Release/5.1.0 #30
Merged
Release/5.1.0 #30
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
During the development of the `BasicGoldSim` course, the `GoldSimActivator` created a new instance of the `IHierarchicalTopicMappingService<>` for the courses every load. This was useful as it prevented caching, and thus ensured that the navigation wasn't being mapped each and every load. This isn't performant for the production site, however, since it requires mapping each navigation item for every request. Maintaining a cached repository of these is much faster, just as we do with the main site navigation.
This is especially nice here where we don't otherwise need to bring in the namespace.
Reintroduced caching layer for the course navigation. This is consistent with the main site navigation, but had been (temporarily) removed during development of the courses to ensure that the navigation could be updated in realtime via the editor without needing to reset the application (since these are persistently cached).
The `IRequestValidator` class helps abstract the functionality we're implementing for reCAPTCHA, thus potentially allowing it to be stubbed or swapped out with a different implementation in the future.
This allows the JSON response from reCAPTCHA's web service to be serialized to a strongly typed POCO. This will be used in the forthcoming `RecaptchaValidator` service.
The `RecaptchaValidator` class is a concrete implementation of the new `IRequestValidator` (0272136). This accepts a token and an action, and validates them against reCAPTCHA's API. This takes advantage of the recently introduced `RecaptchaResponse` class to model the response from the reCAPTCHA API (3c0ad10).
The `RecaptchaViewModel` collects configuration information necessary to display a reCAPTCHA script on a webpage.
The `RecaptchaViewComponent` allows us to centralize the JavaScript for embedding reCAPTCHA, wiring it up to the form, and ensuring that the token is submitted as a field to the form. This relies on a `siteKey` that should be configured as part of dependency injection.
The view for the `RecaptchaViewComponent` (92498c6) takes the `RecaptchaViewModel` (97d9cce) and uses the configuration data to load the reCAPTCHA JavaScript, render a hidden input field for the token retrieved from reCAPTCHA, and wires up a call to the reCAPTCHA API when the form is submitted. This effectively intercepts efforts to submit the form, ensuring that the reCAPTCHA token is injected at the last possible minute.
This allows the `RecaptchaViewComponent` to be added to any view.
This isn't yet supported by the backend, but it at least ensures that the functionality is available once the backends are updated to validate the reCAPTCHA token.
The `Payments.js` intercepts a click on the submit button, and then calls `form.submit()`. This bypasses the jQuery `$(form).submit()` which the new `RecaptchaViewComponent` (92498c6, b94869c) sets up. To allow these to play together, the `Payments` script is updated to call jQuery's `$(form).submit()`, thus ensuring that functionality is handed off to the reCAPTCHA handler once the payments form has finishes its initial validation.
This will allow this to be injected into the controllers, so they can use it to validate the reCAPTCHA tokens being injected by the `RecaptchaViewComponent` (9a5619a).
This allows the hidden field introduced by the `RecaptchaViewComponent` to be bound to the `PaymentFormBindingModel` so it can be utilized by the `PaymentsController`.
This allows the hidden field introduced by the `RecaptchaViewComponent` to be bound to the any of the forms binding models, so they can be validated by the `FormsController`. All of the form binding models ultimately derive from `CoreContact`. (Technically, `CoreContact` is also used elsewhere, such as for forms that collect multiple contacts, but this shouldn't cause any harm since it's an optional field.)
The `Unit` content type just does a redirect, so there's no benefit to having it listed in the `SitemapController`; in fact, doing so causes Google Search Console to introduce _Duplicate, submitted URL not selected as canonical_ exclusion warnings. Removing these, similar to other redirect pages, addresses this.
Implemented Google reCAPTCHA v3 via a new `RecaptchaViewComponent` (for the client-side implementation) and `RecaptchaValidator` (for the server-side implementation). This will help prevent automated attacks from bots which can introduce a lot of mail or records to sort through.
This affects the credit card processing form.
This affects OpenID authentication and Razor Runtime Compilation—neither of which affect end customers.
This is part of the build process, and potentially impacts backward compatibility of CSS.
This impacts our build process, and potentially the compiled CSS which it is responsible for minimizing.
As with the previous two updates, this affects our build process, and specifically the compiled CSS.
This doesn't affect direct dependencies, as updated in the previous commits, but rather all of their optional downstream dependencies.
Updated NuGet and npm dependencies. This includes patches to .NET, a minor update to Braintree, and a number of updates to packages used by Gulp for minimizing the compiled CSS output. Given the latter, I spot checked multiple templates to ensure that the styles appeared to be rendering consistent with the previous version.
Ensures that the one-time token generated by reCAPTCHA isn't included in the email receipt to GoldSim. Ideally, we'd have a smarter way of handling this—such as a black list, a naming convention or, even better, an attribute on the models. But those require more thought and/or a bigger investment, and aren't an immediate priority. As such, hardcoding this exception satisfies the immediate need, and can be refactored later if appropriate.
Exclude the reCAPTCHA token from the email receipt sent to GoldSim.
Updated the Microsoft Application Insights JavaScript library from 2.7.1 to 2.8.4.
Updated Auto-Prefixer from 10.4.0 to 10.4.7. This is a build-time dependency and won't directly affect the site, though it could affect what CSS is generated.
