From d869a91eaebf773fd999b69f87364c402197b781 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Fri, 12 Jan 2024 16:10:25 +0900 Subject: [PATCH 01/21] =?UTF-8?q?=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/logout.py | 108 ++++++++++-------- .../src/services/session_service.py | 47 +++++--- 2 files changed, 86 insertions(+), 69 deletions(-) diff --git a/ecs/jskult-webapp/src/controller/logout.py b/ecs/jskult-webapp/src/controller/logout.py index 8a633f6c..69de2c22 100644 --- a/ecs/jskult-webapp/src/controller/logout.py +++ b/ecs/jskult-webapp/src/controller/logout.py @@ -1,50 +1,58 @@ -from typing import Optional, Union - -from fastapi import APIRouter, Depends, Request -from fastapi.responses import HTMLResponse - -from src.depends.auth import get_current_session -from src.model.internal.session import UserSession -from src.model.view.logout_view_model import LogoutViewModel -from src.system_var import constants -from src.templates import templates - -router = APIRouter() - -######################### -# Views # -######################### - - -@router.get('/', response_class=HTMLResponse) -def logout_view( - request: Request, - reason: Optional[str] = None, - session: Union[UserSession, None] = Depends(get_current_session) -): - # どういうルートでログインしたかを判断するため、refererを取得 - referer = request.headers.get('referer', '') - - redirect_to = '/login/userlogin' - link_text = 'MeDaCA機能メニューへ' - # セッションが切れておらず、メンテユーザである、またはメンテログイン画面から遷移した場合、メンテログイン画面に戻す - if (session is not None and session.user_flg == str(constants.PERMISSION_ENABLED)) \ - or referer.endswith('maintlogin'): - redirect_to = '/login/maintlogin' - link_text = 'Login画面に戻る' - - logout = LogoutViewModel( - redirect_to=redirect_to, - reason=constants.LOGOUT_REASON_MESSAGE_MAP.get(reason, ''), - link_text=link_text - ) - template_response = templates.TemplateResponse( - 'logout.html', - { - 'request': request, - 'logout': logout, - } - ) - # クッキーを削除 - template_response.delete_cookie('session') - return template_response +from typing import Optional, Union + +from fastapi import APIRouter, Depends, Request +from fastapi.responses import HTMLResponse + +from src.depends.auth import get_current_session +from src.model.internal.session import UserSession +from src.model.view.logout_view_model import LogoutViewModel +from src.system_var import constants +from src.templates import templates + +router = APIRouter() + +######################### +# Views # +######################### + +def delete_session(session: Union[UserSession, None] = Depends(get_current_session)): + if session: + session.delete() + + +@router.get('/', response_class=HTMLResponse) +def logout_view( + request: Request, + reason: Optional[str] = None, + session: Union[UserSession, None] = Depends(get_current_session) +): + # どういうルートでログインしたかを判断するため、refererを取得 + referer = request.headers.get('referer', '') + + redirect_to = '/login/userlogin' + link_text = 'MeDaCA機能メニューへ' + # セッションが切れておらず、メンテユーザである、またはメンテログイン画面から遷移した場合、メンテログイン画面に戻す + if (session is not None and session.user_flg == str(constants.PERMISSION_ENABLED)) \ + or referer.endswith('maintlogin'): + redirect_to = '/login/maintlogin' + link_text = 'Login画面に戻る' + + logout = LogoutViewModel( + redirect_to=redirect_to, + reason=constants.LOGOUT_REASON_MESSAGE_MAP.get(reason, ''), + link_text=link_text + ) + template_response = templates.TemplateResponse( + 'logout.html', + { + 'request': request, + 'logout': logout, + } + ) + # クッキーを削除 + template_response.delete_cookie('session') + + # セッション削除 + delete_session(session) + + return template_response diff --git a/ecs/jskult-webapp/src/services/session_service.py b/ecs/jskult-webapp/src/services/session_service.py index 657e648d..48edbcd4 100644 --- a/ecs/jskult-webapp/src/services/session_service.py +++ b/ecs/jskult-webapp/src/services/session_service.py @@ -1,19 +1,28 @@ - -from src.logging.get_logger import get_logger -from src.model.internal.session import UserSession - -logger = get_logger('セッション管理') - - -def set_session(session: UserSession) -> str: - session.save() - return session.session_key - - -def get_session(key: str) -> UserSession: - try: - session = UserSession.get(hash_key=key, consistent_read=True) - return session - except UserSession.DoesNotExist as e: - logger.debug(f'セッション取得失敗:{e}') - return None + +from src.logging.get_logger import get_logger +from src.model.internal.session import UserSession + +logger = get_logger('セッション管理') + + +def set_session(session: UserSession) -> str: + session.save() + return session.session_key + + +def get_session(key: str) -> UserSession: + try: + session = UserSession.get(hash_key=key, consistent_read=True) + return session + except UserSession.DoesNotExist as e: + logger.debug(f'セッション取得失敗:{e}') + return None + +def delete_session (key: str) -> bool: + try: + session = UserSession.get(hash_key=key, consistent_read=True) + session.delete() + return True + except UserSession.DoesNotExist as e: + logger.debug(f'セッション削除失敗:{e}') + return False \ No newline at end of file From ead12039a7972bd34c89b2b2394cf4aafc2630d5 Mon Sep 17 00:00:00 2001 From: Nik Afiq Date: Mon, 15 Jan 2024 17:11:46 +0900 Subject: [PATCH 02/21] =?UTF-8?q?