Merge

.gitignore

@@ -86,6 +86,7 @@ src/media/profile_images/*
 
 # vim
 *.swp
+.vim/
 
 # gulp
 /src/static/OLH/*

.lando.yml

@@ -14,14 +14,14 @@ services:
       - grep '^deb ' /etc/apt/sources.list | perl -pe 's/deb /deb-src /' >> /etc/apt/sources.list
       - apt-get update -qq && apt-get install -y python3-lxml pylint libxml2-dev libxslt1-dev python3-dev zlib1g-dev lib32z1-dev libffi-dev libssl-dev libjpeg-dev && apt-get build-dep -y lxml
     build:
-      - cd /app && pip install --upgrade pip && pip install Cython && pip install psycopg2 && pip install -r requirements.txt &&  pip install -r dev-requirements.txt
+      - cd /app && pip install --upgrade pip && pip install Cython && pip install psycopg2-binary~=2.8.0 && pip install -r requirements.txt &&  pip install -r dev-requirements.txt
     scanner: true
     overrides:
       ports:
         - '8000:8000'
       environment:
         PYTHONPATH: "/app/src"
-        JANEWAY_SETTINGS_MODULE: "core.dev_settings" # this is the path to the Janeway dev_settings file, which is in src/core/dev_settings.py
+        JANEWAY_SETTINGS_MODULE: "core.settings" # this is the path to the Janeway settings file, which is in src/core/settings.py
     moreHttpPorts:
       - '8000'
   db:
@@ -36,9 +36,22 @@ tooling:
   python:
     service: appserver
     cmd: python
+    dir: /app/src
+  pip:
+    service: appserver
+    description: run pip commands to manage Python package installation in this environment
+    cmd: pip
+    dir: /app/src
   manage:
     service: appserver
-    cmd: cd /app/src && python manage.py
+    cmd: python manage.py
+    dir: /app/src
+  restart-runserver:
+    service: appserver
+    description: Quickly restarts the Django runserver process, follows logs, and enables interactive debugging
+    cmd: killall python || python /app/src/manage.py runserver 0.0.0.0:8000 -v 3
+    dir: /app/src
+    user: root
   psql:
     service: db
     cmd: psql -U postgres

.update.sh

@@ -7,6 +7,7 @@ python3 src/manage.py backup
 python3 src/manage.py migrate
 python3 src/manage.py build_assets
 python3 src/manage.py collectstatic --no-input
+DJANGO_DEFAULT_SETTINGS=1 python3 src/manage.py compilemessages
 python3 src/manage.py load_default_settings
 python3 src/manage.py install_plugins
 

Makefile

@@ -1,29 +1,37 @@
 ifndef DB_VENDOR
-	DB_VENDOR=mysql
+	DB_VENDOR=postgres
 endif
 
+# Exposed ports
+JANEWAY_PORT ?= 8000
+PGADMIN_PORT ?= 8001
+
 unexport NO_DEPS
-DB_HOST=janeway-mysql
-DB_PORT=3306
 DB_NAME ?= janeway
+DB_NAME ?= janeway
+DB_HOST=janeway-postgres
+DB_PORT=5432
 DB_USER=janeway-web
 DB_PASSWORD=janeway-web
-CLI_COMMAND=mysql -u $(DB_USER) -p$(DB_PASSWORD)
-DB_VOLUME=db/mysql-data
+DB_VOLUME=db/postgres-data
+CLI_COMMAND=psql --username=$(DB_USER) $(DB_NAME)
 
 ifeq ($(DB_VENDOR), mariadb)
 	DB_HOST=janeway-mariadb
+	DB_PORT=3306
+	DB_USER=janeway-web
+	DB_PASSWORD=janeway-web
+	CLI_COMMAND=mysql -u $(DB_USER) -p$(DB_PASSWORD)
 	DB_VOLUME=db/mariadb-data
 endif
 
-ifeq ($(DB_VENDOR), postgres)
-	unexport NO_DEPS
-	DB_HOST=janeway-postgres
-	DB_PORT=5432
+ifeq ($(DB_VENDOR), mysql)
+	DB_HOST=janeway-mysql
+	DB_PORT=3306
 	DB_USER=janeway-web
 	DB_PASSWORD=janeway-web
-	DB_VOLUME=db/postgres-data
-	CLI_COMMAND=psql --username=$(DB_USER) $(DB_NAME)
+	CLI_COMMAND=mysql -u $(DB_USER) -p$(DB_PASSWORD)
+	DB_VOLUME=db/mysql-data
 endif
 
 ifeq ($(DB_VENDOR), sqlite)
@@ -43,34 +51,39 @@ export DB_PORT
 export DB_NAME
 export DB_USER
 export DB_PASSWORD
-SUFFIX ?= $(shell python -c "from time import time; print(hex(int(time()*10000000))[2:])")
+export JANEWAY_PORT
+export PGADMIN_PORT
+SUFFIX ?= $(shell date +%s)
 SUFFIX := ${SUFFIX}
 DATE := `date +"%y-%m-%d"`
 
