diff --git a/README.md b/README.md index bf89142c..cd3d563f 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ WiseMapping is based on the same code product supporting [http://www.wisemapping The following products must be installed: - * OpenJDK 11 or higher + * OpenJDK 17 or higher * Maven 3.x or higher ([http://maven.apache.org/]) * npm 6 or higher ([https://www.npmjs.com/package/npm?activeTab=versions]) diff --git a/distribution/Dockerfile b/distribution/Dockerfile index da17dbdb..8e7b84be 100644 --- a/distribution/Dockerfile +++ b/distribution/Dockerfile @@ -3,7 +3,7 @@ # Based info setup ... #FROM --platform=$BUILDPLATFORM tomcat:9.0.71-jdk17 -FROM tomcat:9.0.71-jdk17 +FROM tomcat:10.1.11-jdk17 LABEL maintainer="Paulo Gustavo Veiga " # Build variables ... @@ -21,7 +21,7 @@ RUN cd ${WEBAPP_TARGET_DIR} && jar -xvf /tmp/wisemapping.war RUN rm /tmp/wisemapping.war # Change logger to -RUN cp ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j-stdout.properties ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j.properties +RUN cp ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j-stdout.xml ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j.xml # Add support for proxy RUN sed -i 's|\ @@ -32,9 +32,6 @@ RUN sed -i 's|\ |' \ /usr/local/tomcat/conf/server.xml -RUN sed -i 's||\ - |' \ - /usr/local/tomcat/conf/context.xml # Copy default HSQL DB for testing ... RUN mkdir -p ${DB_BASE_DIR}/db COPY db/ ${DB_BASE_DIR}/db diff --git a/distribution/build-image.sh b/distribution/build-image.sh index 8d0815a8..9862e7c2 100755 --- a/distribution/build-image.sh +++ b/distribution/build-image.sh @@ -4,7 +4,7 @@ set -o set -u mvn -f ../pom.xml clean package -#docker build --platform linux/amd64 -t wisemapping/wisemapping:latest -f ./Dockerfile ../wise-webapp/target/ -docker buildx create --use --platform=linux/arm64,linux/amd64 --name multi-platform-builder -docker buildx inspect --bootstrap -docker buildx build --platform=linux/amd64,linux/arm64 --push -t wisemapping/wisemapping:latest -f ./Dockerfile ../wise-webapp/target/ +docker build --platform linux/amd64 -t wisemapping/wisemapping:latest -f ./Dockerfile ../wise-webapp/target/ +#docker buildx create --use --platform=linux/arm64,linux/amd64 --name multi-platform-builder +#docker buildx inspect --bootstrap +#docker buildx build --platform=linux/amd64,linux/arm64 --push -t wisemapping/wisemapping:latest -f ./Dockerfile ../wise-webapp/target/ diff --git a/pom.xml b/pom.xml index da8e2747..d56943bd 100644 --- a/pom.xml +++ b/pom.xml @@ -4,8 +4,10 @@ http://maven.apache.org/xsd/maven-4.0.0.xsd"> - 5.0.21-SNAPSHOT + 5.1.0-SNAPSHOT ${project.basedir}/wise-webapps + 17 + 17 @@ -16,7 +18,7 @@ org.wisemapping wisemapping WiseMapping Project - 5.0.21-SNAPSHOT + 5.1.0-SNAPSHOT pom @@ -117,10 +119,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 - 11 - 11 UTF-8 diff --git a/wise-ui/pom.xml b/wise-ui/pom.xml index 4dcdad37..622e103d 100644 --- a/wise-ui/pom.xml +++ b/wise-ui/pom.xml @@ -12,7 +12,7 @@ org.wisemapping wisemapping ../pom.xml - 5.0.21-SNAPSHOT + 5.1.0-SNAPSHOT @@ -24,16 +24,16 @@ generate-sources generate-sources - + - + - + @@ -42,15 +42,15 @@ - + - + - + run diff --git a/wise-webapp/doc/REST Services.md b/wise-webapp/doc/REST Services.md index ed5b0805..8e376a12 100644 --- a/wise-webapp/doc/REST Services.md +++ b/wise-webapp/doc/REST Services.md @@ -37,6 +37,6 @@ Template Path: /service/admin/users/{userId}/password Creating a new user: * Template Path: /service/admin/users/ * Method: Post - * curl "http://{host.name}:{host.port}/{context.path}/service/admin/users" --request POST --basic -u "admin@wisemapping.org:test" -H "Content-Type:application/json" --data '{"email": "te2@mydomain.de", "lastname": "lastname", "firstname":"myfirstname","password":"password"}' + * curl "http://{host.name}:{host.port}/{context.path}/service/admin/users/" --request POST --basic -u "admin@wisemapping.org:test" -H "Content-Type:application/json" --data '{"email": "te2@mydomain.de", "lastname": "lastname", "firstname":"myfirstname","password":"password"}' diff --git a/wise-webapp/pom.xml b/wise-webapp/pom.xml index b9b83a78..b96e598d 100644 --- a/wise-webapp/pom.xml +++ b/wise-webapp/pom.xml @@ -9,15 +9,15 @@ org.wisemapping wisemapping ../pom.xml - 5.0.21-SNAPSHOT + 5.1.0-SNAPSHOT - 5.3.28 - 5.8.4 - 5.6.15.Final + 6.0.10 + 6.1.1 + 6.2.6.Final 6.0.21.Final - 5.6.1 + 6.0.2 @@ -56,12 +56,6 @@ postgresql 42.5.4 - - org.springframework.security - spring-security-ldap - ${org.springframework.addons} - compile - org.springframework spring-beans @@ -82,16 +76,17 @@ org.hibernate - hibernate-core - ${hibernate.version} + hibernate-core-jakarta + 5.6.15.Final org.hibernate.validator hibernate-validator - ${hibernate-validator.version} + 8.0.1.Final + org.springframework spring-orm @@ -104,12 +99,6 @@ ${org.springframework.version} compile - - org.slf4j - slf4j-log4j12 - 1.7.25 - runtime - org.springframework spring-web @@ -139,24 +128,7 @@ 5.3.15 test - - antlr - antlr - 2.7.6 - runtime - - - org.apache.tiles - tiles-jsp - 3.0.8 - runtime - - - org.slf4j - jcl-over-slf4j - - - + org.springframework spring-aop @@ -175,12 +147,6 @@ ${org.springframework.addons} compile - - org.springframework.security - spring-security-config - ${org.springframework.addons} - runtime - org.springframework spring-jdbc @@ -194,9 +160,9 @@ compile - com.sun.mail - javax.mail - 1.6.2 + jakarta.mail + jakarta.mail-api + 2.1.2 mysql @@ -209,21 +175,16 @@ commons-dbcp2 2.9.0 - - org.hibernate - hibernate-ehcache - ${hibernate.version} - - - javax.cache - cache-api - 1.1.1 - - - org.ehcache - ehcache - 3.9.9 - + + + + + + + + + + org.apache.logging.log4j log4j-core @@ -235,6 +196,7 @@ commons-validator 1.7 + org.hsqldb @@ -242,29 +204,36 @@ 2.7.1 runtime + com.fasterxml.jackson.core jackson-databind - 2.14.2 + 2.15.1 + - - javax.servlet - jstl - 1.2 + jakarta.transaction + jakarta.transaction-api + 2.0.1 + - org.slf4j - slf4j-api - 2.0.5 - runtime - - - javax.servlet - javax.servlet-api - 3.1.0 + jakarta.servlet + jakarta.servlet-api + 6.0.0 provided + + + jakarta.servlet.jsp.jstl + jakarta.servlet.jsp.jstl-api + 3.0.0 + + + org.glassfish.web + jakarta.servlet.jsp.jstl + 3.0.0 + commons-io commons-io @@ -275,6 +244,11 @@ fluent-hc 4.5.14 + + org.springframework.security + spring-security-config + ${org.springframework.addons} + @@ -374,27 +348,27 @@ - - org.hibernate.orm.tooling - hibernate-enhance-maven-plugin - ${hibernate.version} - - - compile - - true - true - true - true - false - false - - - enhance - - - - + + + + + + + + + + + + + + + + + + + + + org.apache.maven.plugins maven-war-plugin @@ -420,6 +394,9 @@ true + + WEB-INF/lib/commons-logging-*.jar, + src/main/resources @@ -436,25 +413,10 @@ org.apache.maven.plugins maven-surefire-plugin - - - org.apache.tomcat.maven - tomcat7-maven-plugin - 2.0 - - /wisemapping - ${project.build.directory}/wisemapping.war - war - true - - ${project.build.directory} - - - org.jacoco jacoco-maven-plugin - 0.8.8 + 0.8.10 default-prepare-agent @@ -497,14 +459,6 @@ - - - - - - - - default-report verify @@ -518,48 +472,29 @@ org.eclipse.jetty jetty-maven-plugin - 9.4.34.v20201102 + 11.0.15 - foo 8080 + -Ddatabase.base.url=${project.build.directory} -Djetty.port=8080 9999 - ${project.build.directory}/wisemapping.war - automatic - + FORK + foo + + ${project.build.directory}/wisemapping.war ${project.basedir}/webdefault.xml - - - - org.mortbay.util.FileResource.checkAliases - false - - - org.mortbay.util.FileResource.checkAliases - false - - - database.base.url - ${project.build.directory} - - + run-forked pre-integration-test - run-forked + start-war - true true - 0 - false - 200 - -Ddatabase.base.url=${project.build.directory} -Djetty.port=8080 - diff --git