Merge pull request #9383 from NuGet/dev

[ReleasePrep][2023.02.08] RI of dev into main

src/AccountDeleter/EmptyFeatureFlagService.cs

@@ -276,6 +276,11 @@ public bool IsShowReportAbuseSafetyChangesEnabled()
             throw new NotImplementedException();
         }
 
+        public bool IsAllowAadContentSafetyReportsEnabled()
+        {
+            throw new NotImplementedException();
+        }
+
         public bool IsTyposquattingEnabled()
         {
             throw new NotImplementedException();

src/Bootstrap/less/theme/page-list-packages.less

@@ -11,21 +11,6 @@
     margin: 0 !important;
   }
 
-  .btn-filter {
-    margin-top: 33px;
-    margin-bottom: 33px;
-    width: 90px;
-    height: 45px;
-    font-weight: 500;
-    font-size: medium;
-    background-color: transparent;
-    border: none;
-  }
-
-  .btn-filter:hover {
-    background-color: #f4f4f4;
-  }
-
   @media (max-width: @screen-md) {
     .btn-filter {
       text-align: left;
@@ -118,6 +103,7 @@
     .collapsible {
       color: rgb(73, 73, 73);
       background-color: @alert-info-bg;
+      position: relative;
       padding-top: 0px;
       padding-bottom: 0px;
       border: none;
@@ -131,6 +117,7 @@
 
     .collapsible:focus {
       outline: solid;
+      z-index: 1;
     }
 
     .tfmTab {

src/GitHubVulnerabilities2Db/Fakes/FakeFeatureFlagService.cs

@@ -215,6 +215,11 @@ public bool IsShowReportAbuseSafetyChangesEnabled()
             throw new NotImplementedException();
         }
 
+        public bool IsAllowAadContentSafetyReportsEnabled()
+        {
+            throw new NotImplementedException();
+        }
+
         public bool IsPackageDependentsEnabled(User user)
         {
             throw new NotImplementedException();

src/NuGetGallery.Core/CredentialTypes.cs

@@ -104,6 +104,7 @@ public static bool IsApiKey(string type)
         {
             return type?.StartsWith(ApiKey.Prefix, StringComparison.OrdinalIgnoreCase) ?? false;
         }
+
         public static bool IsMicrosoftAccount(string type)
         {
             return type?.Equals(External.MicrosoftAccount, StringComparison.OrdinalIgnoreCase) ?? false;

src/NuGetGallery.Core/Frameworks/FrameworkCompatibilityService.cs

@@ -61,6 +61,11 @@ private static IReadOnlyDictionary<NuGetFramework, ISet<NuGetFramework>> GetComp
                 }
             }
 
+            matrix.Add(SupportedFrameworks.Net60Windows7, 
+                new HashSet<NuGetFramework>() {
+                    SupportedFrameworks.Net60Windows, SupportedFrameworks.Net60Windows7,
+                    SupportedFrameworks.Net70Windows, SupportedFrameworks.Net70Windows7 });
+
             return matrix;
         }
     }

src/NuGetGallery.Core/Frameworks/SupportedFrameworks.cs

@@ -50,6 +50,9 @@ public static class SupportedFrameworks
         public static readonly NuGetFramework XamarinMac = new NuGetFramework(FrameworkIdentifiers.XamarinMac, EmptyVersion);
         public static readonly NuGetFramework XamarinTvOs = new NuGetFramework(FrameworkIdentifiers.XamarinTVOS, EmptyVersion);
         public static readonly NuGetFramework XamarinWatchOs = new NuGetFramework(FrameworkIdentifiers.XamarinWatchOS, EmptyVersion);
+
+        public static readonly NuGetFramework Net60Windows7 = new NuGetFramework(FrameworkIdentifiers.NetCoreApp, Version6, "windows", Version7);
+        public static readonly NuGetFramework Net70Windows7 = new NuGetFramework(FrameworkIdentifiers.NetCoreApp, Version7, "windows", Version7);
 
         public static readonly IReadOnlyList<NuGetFramework> AllSupportedNuGetFrameworks;
 

src/NuGetGallery.Services/Configuration/FeatureFlagService.cs

@@ -52,6 +52,7 @@ public class FeatureFlagService : IFeatureFlagService
         private const string ImageAllowlistFlightName = GalleryPrefix + "ImageAllowlist";
         private const string DisplayBannerFlightName = GalleryPrefix + "Banner";
         private const string ShowReportAbuseSafetyChanges = GalleryPrefix + "ShowReportAbuseSafetyChanges";
+        private const string AllowAadContentSafetyReports = GalleryPrefix + "AllowAadContentSafetyReports";
         private const string DisplayTargetFrameworkFeatureName = GalleryPrefix + "DisplayTargetFramework";
         private const string ComputeTargetFrameworkFeatureName = GalleryPrefix + "ComputeTargetFramework";
         private const string RecentPackagesNoIndexFeatureName = GalleryPrefix + "RecentPackagesNoIndex";
@@ -333,6 +334,11 @@ public bool IsShowReportAbuseSafetyChangesEnabled()
             return _client.IsEnabled(ShowReportAbuseSafetyChanges, defaultValue: false);
         }
 