-all: janeway
+all: help
+run: janeway
 help:		## Show this help.
 	@fgrep -h "##" $(MAKEFILE_LIST) | fgrep -v fgrep | sed -e 's/\\$$//' | sed -e 's/##//'
 janeway:	## Run Janeway web server in attached mode. If NO_DEPS is not set, runs all dependant services detached.
-	docker-compose $(_VERBOSE) run $(NO_DEPS) --rm --service-ports  janeway-web $(entrypoint)
-command:	## Run Janeway in a container and pass through a django command passed as the CMD environment variable
+	docker-compose run --rm start_dependencies
+	docker-compose $(_VERBOSE) run $(NO_DEPS) --rm --service-ports janeway-web $(entrypoint)
+command:	## Run Janeway in a container and pass through a django command passed as the CMD environment variable (e.g make command CMD="migrate -v core 0024")
 	docker-compose run $(NO_DEPS) --rm janeway-web $(CMD)
 install:	## Run the install_janeway command inside a container
 	touch db/janeway.sqlite3
+	docker-compose run --rm start_dependencies
 	bash -c "make command CMD=install_janeway"
 rebuild:	## Rebuild the Janeway docker image.
 	docker pull birkbeckctp/janeway-base:latest
 	docker-compose build --no-cache janeway-web
 shell:		## Runs the janeway-web service and starts an interactive bash process instead of the webserver
-	docker-compose run --entrypoint=/bin/bash --rm janeway-web
-attach:		## Runs an interactive bash process within the currently running janeway-web container
+	docker-compose run --service-ports --entrypoint=/bin/bash --rm janeway-web
+attach:		## Runs an interactive shell within the currently running janeway-web container.
 	docker exec -ti `docker ps -q --filter 'name=janeway-web'` /bin/bash
 db-client:	## runs the database CLI client interactively within the database container as per the value of DB_VENDOR
 	docker exec -ti `docker ps -q --filter 'name=janeway-$(DB_VENDOR)'` $(CLI_COMMAND)
 db-save-backup: # Archives the current db as a tarball. Returns the output file name
 	@sudo tar -zcf $(DB_VENDOR)-$(DATE)-$(SUFFIX).tar.gz $(DB_VOLUME)
 	@echo "$(DB_VENDOR)-$(DATE)-$(SUFFIX).tar.gz"
 	@sudo chown -R `id -un`:`id -gn` $(DB_VENDOR)-$(DATE)-$(SUFFIX).tar.gz
-db-load-backup: #Loads a previosuly captured backup in the db directory
+db-load-backup: #Loads a previosuly captured backup in the db directory (e.g.: make db-load_backup DB=postgres-21-02-03-3948681d1b6dc2.tar.gz)
 	@BACKUP=$(BACKUP);echo "Loading $${BACKUP:?Please set to the name of the backup file}"
 	@tar -zxf $(BACKUP) -C /tmp/
 	@docker kill `docker ps -q --filter 'name=janeway-*'` 2>&1 | true
@@ -81,7 +94,13 @@ uninstall:	## Removes all janeway related docker containers, docker images and d
 	@bash -c "docker rm -f `docker ps --filter 'name=janeway*' -aq` >/dev/null 2>&1 | true"
 	@bash -c "docker rmi `docker images -q janeway*` >/dev/null 2>&1 | true"
 	@echo " Janeway has been uninstalled"
-check:		## Runs janeway test suit
+check:		## Runs janeway's test suit
 	bash -c "DB_VENDOR=sqlite make command CMD=test"
-build:		## Builds the base docker image
+migrate:		## Runs Django's migrate command
+	bash -c "make command CMD=migrate"
+makemigrations:		## Runs Django's makemigrations command
+	bash -c "make command CMD=makemigrations"
+build_assets:		## Runs Janeway's build_assets command
+	bash -c "make command CMD=build_assets"
+basebuild:		## Builds the base docker image
 	bash -c "docker build --no-cache -t janeway:`git rev-parse --abbrev-ref HEAD` ."

