Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tests: Prevent MEF access #3263

Merged
merged 1 commit into from
Mar 2, 2023
+92 −170
Merged

tests: Prevent MEF access #3263

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
159 changes: 79 additions & 80 deletions poetry.lock
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ python-dotenv = ">=0.13.0"
invenio-sip2 = ">=0.6.16"
flask-cors = ">3.0.8"
celery = ">=5.0.0"
cryptography = ">38.0.2,<39.0"
cryptography = ">38.0.2,<40.0"
freezegun = "^1.1.0"
lazyreader = ">1.0.0"
jinja2 = ">2.11.2"
Expand Down
19 changes: 8 additions & 11 deletions run-tests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,26 +67,23 @@ if [[ -z "${VIRTUAL_ENV}" ]]; then
fi

function pretests () {
info_msg "Check vulnerabilities:"
# +============================+===========+==========================+==========+
# | package | installed | affected | ID |
# +============================+===========+==========================+==========+
# | click | 7.1.2 | <8.0.0 | 47833 |
# | celery | 5.1.2 | <5.2.0 | 42498 |
# | celery | 5.1.2 | <5.2.2 | 43738 |
# | flask-security | 3.0.0 | <3.1.0 | 45183 |
# | flask-security | 3.0.0 | >0 | 44501 |
# | sqlalchemy | 1.3.24 | <2.0.0b1 | 51668 |
# | sqlalchemy-utils | 0.35.0 | >=0.27.0 | 42194 |
# | wtforms | 2.3.3 | <3.0.0a1 | 42852 |
# | werkzeug | 1.0.1 | <2.2.3 | 53325 |
# | werkzeug | 1.0.1 | <2.2.3 | 53326 |
# | celery | 5.1.2 | <5.2.0 | 42498 |
# | celery | 5.1.2 | <5.2.2 | 43738 |
# | click | 7.1.2 | <8.0.0 | 47833 |
# | py | 1.11.0 | <=1.11.0 | 51457 |
# | safety | 1.10.3 | <2.2.0 | 51358 |
# | sqlalchemy | 1.3.24 | <2.0.0b1 | 51668 |
# | wheel | 0.37.1 | <0.38.0 | 51499 |
# | sqlalchemy-utils | 0.35.0 | >=0.27.0 | 42194 |
# | certifi | 2022.9.24 | <2022.12.07 | 52365 |
# | setuptools | 65.4.1 | <65.5.1 | 52495 |
# | future | 0.18.2 | <=0.18.2 | 52510 |
# +==============================================================================+
safety check -i 47833 -i 42498 -i 43738 -i 45183 -i 44501 -i 42852 -i 51457 -i 51358 -i 51499 -i 42194 -i 51668 -i 52365 -i 52495 -i 52510
safety check -i 45183 -i 44501 -i 51668 -i 42194 -i 42852 -i 53325 -i 53326 -i 42498 -i 43738 -i 47833 -i 51457 -i 51358
info_msg "Check json:"
invenio reroils utils check_json tests/data rero_ils/modules data
info_msg "Check license:"
Expand Down
26 changes: 0 additions & 26 deletions tests/data/data.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2830,24 +2830,6 @@
"role": [
"aut"
]
},
{
"agent": {
"$ref": "https://mef.rero.ch/api/agents/idref/027037061",
"type": "bf:Person"
},
"role": [
"cre"
]
},
{
"agent": {
"$ref": "https://mef.rero.ch/api/agents/idref/028401743",
"type": "bf:Person"
},
"role": [
"ctb"
]
}
],
"identifiedBy": [
Expand Down Expand Up @@ -3002,14 +2984,6 @@
}
],
"subjects": [
{
"type": "bf:Person",
"$ref": "https://mef.rero.ch/api/agents/gnd/041288890"
},
{
"type": "bf:Person",
"$ref": "https://mef.rero.ch/api/agents/idref/032106939"
},
{
"type": "bf:Person",
"preferred_name": "Athenagoras (patriarche oecum\u00e9nique ; 1)",
Expand Down
1 change: 0 additions & 1 deletion tests/data/xml/kul/kul_isbn_9782265089419.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,6 @@
</datafield>
<datafield ind1=" " ind2="7" tag="650">
<subfield code="a">Morale sociale</subfield>
<subfield code="0">(RERO)A021003578</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield tag="651" ind1=" " ind2=" ">
Expand Down
2 changes: 0 additions & 2 deletions tests/data/xml/loc/loc_isbn_all_9781604689808.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,6 @@