Updated CSS Nano from 5.0.10 to 5.0.12. This is a build-time dependency and won't directly affect the site, though it could affect what CSS is generated.
Updated the reference Dash.js implementation from 4.1.0 to 4.4.0. This may affect the video player on the homepage.
Updated GSAP from 3.8.0 to 3.10.4. This may affect the animations on, in particular, the homepage.
Updated Gulp SASS from 5.0.0 to 5.1.0. This is a build-time dependency and won't directly affect the site, though it could affect what CSS is generated.
Updated JSHint from 2.13.1 to 2.13.4. This is a build-time dependency and won't directly affect the site, though it could affect what JavaScript warnings are generated during the build process.
Updated Node SASS compiler from 6.0.1 to 7.0.1. This is a build-time dependency and won't directly affect the site, though it could affect what CSS is generated.
Updated Post CSS from 8.3.11 to 8.4.14. This is a build-time dependency and won't directly affect the site, though it could affect what CSS is generated.
Updated What Input from 5.2.10 to 5.2.12. This could affect how current form field highlighting works on the request forms and payment processing.
In the previous commits, I updated top-level, direct dependencies. In this commit, I update all downstream npm dependencies. This elevates them beyond the minimums required by the packages that rely on them to the highest version permitted by that library (typically constrained to the current major version).
Updated Font Awesome from 5.15.4 to 6.1.1. This may affect rendering of icons in e.g. the footer and on downloads. This _will_ break some Font Awesome calculations, due to a Dart Sass compatibility issue; that will be fixed in a subsequent update.
In Font Awesome 6.x, the `fa-divide()` function is moved to a new partial, `_functions`, which _must_ be included prior to referencing individual SASS partials, such as `_mixins` or `_variables`. See FortAwesome/Font-Awesome#18908 for detais.
The `font-family` name for Font Awesome 6 changed from e.g. `Font Awesome 5 Free` to `Font Awesome 6 Free` (as one would expect). As such, the style sheet references must be updated.
Updated Brain Tree from 5.9.0 to 5.12.0. This may affect payment processing.
Updated Microsoft Application Insights from 2.19.0 to 2.20.0. This complements the update of the client-side JavaScript library (d497a50). This may affect how Azure Application Insights data is tracked.
Updated ASP.NET Core OpenID authentication from 6.0.0 to 6.0.6 to correspond to the latest ASP.NET Core version. This may affect authentication for the admin tools and OnTopic Editor.
Updated the ASP.NET Core Runtime Compilation from 6.0.0 to 6.0.6 to correspond to the latest ASP.NET Core version. This is a design-time dependency and won't affect the live site.
Updated Postmark from 4.5.2 to 4.7.2. This may affect how email is sent out.
Updated all NuGet and npm dependencies, both primary and downstream. In addition to build system updates related to Gulp plugins and CSS, this also includes Braintree (payment processing), Postmark (email processing), Azure Application Insights (analytics), as well as a few client libraries that directly affect user-facing features, such as GSAP (animations) and DASH.js (video streaming).
Previously, research licenses weren't eligible for leasing. Now, they're _only_ eligible for leasing—and the one year lease, specifically. I've updated the logic to _only_ show the "Leased Standalone (1 year)" lease when the "Research" product is selected.
When selecting the "GoldSim Research" product, the only license type that will be available is the "Leased Standalone (1 year)" option. If a different license type was selected prior to selecting "GoldSim Research", this will now store that locally, and then reselect it when "GoldSim Research" is unchosen (either by choosing "GoldSim" or "Select one…").
Due to the logic for reverting the license type to the previously selected value (6fd4d15), a bug occurred where the license would be reset if it was selected prior to the product. This is fixed by only resetting the value if it's already been set (which happens when "GoldSim Research" is selected).
In HTML, there is a `readonly` attribute for `input` elements, but not for `select` elements. The new `readonly` class mimics the `readonly` attribute by disabling click events on the select box, and then setting the background to the disabled input color.
Previously, we hid all options not related to the "Research GoldSim" product. Now, instead of hiding these, I am mimicking a read-only state on the dropdown box using the newly introduced `select.readonly` class (840e890). This looks and acts like a disabled dropdown list, but will still submit the value to the server.
GoldSim's licensing options have changed. It used to be GoldSim Research was only eligible for standalone licenses, so we hid the leased licenses. Now, GoldSim Research is only eligible for the Leased Standalone (1 year) license. I've updated the logic to handle this. While I was at it, I changed the logic around so that a) instead of hiding other values, the dropdown list is treated as read-only (using a new CSS style), and b) when the product is changed away from "GoldSim Research", the license type is reverted to its original value.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The 5.1.0 release of GoldSim focuses on upgrades to backend dependencies, as well as a handful of business requests. Notably, this includes upgrading to C# 10 (52358dd, d8b36b7), ASP.NET Core 6.0 (96b6fd5), as well as OnTopic 5.2.0 (b2537a3). In terms of new features, this includes the introduction of reCaptcha v3 (098d6e1), a new
FormController(640be65), and support for OnTopic 5.2.0's newAttributeDictionaryconstructor for view models (e50b674).Requests
table.lookupstyle (322d0eb);Improvements
FormController(640be65)AttributeDictionaryconstructors for view models (e50b674)Code Changes