Proto commits in obiba/opal

These commits are when the Protocol Buffers files have changed: (only the last 100 relevant commits are shown)

2026-05-19

feat: added job queue per R cluster (#4147) * feat: added job queue per R cluster * fix: code review

The documentation is generated from this commit.

2026-04-13

feat: added file bundle task for preparing download of large files (#4137) * feat: added file bundle command and options * feat: file bundle command implementation, add command result interface, applied to file download * feat: added support for multiple files bundling * feat: added file bundle progress message * feat: file bundle command can be cancelled * feat: file downloads can be reinstated * fix: always include project files link * fix: make sure file bundle command is available to everyone * fix: code review

2026-04-12

feat: added audit all permission allowing read only access to system (#4136) * feat: added audit all permission allowing read only access to system * feat: audit all permission added using wildcards * feat: updated ui to support audit all perm * feat: safeguard names from wildcard * chore: tr updated

2026-01-16

feat: added project entities counts per type and files count (#4092) * feat: added entity counts per type * feat: added project files count * chore: code cleaning

2026-01-14

feat: added setting to restrict R/DataSHIELD usage to personal access token authentication (#4090)

feat: added userinfo to subject profile when available from oidc realm (#4088) * feat: added userinfo to subject profile when available from oidc realm * fix: sanitize user info values

2025-11-30

feat: add re-auth on critical paths (#4079) * feat: added support for prompt and max_age in OIDC config, to help with reauthentication if provider supports it * feat: added ReAuthenticate to apply to REST resources that need to be protected with an authentication timeout, UI updated accordingly * feat: reauth in a dialog to not loose form data in a redirect * fix: cleaned add user dialog layout * fix: reauthenticate with credentials when user is from realm managed by agate * feat: reauth timeout for critical paths is configurable and can be disabled with a non positive value * feat: one resignin dialog for the app, api does the interception * feat: re-auth endpoints are configurable * feat: use simple wildcard in reauth config paths * chore: code cleaning

2025-10-04

feat: R session has a state (#4062) * feat: R session task manager added * feat: R session state and events added * feat: rock pod R session init moved to RockPodSession * fix: added logs and check r session is not pending before closing it * feat: display R session state/status in R admin page * fix: break loop when thread is interrupted * fix: break loop when thread is interrupted * fix: use a custom thread pool for rock pod sessions init * chore: code cleaning

2025-08-31

feat: improved management of pods (#4051) * feat: added liveness and readiness to rock pod #4048 * feat: added rock pod delay and max attempts to config #4049 * feat: attempts to reload project #4047 * feat: list or delete pod refs per spec * chore: log debug

2025-06-27

feat: added labels, node name, node selector and tolerances to pod spec (#4032) * feat: added labels, node name and selector to pod spec * feat: tolerances added to pod spec

2025-06-20

feat: kubernetes integration, rock spawner capability (#4031) * feat: legacy Rserve support removed * feat: added rock spawner app type (wip) * feat: added rock spawner app, with discovery and registration as an R cluster entry point * feat: rock spawner integration (wip) * feat: added k8s pod spec, ref and service * feat: added rock pod cluster of servers * fix: case rserver name does not have expected syntax * feat: ensure no potential conflict with pod name prefix * feat: improved rock spawner init phase * feat: R sessions ui * feat: added application lock file to avoid conflict when restarting opal pod * feat: download R server logs of the running pods * feat: added a beta badge to kubernetes admin page * fix: ensure work dir exists when locking * feat: rock spawner service has a running flag * feat: validate image references, can be restricted to a list of allowed ones * feat: added ui validations for pod specs * feat: make sure resource providers are initialized in k8s context * feat(ui): added pod spec removal

2024-10-29

Added query count API to get correct total counts (#3970) Co-authored-by: Ramin Haeri Azad <rhaeri@maelstrom-reseach.org>

2024-10-26

Clear only when starting search, added lastDoc for pagination (#3967) Co-authored-by: Ramin Haeri Azad <rhaeri@maelstrom-reseach.org>