=E6=8C=87=E6=91=98=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/logout.py | 9 ++++----- ecs/jskult-webapp/src/services/session_service.py | 10 ++++------ 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/ecs/jskult-webapp/src/controller/logout.py b/ecs/jskult-webapp/src/controller/logout.py index 69de2c22..bae8a3aa 100644 --- a/ecs/jskult-webapp/src/controller/logout.py +++ b/ecs/jskult-webapp/src/controller/logout.py @@ -8,16 +8,14 @@ from src.model.internal.session import UserSession from src.model.view.logout_view_model import LogoutViewModel from src.system_var import constants from src.templates import templates +from src.services.session_service import SessionService router = APIRouter() ######################### # Views # ######################### - -def delete_session(session: Union[UserSession, None] = Depends(get_current_session)): - if session: - session.delete() + @router.get('/', response_class=HTMLResponse) @@ -53,6 +51,7 @@ def logout_view( template_response.delete_cookie('session') # セッション削除 - delete_session(session) + if session: + SessionService.delete_session(session) return template_response diff --git a/ecs/jskult-webapp/src/services/session_service.py b/ecs/jskult-webapp/src/services/session_service.py index 48edbcd4..b58d7241 100644 --- a/ecs/jskult-webapp/src/services/session_service.py +++ b/ecs/jskult-webapp/src/services/session_service.py @@ -18,11 +18,9 @@ def get_session(key: str) -> UserSession: logger.debug(f'セッション取得失敗:{e}') return None -def delete_session (key: str) -> bool: +def delete_session (session: UserSession): try: - session = UserSession.get(hash_key=key, consistent_read=True) session.delete() - return True - except UserSession.DoesNotExist as e: - logger.debug(f'セッション削除失敗:{e}') - return False \ No newline at end of file + return + except: + return \ No newline at end of file From 5c49c92b6b8d1d8aae984aa95ed7628d451fd068 Mon Sep 17 00:00:00 2001 From: Nik Afiq Date: Mon, 15 Jan 2024 17:12:39 +0900 Subject: [PATCH 03/21] =?UTF-8?q?'=E6=8C=87=E6=91=98=E4=BF=AE=E6=AD=A3'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/.vscode/recommended_settings.json | 1 - 1 file changed, 1 deletion(-) diff --git a/ecs/jskult-webapp/.vscode/recommended_settings.json b/ecs/jskult-webapp/.vscode/recommended_settings.json index d5ce3e07..1999a40e 100644 --- a/ecs/jskult-webapp/.vscode/recommended_settings.json +++ b/ecs/jskult-webapp/.vscode/recommended_settings.json @@ -6,7 +6,6 @@ "source.organizeImports": true } }, - // 自身の環境に合わせて変えてください "python.defaultInterpreterPath": "", "python.linting.lintOnSave": true, "python.linting.enabled": true, From 5d4a237904b4c90e7af083306897c4e37b0dbb47 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Mon, 15 Jan 2024 17:32:17 +0900 Subject: [PATCH 04/21] =?UTF-8?q?max=5Fage=E5=89=8A=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/bio_api.py | 2 -- ecs/jskult-webapp/src/router/session_router.py | 1 - 2 files changed, 3 deletions(-) diff --git a/ecs/jskult-webapp/src/controller/bio_api.py b/ecs/jskult-webapp/src/controller/bio_api.py index 982ef8d2..2f96408a 100644 --- a/ecs/jskult-webapp/src/controller/bio_api.py +++ b/ecs/jskult-webapp/src/controller/bio_api.py @@ -83,7 +83,6 @@ def search_bio_data( json_response.set_cookie( key='session', value=session.session_key, - max_age=environment.SESSION_EXPIRE_MINUTE * 60, # cookieの有効期限は秒数指定なので、60秒をかける secure=True, httponly=True ) @@ -156,7 +155,6 @@ async def download_bio_data( json_response.set_cookie( key='session', value=session.session_key, - max_age=environment.SESSION_EXPIRE_MINUTE * 60, # cookieの有効期限は秒数指定なので、60秒をかける secure=True, httponly=True ) diff --git a/ecs/jskult-webapp/src/router/session_router.py b/ecs/jskult-webapp/src/router/session_router.py index 9389a722..a4a28e25 100644 --- a/ecs/jskult-webapp/src/router/session_router.py +++ b/ecs/jskult-webapp/src/router/session_router.py @@ -123,7 +123,6 @@ class AfterSetCookieSessionRoute(MeDaCaRoute): response.set_cookie( key='session', value=session_key, - max_age=environment.SESSION_EXPIRE_MINUTE * 60, # cookieの有効期限は秒数指定なので、60秒をかける secure=True, httponly=True ) From 6371924bd930baf9a9b5da76b3282d48414a40d2 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Tue, 16 Jan 2024 14:00:57 +0900 Subject: [PATCH 05/21] =?UTF-8?q?'=E6=8C=87=E6=91=98=E5=AF=BE=E5=BF=9C?= =?UTF-8?q?=EF=BC=9Aimport=E4=BF=AE=E6=AD=A3=E3=83=BB=E5=91=BC=E3=81=B3?= =?UTF-8?q?=E5=87=BA=E3=81=97=E4=BF=AE=E6=AD=A3'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/.vscode/recommended_settings.json | 1 + ecs/jskult-webapp/src/controller/logout.py | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ecs/jskult-webapp/.vscode/recommended_settings.json b/ecs/jskult-webapp/.vscode/recommended_settings.json index 1999a40e..d5ce3e07 100644 --- a/ecs/jskult-webapp/.vscode/recommended_settings.json +++ b/ecs/jskult-webapp/.vscode/recommended_settings.json @@ -6,6 +6,7 @@ "source.organizeImports": true } }, + // 自身の環境に合わせて変えてください "python.defaultInterpreterPath": "", "python.linting.lintOnSave": true, "python.linting.enabled": true, diff --git a/ecs/jskult-webapp/src/controller/logout.py b/ecs/jskult-webapp/src/controller/logout.py index bae8a3aa..76d9ef60 100644 --- a/ecs/jskult-webapp/src/controller/logout.py +++ b/ecs/jskult-webapp/src/controller/logout.py @@ -8,7 +8,7 @@ from src.model.internal.session import UserSession from src.model.view.logout_view_model import LogoutViewModel from src.system_var import constants from src.templates import templates -from src.services.session_service import SessionService +from src.services import session_service router = APIRouter() @@ -52,6 +52,6 @@ def logout_view( # セッション削除 if session: - SessionService.delete_session(session) + session_service.delete_session(session) return template_response From fe1e73e52d18307e6355dacaa08d05e9ebaaa04a Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Tue, 16 Jan 2024 16:22:02 +0900 Subject: [PATCH 06/21] =?UTF-8?q?API=E3=83=89=E3=82=AD=E3=83=A5=E3=83=A1?= =?UTF-8?q?