From e1e5203bbf3c5206650cdc47dcaa842bf162da83 Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Tue, 5 Feb 2019 15:22:21 -0600
Subject: [PATCH] Use apiweb URLs for all web-based calls to the API
Various javascript functionalities and forms in the web interface
make calls to the API to get or process data. The current
Apache configuration (verify a certificate IF presented on /api/*)
causes pop-ups for users who have certificates in their browsers
if they visit any pages which have these functionalities. So we have
changed all of those URLs to use /apiweb/ for now to prevent the
certificate challenge. This will be resolved in the future by
getting away from certificate-based authentication.
---
config/urls.py | 2 +-
gracedb/templates/gracedb/event_detail_script.js | 10 +++++-----
gracedb/templates/gracedb/index.html | 2 +-
gracedb/templates/profile/manage_password.html | 2 +-
gracedb/templates/superevents/detail.html | 16 ++++++++--------
gracedb/templates/superevents/file_list.html | 2 +-
.../superevents/superevent_detail_script.js | 14 +++++++-------
7 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/config/urls.py b/config/urls.py
index 71ef79ead..79029217c 100644
--- a/config/urls.py
+++ b/config/urls.py
@@ -53,7 +53,7 @@ urlpatterns = [
# API URLs
url(r'^api/', include('api.urls')),
- # Legacy API URLs: can we get rid of these at some point? (TODO)
+ # Legacy API URLs - must be maintained!
url(r'^apibasic/', include('api.urls', namespace='legacy_apibasic')),
url(r'^apiweb/', include('api.urls', namespace='legacy_apiweb')),
diff --git a/gracedb/templates/gracedb/event_detail_script.js b/gracedb/templates/gracedb/event_detail_script.js
index 862465156..b63e05daf 100644
--- a/gracedb/templates/gracedb/event_detail_script.js
+++ b/gracedb/templates/gracedb/event_detail_script.js
@@ -156,14 +156,14 @@ var hasImage = function(object) {
}
// some URLs. Usage of Django template syntax should be limited to here
-var tagListUrl = '{% url "api:default:tag-list" %}';
+var tagListUrl = '{% url "legacy_apiweb:default:tag-list" %}';
var tagUrlPattern = '{% url "taglogentry" object.graceid "000" "temp" %}';
-var eventLogListUrl = '{% url "api:default:events:eventlog-list" object.graceid %}';
+var eventLogListUrl = '{% url "legacy_apiweb:default:events:eventlog-list" object.graceid %}';
var eventLogSaveUrl = '{% url "logentry" object.graceid "" %}';
-var embbEventLogListUrl = '{% url "api:default:events:embbeventlog-list" object.graceid %}';
-var emObservationListUrl = '{% url "api:default:events:emobservation-list" object.graceid %}';
+var embbEventLogListUrl = '{% url "legacy_apiweb:default:events:embbeventlog-list" object.graceid %}';
+var emObservationListUrl = '{% url "legacy_apiweb:default:events:emobservation-list" object.graceid %}';
var fileDownloadUrl = '{% url "file-download" object.graceid "FAKE_FILE_NAME" %}';
-var skymapJsonUrl = '{% url "api:default:events:files" object.graceid "" %}';
+var skymapJsonUrl = '{% url "legacy_apiweb:default:events:files" object.graceid "" %}';
var skymapViewerUrl = '{{ SKYMAP_VIEWER_SERVICE_URL }}';
// This little list determines the priority ordering of the digest sections.