2024-09-20

feat: R packages management system setting added, disabled by default #3858

2024-09-08

feat: reporting feature removed (#3924)

2024-05-05

feat(ui): added import data (wip), generate ts from proto

2024-04-02

feat: upgrade to Java 21, spring 6 and more (#3828) * Replaced @PostConstruct and @PreDestroy annotations by InitializingBean and DisposableBean interfaces * Upgrade of GWT, not working! * feat: java 17 wip * feat: upgrades orientdb graalvm resteasy (wip) * first java 17 compile and test * travis uses java 17 * deps versions fixes * jaxb * java 21 * opal-gwt-client removed * feat: upgraded vfs * feat: deb control updated with recommended packages * fix: upgraded slf4j, graal js engine usage to retrieve resourcer settings and utils * resteasy upgraded to latest * configure polyglot log * unzip plugin files in start scripts * orientdb and atomikos configurations * fix: ensure mime type on file download * code cleanup * do not load datasources concurrently (for now, to avoid liquibase errors) * removed windows start script because of missing plugins in classpath * orientdb create index is thread safe * opal upgrade is done in a separate, preliminary, process, because it was confusing some third party libs * jgit updated * makefile updated: removed gwt and update orientdb version

2024-03-15

feat(backend): added configuration option for enforcing 2fa to users from ini and opal realms #3724

2023-06-25

R session activity web services added

2023-06-17

#3802 R package commands added

2023-04-20

DataSHIELD activity logging (#3794) * #3744 #3745 WIP * Datashield context added for logging * DS error logging * DS workspace actions logging * Download all or latest logs. Record time spent in the R server. * Log assignments when async * Log rm * r_size added to track result size

2022-09-15

#3598 Use the OIDC end_session_endpoint when defined (and when enabled, default is true), to logout both from opal and the Identity provider

2022-09-06

#3756 Added a configurable logout URL

2022-07-18

#3663 Added a list of emails to notify when report generation fails

2022-06-11

#3743 Opal file system bean extracted from the opal runtime one

#3743 Opal file system bean extracted from the opal runtime one

2022-05-24

#3735 Apply domain specific callback url to ID providers

#3735 Apply domain specific callback url to ID providers

2022-04-26

Use of table status

2022-04-24

#3626 Added token expiration (default -1, no expiration) and activity (60d) timeouts

2022-04-22

Two-factor authentication mechanism added (#3711) * #3710 2FA feature added based on the TOTP mechanism * OTP exception allows HTTP header spec * #3710 2FA settings can be administrated

2022-03-28

#3569 All columns property added

#3569 No mutation script support (security), script edition not available for resource variables

2022-03-08

#3569 Resource view can be associated to a R server profile

2022-03-07

value table status added

2022-02-18

#3569 Continuous summary added, without normal distribution and support of missing categories

2022-02-09

#3569 ResourceView first implementation, reusing RValueTable helper classes

2021-06-29

DS profile R parser version can be modified

2021-06-28

#3655 DS R parser version handling, based on ds4j 2.0

2021-06-24

#3529 Both ID provider username (with claim name) and groups (with claim name and/or JS script) can be configured

2021-06-14

R profiles added

2021-06-11

DataSHIELD/R server profiles (#3648) * Get the R server by profile name. Datashield config storage move to orientdb started. * Datashield config moved to orientdb. DS methods handling refactored. * R administration page displays R server clusters * R cluster display layout * DataSHIELD administration page to handle profiles * Datashield Packages and Profiles sections, WIP * Reset DS profile * Reset DS profile and many UI improvements * Package DS settings can be (un)published in bulk * Confirm DS settings reset * Case there are multiple packages with same name (different servers and location) * Datashield profiles can be enabled/disabled and have their own REST resources * RServerProfile interface added * DataSHIELD profile access can require permission * Fix missing default R server profile definitio * Fix missing default R server profile definitio * DS methods and options can be removed in bulk * Handle case a R cluster is missing and associated profiles are still there * Fix resource providers discovery in the context of multiple clusters, ds admin permissions and default R server usage * DS profile display, addition, deletion * New DS profile is initialized with base profile settings