=E3=83=B3=E3=83=88=E9=9D=9E=E8=A1=A8=E7=A4=BA=E3=81=99=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ecs/jskult-webapp/src/main.py b/ecs/jskult-webapp/src/main.py index 174f097a..9a19d97b 100644 --- a/ecs/jskult-webapp/src/main.py +++ b/ecs/jskult-webapp/src/main.py @@ -11,7 +11,7 @@ from src.core import task from src.error.exception_handler import http_exception_handler from src.error.exceptions import UnexpectedException -app = FastAPI() +app = FastAPI(openapi_url=None) # 静的ファイルをマウント app.mount('/static', StaticFiles(directory=path.dirname(static.__file__)), name='static') From 88d8985058ea8898c3f1f9b06e79a7248640e044 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Thu, 18 Jan 2024 15:40:48 +0900 Subject: [PATCH 07/21] =?UTF-8?q?=E4=B8=8D=E8=A6=81=E3=81=AA=E3=82=B3?= =?UTF-8?q?=E3=83=A1=E3=83=B3=E3=83=88=E5=89=8A=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/templates/logout.html | 53 --------------------- 1 file changed, 53 deletions(-) diff --git a/ecs/jskult-webapp/src/templates/logout.html b/ecs/jskult-webapp/src/templates/logout.html index ed17c630..cc79a4ac 100644 --- a/ecs/jskult-webapp/src/templates/logout.html +++ b/ecs/jskult-webapp/src/templates/logout.html @@ -15,61 +15,8 @@ {{logout.reason}} {% endautoescape %}

-


{{logout.link_text}}

- - - - \ No newline at end of file From 484e77abc7bcf1a98a44ce20f01a78ccf52cd307 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Tue, 23 Jan 2024 09:05:11 +0900 Subject: [PATCH 08/21] =?UTF-8?q?=E3=82=BB=E3=82=AD=E3=83=A5=E3=83=AA?= =?UTF-8?q?=E3=83=86=E3=82=A3=E3=83=98=E3=83=83=E3=83=80=E3=83=BC=E8=BF=BD?= =?UTF-8?q?=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/templates/_header.html | 34 ++++++++++++++++---- 1 file changed, 28 insertions(+), 6 deletions(-) diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index a0e90606..920d0beb 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -1,19 +1,41 @@ - + + + + + + + + + + + {{subtitle}} - - + + - - + + - + \ No newline at end of file From 426426b278641e8f01a0ad8f1d4660341e09459e Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Wed, 24 Jan 2024 15:11:49 +0900 Subject: [PATCH 09/21] =?UTF-8?q?=E3=83=98=E3=83=83=E3=83=80=E3=83=BCCache?= =?UTF-8?q?-Control=E3=83=BBX-Content-Type-Options=E3=83=BBStrict-Transpor?= =?UTF-8?q?t-Security=E5=AE=9F=E8=A3=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/bio_api.py | 16 +++++++++++ ecs/jskult-webapp/src/controller/login.py | 16 +++++++++++ ecs/jskult-webapp/src/controller/logout.py | 7 +++++ .../src/router/session_router.py | 8 ++++++ ecs/jskult-webapp/src/templates/_header.html | 27 +++++++------------ 5 files changed, 56 insertions(+), 18 deletions(-) diff --git a/ecs/jskult-webapp/src/controller/bio_api.py b/ecs/jskult-webapp/src/controller/bio_api.py index 2f96408a..d907fd70 100644 --- a/ecs/jskult-webapp/src/controller/bio_api.py +++ b/ecs/jskult-webapp/src/controller/bio_api.py @@ -79,6 +79,14 @@ def search_bio_data( 'data': data, 'count': bio_sales_lot_count }) + + # X-Content-Type-Optionsヘッダー追加 + json_response.headers['X-Content-Type-Options'] = 'nosniff' + # Strict-Transport-Securityヘッダー追加 + json_response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' + # Cache-Controlヘッダー追加 + json_response.headers['Cache-Control'] = 'private' + # クッキーも書き換え json_response.set_cookie( key='session', @@ -152,6 +160,14 @@ async def download_bio_data( 'status': 'ok', 'download_url': download_file_url }) + + # X-Content-Type-Optionsヘッダー追加 + json_response.headers['X-Content-Type-Options'] = 'nosniff' + # Strict-Transport-Securityヘッダー追加 + json_response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' + # Cache-Controlヘッダー追加 + json_response.headers['Cache-Control'] = 'private' + json_response.set_cookie( key='session', value=session.session_key, diff --git a/ecs/jskult-webapp/src/controller/login.py b/ecs/jskult-webapp/src/controller/login.py index c8a5663c..3edf877d 100644 --- a/ecs/jskult-webapp/src/controller/login.py +++ b/ecs/jskult-webapp/src/controller/login.py @@ -113,6 +113,14 @@ def login( status_code=status.HTTP_303_SEE_OTHER, headers={'session_key': session_key} ) + + # X-Content-Type-Optionsヘッダー追加 + response.headers['X-Content-Type-Options'] = 'nosniff' + # Strict-Transport-Securityヘッダー追加 + response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' + # Cache-Controlヘッダー追加 + response.headers['Cache-Control'] = 'private' + return response @@ -170,4 +178,12 @@ def sso_authorize( status_code=status.HTTP_303_SEE_OTHER, headers={'session_key': session_key} ) + + # X-Content-Type-Optionsヘッダー追加 + response.headers['X-Content-Type-Options'] = 'nosniff' + # Strict-Transport-Securityヘッダー追加 + response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' + # Cache-Controlヘッダー追加 + response.headers['Cache-Control'] = 'private' + return response diff --git a/ecs/jskult-webapp/src/controller/logout.py b/ecs/jskult-webapp/src/controller/logout.py index 76d9ef60..c11e10d0 100644 --- a/ecs/jskult-webapp/src/controller/logout.py +++ b/ecs/jskult-webapp/src/controller/logout.py @@ -54,4 +54,11 @@ def logout_view( if session: session_service.delete_session(session) + # X-Content-Type-Optionsヘッダー追加 + template_response.headers['X-Content-Type-Options'] = 'nosniff' + # Strict-Transport-Securityヘッダー追加 + template_response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' + # Cache-Controlヘッダー追加 + template_response.headers['Cache-Control'] = 'private' + return template_response diff --git a/ecs/jskult-webapp/src/router/session_router.py b/ecs/jskult-webapp/src/router/session_router.py index a4a28e25..4f6ffe2f 100644 --- a/ecs/jskult-webapp/src/router/session_router.py +++ b/ecs/jskult-webapp/src/router/session_router.py @@ -103,6 +103,14 @@ class AfterSetCookieSessionRoute(MeDaCaRoute): """事後処理として、セッションキーをcookieに設定するカスタムルートハンドラー""" async def post_process_route(self, request: Request, response: Response): response = await super().post_process_route(request, response) + + # X-Content-Type-Optionsヘッダー追加 + response.headers['X-Content-Type-Options'] = 'nosniff' + # Strict-Transport-Securityヘッダー追加 + response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' + # Cache-Controlヘッダー追加 + response.headers['Cache-Control'] = 'private' + session_key = response.headers.get('session_key', None) # セッションキーがない場合はセットせずに返す if session_key is None: diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index 920d0beb..458df9fb 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -1,15 +1,9 @@ - + + - - - - - - - - - \ No newline at end of file + + + + + + + \ No newline at end of file From a435c51bc75177eebb00f43a752b9ceb8e66ef3f Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Thu, 25 Jan 2024 16:08:05 +0900 Subject: [PATCH 10/21] =?UTF-8?q?X-Frame-Options=E3=83=98=E3=83=83?= =?UTF-8?q?=E3=83=80=E3=83=BC=E5=AE=9F=E8=A3=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/bio_api.py | 6 +++++- ecs/jskult-webapp/src/controller/login.py | 4 ++++ ecs/jskult-webapp/src/controller/logout.py | 2 ++ ecs/jskult-webapp/src/router/session_router.py | 2 ++ ecs/jskult-webapp/src/templates/_header.html | 16 ++-------------- 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/ecs/jskult-webapp/src/controller/bio_api.py b/ecs/jskult-webapp/src/controller/bio_api.py index d907fd70..bbb06b69 100644 --- a/ecs/jskult-webapp/src/controller/bio_api.py +++ b/ecs/jskult-webapp/src/controller/bio_api.py @@ -79,7 +79,9 @@ def search_bio_data( 'data': data, 'count': bio_sales_lot_count }) - + + # X-Frame-Optionsヘッダー追加 + json_response.headers['X-Frame-Options'] = 'DENY' # X-Content-Type-Optionsヘッダー追加 json_response.headers['X-Content-Type-Options'] = 'nosniff' # Strict-Transport-Securityヘッダー追加 @@ -161,6 +163,8 @@ async def download_bio_data( 'download_url': download_file_url }) + # X-Frame-Optionsヘッダー追加 + json_response.headers['X-Frame-Options'] = 'DENY' # X-Content-Type-Optionsヘッダー追加 json_response.headers['X-Content-Type-Options'] = 'nosniff' # Strict-Transport-Securityヘッダー追加 diff --git a/ecs/jskult-webapp/src/controller/login.py b/ecs/jskult-webapp/src/controller/login.py index 3edf877d..bcc48fe1 100644 --- a/ecs/jskult-webapp/src/controller/login.py +++ b/ecs/jskult-webapp/src/controller/login.py @@ -114,6 +114,8 @@ def login( headers={'session_key': session_key} ) + # X-Frame-Optionsヘッダー追加 + response.headers['X-Frame-Options'] = 'DENY' # X-Content-Type-Optionsヘッダー追加 response.headers['X-Content-Type-Options'] = 'nosniff' # Strict-Transport-Securityヘッダー追加 @@ -179,6 +181,8 @@ def sso_authorize( headers={'session_key': session_key} ) + # X-Frame-Optionsヘッダー追加 + response.headers['X-Frame-Options'] = 'DENY' # X-Content-Type-Optionsヘッダー追加 response.headers['X-Content-Type-Options'] = 'nosniff' # Strict-Transport-Securityヘッダー追加 diff --git a/ecs/jskult-webapp/src/controller/logout.py b/ecs/jskult-webapp/src/controller/logout.py index c11e10d0..99ee8813 100644 --- a/ecs/jskult-webapp/src/controller/logout.py +++ b/ecs/jskult-webapp/src/controller/logout.py @@ -54,6 +54,8 @@ def logout_view( if session: session_service.delete_session(session) + # X-Frame-Optionsヘッダー追加 + template_response.headers['X-Frame-Options'] = 'DENY' # X-Content-Type-Optionsヘッダー追加 template_response.headers['X-Content-Type-Options'] = 'nosniff' # Strict-Transport-Securityヘッダー追加 diff --git a/ecs/jskult-webapp/src/router/session_router.py b/ecs/jskult-webapp/src/router/session_router.py index 4f6ffe2f..9672d23b 100644 --- a/ecs/jskult-webapp/src/router/session_router.py +++ b/ecs/jskult-webapp/src/router/session_router.py @@ -104,6 +104,8 @@ class AfterSetCookieSessionRoute(MeDaCaRoute): async def post_process_route(self, request: Request, response: Response): response = await super().post_process_route(request, response) + # X-Frame-Optionsヘッダー追加 + response.headers['X-Frame-Options'] = 'DENY' # X-Content-Type-Optionsヘッダー追加 response.headers['X-Content-Type-Options'] = 'nosniff' # Strict-Transport-Securityヘッダー追加 diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index 458df9fb..db30bfb4 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -3,21 +3,9 @@ - - - - - - - - {{subtitle}} - - + + From 46fa3844ab909f255861ffdf7aabee9e7ce39ee8 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Mon, 29 Jan 2024 13:46:05 +0900 Subject: [PATCH 11/21] =?UTF-8?q?SRI=E3=81=AE=E6=B3=A8=E6=84=8F=E4=BA=8B?= =?UTF-8?q?=E9=A0=85=E3=83=BBhash=E3=82=92=E7=94=9F=E6=88=90=E6=96=B9?= =?UTF-8?q?=E6=B3=95=E8=BF=BD=E5=8A=A0=E8=A8=98=E8=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/ecs/jskult-webapp/README.md b/ecs/jskult-webapp/README.md index 97632b8f..e85ed943 100644 --- a/ecs/jskult-webapp/README.md +++ b/ecs/jskult-webapp/README.md @@ -195,3 +195,16 @@ - コントローラーのrouter変数が、`router.route_class = Authenticate`となっている場合、以下の動きをする - リクエスト到達時にセッションの有無をチェックする - レスポンス時、クッキーにセッションキーを登録する + +## ヘッダーにSRI設定・生成方法 +- インポートされたソースに更新したら、SRIのintegrity hashも更新すること + - ソースはローカルにある場合下記の`bash`コマンドでハッシュ生成できる: + ``` + cat FILENAME.js | openssl dgst -sha384 -binary | openssl base64 -A + ``` + - 外部ソース *(リンクから)* 使用する場合は下記のMDNオンラインツールでハッシュ生成できる: + [SRI Hash Generator](https://www.srihash.org/) + - SRIサンプル: + ``` + + ``` From 3feca4d25c793453a76b59e9fc1a16a41fd3a29c Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Mon, 29 Jan 2024 16:50:31 +0900 Subject: [PATCH 12/21] =?UTF-8?q?