diff --git a/gracedb/templates/gracedb/index.html b/gracedb/templates/gracedb/index.html
index 0ac906b13..ad01b2e27 100644
--- a/gracedb/templates/gracedb/index.html
+++ b/gracedb/templates/gracedb/index.html
@@ -81,7 +81,7 @@ follow-ups. </p>
<!-- <li><a href="https://www.lsc-group.phys.uwm.edu/daswg/wiki/GraceDBER6">Recent changes</a> <font color="red">(IMPORTANT!) </font></li> -->
<!-- <li><a href="https://gw-astronomy.org/wiki/LV_EM/ElectroMagneticBulletinBoard">Prototype EMBB description</a></li> -->
<li><a href="https://wiki.ligo.org/Computing/GraceDB">Project page on wiki.ligo.org</a></li>
-<li><a href="{% url "api:default:root" %}">Browseable REST API</a>
+<li><a href="{% url "legacy_apiweb:default:root" %}">Browseable REST API</a>
<li><a href="https://gw-astronomy.org/wiki/LV_EM/TechInfo">LV-EM Technical Info</a></li>
<li><a href="https://dcc.ligo.org/G1501296">Tutorial for operators and detector engineers</a></li>
diff --git a/gracedb/templates/profile/manage_password.html b/gracedb/templates/profile/manage_password.html
index d4098a3b6..0e8154ee3 100644
--- a/gracedb/templates/profile/manage_password.html
+++ b/gracedb/templates/profile/manage_password.html
@@ -6,7 +6,7 @@
{% block content %}
-<p>Passwords generated here are intended only for scripted access to the GraceDB <a href={% url "api:default:root" %}>REST API</a> by LV-EM users.</p>
+<p>Passwords generated here are intended only for scripted access to the GraceDB <a href={% url "legacy_apiweb:default:root" %}>REST API</a> by LV-EM users.</p>
<p> Your username is: <b>{{ username }}</b></p>
{% if has_password %}
diff --git a/gracedb/templates/superevents/detail.html b/gracedb/templates/superevents/detail.html
index 86e1c34a9..a605363d6 100644
--- a/gracedb/templates/superevents/detail.html
+++ b/gracedb/templates/superevents/detail.html
@@ -55,7 +55,7 @@
{% if show_gw_status_form %}
<div class="content-area">
-<form action="{% url "api:default:superevents:superevent-confirm-as-gw" superevent.superevent_id %}" method="POST" id="confirm_as_gw_form">
+<form action="{% url "legacy_apiweb:default:superevents:superevent-confirm-as-gw" superevent.superevent_id %}" method="POST" id="confirm_as_gw_form">
<input type="submit" value="Confirm this superevent as a GW" class="permButtonClass" disabled>
</form>
<div><b>Note:</b> this action is irreversible without manual intervention by an admin.</div>
@@ -68,7 +68,7 @@
{#-- XXX This next bit is super hacky. #}
{% if can_modify_permissions %}
<div class="content-area">
-<form action="{% url "api:default:superevents:superevent-permission-modify" superevent.superevent_id %}" method="POST" id="permissions_form">
+<form action="{% url "legacy_apiweb:default:superevents:superevent-permission-modify" superevent.superevent_id %}" method="POST" id="permissions_form">
<input type="hidden" name="action" value="{{ permissions_action }}">
<input type="submit" value="{{ permissions_form_button_text }}" class="permButtonClass" disabled>
</form>
@@ -93,11 +93,11 @@
{# inputs are disabled here, enabled by jquery code on page load. Otherwise users who click quickly can activate the form before the jquery is fully loaded #}
{% if operator_signoff_exists %}
{% with operator_signoff_type|add:operator_signoff_instrument as typeinst %}
- <input type="submit" formaction="{% url "api:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Update signoff" class="searchButtonClass" id="update" disabled>
- <input type="submit" formaction="{% url "api:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Delete signoff" class="searchButtonClass" id="delete" disabled>
+ <input type="submit" formaction="{% url "legacy_apiweb:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Update signoff" class="searchButtonClass" id="update" disabled>
+ <input type="submit" formaction="{% url "legacy_apiweb:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Delete signoff" class="searchButtonClass" id="delete" disabled>
{% endwith %}
{% else %}
- <input type="submit" value="Create signoff" class="searchButtonClass" formaction={% url "api:default:superevents:superevent-signoff-list" superevent.superevent_id %} disabled>
+ <input type="submit" value="Create signoff" class="searchButtonClass" formaction={% url "legacy_apiweb:default:superevents:superevent-signoff-list" superevent.superevent_id %} disabled>