README.md

@@ -16,13 +16,13 @@ Janeway's development server can be run within a docker container, avoiding the
 Docker is compatible with multiple architectures and Operating systems, if you need help installing docker, have a look at the [docker documentation](https://docs.docker.com/install/).
 
 Simarly to the native installation, Janeway can be installed in a docker environment by running ``make install`` and following the installation steps described [above](https://github.com/BirkbeckCTP/janeway/wiki/Installation). As a result, a database volume will be populated under janeway/db/postgres-data
-Once installation is completed, just type ``make`` to run janeway with a postgres backend (default behaviour).
+Once installation is completed, just type ``make janeway`` to run janeway with a postgres backend (default behaviour).
 
 If a change to the dependencies for Janeway is required, the Janeway container can be re-created with ``make rebuild``. The database volume will be preserved.
 
 In order to run a different RDBMS, the environment variable ``DB_VENDOR`` can be set to one of ``postgres``, ``mysql`` or ``sqlite``. e.g: ``DB_VENDOR=mysql make install && make``
 
-Uninstalling Janeway is as simple as running ``make uninstall`` which will delete all related containers as well as wipe the database volume.
+Uninstalling Janeway is as simple as running ``make uninstall`` which will delete all docker related containers as well as wipe the database volume.
 
 # Janeway design principles
 1. No code should appear to work "by magic". Readability is key.

SECURITY.md

@@ -0,0 +1,38 @@
+# Security Policy
+
+## Supported Versions
+
+We currently only support one major version of Janeway. The master development branch becomes the next major release of Janeway and receieves security support. Security issues that only affect the master branch and not any stable released versions can be reported as Bugs and are fixed in public. Security vulnerabilities that effect a support branch, listed below, should be reported using the details provided under Reporting a Vulnerability.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.3.x   | :heavy_check_mark: |
+| <1.2.x   | :x:               |
+
+## Advanced Notification
+The full list of people and organizations who receive advance notification of security issues is not and will not be made public.
+
+On a case by case basis we may notify individuals and organisations who collaborate in the development of Janeway.
+
+
+## Reporting a Vulnerability
+
+If you detect a serious security vulnerability you should report it to us directly via email to [email protected]. Please provide where possible:
+
+- a brief description of the vulnerability
+- the website, page or repository where the vulnerability can be observed
+- any other documentation that may assist in fixing the issue
+
+
+We will follow this process:
+
+| Activity                              | Days From Initial Report |
+|---------------------------------------|--------------------------|
+| Acknowledge Initial Report            | 1 day                    |
+| Provide Initial Assesment to Reporter | 5 days                   |
+| Create and Test Fix                   | 14 days                  |
+| Publish Security Advisory on Github   | 21 days                  |
+
+
+
+Some content adapted from  [[Django Security Policy]](https://docs.djangoproject.com/en/dev/internals/security/)

db/pgadmin/.gitignore

@@ -0,0 +1,4 @@
+*
+*/
+!servers.json
+!.gitignore

db/pgadmin/servers.json

@@ -0,0 +1,20 @@
+{
+    "Servers": {
+        "1": {
+            "Name": "janeway-web",
+            "Group": "Servers",
+            "Host": "janeway-postgres",
+            "Port": 5432,
+            "MaintenanceDB": "postgres",
+            "Username": "janeway-web",
+            "SSLMode": "prefer",
+            "SSLCert": "<STORAGE_DIR>/.postgresql/postgresql.crt",
+            "SSLKey": "<STORAGE_DIR>/.postgresql/postgresql.key",
+            "SSLCompression": 0,
+            "Timeout": 10,
+            "UseSSHTunnel": 0,
+            "TunnelPort": "22",
+            "TunnelAuthentication": 0
+        }
+    }
+}

docker-compose.yml

@@ -7,18 +7,36 @@ services:
     volumes:
       - ./db/postgres-data:/var/lib/postgresql/data
     ports:
-      - "${DB_PORT}:${DB_PORT}"
+      - "${DB_PORT}"
     environment:
       - "POSTGRES_PASSWORD=${DB_PASSWORD}"
       - "POSTGRES_USER=${DB_USER}"
       - "POSTGRES_DB=${DB_NAME}"
+    depends_on:
+      - janeway-pgadmin
+
+  janeway-pgadmin:
+    image: dpage/pgadmin4
+    user: root
+    ports:
+      - "${PGADMIN_PORT}:80"
+    volumes:
+      - ./db/pgadmin:/var/lib/pgadmin
+    environment:
+            - [email protected]
+            - "PGADMIN_DEFAULT_PASSWORD=${DB_PASSWORD}"
+            - PG_ADMIN_LISTEN_ADDRESS=0.0.0.0
+            - GUNICORN_THREADS=2
+            - PGADMIN_SERVER_JSON_FILE=/var/lib/pgadmin/servers.json
+            - PGADMIN_CONFIG_SERVER_MODE=False
+            - PGADMIN_CONFIG_MASTER_PASSWORD_REQUIRED=False
 
