v5.3.3 Production release

backend/api/issues/resources.py

@@ -7,7 +7,7 @@
 from backend.models.dtos.mapping_issues_dto import MappingIssueCategoryDTO
 from backend.models.dtos.user_dto import AuthUserDTO
 from backend.services.mapping_issues_service import MappingIssueCategoryService
-from backend.services.users.authentication_service import pm_only
+from backend.services.users.authentication_service import admin_only
 
 router = APIRouter(
     prefix="/tasks",
@@ -52,7 +52,7 @@ async def get_issue(category_id: int, db: Database = Depends(get_db)):
 async def patch_issue(
     request: Request,
     category_id: int,
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
     data: MappingIssueCategoryDTO = Body(...),
 ):
@@ -121,7 +121,7 @@ async def patch_issue(
 async def delete_issue(
     request: Request,
     category_id: int,
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
 ):
     """
@@ -200,7 +200,7 @@ async def get_issues_categories(
 @router.post("/issues/categories/", response_model=MappingIssueCategoryDTO)
 async def post_issues_categories(
     request: Request,
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
     data: dict = Body(...),
 ):

backend/api/licenses/resources.py

@@ -6,7 +6,7 @@
 from backend.models.dtos.licenses_dto import LicenseDTO
 from backend.models.dtos.user_dto import AuthUserDTO
 from backend.services.license_service import LicenseService
-from backend.services.users.authentication_service import pm_only
+from backend.services.users.authentication_service import admin_only
 
 router = APIRouter(
     prefix="/licenses",
@@ -19,7 +19,7 @@
 async def post_license(
     license_dto: LicenseDTO,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ):
     """
     Creates a new mapping license
@@ -100,7 +100,7 @@ async def patch_license(
     license_dto: LicenseDTO,
     license_id: int,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ):
     """
     Update a specified mapping license
@@ -155,7 +155,7 @@ async def patch_license(
 async def delete_license(
     license_id: int,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ):
     """
     Delete a specified mapping license

backend/api/mapping_badges/resources.py

@@ -11,7 +11,7 @@
 )
 from backend.models.dtos.user_dto import AuthUserDTO
 from backend.services.mapping_badges import MappingBadgeService
-from backend.services.users.authentication_service import pm_only
+from backend.services.users.authentication_service import admin_only
 
 router = APIRouter(
     prefix="/badges",
@@ -39,7 +39,7 @@ async def get_mapping_badges(
 async def create_mapping_badge(
     data: MappingBadgeCreateDTO,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ) -> MappingBadgeDTO:
     """
     Creates a new MappingBadge
@@ -73,7 +73,7 @@ async def update_mapping_badge(
     data: MappingBadgeUpdateDTO,
     badge_id: int,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ) -> MappingBadgeDTO:
     """
     Updates a mapping badge
@@ -92,7 +92,7 @@ async def update_mapping_badge(
 async def delete_mapping_badge(
     badge_id: int,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ):
     """
     Deletes a mapping badge

backend/api/mapping_levels/resources.py

@@ -8,7 +8,7 @@
 )
 from backend.models.dtos.user_dto import AuthUserDTO
 from backend.services.mapping_levels import MappingLevelService
-from backend.services.users.authentication_service import pm_only
+from backend.services.users.authentication_service import admin_only
 
 router = APIRouter(
     prefix="/levels",
@@ -36,7 +36,7 @@ async def get_mapping_levels(
 async def create_mapping_level(
     data: MappingLevelCreateDTO,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ):
     """
     Create a new mapping level
@@ -70,7 +70,7 @@ async def update_mapping_level(
     data: MappingLevelUpdateDTO,
     level_id: int,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ):
     """
     Update a given mapping level
@@ -89,7 +89,7 @@ async def update_mapping_level(
 async def delete_mapping_level(
     level_id: int,
     db: Database = Depends(get_db),
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
 ):
     """
     Delete the specified mapping level

backend/api/users/actions.py

@@ -7,7 +7,7 @@
 from backend.models.dtos.user_dto import AuthUserDTO, UserDTO, UserRegisterEmailDTO
 from backend.services.interests_service import InterestService
 from backend.services.messaging.message_service import MessageService
-from backend.services.users.authentication_service import login_required, pm_only
+from backend.services.users.authentication_service import login_required, admin_only
 from backend.services.users.user_service import UserService, UserServiceError
 