=E3=83=9F=E3=83=89=E3=83=AB=E3=82=A6?= =?UTF-8?q?=E3=82=A7=E3=82=A2=E5=AE=9F=E8=A3=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/controller/bio_api.py | 18 ------- ecs/jskult-webapp/src/controller/login.py | 18 ------- ecs/jskult-webapp/src/controller/logout.py | 9 ---- ecs/jskult-webapp/src/main.py | 5 ++ ecs/jskult-webapp/src/middleware/__init__.py | 0 .../src/middleware/middleware.py | 47 +++++++++++++++++++ .../src/router/session_router.py | 9 ---- 7 files changed, 52 insertions(+), 54 deletions(-) create mode 100644 ecs/jskult-webapp/src/middleware/__init__.py create mode 100644 ecs/jskult-webapp/src/middleware/middleware.py diff --git a/ecs/jskult-webapp/src/controller/bio_api.py b/ecs/jskult-webapp/src/controller/bio_api.py index bbb06b69..4989a50d 100644 --- a/ecs/jskult-webapp/src/controller/bio_api.py +++ b/ecs/jskult-webapp/src/controller/bio_api.py @@ -80,15 +80,6 @@ def search_bio_data( 'count': bio_sales_lot_count }) - # X-Frame-Optionsヘッダー追加 - json_response.headers['X-Frame-Options'] = 'DENY' - # X-Content-Type-Optionsヘッダー追加 - json_response.headers['X-Content-Type-Options'] = 'nosniff' - # Strict-Transport-Securityヘッダー追加 - json_response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' - # Cache-Controlヘッダー追加 - json_response.headers['Cache-Control'] = 'private' - # クッキーも書き換え json_response.set_cookie( key='session', @@ -162,15 +153,6 @@ async def download_bio_data( 'status': 'ok', 'download_url': download_file_url }) - - # X-Frame-Optionsヘッダー追加 - json_response.headers['X-Frame-Options'] = 'DENY' - # X-Content-Type-Optionsヘッダー追加 - json_response.headers['X-Content-Type-Options'] = 'nosniff' - # Strict-Transport-Securityヘッダー追加 - json_response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' - # Cache-Controlヘッダー追加 - json_response.headers['Cache-Control'] = 'private' json_response.set_cookie( key='session', diff --git a/ecs/jskult-webapp/src/controller/login.py b/ecs/jskult-webapp/src/controller/login.py index bcc48fe1..5c8d904e 100644 --- a/ecs/jskult-webapp/src/controller/login.py +++ b/ecs/jskult-webapp/src/controller/login.py @@ -114,15 +114,6 @@ def login( headers={'session_key': session_key} ) - # X-Frame-Optionsヘッダー追加 - response.headers['X-Frame-Options'] = 'DENY' - # X-Content-Type-Optionsヘッダー追加 - response.headers['X-Content-Type-Options'] = 'nosniff' - # Strict-Transport-Securityヘッダー追加 - response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' - # Cache-Controlヘッダー追加 - response.headers['Cache-Control'] = 'private' - return response @@ -180,14 +171,5 @@ def sso_authorize( status_code=status.HTTP_303_SEE_OTHER, headers={'session_key': session_key} ) - - # X-Frame-Optionsヘッダー追加 - response.headers['X-Frame-Options'] = 'DENY' - # X-Content-Type-Optionsヘッダー追加 - response.headers['X-Content-Type-Options'] = 'nosniff' - # Strict-Transport-Securityヘッダー追加 - response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' - # Cache-Controlヘッダー追加 - response.headers['Cache-Control'] = 'private' return response diff --git a/ecs/jskult-webapp/src/controller/logout.py b/ecs/jskult-webapp/src/controller/logout.py index 99ee8813..76d9ef60 100644 --- a/ecs/jskult-webapp/src/controller/logout.py +++ b/ecs/jskult-webapp/src/controller/logout.py @@ -54,13 +54,4 @@ def logout_view( if session: session_service.delete_session(session) - # X-Frame-Optionsヘッダー追加 - template_response.headers['X-Frame-Options'] = 'DENY' - # X-Content-Type-Optionsヘッダー追加 - template_response.headers['X-Content-Type-Options'] = 'nosniff' - # Strict-Transport-Securityヘッダー追加 - template_response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' - # Cache-Controlヘッダー追加 - template_response.headers['Cache-Control'] = 'private' - return template_response diff --git a/ecs/jskult-webapp/src/main.py b/ecs/jskult-webapp/src/main.py index 9a19d97b..61a8170f 100644 --- a/ecs/jskult-webapp/src/main.py +++ b/ecs/jskult-webapp/src/main.py @@ -10,6 +10,7 @@ from src.controller import (bio, bio_api, healthcheck, login, logout, from src.core import task from src.error.exception_handler import http_exception_handler from src.error.exceptions import UnexpectedException +from src.middleware.middleware import ErrorHandlingMiddleware, SecurityHeadersMiddleware app = FastAPI(openapi_url=None) @@ -42,5 +43,9 @@ app.add_exception_handler(status.HTTP_403_FORBIDDEN, http_exception_handler) # サーバーエラーが発生した場合のハンドラー。HTTPExceptionではハンドリングできないため、個別に設定 app.add_exception_handler(UnexpectedException, http_exception_handler) +# セキュリティヘッダー設定・サーバーエラーや認証失敗はミドルウェアで処理する +app.add_middleware(ErrorHandlingMiddleware) +app.add_middleware(SecurityHeadersMiddleware) + # サーバー起動時のイベント app.add_event_handler('startup', task.create_start_app_handler()) diff --git a/ecs/jskult-webapp/src/middleware/__init__.py b/ecs/jskult-webapp/src/middleware/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/ecs/jskult-webapp/src/middleware/middleware.py b/ecs/jskult-webapp/src/middleware/middleware.py new file mode 100644 index 00000000..64ffeb0b --- /dev/null +++ b/ecs/jskult-webapp/src/middleware/middleware.py @@ -0,0 +1,47 @@ +from fastapi import Request, Response, status +from fastapi.responses import JSONResponse +from starlette.middleware.base import BaseHTTPMiddleware + +class SecurityHeadersMiddleware(BaseHTTPMiddleware): + async def dispatch(self, request, call_next): + response = await call_next(request) + # X-Frame-Optionsヘッダー追加 + response.headers['X-Frame-Options'] = 'DENY' + # X-Content-Type-Optionsヘッダー追加 + response.headers['X-Content-Type-Options'] = 'nosniff' + # Strict-Transport-Securityヘッダー追加 + response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' + # Cache-Controlヘッダー追加 + response.headers['Cache-Control'] = 'private' + return response + +class ErrorHandlingMiddleware(BaseHTTPMiddleware): + # エラーハンドリングをするミドルウェア + # API内で発生したエラーをキャッチして処理を施す + + async def dispatch(self, request: Request, call_next) -> Response: + try: + response: Response = await call_next(request) + except TypeError as e: + response = JSONResponse( + {"msg": "TypeError:内容を確認してもう一度データ挿入をしてください。"