2021-04-20

#3500 Read only token added

2021-04-18

#3616 SQL service added to Personal access token

2021-04-16

#3616 SQL history refactored as a log file

2021-04-14

#3621 Project admin section added to personl access token

2021-04-07

#3616 SQL query audit added: GET /service/sql/history

2021-03-09

Fix App self-registration

Fix App self-registration

2021-03-08

Cluster name added to App, refactored Rock app info

2021-03-05

#3579 Entity ID column name can be specified at export time

2021-03-03

R errors handling reviewed

2021-02-22

#2044 Extract R server host nb of cores and amount of free memory

2021-02-18

R packages with cluster and R server name

2021-02-16

#2044 R server clusters (#3610) * Refactor R server interactions with adapter pattern, to not expose Rserve implementation and allow Rock implementation * R command queue sync fix, more doc * Fixed DS result setter * R server cluster management added * RDatasource updated to read JSON objects * Write file to Rock * Sync resource providers seek after R servers have been init, R variable categories can be provided by labels attribute * Rock credentials config, code cleaning * Rserve integrated to default cluster, code cleaning * REST entry point added to manage R clusters and associated R servers (get/start/stop/log). * R sessions are associated to the R cluster and server where they were created * Rock R server discovery * App rejection * App have tags and not necessarily a server public address (case of app discovery) * DataSHIELD packages management * DataSHIELD packages management, Rserve fix * Merge R logs from a cluster of R servers * More R server web services, either at cluster or server level * R servers of default R cluster listed in the UI * App authentication, Opal connects as an admin if manager/user is not defined * Notify when R server is stopped, clean managed R sessions accordingly * Renamed default apps properties * Check for legacy R server service availability * Refresh R sessions after R server stop event * Stop/start R server individually * Apps administration UI added * R server logs can be downloaded individually or concatenated * Rock app config UI added * Rock config user credentials UI * Data assignment refactored so that base64 content is just forwarded to Rock

2021-01-10

#2044 App registry added, to prepare R server app registration and usage.

2020-06-05

#3563 Option to backup views as tables

2020-06-04

#3563 Restore zip archive, possibly encrypted. Override option is false by default

2020-06-03

#3563 Project backup command added, restore command in progress.

2020-05-28

#2171 User and group suggestions, based of opal realm, profiles and permissions

2020-05-20

Resource providers status added

2020-05-12

#3566 Project's dashboard added. Async load of projects' datasources on startup.

2020-05-11

#3567 Description field added to resource reference

2020-05-06

Resource files are merged in one

2020-05-05

Resource services refactored to use R packages configuration instead of a plugin

2020-02-11

Resources (#3556) * Resource plugins SPI added * #3538 Resource plugin web services and dtos * #3538 Resource reference model, dto, service, resource * #3538 Resource reference web service for CRUD operations * #3540 Resources tab added to project view, listing of resources * #3540 Project resources UI first commit. Credentials data are encrypted in the database. * #3539 R/DataSHIELD resource assignment, first commit * Case resource name has a dot * JSON schema form enum items can have title * Resource factories can be grouped * Resources list with more columns * Html integer input box added * Resources permissions added * Clean resources on resource deletion * Refactored resources UI to have a view per resource (to apply permission at this level) * Fix resource permissions * Added edit and remove buttons to resource page * Resource duplication, removal in batch, with confirmation * Fix project page authorizations * More project authorizers added * Required package can be identified from the form and loaded at assignment time * Fix case stream value is null