 router = APIRouter(
@@ -117,7 +117,7 @@ async def set_mapping_level(
     request: Request,
     username,
     level,
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
 ):
     """
@@ -173,7 +173,7 @@ async def set_user_role(
     request: Request,
     username: str,
     role: str,
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
 ):
     """
@@ -228,7 +228,7 @@ async def set_user_role(
 async def update_stats(
     request: Request,
     username: str,
-    _: AuthUserDTO = Depends(pm_only),
+    _: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
 ):
     """
@@ -255,7 +255,7 @@ async def update_stats(
 async def approve_level(
     request: Request,
     username: str,
-    voter: AuthUserDTO = Depends(pm_only),
+    voter: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
 ):
     """
@@ -282,7 +282,7 @@ async def set_user_is_expert(
     request: Request,
     user_name,
     is_expert,
-    user: AuthUserDTO = Depends(pm_only),
+    user: AuthUserDTO = Depends(admin_only),
     db: Database = Depends(get_db),
 ):
     """

backend/main.py

@@ -10,7 +10,6 @@
 from pyinstrument import Profiler
 from sentry_sdk.integrations.asgi import SentryAsgiMiddleware
 from starlette.middleware.authentication import AuthenticationMiddleware
-
 from backend.config import settings
 from backend.db import db_connection
 from backend.exceptions import BadRequest, Conflict, Forbidden, NotFound, Unauthorized
@@ -55,16 +54,21 @@ async def lifespan(app):
     # Custom exception handler for invalid token and logout.
     @_app.exception_handler(HTTPException)
     async def custom_http_exception_handler(request: Request, exc: HTTPException):
-        if exc.status_code == 401 and "InvalidToken" in exc.detail.get("SubCode", ""):
-            return JSONResponse(
-                content={
-                    "Error": exc.detail["Error"],
-                    "SubCode": exc.detail["SubCode"],
-                },
-                status_code=exc.status_code,
-                headers={"WWW-Authenticate": "Bearer"},
-            )
-
+        try:
+            if exc.status_code == 401 and "InvalidToken" in exc.detail.get(
+                "SubCode", ""
+            ):
+                return JSONResponse(
+                    content={
+                        "Error": exc.detail["Error"],
+                        "SubCode": exc.detail["SubCode"],
+                    },
+                    status_code=exc.status_code,
+                    headers={"WWW-Authenticate": "Bearer"},
+                )
+        except Exception as e:
+            logging.debug(f"Exception while handling custom HTTPException: {e}")
+            pass
         if isinstance(exc.detail, dict) and "error" in exc.detail:
             error_response = exc.detail
         else:

backend/models/postgis/project.py

@@ -29,6 +29,7 @@
     orm,
     select,
     update,
+    UniqueConstraint,
 )
 from sqlalchemy.dialects.postgresql import ARRAY
 from sqlalchemy.ext.hybrid import hybrid_property
@@ -96,10 +97,16 @@
 
 class ProjectTeams(Base):
     __tablename__ = "project_teams"
-    team_id = Column(Integer, ForeignKey("teams.id"), primary_key=True)
-    project_id = Column(Integer, ForeignKey("projects.id"), primary_key=True)
+
+    id = Column(BigInteger, primary_key=True, autoincrement=True)
+    team_id = Column(Integer, ForeignKey("teams.id"), nullable=False)
+    project_id = Column(Integer, ForeignKey("projects.id"), nullable=False)
     role = Column(Integer, nullable=False)
 
+    __table_args__ = (
+        UniqueConstraint("team_id", "project_id", "role", name="uq_project_team_role"),
+    )
+
     project = relationship(
         "Project", backref=backref("teams", cascade="all, delete-orphan")
     )

backend/models/postgis/task.py

@@ -1396,7 +1396,8 @@ async def get_tasks_as_geojson_feature_collection(
                 t.task_status,
                 ST_AsGeoJSON(t.geometry) AS geojson,
                 t.locked_by,
-                t.mapped_by
+                t.mapped_by,
+                t.validated_by
             FROM tasks t
             WHERE t.project_id = :project_id
         """
@@ -1449,6 +1450,7 @@ async def get_tasks_as_geojson_feature_collection(
                 taskStatus=TaskStatus(row["task_status"]).name,
                 lockedBy=row["locked_by"],
                 mappedBy=row["mapped_by"],
+                validatedBy=row["validated_by"],
             )
             feature = geojson.Feature(
                 geometry=task_geometry, properties=task_properties

