Merge branch 'main' into hizni/2503-add-title-airlock-request

.devcontainer/scripts/post-create.sh

@@ -5,5 +5,5 @@ set -e
 sudo bash ./devops/scripts/set_docker_sock_permission.sh
 
 # install tre CLI
-(cd /workspaces/AzureTRE/cli/ && make install-cli)  && echo -e "\n# Set up tre completion\nsource <(_TRE_COMPLETE=bash_source tre)" >> ~/.bashrc
+(cd ./cli/ && make install-cli)  && echo -e "\n# Set up tre completion\nsource <(_TRE_COMPLETE=bash_source tre)" >> ~/.bashrc
 

CHANGELOG.md

@@ -1,24 +1,52 @@
 <!-- markdownlint-disable MD041 -->
 <!-- line format short be: change short description (#pr_numer) -->
-
-## 0.5.1 (Unreleased)
+## 0.6.0 (Unreleased)
 
 **BREAKING CHANGES & MIGRATIONS**:
 
-*
-
 FEATURES:
-
-*
+* Added filtering and sorting to Airlock UI ([#2511](https://github.com/microsoft/AzureTRE/issues/2511))
 
 ENHANCEMENTS:
 
-*
+BUG FIXES:
+
+COMPONENTS:
+
+
+## 0.5.1 (October 12, 2022)
 
 BUG FIXES:
 
-*
+* Fix shared service 409 installation issue when in status other than deployed ([#2725](https://github.com/microsoft/AzureTRE/pull/2725))
 
+COMPONENTS:
+
+| name | version |
+| ----- | ----- |
+| devops | 0.4.2 |
+| core | 0.4.36 |
+| tre-workspace-base | 0.4.0 |
+| tre-workspace-unrestricted | 0.2.0 |
+| tre-workspace-airlock-import-review | 0.4.0 |
+| tre-service-mlflow | 0.4.0 |
+| tre-service-innereye | 0.4.0 |
+| tre-workspace-service-gitea | 0.5.0 |
+| tre-workspace-service-mysql | 0.2.0 |
+| tre-service-guacamole-linuxvm | 0.5.1 |
+| tre-service-guacamole-export-reviewvm | 0.0.4 |
+| tre-service-guacamole-windowsvm | 0.5.1 |
+| tre-service-guacamole-import-reviewvm | 0.1.1 |
+| tre-service-guacamole | 0.5.0 |
+| tre-user-resource-aml-compute-instance | 0.4.1 |
+| tre-service-azureml | 0.5.1 |
+| tre-shared-service-cyclecloud | 0.3.0 |
+| tre-shared-service-gitea | 0.4.0 |
+| tre-shared-service-airlock-notifier | 0.2.0 |
+| tre-shared-service-admin-vm | 0.2.0 |
+| tre-shared-service-certs | 0.2.0 |
+| tre-shared-service-sonatype-nexus | 2.2.0 |
+| tre-shared-service-firewall | 0.6.1 |
 
 
 ## 0.5.0 (October 10, 2022)

api_app/_version.py

@@ -1 +1 @@
-__version__ = "0.4.51"
+__version__ = "0.4.52"

api_app/api/routes/airlock.py

@@ -47,10 +47,12 @@ async def get_all_airlock_requests_by_workspace(
         airlock_request_repo=Depends(get_repository(AirlockRequestRepository)),
         workspace=Depends(get_deployed_workspace_by_id_from_path),
         user=Depends(get_current_workspace_owner_or_researcher_user_or_airlock_manager),
-        creator_user_id: str = None, type: AirlockRequestType = None, status: AirlockRequestStatus = None, awaiting_current_user_review: bool = None) -> AirlockRequestWithAllowedUserActionsInList:
+        creator_user_id: str = None, requestType: AirlockRequestType = None, status: AirlockRequestStatus = None,
+        order_by: str = None, order_ascending: bool = True) -> AirlockRequestWithAllowedUserActionsInList:
     try:
         airlock_requests = get_airlock_requests_by_user_and_workspace(user=user, workspace=workspace, airlock_request_repo=airlock_request_repo,
-                                                                      creator_user_id=creator_user_id, type=type, status=status, awaiting_current_user_review=awaiting_current_user_review)
+                                                                      creator_user_id=creator_user_id, type=requestType, status=status,
+                                                                      order_by=order_by, order_ascending=order_ascending)
         airlock_requests_with_allowed_user_actions = enrich_requests_with_allowed_actions(airlock_requests, user, airlock_request_repo)
     except (ValidationError, ValueError) as e:
         logging.error(f"Failed retrieving all the airlock requests for a workspace: {e}")

api_app/api/routes/airlock_resource_helpers.py

@@ -83,13 +83,10 @@ def check_email_exists(role_assignment_details: defaultdict(list)):
 