2019-08-15

News panel and web service added, based on obiba.org data

2019-08-13

#3529 Groups claim setting added to ID provider config

2019-08-06

#3508 Tokens have a scope (#3521) * #3508 Access token scope can be restricted to enumerated projects * #3508 Project commands added to the scope of the token * #3508 Services added to the scope of the token * Handle token access to transient datasources * Token UI adjustments * Token UI adjustments (2) * #3508 #3477 opal.token option added to report template UI. Report parameters are stored encrypted and opal.password/opal.token options are hidden from the user. * Report UI fix * #3508 Sys admin added to token's scope * #3508 More system operations are submitted to token to be granted system admin * #3508 Opal REST client can authenticate with token. Applied to data import from a Opal server

2019-08-02

#3508 API access token added and handled to authenticate and grant permissions (#3520) * #3508 Opal token realm added, based on subject token object (managed by service and resources) * #3508 Token can give readonly access * #3508 Groups are saved in subject profile for reuse by token realm * #3508 No readonly mode, authz cache is managed by event subscription * #3508 UI to manage own's token added * Fix token realm shiro credentials (after token has been hashed) * Delete current session even when session id is specified (legacy)

2019-06-25

Subject profile page can include the account link when defined in the identity provider

2019-06-05

Project id mapping (#3481) * Added ProjectIdentifiersMapping in server/client code. * Remove project id mapping upon identifiers table/variable removal. * Added APIs to get a project ID mapping list or by entityType; refresh a project ID mapping list upon opening project admin TAB. * Added ID mapping when importing/exporting. * Added Edit/Remove project ID mapping. * Select best ID mapping when exporting several tables. * Bugfixes and cleanups.

2019-05-21

OpenID Connect configuration UI (#3469) * Added OIDC configurations web services. Configurations can be disabled * OIDC configuration UI added * Display ID provider user account login page link when available * More fields and validations on ID provider form * Fix Spring component init

2019-05-13

refresh command and conflict management

Added a project default export folder. (#3466)

2019-05-10

#3320 OpenID Connect support added. Pac4j dependency dropped.

2019-05-08

Login page shows OIDC clients

opal-pac4j added

2018-12-15

Changed analysisId to analysisName, name validation, fixed var chooser bug. (#3403)

2018-12-13

Added last result success/failed count and added sorting to analyses table. (#3398)

2018-12-11

set last analysis result status in analysis (#3390)

2018-12-08

analysis name must be unique for project table (#3388) * analysis name must be unique for project table * remove id form analysis

2018-12-05

Added icon for status in results panel, added duplicate action. (#3383)

2018-12-03

Added anlysis editing, running from list, view+run. (#3373)

2018-11-28

add pluginName in Analysis (#3368)

2018-11-27

Implemented export-analysis. (#3363) * Implemented export-analysis. * Removed limit and order and used lastResult instead.

2018-11-22

analysis plugin resources (#3358)

2018-11-20

analysis project and table GET resources (#3352) * analysis project and table GET resource * use dtos for list

2018-11-09

Implemented the Analyze command (#3332) * Implemented the Analyze command * Used RUtils for R symbol names.

2018-10-30

Added an ErrorDto for R runtime. (#3322) * Added an ErrorDto for R runtime. * Specialized the ErrorDto for OpalR WEB. * Added RRuntimeException and fixed PR comments. * Used the correct ErrorDto for RRuntimeException.

2018-09-24

#3307 Report datasource plugin group and use it in the UI

2018-09-05

Remove limesurvey and related code (#3294) * Remove limesurvey and related code * Add upgrade step to remove all limesurvey databases * save databases as properties files for backup * make sure that file is created * call mkdirs to make sure directory tree exists * catch noSuchElementException * intall the plugin, forgo the check * set default value for textArea * add "usage.IMPORT." prefix to help streamline copy pasting th properties

2018-07-31

Use pluginDatasourceFactoryDtoParser

2018-07-27

WIP - Plugin Datasource resource

2018-07-26

datasource spi and factory parser added

2017-10-10

Plugin authorship added

2017-09-25

Entity identifier suggestions added

2017-09-07

OPAL-2944 New CSV import option: default value type can be specified (UI and python)

2017-08-30

OPAL-2907 Case of plugin update site connection failed

OPAL-2907 Plugin site properties are configurable through graphical or python UIs