Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate author IDs against submissions/publications #8307

Closed
asmecher opened this issue Oct 3, 2022 · 4 comments
Closed

Validate author IDs against submissions/publications #8307

asmecher opened this issue Oct 3, 2022 · 4 comments
Assignees
@asmecher
Milestone
3.3.0-13

Comments

@asmecher
Copy link
Member

asmecher commented Oct 3, 2022
edited

Ensure that author IDs are appropriately validated against submissions/publications.

This affects OJS, OMP, and OPS 3.2.x and 3.3.x older than 3.3.0-13.

Resolution

Any of the following approaches can be used to resolve this issue.

Upgrading (preferred)

Upgrade to OJS/OMP/OPS 3.3.0-13 or newer.

Using git

Using a stable branch

The fix has been applied to the stable-3_2_0, stable-3_2_1, and stable-3_3_0 branches. Simply update your application repository and lib/pkp submodule to the latest code from the appropriate branch.

Using cherry-picking

  1. Go into the lib/pkp subdirectory of your installation.
  2. Use git fetch to fetch the latest commits.
  3. Cherry-pick the appropriate commit:
  • For 3.2.0, git cherry-pick b8ab063
  • For 3.2.1, git cherry-pick f71ca7a
  • For 3.3.0, git cherry-pick 1987cc5

Patching

  1. Go into the lib/pkp subdirectory of your installation.
  2. Use wget and patch to test applying the appropriate patch to your installation.
  • For 3.2.0-0, 3.2.0-1, and 3.2.0-2: Please upgrade to 3.2.0-3 and follow the instructions below. (Or, better yet, upgrade to OJS 3.3.0-13 or newer.)
  • For 3.2.0-3: wget -O - -q https://github.com/pkp/pkp-lib/commit/b8ab063fe16447de94ed991f43d3707d1db55716.diff | patch -p1 --dry-run
  • For 3.2.1: wget -O - -q https://github.com/pkp/pkp-lib/commit/f71ca7a43d58cd829662470ee65ba5cdd736d694.diff | patch -p1 --dry-run
  • For 3.3.0: wget -O - -q https://github.com/pkp/pkp-lib/commit/1987cc5592955ea70426039de9b67d711f8e68bd.diff | patch -p1 --dry-run
    Ensure that the patch appears to apply correctly.
  1. Use get and patch to actually apply the patch (without the --dry-run option).
  • For 3.2.0: wget -O - -q https://github.com/pkp/pkp-lib/commit/b8ab063fe16447de94ed991f43d3707d1db55716.diff | patch -p1
  • For 3.2.1: wget -O - -q https://github.com/pkp/pkp-lib/commit/f71ca7a43d58cd829662470ee65ba5cdd736d694.diff | patch -p1
  • For 3.3.0: wget -O - -q https://github.com/pkp/pkp-lib/commit/1987cc5592955ea70426039de9b67d711f8e68bd.diff | patch -p1
@asmecher asmecher self-assigned this Oct 3, 2022
asmecher added a commit that referenced this issue Oct 3, 2022
@asmecher
#8307 Validate author_id (stable-3_2_1)
f71ca7a
asmecher added a commit that referenced this issue Oct 3, 2022
@asmecher
#8307 Validate author_id (stable-3_2_0)
b8ab063
asmecher added a commit that referenced this issue Oct 3, 2022
@asmecher
#8307 Validate author_id (stable-3_3_0)
1987cc5
asmecher added a commit that referenced this issue Oct 3, 2022
@asmecher
#8240 #8307 Fix author ID checks (main)
ceae029
@asmecher asmecher added this to the 3.3.0-13 milestone Oct 3, 2022
@asmecher asmecher closed this as completed Oct 3, 2022
@afahem
Copy link

afahem commented Oct 7, 2022

We used 3.1.1.2. Do we have the same issue?

@asmecher
Copy link
Member Author

asmecher commented Oct 7, 2022

@afahem, OJS/OMP 3.1.1.x and earlier are not affected.

@gurumelo
Copy link

gurumelo commented Oct 15, 2022
edited

OJS 3.2.0-1 and OJS 3.2.0-2

# wget http://pkp.sfu.ca/ojs/download/ojs-3.2.0-1.tar.gz
# tar -zxvf ojs-3.2.0-1.tar.gz
# cd ojs-3.2.0-1/lib/pkp
# wget -O - -q https://github.com/pkp/pkp-lib/commit/b8ab063fe16447de94ed991f43d3707d1db55716.diff | patch -p1 --dry-run
checking file classes/services/PKPAuthorService.inc.php
checking file classes/submission/PKPAuthorDAO.inc.php
Hunk #1 FAILED at 50.
1 out of 1 hunk FAILED
checking file controllers/grid/users/author/AuthorGridHandler.inc.php
checking file controllers/grid/users/author/AuthorGridRow.inc.php

OJS 3.2.0

# wget https://pkp.sfu.ca/ojs/download/ojs-3.2.0.tar.gz
tar -zxvf ojs-3.2.0.tar.gz 
# cd ojs-3.2.0/lib/pkp/
# wget -O - -q https://github.com/pkp/pkp-lib/commit/b8ab063fe16447de94ed991f43d3707d1db55716.diff | patch -p1 --dry-run
checking file classes/services/PKPAuthorService.inc.php
Hunk #1 FAILED at 29.
1 out of 1 hunk FAILED
checking file classes/submission/PKPAuthorDAO.inc.php
Hunk #1 FAILED at 50.
1 out of 1 hunk FAILED
checking file controllers/grid/users/author/AuthorGridHandler.inc.php
Hunk #1 FAILED at 207.
Hunk #2 FAILED at 299.
Hunk #3 succeeded at 318 (offset -3 lines).
Hunk #4 succeeded at 395 (offset -3 lines).
2 out of 4 hunks FAILED
checking file controllers/grid/users/author/AuthorGridRow.inc.php

@asmecher
Copy link
Member Author

@gurumelo, thanks for pointing this out. It's caused by #5805 needing to be fixed in 3.2.0-0, 3.2.0-1, and 3.2.0-2. Rather than making patches containing multiple fixes, I would recommend upgrading to 3.2.0-3 and then following the directions for that release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@asmecher asmecher

Labels
None yet
Projects
None yet
Milestone
3.3.0-13
Development

No branches or pull requests
3 participants
@asmecher @gurumelo @afahem