 
 def get_airlock_requests_by_user_and_workspace(user: User, workspace: Workspace, airlock_request_repo: AirlockRequestRepository,
-                                               creator_user_id: str = None, type: AirlockRequestType = None, status: AirlockRequestStatus = None, awaiting_current_user_review: bool = None) -> List[AirlockRequest]:
-    if awaiting_current_user_review:
-        if "AirlockManager" not in user.roles:
-            return []
-        status = AirlockRequestStatus.InReview
-
-    return airlock_request_repo.get_airlock_requests(workspace_id=workspace.id, user_id=creator_user_id, type=type, status=status)
+                                               creator_user_id: str = None, type: AirlockRequestType = None, status: AirlockRequestStatus = None,
+                                               order_by: str = None, order_ascending=True) -> List[AirlockRequest]:
+    return airlock_request_repo.get_airlock_requests(workspace_id=workspace.id, user_id=creator_user_id, type=type, status=status,
+                                                     order_by=order_by, order_ascending=order_ascending)
 
 
 def get_allowed_actions(request: AirlockRequest, user: User, airlock_request_repo: AirlockRequestRepository) -> AirlockRequestWithAllowedUserActions:

api_app/db/repositories/airlock_requests.py

@@ -102,7 +102,7 @@ def create_airlock_request_item(self, airlock_request_input: AirlockRequestInCre
 
         return airlock_request
 
-    def get_airlock_requests(self, workspace_id: str, user_id: str = None, type: AirlockRequestType = None, status: AirlockRequestStatus = None) -> List[AirlockRequest]:
+    def get_airlock_requests(self, workspace_id: str, user_id: str = None, type: AirlockRequestType = None, status: AirlockRequestStatus = None, order_by: str = None, order_ascending=True) -> List[AirlockRequest]:
         query = self.airlock_requests_query() + f' where c.workspaceId = "{workspace_id}"'
 
         # optional filters
@@ -113,6 +113,11 @@ def get_airlock_requests(self, workspace_id: str, user_id: str = None, type: Air
         if type:
             query += ' AND c.requestType=@type'
 
+        # optional sorting
+        if order_by:
+            query += ' ORDER BY c.' + order_by
+            query += ' ASC' if order_ascending else ' DESC'
+
         parameters = [
             {"name": "@user_id", "value": user_id},
             {"name": "@status", "value": status},

api_app/tests_ma/test_api/test_routes/test_airlock_resource_helpers.py

@@ -258,30 +258,16 @@ async def test_update_and_publish_event_airlock_request_without_status_change_sh
     assert send_airlock_notification_event_mock.call_count == 0
 
 
-async def test_get_airlock_requests_by_user_and_workspace_with_awaiting_current_user_review_and_status_arguments_should_ignore_status(airlock_request_repo_mock):
+async def test_get_airlock_requests_by_user_and_workspace_with_status_filter_calls_repo(airlock_request_repo_mock):
     workspace = sample_workspace()
     user = create_workspace_airlock_manager_user()
     airlock_request_repo_mock.get_airlock_requests = MagicMock()
 
     get_airlock_requests_by_user_and_workspace(user=user, workspace=workspace, airlock_request_repo=airlock_request_repo_mock,
-                                               status=AirlockRequestStatus.Approved, awaiting_current_user_review=True)
+                                               status=AirlockRequestStatus.InReview)
 
-    airlock_request_repo_mock.get_airlock_requests.assert_called_once_with(workspace_id=workspace.id, user_id=None, type=None, status=AirlockRequestStatus.InReview)
-
-
-async def test_get_airlock_requests_by_user_and_workspace_with_awaiting_current_user_review_argument_by_non_airlock_manger_should_return_empty_list(airlock_request_repo_mock):
-    user = create_test_user()
-    airlock_requests = get_airlock_requests_by_user_and_workspace(user=user, workspace=sample_workspace(), airlock_request_repo=airlock_request_repo_mock, awaiting_current_user_review=True)
-    assert airlock_requests == []
-
-
-@pytest.mark.parametrize("role", get_required_roles(endpoint=create_airlock_review))
-async def test_get_airlock_requests_by_user_and_workspace_with_awaiting_current_user_review_argument_requires_same_roles_as_review_endpoint(role, airlock_request_repo_mock):
-    airlock_request_repo_mock.get_airlock_requests = MagicMock()
-    user = create_test_user()
-    user.roles = [role]
-    get_airlock_requests_by_user_and_workspace(user=user, workspace=sample_workspace(), airlock_request_repo=airlock_request_repo_mock, awaiting_current_user_review=True)
-    airlock_request_repo_mock.get_airlock_requests.assert_called_once()
+    airlock_request_repo_mock.get_airlock_requests.assert_called_once_with(workspace_id=workspace.id, user_id=None, type=None,
+                                                                           status=AirlockRequestStatus.InReview, order_by=None, order_ascending=True)
 
 
 @pytest.mark.parametrize("action, required_roles, airlock_request_repo_mock", [

devops/scripts/deploy_shared_service.sh

@@ -49,7 +49,7 @@ if [[ "$last_result" != 0 ]]; then
 fi
 
 deployed_shared_service=$(echo "${get_shared_services_result}" \
-  | jq -r ".sharedServices[] | select(.templateName == \"${template_name}\" and .deploymentStatus == \"deployed\")")
+  | jq -r ".sharedServices[] | select(.templateName == \"${template_name}\" and (.deploymentStatus != \"deleted\" or .deploymentStatus != \"deployment_failed\"))")
 
 if [[ -n "${deployed_shared_service}" ]]; then
   # Get template version of the service already deployed

docs/tre-admins/auth.md

@@ -67,3 +67,18 @@ App registrations (represented by service principals) define the various access
 Some of the applications require **admin consent** to allow them to validate users against the AAD. Check the Microsoft Docs on [Configure the admin consent workflow](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-admin-consent-workflow) on how to request admin consent and handle admin consent requests.
 