   janeway-mysql:
     image: mysql:5.7
     volumes:
       - ./db/mysql-data:/var/lib/mysql
     ports:
-      - "${DB_PORT}:${DB_PORT}"
+      - "${DB_PORT}"
     environment:
       - MYSQL_ROOT_PASSWORD=root
       - "MYSQL_PASSWORD=${DB_PASSWORD}"
@@ -30,7 +48,7 @@ services:
     volumes:
       - ./db/mariadb-data:/var/lib/mysql
     ports:
-      - "${DB_PORT}:${DB_PORT}"
+      - "${DB_PORT}"
     environment:
       - MYSQL_ROOT_PASSWORD=root
       - "MYSQL_PASSWORD=${DB_PASSWORD}"
@@ -53,7 +71,7 @@ services:
       - ./logs:/vol/janeway/logs
       - ./db/janeway.sqlite3:/db/janeway.sqlite3
     ports:
-      - "8000:8000"
+      - "${JANEWAY_PORT}:8000"
     environment:
       - DB_VENDOR
       - DB_HOST

dockerfiles/Dockerfile

@@ -3,6 +3,7 @@ ADD . /vol/janeway
 WORKDIR /vol/janeway
 RUN apt-get update
 RUN apt-get install -y pylint
+RUN apt-get install -y gettext
 RUN pip3 install -r requirements.txt --src /tmp/src
 RUN pip3 install -r dev-requirements.txt --src /tmp/src
 RUN if [ -n "$(ls -A ./lib)" ]; then pip3 install -e lib/*; fi

docs/source/author.rst

@@ -115,3 +115,56 @@ The review page displays a run down of the article you've submitted, metadata, f
  .. figure:: /nstatic/article_review.png
 
     The review page for the article
+
+
+Revisions
+---------
+Editors may request that authors revise their files based on recommendations from reviewers. There are two types of Revision decision:
+
+1. Minor Revisions.
+2. Major Revisions.
+
+With Major Revisions you may find that the Editor will send the paper for a second round of review once you have completed your revisions.
+
+When an Editor request revisions there are two ways to start this process:
+
+1. Click the link in the email sent to you.
+2. Via the Journal Dashboard:
+    1. Login to the Journal
+    2. Go to the journal Dashboard
+    3. Scroll down to "Submitted Articles"
+    4. Click the "Revision Request" button next to the article.
+
+Once you have accessed the revision request you will be able to view available peer reviews and download, revise or upload new files. Once you've uploaded a revised manuscript and any additional image files you can fill in the covering letter and save the revision.
+
+ .. figure:: /nstatic/review_do_revisions.gif
+
+Proofing
+--------
+After your paper has been accepted and copyediting, the editors might send you a request to proof the 'Typesetting Files'.
+These files are the final finals that will be made publicly available once the article gets published on the journal.
+
+For journals that publish content in multiple media formats (HTML, PDF, XML...) It is important that you check all these files before publication. Authors are not expected to be able to open and read XML/HTML code. Instead, Janeway provides a 'preview' button were you will be able to previsualise the article as it will be rendered once it gets published.
+
+
+ .. figure:: /nstatic/typesetting/proofreading_1.png
+
+    Typeset Files download and preview
+
+Once you've previewed the files, you can provide feedback in two ways:
+
+1. Fill in the rich-text "Notes" box. This form element supports rich-text as well as pasting in screenshots or other types of images
+
+ .. figure:: /nstatic/typesetting/proofreading_notes.png
+
+    Providing proofreading notes via Rich-text editor
+
+2. Upload an annotated file. In the case of PDF files, you can download the file and make annotations offline using specialized software. when this is done, you can upload the annotated file for the editor to review.
+
+ .. figure:: /nstatic/typesetting/proofreading_2.png
+
+    Providing proofreading notes by uploading an annotated file.
+
+It is important to proof all the files thoroughly in order to avoid unnecessary follow-up rounds that will potentially cost more time and money to the journal's editorial team and publishers.
+
+Once you have provded your feedback, it is possible that the editorial team might send you another proofing tasks once the requested corrections have been applied. In that case, the process to follow is the same as explained above.