}, + status.HTTP_404_NOT_FOUND, + ) + except TimeoutError as e: + response = JSONResponse( + {"msg": "TimeoutError:タイムアウトエラーが発生しました。"}, + status.HTTP_408_REQUEST_TIMEOUT, + ) + except RuntimeError as e: + response = JSONResponse( + {"msg": "RuntimeError:ランタイムエラーが発生しました。"}, + status.HTTP_500_INTERNAL_SERVER_ERROR, + ) + except Exception as e: + response = JSONResponse( + {"msg": "Exception:基底クラスエラーが発生しました。"}, + status.HTTP_500_INTERNAL_SERVER_ERROR, + ) + return response + + diff --git a/ecs/jskult-webapp/src/router/session_router.py b/ecs/jskult-webapp/src/router/session_router.py index 9672d23b..30690590 100644 --- a/ecs/jskult-webapp/src/router/session_router.py +++ b/ecs/jskult-webapp/src/router/session_router.py @@ -104,15 +104,6 @@ class AfterSetCookieSessionRoute(MeDaCaRoute): async def post_process_route(self, request: Request, response: Response): response = await super().post_process_route(request, response) - # X-Frame-Optionsヘッダー追加 - response.headers['X-Frame-Options'] = 'DENY' - # X-Content-Type-Optionsヘッダー追加 - response.headers['X-Content-Type-Options'] = 'nosniff' - # Strict-Transport-Securityヘッダー追加 - response.headers['Strict-Transport-Security'] = 'max-age=31536000 includeSubDomains' - # Cache-Controlヘッダー追加 - response.headers['Cache-Control'] = 'private' - session_key = response.headers.get('session_key', None) # セッションキーがない場合はセットせずに返す if session_key is None: From ff6dd0b68a6c6b68b50133c56854df036465274c Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Mon, 29 Jan 2024 17:21:31 +0900 Subject: [PATCH 13/21] =?UTF-8?q?feat:=20SRI=E3=83=8F=E3=83=83=E3=82=B7?= =?UTF-8?q?=E3=83=A5=E5=80=A4=E3=81=AB=E3=81=A4=E3=81=84=E3=81=A6=E8=A8=98?= =?UTF-8?q?=E8=BF=B0=E3=82=92=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/README.md | 47 +++++++++++++++++++++++++++---------- 1 file changed, 35 insertions(+), 12 deletions(-) diff --git a/ecs/jskult-webapp/README.md b/ecs/jskult-webapp/README.md index e85ed943..5eda4c73 100644 --- a/ecs/jskult-webapp/README.md +++ b/ecs/jskult-webapp/README.md @@ -196,15 +196,38 @@ - リクエスト到達時にセッションの有無をチェックする - レスポンス時、クッキーにセッションキーを登録する -## ヘッダーにSRI設定・生成方法 -- インポートされたソースに更新したら、SRIのintegrity hashも更新すること - - ソースはローカルにある場合下記の`bash`コマンドでハッシュ生成できる: - ``` - cat FILENAME.js | openssl dgst -sha384 -binary | openssl base64 -A - ``` - - 外部ソース *(リンクから)* 使用する場合は下記のMDNオンラインツールでハッシュ生成できる: - [SRI Hash Generator](https://www.srihash.org/) - - SRIサンプル: - ``` - - ``` +## HTMLで読み込んでいるスクリプトのSRIハッシュ値を生成・設定する方法 + +### サブリソース完全性 (Subresource Integrity, SRI) とは + +CDN などから取得したリソースが意図せず改ざんされていないかをブラウザーが検証するセキュリティ機能です。 SRI を利用する際には、取得したリソースのハッシュ値と一致すべきハッシュ値を指定します。 + +詳細: + +実消化&アルトマークのWebアプリケーションでは、複数の外部スクリプトを読み込んで動作しているため、読み込むスクリプトを変更した場合は、 +タグの属性値`integrity`に設定されているスクリプトのハッシュ値を更新する必要がある。 + +### SRI ハッシュ値の生成方法(サーバー内のスクリプトについて) + +- サーバー内に保管されているスクリプトを更新した場合、Linux環境(WSL2でも可)で、以下のコマンドを実行し、ハッシュ値を生成する + +```bash +cat <更新したスクリプトファイル名> | openssl dgst -sha384 -binary | openssl base64 -A +``` + +参考: + + +### SRI ハッシュ値の生成方法(外部サイトから読み込んでいるスクリプトについて) + +- 外部サイトから読み込んでいるスクリプトを更新した場合、下記のMDNオンラインツールでハッシュ値を生成する + - [SRI Hash Generator](https://www.srihash.org/) + +### SRI ハッシュ値の設定方法 + +- 更新したスクリプトを読み込んでいる箇所の`integrity`属性値を、生成したハッシュ値に置き換える +- 以下は設定のサンプル + +```bash + +``` From 172c6e070b7a1a330cfdbb9911da7e04f41f6556 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Tue, 30 Jan 2024 09:21:04 +0900 Subject: [PATCH 14/21] =?UTF-8?q?=E4=B8=8D=E8=A6=81=E3=81=AA=E3=82=A8?= =?UTF-8?q?=E3=83=A9=E3=83=BC=E3=83=8F=E3=83=B3=E3=83=89=E3=83=A9=E3=83=BC?= =?UTF-8?q?=E5=89=8A=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/main.py | 5 ++- .../src/middleware/middleware.py | 31 ------------------- 2 files changed, 2 insertions(+), 34 deletions(-) diff --git a/ecs/jskult-webapp/src/main.py b/ecs/jskult-webapp/src/main.py index 61a8170f..f0e1807d 100644 --- a/ecs/jskult-webapp/src/main.py +++ b/ecs/jskult-webapp/src/main.py @@ -10,7 +10,7 @@ from src.controller import (bio, bio_api, healthcheck, login, logout, from src.core import task from src.error.exception_handler import http_exception_handler from src.error.exceptions import UnexpectedException -from src.middleware.middleware import ErrorHandlingMiddleware, SecurityHeadersMiddleware +from src.middleware.middleware import SecurityHeadersMiddleware app = FastAPI(openapi_url=None) @@ -43,8 +43,7 @@ app.add_exception_handler(status.HTTP_403_FORBIDDEN, http_exception_handler) # サーバーエラーが発生した場合のハンドラー。HTTPExceptionではハンドリングできないため、個別に設定 app.add_exception_handler(UnexpectedException, http_exception_handler) -# セキュリティヘッダー設定・サーバーエラーや認証失敗はミドルウェアで処理する -app.add_middleware(ErrorHandlingMiddleware) +# セキュリティヘッダー設定はミドルウェアで処理する app.add_middleware(SecurityHeadersMiddleware) # サーバー起動時のイベント diff --git a/ecs/jskult-webapp/src/middleware/middleware.py b/ecs/jskult-webapp/src/middleware/middleware.py index 64ffeb0b..264fd190 100644 --- a/ecs/jskult-webapp/src/middleware/middleware.py +++ b/ecs/jskult-webapp/src/middleware/middleware.py @@ -14,34 +14,3 @@ class SecurityHeadersMiddleware(BaseHTTPMiddleware): # Cache-Controlヘッダー追加 response.headers['Cache-Control'] = 'private' return response - -class ErrorHandlingMiddleware(BaseHTTPMiddleware): - # エラーハンドリングをするミドルウェア - # API内で発生したエラーをキャッチして処理を施す - - async def dispatch(self, request: Request, call_next) -> Response: - try: - response: Response = await call_next(request) - except TypeError as e: - response = JSONResponse( - {"msg": "TypeError:内容を確認してもう一度データ挿入をしてください。"