+        public bool IsAllowAadContentSafetyReportsEnabled()
+        {
+            return _client.IsEnabled(AllowAadContentSafetyReports, defaultValue: false);
+        }
+
         public bool IsMarkdigMdRenderingEnabled()
         {
             return _client.IsEnabled(MarkdigMdRenderingFlightName, defaultValue: false);

src/NuGetGallery.Services/Configuration/IFeatureFlagService.cs

@@ -258,6 +258,11 @@ public interface IFeatureFlagService
         /// </summary>
         bool IsShowReportAbuseSafetyChangesEnabled();
 
+        /// <summary>
+        /// Whether online safety categories are available to content owned by at least one AAD-authenticated account
+        /// </summary>
+        bool IsAllowAadContentSafetyReportsEnabled();
+
         /// <summary>
         /// Whether rendering Markdown content to HTML using Markdig is enabled
         /// </summary>

src/NuGetGallery/Controllers/PackagesController.cs

@@ -1385,6 +1385,7 @@ public virtual ActionResult ReportAbuse(string id, string version)
             var model = new ReportAbuseViewModel
             {
                 ReasonChoices = _featureFlagService.IsShowReportAbuseSafetyChangesEnabled()
+                    && (_featureFlagService.IsAllowAadContentSafetyReportsEnabled() || PackageHasNoAadOwners(package))
                     ? ReportAbuseWithSafetyReasons
                     : ReportAbuseReasons,
                 PackageId = id,
@@ -2857,6 +2858,38 @@ await _auditingService.SaveAuditRecordAsync(
             }
         }
 
+        private static bool PackageHasNoAadOwners(Package package)
+        {
+            var owners = package?.PackageRegistration?.Owners;
+            if (owners == null || !owners.Any()) {
+                return true;
+            }
+
+            // First check direct owner credentials
+            if (owners.Any(o => o.Credentials.GetAzureActiveDirectoryCredential() != null))
+            {
+                return false;
+            }
+
+            // Check all members of organization owners
+            var orgOwners = owners.Where(o => o is Organization).Select(o => o as Organization);
+            foreach (var orgOwner in orgOwners)
+            {
+                if (orgOwner.Members == null)
+                {
+                    continue;
+                }
+
+                if (orgOwner.Members.Any(m => m.Member?.Credentials != null &&
+                      m.Member.Credentials.GetAzureActiveDirectoryCredential() != null))
+                {
+                    return false;
+                }
+            }
+
+            return true;
+        }
+
         private async Task DeleteUploadedFileForUser(User currentUser, Stream uploadedFileStream)
         {
             try

src/NuGetGallery/Controllers/PagesController.cs

@@ -152,6 +152,11 @@ public virtual async Task<ActionResult> Terms()
         [HttpGet]
         public virtual async Task<ActionResult> Privacy()
         {
+            if (!String.IsNullOrEmpty(Url.ExternalPrivacyUrl()))
+            {
+                return Redirect(Url.ExternalPrivacyUrl());
+            }
+
             if (_contentService != null)
             {
                 ViewBag.Content = await _contentService.GetContentItemAsync(

src/NuGetGallery/Scripts/gallery/page-list-packages.js

@@ -8,10 +8,6 @@ $(function() {
     const allFrameworks = document.querySelectorAll('.framework');
     const allTfms = document.querySelectorAll('.tfm');
 
-    // Hide the default search bar in the page header
-    const defaultSearchBarHeader = document.getElementById("search-bar-header");
-    defaultSearchBarHeader.parentNode.removeChild(defaultSearchBarHeader);
-
     // Checkbox logic for Framework and Tfm filters
     for (const framework of allFrameworks) {
         framework.addEventListener('click', clickFrameworkCheckbox);
@@ -23,12 +19,10 @@ $(function() {
 
     function clickFrameworkCheckbox() {
         this.indeterminate = false;
-        updateFrameworkFilters(searchForm.frameworks, this.id, this.checked);
 
         const tfms = document.querySelectorAll('[parent=' + this.id + ']');
         tfms.forEach((tfm) => {
             tfm.checked = false;
-            updateFrameworkFilters(searchForm.tfms, tfm.id, false);
         });
     }
 