</datafield>
<datafield tag="650" ind1=" " ind2="7">
<subfield code="a">Morale sociale</subfield>
<subfield code="0">(RERO)A021003578</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield tag="655" ind1=" " ind2="7">
Expand All @@ -155,7 +154,6 @@
<datafield tag="700" ind1="1" ind2=" ">
<subfield code="a">Chatelain, Yannick</subfield>
<subfield code="d">1965-....</subfield>
<subfield code="0">(IDREF)055771041</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield tag="710" ind1="2" ind2=" ">
Expand Down
25 changes: 0 additions & 25 deletions tests/data/xml/slsp/slsp_anywhere_123.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Llopis, Jorge</subfield>
<subfield code="d">1919-1976</subfield>
<subfield code="0">(IDREF)093591209</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -189,7 +188,6 @@
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Schaeffer, Claude</subfield>
<subfield code="d">1898-1982</subfield>
<subfield code="0">(IDREF)033556083</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -1143,7 +1141,6 @@
</datafield>
<datafield ind1=" " ind2="7" tag="651">
<subfield code="a">Libye</subfield>
<subfield code="0">(IDREF)027262545</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1=" " ind2=" " tag="830">
Expand Down Expand Up @@ -1383,7 +1380,6 @@
</datafield>
<datafield ind1=" " ind2="7" tag="651">
<subfield code="a">Iran</subfield>
<subfield code="0">(IDREF)027234576</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1=" " ind2=" " tag="690">
Expand Down Expand Up @@ -1764,7 +1760,6 @@
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Novara, Lázaro Juan</subfield>
<subfield code="d">19..-....</subfield>
<subfield code="0">(IDREF)148729673</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -1878,7 +1873,6 @@
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Luer, Carlyle A.</subfield>
<subfield code="d">1922-2019</subfield>
<subfield code="0">(IDREF)067150047</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -1921,7 +1915,6 @@
</datafield>
<datafield ind1=" " ind2="7" tag="651">
<subfield code="a">Colombie</subfield>
<subfield code="0">(IDREF)027230430</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1=" " ind2=" " tag="690">
Expand All @@ -1935,7 +1928,6 @@
<datafield ind1="1" ind2=" " tag="700">
<subfield code="a">Thoerle, Lisa</subfield>
<subfield code="d">19..-....</subfield>
<subfield code="0">(IDREF)169999386</subfield>
</datafield>
<datafield ind1=" " ind2="0" tag="830">
<subfield code="a">Icones Pleurothallidinarum</subfield>
Expand Down Expand Up @@ -2182,7 +2174,6 @@
</datafield>
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Mejía-Saulés, María Teresa</subfield>
<subfield code="0">(IDREF)061333247</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -2223,7 +2214,6 @@
</datafield>
<datafield ind1=" " ind2="7" tag="651">
<subfield code="a">Veracruz (Mexique ; État)</subfield>
<subfield code="0">(IDREF)027356434</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1="1" ind2=" " tag="700">
Expand Down Expand Up @@ -2296,7 +2286,6 @@
</datafield>
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Di Lella, Luigi</subfield>
<subfield code="0">(IDREF)032501684</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -2424,7 +2413,6 @@
</datafield>
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Redonda-Martínez, Rosario</subfield>
<subfield code="0">(IDREF)142607177</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -2707,7 +2695,6 @@
</datafield>