}, - status.HTTP_404_NOT_FOUND, - ) - except TimeoutError as e: - response = JSONResponse( - {"msg": "TimeoutError:タイムアウトエラーが発生しました。"}, - status.HTTP_408_REQUEST_TIMEOUT, - ) - except RuntimeError as e: - response = JSONResponse( - {"msg": "RuntimeError:ランタイムエラーが発生しました。"}, - status.HTTP_500_INTERNAL_SERVER_ERROR, - ) - except Exception as e: - response = JSONResponse( - {"msg": "Exception:基底クラスエラーが発生しました。"}, - status.HTTP_500_INTERNAL_SERVER_ERROR, - ) - return response - - From c5d99acf1b0139dee023f2371a5a3490aa198b84 Mon Sep 17 00:00:00 2001 From: "nik.n" Date: Tue, 30 Jan 2024 09:29:14 +0900 Subject: [PATCH 15/21] =?UTF-8?q?=E3=83=95=E3=82=A9=E3=83=AB=E3=83=80?= =?UTF-8?q?=E6=A7=8B=E6=88=90=E6=9B=B4=E6=96=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ecs/jskult-webapp/README.md b/ecs/jskult-webapp/README.md index 5eda4c73..c65cbf83 100644 --- a/ecs/jskult-webapp/README.md +++ b/ecs/jskult-webapp/README.md @@ -84,6 +84,8 @@ │   ├── exception_handler.py -- FastAPI内部でエラー発生時のハンドリング │   └── exceptions.py -- カスタム例外クラス ├── main.py -- APサーバーのエントリーポイント。ここでルーターやハンドラーの登録を行う + ├── middleware -- ミドルウェアの設定 + │ └── middleware.py ├── model -- モデル層(MVCのM) │   ├── db -- リポジトリから返されるDBレコードのモデル │   │   ├── base_db_model.py From f93bacd41f66639b8795445b99d77a6124d73a31 Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Tue, 30 Jan 2024 13:50:23 +0900 Subject: [PATCH 16/21] =?UTF-8?q?fix:=20flatpickr/dist/l10n/ja.min.js?= =?UTF-8?q?=E3=81=AE=E3=83=8F=E3=83=83=E3=82=B7=E3=83=A5=E5=80=A4=E3=81=8C?= =?UTF-8?q?=E7=95=B0=E3=81=AA=E3=82=8A=E3=80=81Failed=20to=20find=20a=20va?= =?UTF-8?q?lid=20digest=20in=20the=20'integrity'=20attribute=20for=20resou?= =?UTF-8?q?rce=E3=81=AE=E3=82=A8=E3=83=A9=E3=83=BC=E3=81=8C=E7=99=BA?= =?UTF-8?q?=E7=94=9F=E3=81=97=E3=81=A6=E3=81=84=E3=81=9F=E3=81=AE=E3=82=92?= =?UTF-8?q?=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/templates/_header.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index db30bfb4..2ff16a36 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -15,6 +15,6 @@ - + \ No newline at end of file From 125b57dd25a7c9c9a5c2a9624dfc01ebabcbb6f4 Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Tue, 30 Jan 2024 13:51:36 +0900 Subject: [PATCH 17/21] =?UTF-8?q?feat:=20=E4=BD=BF=E7=94=A8=E3=81=99?= =?UTF-8?q?=E3=82=8BCDN=E3=82=92=E7=B5=B1=E4=B8=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/templates/_header.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index 2ff16a36..ce11850b 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -11,9 +11,9 @@ - + - + From e217d2ed23a967b3293b19872a9998b37850c152 Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Tue, 30 Jan 2024 13:52:02 +0900 Subject: [PATCH 18/21] =?UTF-8?q?refactor:=20=E4=BD=BF=E7=94=A8=E3=81=97?= =?UTF-8?q?=E3=81=A6=E3=81=84=E3=81=AA=E3=81=84CSS=E3=83=A9=E3=82=A4?= =?UTF-8?q?=E3=83=96=E3=83=A9=E3=83=AA=E3=82=92=E5=89=8A=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/templates/_header.html | 1 - 1 file changed, 1 deletion(-) diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index ce11850b..4f7906e3 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -5,7 +5,6 @@ {{subtitle}} - From 07ec3d28d5882f8e1a80ac7317fb5286c068b070 Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Wed, 21 Feb 2024 19:32:33 +0900 Subject: [PATCH 19/21] =?UTF-8?q?fix:=20flatpickr-l10n-ja.js=E3=81=AEinteg?= =?UTF-8?q?rity=E3=81=8C=E9=96=93=E9=81=95=E3=81=A3=E3=81=A6=E3=81=8A?= =?UTF-8?q?=E3=82=8A=E3=80=81=E8=AA=AD=E3=81=BF=E8=BE=BC=E3=82=81=E3=81=A6?= =?UTF-8?q?=E3=81=84=E3=81=AA=E3=81=8B=E3=81=A3=E3=81=9F=E3=80=82=E3=81=93?= =?UTF-8?q?=E3=82=8C=E3=81=8C=E5=BD=B1=E9=9F=BF=E3=81=97=E3=81=A6DatePicke?= =?UTF-8?q?r=E3=81=8C=E5=8B=95=E4=BD=9C=E3=81=97=E3=81=A6=E3=81=84?= =?UTF-8?q?=E3=81=AA=E3=81=8B=E3=81=A3=E3=81=9F=E3=81=AE=E3=82=92=E4=BF=AE?= =?UTF-8?q?=E6=AD=A3=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/templates/_header.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index 4f7906e3..84221542 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -14,6 +14,6 @@ - + \ No newline at end of file From b8db5c11ab24dcb8932172448a2ae6038cee968f Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Thu, 22 Feb 2024 16:13:20 +0900 Subject: [PATCH 20/21] =?UTF-8?q?feat:=20integrity=E3=81=AE=E6=96=B9?= =?UTF-8?q?=E9=87=9D=E3=82=92=E5=A4=89=E6=9B=B4=E3=80=82=E5=A4=96=E9=83=A8?= =?UTF-8?q?=E3=81=8B=E3=82=89=E8=AA=AD=E3=81=BF=E8=BE=BC=E3=82=93=E3=81=A7?= =?UTF-8?q?=E3=81=84=E3=82=8B=E3=82=82=E3=81=AE=E3=81=AB=E3=81=AF=E3=81=A4?= =?UTF-8?q?=E3=81=91=E3=81=AA=E3=81=84=E3=82=88=E3=81=86=E3=81=AB=E3=81=97?= =?UTF-8?q?=E3=81=9F=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ecs/jskult-webapp/src/templates/_header.html | 22 ++++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/ecs/jskult-webapp/src/templates/_header.html b/ecs/jskult-webapp/src/templates/_header.html index 84221542..95ac2464 100644 --- a/ecs/jskult-webapp/src/templates/_header.html +++ b/ecs/jskult-webapp/src/templates/_header.html @@ -4,16 +4,16 @@ {{subtitle}} - - - - - - - - - - - + + + + + + + + + + + \ No newline at end of file From 5a71bf972fe74b99faba7350aab6ae40a75c3f26 Mon Sep 17 00:00:00 2001 From: "shimoda.m@nds-tyo.co.jp" Date: Tue, 27 Feb 2024 13:41:00 +0900 Subject: [PATCH 21/21] =?UTF-8?q?MSJ=5FPatient=5F=5Fc=E3=81=AE=E5=AF=BE?= =?UTF-8?q?