@@ -40,25 +34,12 @@ $(function() {
 
         framework.checked = false;
         framework.indeterminate = checkedCount !== 0;
-        updateFrameworkFilters(searchForm.frameworks, framework.id, false);
-
-        updateFrameworkFilters(searchForm.tfms, this.id, this.checked);
-    }
-
-    // Update the query string with the selected Frameworks and Tfms
-    function updateFrameworkFilters(searchField, frameworkName, add) {
-        if (add) {
-            searchField.value += frameworkName + ",";
-        }
-        else {
-            searchField.value = searchField.value.replace(frameworkName + ",", "")
-        }
     }
 
     // Submit the form when a user changes the selected 'sortBy' option
     searchForm.sortby.addEventListener('change', (e) => {
         searchForm.sortby.value = e.target.value;
-        searchForm.submit();
+        submitSearchForm();
     });
 
     // Accordion/collapsible logic
@@ -95,6 +76,28 @@ $(function() {
         }
     }
 
+    searchForm.addEventListener('submit', submitSearchForm);
+
+    function submitSearchForm() {
+        constructFilterParameter(searchForm.frameworks, allFrameworks);
+        constructFilterParameter(searchForm.tfms, allTfms);
+        searchForm.submit();
+    }
+
+    // Update the query string with the selected frameworks and tfms
+    function constructFilterParameter(searchField, checkboxList) {
+        searchField.value = "";
+
+        checkboxList.forEach((framework) => {
+            if (framework.checked) {
+                searchField.value += framework.id + ",";
+            }
+        });
+
+        // trim trailing commas
+        searchField.value = searchField.value.replace(/,+$/, '');
+    }
+
     // Initialize state for Framework and Tfm checkboxes
     // NOTE: We first click on all selected Framework checkboxes and then on the selected Tfm checkboxes, which
     // allows us to correctly handle cases where a Framework AND one of its child Tfms is present in the query
@@ -107,5 +110,12 @@ $(function() {
 
         inputFrameworkFilters.map(id => document.getElementById(id)).forEach(checkbox => checkbox.click());
         inputTfmFilters.map(id => document.getElementById(id)).forEach(checkbox => checkbox.click());
+
+        // expand TFM section if a TFM from that generation has been selected
+        allFrameworks.forEach((checkbox) => {
+            if (checkbox.indeterminate) {
+                document.querySelector('[tab=' + checkbox.id + ']').click();
+            }
+        });
     }
 });

src/NuGetGallery/Strings.resx

@@ -539,10 +539,10 @@ For more information, please contact '{2}'.</value>
     <value>The Documentation URL must be a raw Markdown file hosted on GitHub.</value>
   </data>
   <data name="UploadPackage_MissingReadmeHtml" xml:space="preserve">
-    <value>&lt;strong&gt;Readme&lt;/strong&gt; missing.&lt;a href="https://learn.microsoft.com/nuget/create-packages/package-authoring-best-practices#readme"&gt; See how to include a readme file within the package&lt;/a&gt;, or add it as you upload.</value>
+    <value>&lt;strong&gt;Readme&lt;/strong&gt; missing.&lt;a href="https://aka.ms/nuget-include-readme"&gt; See how to include a readme file within the package&lt;/a&gt;, or add it as you upload.</value>
   </data>
   <data name="UploadPackage_MissingReadme" xml:space="preserve">
-    <value>Readme missing. Go to https://learn.microsoft.com/nuget/create-packages/package-authoring-best-practices#readme learn How to include a readme file within the package.</value>
+    <value>Readme missing. Go to https://aka.ms/nuget-include-readme learn How to include a readme file within the package.</value>
   </data>
   <data name="ReservedNamespace_OwnerAdded" xml:space="preserve">
     <value>The user '{0}' is now an owner of the prefix '{1}'.</value>

src/NuGetGallery/UrlHelperExtensions.cs

@@ -1412,6 +1412,11 @@ public static string Privacy(this UrlHelper url, bool relativeUrl = true)
             return GetActionLink(url, "Privacy", "Pages", relativeUrl);
         }
 
+        public static string ExternalPrivacyUrl(this UrlHelper url)
+        {
+            return _configuration.Current.ExternalPrivacyPolicyUrl;
+        }
+
         public static string About(this UrlHelper url, bool relativeUrl = true)
         {
             if (!String.IsNullOrEmpty(_configuration.Current.ExternalAboutUrl))