backend/services/users/authentication_service.py

@@ -70,18 +70,18 @@ def verify_token(token):
 class TokenAuthBackend(AuthenticationBackend):
     async def authenticate(self, conn):
         if "authorization" not in conn.headers:
-            return
+            return None
 
         auth = conn.headers["authorization"]
         try:
             scheme, credentials = auth.split()
             if scheme.lower() != "token":
-                return
+                return None
             try:
                 decoded_token = base64.b64decode(credentials).decode("ascii")
             except UnicodeDecodeError:
                 logger.debug("Unable to decode token")
-                return False
+                return None
         except (ValueError, UnicodeDecodeError, binascii.Error):
             raise AuthenticationError("Invalid auth credentials")
 
@@ -90,7 +90,7 @@ async def authenticate(self, conn):
         )
         if not valid_token:
             logger.debug("Token not valid.")
-            return
+            return None
         tm.authenticated_user_id = user_id
         return AuthCredentials(["authenticated"]), SimpleUser(user_id)
 
@@ -251,7 +251,6 @@ async def login_required(
         raise AuthenticationError("Invalid auth credentials")
     valid_token, user_id = AuthenticationService.is_valid_token(decoded_token, 604800)
     if not valid_token:
-        logger.debug("Token not valid")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail={"Error": "Token is expired or invalid", "SubCode": "InvalidToken"},
@@ -275,17 +274,23 @@ async def login_required_optional(
             decoded_token = base64.b64decode(credentials).decode("ascii")
         except UnicodeDecodeError:
             logger.debug("Unable to decode token")
-            raise HTTPException(status_code=401, detail="Invalid token")
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail={
+                    "Error": "Token is expired or invalid",
+                    "SubCode": "InvalidToken",
+                },
+                headers={"WWW-Authenticate": "Bearer"},
+            )
     except (ValueError, UnicodeDecodeError, binascii.Error):
         raise AuthenticationError("Invalid auth credentials")
     valid_token, user_id = AuthenticationService.is_valid_token(decoded_token, 604800)
     if not valid_token:
-        logger.debug("Token not valid")
         return None
     return AuthUserDTO(id=user_id)
 
 
-async def pm_only(
+async def admin_only(
     Authorization: str = Security(APIKeyHeader(name="Authorization")),
     db: Database = Depends(get_db),
 ):

frontend/src/components/comments/commentInput.js

@@ -1,4 +1,4 @@
-import { useRef, useEffect, useState } from 'react';
+import { useRef, useEffect, useState, useCallback } from 'react';
 import { useSelector } from 'react-redux';
 import MDEditor from '@uiw/react-md-editor';
 import Tribute from 'tributejs';
@@ -21,6 +21,7 @@ import { CurrentUserAvatar } from '../user/avatar';
 const maxFileSize = 1 * 1024 * 1024; // 1MB
 
 function CommentInputField({
+  sessionkey,
   comment,
   setComment,
   contributors,
@@ -130,6 +131,23 @@ function CommentInputField({
     });
   };
 
+  useEffect(() => {
+    if (!sessionkey) return;
+    const commenEvent = sessionStorage.getItem(sessionkey);
+    if (commenEvent) {
+      setComment(commenEvent);
+    }
+  }, [sessionkey, setComment]);
+
+  const onCommentChange = useCallback(
+    (e) => {
+      setComment(e);
+      if (!sessionkey) return;
+      sessionStorage.setItem(sessionkey, e);
+    },
+    [sessionkey, setComment],
+  );
+
   return (
     <div {...getRootProps()}>
       {isShowTabNavs && (
@@ -165,7 +183,7 @@ function CommentInputField({
           extraCommands={[]}
           height={200}
           value={comment}
-          onChange={setComment}
+          onChange={onCommentChange}
           textareaProps={{
             ...getInputProps(),
             spellCheck: 'true',