http://www.apache.org/licenses/LICENSE-2.0) license.
+ This project uses the [Apache](http://www.apache.org/licenses/LICENSE-2.0) license.
 

app/core/admin.py

@@ -90,7 +90,9 @@ class TermAdmin(admin.ModelAdmin):
                     'modified', )
     fieldsets = (
         (None, {'fields': ('iri', 'name', 'uuid', 'description', 'status',)}),
-        ('Info', {'fields': ('data_type', 'use', 'source',)}),
+        ('Info', {'fields': ('data_type', 'use',
+                             'multiple_expected',
+                             'source',)}),
         ('Connections', {'fields': ('term_set', 'mapping',)}),
         ('Updated', {'fields': ('updated_by',), })
     )
@@ -108,5 +110,5 @@ def get_form(self, request, obj=None, **kwargs):
         form = super(TermAdmin, self).get_form(request, obj, **kwargs)
         if obj is not None:
             form.base_fields['mapping'].queryset = Term.objects.exclude(
-                iri__startswith=obj.root_term_set())
+                iri__istartswith=obj.root_term_set())
         return form

app/core/migrations/0007_alter_term_mapping.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.2.16 on 2024-10-17 16:01
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0006_auto_20230901_1454'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='term',
+            name='mapping',
+            field=models.ManyToManyField(blank=True, to='core.term'),
+        ),
+    ]

app/core/migrations/0008_term_multiple_expected_term_type.py

@@ -0,0 +1,24 @@
+# Generated by Django 4.2.23 on 2025-07-14 17:49
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0007_alter_term_mapping'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='term',
+            name='multiple_expected',
+            field=models.BooleanField(default=False, help_text='Whether multiple values are expected for this Term'),
+        ),
+        migrations.AddField(
+            model_name='term',
+            name='type',
+            field=models.CharField(choices=[('Learning Resource', 'Learning Resource'), ('Learning Event', 'Learning Event'), ('Both', 'Both')], default='', max_length=255),
+            preserve_default=False,
+        ),
+    ]

app/core/migrations/0009_remove_term_type_term_learning_type_and_more.py

@@ -0,0 +1,27 @@
+# Generated by Django 4.2.23 on 2025-07-14 17:49
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0008_term_multiple_expected_term_type'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='term',
+            name='type',
+        ),
+        migrations.AddField(
+            model_name='term',
+            name='learning_type',
+            field=models.CharField(blank=True, choices=[('Learning Resource', 'Learning Resource'), ('Learning Event', 'Learning Event'), ('Both', 'Both')], default=None, max_length=255, null=True),
+        ),
+        migrations.AlterField(
+            model_name='term',
+            name='multiple_expected',
+            field=models.BooleanField(default=True, help_text='Whether multiple values are expected for this Term'),
+        ),
+    ]

app/core/migrations/0010_remove_term_learning_type.py

@@ -0,0 +1,17 @@
+# Generated by Django 4.2.23 on 2025-08-07 16:15
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0009_remove_term_type_term_learning_type_and_more'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='term',
+            name='learning_type',
+        ),
+    ]