=E5=BF=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../crm/object_info/crm_object_list_diff.json | 17 ++++++++++++++++- s3/data/crm/settings/CRM_MSJ_Patient__c.txt | 8 ++++---- s3/data/crm/settings/CRM_MSJ_Patient__c_ex.sql | 1 + 3 files changed, 21 insertions(+), 5 deletions(-) create mode 100644 s3/data/crm/settings/CRM_MSJ_Patient__c_ex.sql diff --git a/s3/config/crm/object_info/crm_object_list_diff.json b/s3/config/crm/object_info/crm_object_list_diff.json index 243b07db..5fc83f7d 100644 --- a/s3/config/crm/object_info/crm_object_list_diff.json +++ b/s3/config/crm/object_info/crm_object_list_diff.json @@ -2659,7 +2659,22 @@ "MSJ_Child_Account_Name__c", "MSJ_Child_Account__c", "MSJ_Parent_Account_Name__c", - "MSJ_Parent_Child_Name__c" + "MSJ_Parent_Child_Name__c", + "MSJ_Age__c", + "MSJ_Comments__c", + "MSJ_Effectiveness_evaluation_date__c", + "MSJ_Gender__c", + "MSJ_Informed_consent__c", + "MSJ_Metastases_location__c", + "MSJ_PS__c", + "MSJ_Scheduled_date_of_informed_consent__c", + "MSJ_Scheduled_start_date_administration__c", + "MSJ_CDX_type__c", + "MSJ_First_line_chemotherapy_efficacy__c", + "MSJ_Num_cycles_of_1st_line_chemotherapy__c", + "MSJ_Primary_site_location__c", + "MSJ_Regimen_of_first_line_chemotherapy__c", + "MSJ_Starting_dose__c" ], "is_skip": false, "is_update_last_fetch_datetime": true diff --git a/s3/data/crm/settings/CRM_MSJ_Patient__c.txt b/s3/data/crm/settings/CRM_MSJ_Patient__c.txt index 8f470747..9bf209e6 100644 --- a/s3/data/crm/settings/CRM_MSJ_Patient__c.txt +++ b/s3/data/crm/settings/CRM_MSJ_Patient__c.txt @@ -4,10 +4,10 @@ utf-8 " CRLF 1 -37 -Id,OwnerId,IsDeleted,Name,CreatedDate,CreatedById,LastModifiedDate,LastModifiedById,SystemModstamp,MayEdit,IsLocked,MSJ_Account_Name__c,MSJ_CRC_Group__c,MSJ_Casus_or_Transfer_Point__c,MSJ_Entry_Date__c,MSJ_IST_Name__c,MSJ_Indication__c,MSJ_Line__c,MSJ_MR_Comments__c,MSJ_MUID__c,MSJ_Medical_Regimen__c,MSJ_Month__c,MSJ_Report_Comments__c,MSJ_Start_Date_Of_Administration__c,MSJ_Year__c,Mobile_ID_vod__c,MSJ_CRC_RAS_KRAS__c,MSJ_End_Date_Of_Administration__c,MSJ_End_Date_of_Stop_Administration__c,MSJ_HN_Hospitalized_Type__c,MSJ_Start_Date_of_Stop_Administration__c,MSJ_Patient_Status__c,MSJ_Patient_TA__c,MSJ_Child_Account_Name__c,MSJ_Child_Account__c,MSJ_Parent_Account_Name__c,MSJ_Parent_Child_Name__c -Id,OwnerId,IsDeleted,Name,CreatedDate,CreatedById,LastModifiedDate,LastModifiedById,SystemModstamp,MayEdit,IsLocked,MSJ_Account_Name__c,MSJ_CRC_Group__c,MSJ_Casus_or_Transfer_Point__c,MSJ_Entry_Date__c,MSJ_IST_Name__c,MSJ_Indication__c,MSJ_Line__c,MSJ_MR_Comments__c,MSJ_MUID__c,MSJ_Medical_Regimen__c,MSJ_Month__c,MSJ_Report_Comments__c,MSJ_Start_Date_Of_Administration__c,MSJ_Year__c,Mobile_ID_vod__c,MSJ_CRC_RAS_KRAS__c,MSJ_End_Date_Of_Administration__c,MSJ_End_Date_of_Stop_Administration__c,MSJ_HN_Hospitalized_Type__c,MSJ_Start_Date_of_Stop_Administration__c,MSJ_Patient_Status__c,MSJ_Patient_TA__c,MSJ_Child_Account_Name__c,MSJ_Child_Account__c,MSJ_Parent_Account_Name__c,MSJ_Parent_Child_Name__c +52 +Id,OwnerId,IsDeleted,Name,CreatedDate,CreatedById,LastModifiedDate,LastModifiedById,SystemModstamp,MayEdit,IsLocked,MSJ_Account_Name__c,MSJ_CRC_Group__c,MSJ_Casus_or_Transfer_Point__c,MSJ_Entry_Date__c,MSJ_IST_Name__c,MSJ_Indication__c,MSJ_Line__c,MSJ_MR_Comments__c,MSJ_MUID__c,MSJ_Medical_Regimen__c,MSJ_Month__c,MSJ_Report_Comments__c,MSJ_Start_Date_Of_Administration__c,MSJ_Year__c,Mobile_ID_vod__c,MSJ_CRC_RAS_KRAS__c,MSJ_End_Date_Of_Administration__c,MSJ_End_Date_of_Stop_Administration__c,MSJ_HN_Hospitalized_Type__c,MSJ_Start_Date_of_Stop_Administration__c,MSJ_Patient_Status__c,MSJ_Patient_TA__c,MSJ_Child_Account_Name__c,MSJ_Child_Account__c,MSJ_Parent_Account_Name__c,MSJ_Parent_Child_Name__c,MSJ_Age__c,MSJ_Comments__c,MSJ_Effectiveness_evaluation_date__c,MSJ_Gender__c,MSJ_Informed_consent__c,MSJ_Metastases_location__c,MSJ_PS__c,MSJ_Scheduled_date_of_informed_consent__c,MSJ_Scheduled_start_date_administration__c,MSJ_CDX_type__c,MSJ_First_line_chemotherapy_efficacy__c,MSJ_Num_cycles_of_1st_line_chemotherapy__c,MSJ_Primary_site_location__c,MSJ_Regimen_of_first_line_chemotherapy__c,MSJ_Starting_dose__c +Id,OwnerId,IsDeleted,Name,CreatedDate,CreatedById,LastModifiedDate,LastModifiedById,SystemModstamp,MayEdit,IsLocked,MSJ_Account_Name__c,MSJ_CRC_Group__c,MSJ_Casus_or_Transfer_Point__c,MSJ_Entry_Date__c,MSJ_IST_Name__c,MSJ_Indication__c,MSJ_Line__c,MSJ_MR_Comments__c,MSJ_MUID__c,MSJ_Medical_Regimen__c,MSJ_Month__c,MSJ_Report_Comments__c,MSJ_Start_Date_Of_Administration__c,MSJ_Year__c,Mobile_ID_vod__c,MSJ_CRC_RAS_KRAS__c,MSJ_End_Date_Of_Administration__c,MSJ_End_Date_of_Stop_Administration__c,MSJ_HN_Hospitalized_Type__c,MSJ_Start_Date_of_Stop_Administration__c,MSJ_Patient_Status__c,MSJ_Patient_TA__c,MSJ_Child_Account_Name__c,MSJ_Child_Account__c,MSJ_Parent_Account_Name__c,MSJ_Parent_Child_Name__c,MSJ_Age__c,MSJ_Comments__c,MSJ_Effectiveness_evaluation_date__c,MSJ_Gender__c,MSJ_Informed_consent__c,MSJ_Metastases_location__c,MSJ_PS__c,MSJ_Scheduled_date_of_informed_consent__c,MSJ_Scheduled_start_date_administration__c,MSJ_CDX_type__c,MSJ_First_line_chemotherapy_efficacy__c,MSJ_Num_cycles_of_1st_line_chemotherapy__c,MSJ_Primary_site_location__c,MSJ_Regimen_of_first_line_chemotherapy__c,MSJ_Starting_dose__c src02c.crm_MSJ_Patient__c org02.crm_MSJ_Patient__c - +CRM_MSJ_Patient__c_ex.sql diff --git a/s3/data/crm/settings/CRM_MSJ_Patient__c_ex.sql b/s3/data/crm/settings/CRM_MSJ_Patient__c_ex.sql new file mode 100644 index 00000000..161d38ea --- /dev/null +++ b/s3/data/crm/settings/CRM_MSJ_Patient__c_ex.sql @@ -0,0 +1 @@ +CALL internal02.crm_history('src02c.crm_MSJ_Patient__c', 'SystemModstamp');