<datafield ind1=" " ind2="7" tag="651">
<subfield code="a">Guyanes</subfield>
<subfield code="0">(IDREF)027527514</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1=" " ind2="7" tag="651">
Expand Down Expand Up @@ -3241,7 +3228,6 @@
</datafield>
<datafield ind1="1" ind2=" " tag="700">
<subfield code="a">Gentaz, Édouard</subfield>
<subfield code="0">(IDREF)053479653</subfield>
</datafield>
<datafield ind1=" " ind2=" " tag="830">
<subfield code="a">Approche neuropsychologique des apprentissages chez l'enfant</subfield>
Expand Down Expand Up @@ -3334,7 +3320,6 @@
</datafield>
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Acocella, Mariantonietta</subfield>
<subfield code="0">(IDREF)069118191</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -3556,7 +3541,6 @@
</datafield>
<datafield ind1=" " ind2="7" tag="651">
<subfield code="a">Italie</subfield>
<subfield code="0">(IDREF)027235408</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1=" " ind2=" " tag="691">
Expand Down Expand Up @@ -5015,7 +4999,6 @@
</datafield>
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Bueno Avila, Antonio</subfield>
<subfield code="0">(IDREF)154655929</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -5665,7 +5648,6 @@
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Barbieri, Luca</subfield>
<subfield code="d">1966-....</subfield>
<subfield code="0">(IDREF)074314742</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -5748,7 +5730,6 @@
<subfield code="a">Ovide</subfield>
<subfield code="d">0043 av. J.-C.-0017</subfield>
<subfield code="t">Heroides</subfield>
<subfield code="0">(IDREF)028729587</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1="0" ind2="7" tag="600">
Expand Down Expand Up @@ -5971,7 +5952,6 @@
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Dufour, Alfred</subfield>
<subfield code="d">1938-....</subfield>
<subfield code="0">(IDREF)026841614</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -6085,7 +6065,6 @@
<subfield code="6">100-01</subfield>
<subfield code="a">Göllner, Theodor</subfield>
<subfield code="d">1929-....</subfield>
<subfield code="0">(IDREF)028777581</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -6732,25 +6711,21 @@
<datafield ind1="1" ind2="7" tag="600">
<subfield code="a">Schnitzler, Arthur</subfield>
<subfield code="d">1862-1931</subfield>
<subfield code="0">(IDREF)027127869</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1="1" ind2="7" tag="600">
<subfield code="a">Hofmannsthal, Hugo von</subfield>
<subfield code="d">1874-1929</subfield>
<subfield code="0">(IDREF)026923483</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1="1" ind2="7" tag="600">
<subfield code="a">Salten, Felix</subfield>
<subfield code="d">1869-1945</subfield>
<subfield code="0">(IDREF)027120600</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1="1" ind2="7" tag="600">
<subfield code="a">Bahr, Hermann</subfield>
<subfield code="d">1863-1934</subfield>
<subfield code="0">(IDREF)028826914</subfield>
<subfield code="2">idref</subfield>
</datafield>
<datafield ind1="2" ind2="7" tag="610">
Expand Down
4 changes: 0 additions & 4 deletions tests/data/xml/slsp/slsp_isbn_3908497272.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@
</datafield>
<datafield ind1="1" ind2=" " tag="100">
<subfield code="a">Urchs, Ossi</subfield>
<subfield code="0">(RERO)A003922810</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield ind1="1" ind2="0" tag="245">
Expand Down Expand Up @@ -66,17 +65,14 @@
</datafield>
<datafield ind1=" " ind2="7" tag="650">