 We strongly recommend that you use `make auth` to create the AAD assets as this has been tested extensively. Should you wish to create these manually via the [Azure Portal](https://docs.microsoft.com/azure/active-directory/develop/quickstart-register-app); more information can be found [here](./identities/auth-manual.md).
+
+### Enabling users
+
+For a user to gain access to the system, they have to:
+
+1. Have an identity in Azure AD
+1. Be linked with an app registration and assigned a role
+
+When these requirements are met, the user can sign-in using their credentials and use their privileges to use the API, login to workspace environment etc. based on their specific roles.
+
+![User linked with app registrations](../assets/aad-user-linked-with-app-regs.png)
+
+The users can also be linked via the Enterprise application view:
+
+![Adding users to Enterprise application](../assets/adding-users-to-enterprise-application.png)

docs/tre-admins/identities/test-account.md

@@ -88,18 +88,3 @@ On the "Application permissions" section, select "TRE Administrators".
 Back on the main permissions page, click on "Grant admin consent". Once done, you should see "Granted" in the "Status" column, as shown below.
 
 ![Screenshot of Azure portal showing admin consent granted](../../assets/tre-automation-admin-consent-granted.png)
-
-### Enabling users
-
-For a user to gain access to the system, they have to:
-
-1. Have an identity in Azure AD
-1. Be linked with an app registration and assigned a role
-
-When these requirements are met, the user can sign-in using their credentials and use their privileges to use the API, login to workspace environment etc. based on their specific roles.
-
-![User linked with app registrations](../../assets/aad-user-linked-with-app-regs.png)
-
-The users can also be linked via the Enterprise application view:
-
-![Adding users to Enterprise application](../../assets/adding-users-to-enterprise-application.png)

docs/using-tre/index.md

@@ -14,13 +14,13 @@ It contains all the required tooling to develop your custom templates and deploy
 
 ### AzureTRE Reference
 
-AzureTRE deployment repository allows you to reference AzureTRE as a folder, but also uses it in its deployment. See [AzureTRE deployment readme](https://github.com/microsoft/AzureTRE-Deployment/blob/main/README.md) to learn more about it.
+AzureTRE deployment repository allows you to reference AzureTRE as a folder, but also uses it in its deployment. See [AzureTRE Deployment readme](https://github.com/microsoft/AzureTRE-Deployment) to learn more about it.
 
 ## Getting Started
 
 To get started with AzureTRE follow the next steps:
 
-1. Go to [AzureTRE Deployment repository]((https://github.com/microsoft/AzureTRE-Deployment))
+1. Go to [AzureTRE Deployment repository](https://github.com/microsoft/AzureTRE-Deployment)
 1. Click on use this template to set up your project from this template:
 
 [![Use AzureTRE Deployment template](../assets/using-tre/use_template.png)](../assets/using-tre/use_template.png)

docs/using-tre/templates/index.md

@@ -19,11 +19,13 @@ AzureTRE deployment repository has directories setup for: workspace, workspace s
 See [template authoring guide](../../tre-workspace-authors/authoring-workspace-templates.md) to learn more about how to author templates.
 
 **To add your custom templates follow the next steps:**
-- Deployment requirements
-    1. Add your template under relevant folder (For example: if you are adding a new workspace template then place it under /templates/workspaces folder).
-    1. Use existing templates in AzureTRE as a reference.
-    1. Add porter configuration - AzureTRE uses [Porter](https://porter.sh/) as a solution for implementing and deploying workspaces and workspace, learn more about how it is used in AzureTRE [here](https://microsoft.github.io/AzureTRE/tre-developers/resource-processor/#porter).
-    1. Add terraform scripts to setup your deployment plan.
+
+- Deployment requirements:
+
+    1. Add your template under relevant folder (For example: if you are adding a new workspace template then place it under `/templates/workspaces` folder).  
+    2. Use existing templates in AzureTRE as a reference.  
+    3. Add porter configuration - AzureTRE uses [Porter](https://porter.sh/) as a solution for implementing and deploying workspaces and workspace, learn more about how it is used in AzureTRE [here](https://microsoft.github.io/AzureTRE/tre-developers/resource-processor/#porter).  
+    4. Add terraform scripts to setup your deployment plan.
 - Define resource template in the API - follow [this readme](https://microsoft.github.io/AzureTRE/tre-admins/registering-templates/) to register your template.
 - Use the [AzureTRE UI](https://microsoft.github.io/AzureTRE/tre-developers/ui/) to deploy your resources
 - Add your custom templates to CI/CD workflows - in Deploy Azure TRE Reusable workflow make sure to add your bundles under register_bundles and publish_bundles steps.