{% endif %}
</td>
</tr>
@@ -127,11 +127,11 @@
{# inputs are disabled here, enabled by jquery code on page load. Otherwise users who click quickly can activate the form before the jquery is fully loaded #}
{% if advocate_signoff_exists %}
{% with advocate_signoff_type|add:advocate_signoff_instrument as typeinst %}
- <input type="submit" formaction="{% url "api:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Update signoff" class="searchButtonClass" id="update" disabled>
- <input type="submit" formaction="{% url "api:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Delete signoff" class="searchButtonClass" id="delete" disabled>
+ <input type="submit" formaction="{% url "legacy_apiweb:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Update signoff" class="searchButtonClass" id="update" disabled>
+ <input type="submit" formaction="{% url "legacy_apiweb:default:superevents:superevent-signoff-detail" superevent.superevent_id typeinst %}" value="Delete signoff" class="searchButtonClass" id="delete" disabled>
{% endwith %}
{% else %}
- <input type="submit" value="Create signoff" class="searchButtonClass" formaction={% url "api:default:superevents:superevent-signoff-list" superevent.superevent_id %} disabled>
+ <input type="submit" value="Create signoff" class="searchButtonClass" formaction={% url "legacy_apiweb:default:superevents:superevent-signoff-list" superevent.superevent_id %} disabled>
{% endif %}
</td>
</tr>
diff --git a/gracedb/templates/superevents/file_list.html b/gracedb/templates/superevents/file_list.html
index c34b8fab8..70131bf00 100644
--- a/gracedb/templates/superevents/file_list.html
+++ b/gracedb/templates/superevents/file_list.html
@@ -8,7 +8,7 @@
<ul>
{% for filename in file_list %}
-<li><a href="{% url "api:default:superevents:superevent-file-detail" object.superevent_id filename %}">{{ filename }}</a></li>
+<li><a href="{% url "legacy_apiweb:default:superevents:superevent-file-detail" object.superevent_id filename %}">{{ filename }}</a></li>
{% endfor %}
</ul>
diff --git a/gracedb/templates/superevents/superevent_detail_script.js b/gracedb/templates/superevents/superevent_detail_script.js
index dfbe921bb..7a2be213f 100644
--- a/gracedb/templates/superevents/superevent_detail_script.js
+++ b/gracedb/templates/superevents/superevent_detail_script.js
@@ -156,13 +156,13 @@ var hasImage = function(object) {
}
// some URLs. Usage of Django template syntax should be limited to here
-var tagListUrl = '{% url "api:default:tag-list" %}';
-var tagCreateUrlPattern = '{% url "api:default:superevents:superevent-log-tag-list" superevent.superevent_id "000" %}';
-var tagDeleteUrlPattern = '{% url "api:default:superevents:superevent-log-tag-detail" superevent.superevent_id "000" "FAKE_TAG_NAME" %}';
-var logListUrl = '{% url "api:default:superevents:superevent-log-list" superevent.superevent_id %}';
-var logSaveUrl = '{% url "api:default:superevents:superevent-log-list" superevent.superevent_id %}';
-var emObservationListUrl = '{% url "api:default:superevents:superevent-emobservation-list" superevent.superevent_id %}';
-var fileDownloadUrl = '{% url "api:default:superevents:superevent-file-detail" superevent.superevent_id "FAKE_FILE_NAME" %}';
+var tagListUrl = '{% url "legacy_apiweb:default:tag-list" %}';
+var tagCreateUrlPattern = '{% url "legacy_apiweb:default:superevents:superevent-log-tag-list" superevent.superevent_id "000" %}';
+var tagDeleteUrlPattern = '{% url "legacy_apiweb:default:superevents:superevent-log-tag-detail" superevent.superevent_id "000" "FAKE_TAG_NAME" %}';
+var logListUrl = '{% url "legacy_apiweb:default:superevents:superevent-log-list" superevent.superevent_id %}';
+var logSaveUrl = '{% url "legacy_apiweb:default:superevents:superevent-log-list" superevent.superevent_id %}';
+var emObservationListUrl = '{% url "legacy_apiweb:default:superevents:superevent-emobservation-list" superevent.superevent_id %}';
+var fileDownloadUrl = '{% url "legacy_apiweb:default:superevents:superevent-file-detail" superevent.superevent_id "FAKE_FILE_NAME" %}';
var skymapViewerUrl = '{{ SKYMAP_VIEWER_SERVICE_URL }}';
// This little list determines the priority ordering of the digest sections.
--
GitLab