<subfield code="a">Téléphonie Internet</subfield>
<subfield code="0">(RERO)A021064672</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield ind1=" " ind2="7" tag="655">
<subfield code="a">[Manuels d'enseignement]</subfield>
<subfield code="0">(RERO)A021098695</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield ind1="1" ind2=" " tag="700">
<subfield code="a">Zapp, Harald</subfield>
<subfield code="0">(RERO)A013058709</subfield>
</datafield>
<datafield ind1="0" ind2="1" tag="852">
<subfield code="a">41SLSP_BCUFR</subfield>
Expand Down
5 changes: 0 additions & 5 deletions tests/data/xml/slsp/slsp_isbn_9782296076648.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,6 @@
<datafield tag="100" ind1="1" ind2=" ">
<subfield code="a">Chatelain, Yannick</subfield>
<subfield code="d">1965-....</subfield>
<subfield code="0">(IDREF)055771041</subfield>
<subfield code="4">cre</subfield>
</datafield>
<datafield tag="210" ind1="1" ind2=" ">
Expand Down Expand Up @@ -132,22 +131,18 @@
</datafield>
<datafield tag="650" ind1=" " ind2="7">
<subfield code="a">Morale sociale</subfield>
<subfield code="0">(RERO)A021003578</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="7">
<subfield code="a">Pirates informatiques</subfield>
<subfield code="0">(RERO)A021073688</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="7">
<subfield code="a">Innovations technologiques</subfield>
<subfield code="0">(RERO)A021005087</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="7">
<subfield code="a">Société numérique</subfield>
<subfield code="0">(RERO)A021066932</subfield>
<subfield code="2">rero</subfield>
</datafield>
<datafield tag="653" ind1=" " ind2=" ">
Expand Down
6 changes: 0 additions & 6 deletions tests/data/xml/ugent/ugent_anywhere_123.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13660,7 +13660,6 @@
</marc:datafield>
<marc:datafield tag="100" ind1="1" ind2=" ">
<marc:subfield code="a">De Pelsmacker, Patrick</marc:subfield>
<marc:subfield code="0">(viaf)15054858</marc:subfield>
</marc:datafield>
<marc:datafield tag="245" ind1="1" ind2=" ">
<marc:subfield code="a">Marketing communications :</marc:subfield>
Expand Down Expand Up @@ -13691,11 +13690,9 @@
</marc:datafield>
<marc:datafield tag="700" ind1="1" ind2=" ">
<marc:subfield code="a">Geuens, Maggie</marc:subfield>
<marc:subfield code="0">(viaf)17507331</marc:subfield>
</marc:datafield>
<marc:datafield tag="700" ind1="1" ind2=" ">
<marc:subfield code="a">Van den Bergh, Joeri</marc:subfield>
<marc:subfield code="0">(viaf)47046670</marc:subfield>
</marc:datafield>
<marc:datafield tag="852" ind1="4" ind2=" ">
<marc:subfield code="x">EB</marc:subfield>
Expand Down Expand Up @@ -14231,7 +14228,6 @@
</marc:datafield>
<marc:datafield tag="100" ind1="1" ind2=" ">
<marc:subfield code="a">De Pelsmacker, Patrick</marc:subfield>
<marc:subfield code="0">(viaf)15054858</marc:subfield>
</marc:datafield>
<marc:datafield tag="245" ind1="1" ind2=" ">
<marc:subfield code="a">Marketing communications :</marc:subfield>
Expand Down Expand Up @@ -14265,11 +14261,9 @@
</marc:datafield>
<marc:datafield tag="700" ind1="1" ind2=" ">
<marc:subfield code="a">Geuens, Maggie</marc:subfield>
<marc:subfield code="0">(viaf)17507331</marc:subfield>
</marc:datafield>
<marc:datafield tag="700" ind1="1" ind2=" ">
<marc:subfield code="a">Van den Bergh, Joeri</marc:subfield>
<marc:subfield code="0">(viaf)47046670</marc:subfield>
</marc:datafield>
<marc:datafield tag="852" ind1="4" ind2=" ">
<marc:subfield code="x">EB</marc:subfield>
Expand Down
Loading