a/wise-webapp/src/main/java/com/wisemapping/config/AppConfig.java b/wise-webapp/src/main/java/com/wisemapping/config/AppConfig.java new file mode 100644 index 00000000..9bc43335 --- /dev/null +++ b/wise-webapp/src/main/java/com/wisemapping/config/AppConfig.java @@ -0,0 +1,41 @@ +package com.wisemapping.config; + +import com.wisemapping.exceptions.AccessDeniedSecurityException; +import com.wisemapping.exceptions.MapNotPublicSecurityException; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.HandlerExceptionResolver; +import org.springframework.web.servlet.ViewResolver; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver; +import org.springframework.web.servlet.view.InternalResourceViewResolver; +import org.springframework.web.servlet.view.JstlView; + +import java.util.Properties; + +@EnableWebMvc +@Configuration +public class AppConfig { + + @Bean + HandlerExceptionResolver errorHandler() { + final SimpleMappingExceptionResolver result = new SimpleMappingExceptionResolver(); + + //mapping status code with view response. + result.addStatusCode("reactInclude", 403); + + //setting default error view + result.setDefaultErrorView("reactInclude"); + result.setDefaultStatusCode(500); + return result; + } + + @Bean + public ViewResolver viewResolver(){ + InternalResourceViewResolver resolver = new InternalResourceViewResolver(); + resolver.setPrefix("/WEB-INF/views/"); + resolver.setSuffix(".jsp"); + resolver.setViewClass(JstlView.class); + return resolver; + } +} diff --git a/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java b/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java new file mode 100644 index 00000000..00bc670d --- /dev/null +++ b/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java @@ -0,0 +1,126 @@ +package com.wisemapping.config; + +import com.wisemapping.security.AuthenticationSuccessHandler; +import com.wisemapping.security.UserDetailsService; +import com.wisemapping.service.UserService; +import org.jetbrains.annotations.NotNull; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.firewall.StrictHttpFirewall; +import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher; +import org.springframework.web.servlet.handler.HandlerMappingIntrospector; + + +@Configuration +@EnableWebSecurity +public class SecurityConfig { + @Autowired + UserService userService; + + @Value("${admin.user}") + String adminUser; + + @Bean + public StrictHttpFirewall httpFirewall() { + StrictHttpFirewall firewall = new StrictHttpFirewall(); + firewall.setAllowSemicolon(true); + return firewall; + } + + @Bean + @Order(2) + SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception { + final MvcRequestMatcher.Builder serviceMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/service"); + return http + .securityMatchers((matchers) -> + matchers.requestMatchers(serviceMapper.pattern(("/**")))) + .authorizeHttpRequests(auth -> + auth + .requestMatchers("/users/").permitAll() + .requestMatchers("/users/resetPassword").permitAll() + .requestMatchers("/oauth2/googlecallback").permitAll() + .requestMatchers("/oauth2/confirmaccountsync").permitAll() + .requestMatchers("/admin/**").hasAnyRole("ADMIN") + .requestMatchers("/**").hasAnyRole("USER", "ADMIN") + + ) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .httpBasic(httpBasic -> { + }) + .csrf(AbstractHttpConfigurer::disable) + .build(); + } + + @Bean + @Order(1) + public SecurityFilterChain mvcFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception { + final AuthenticationSuccessHandler authenticationSuccessHandler = new AuthenticationSuccessHandler(); + authenticationSuccessHandler.setAlwaysUseDefaultTargetUrl(false); + authenticationSuccessHandler.setDefaultTargetUrl("/c/maps/"); + + final MvcRequestMatcher.Builder restfullMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/c/restful"); + final MvcRequestMatcher.Builder mvcMatcher = new MvcRequestMatcher.Builder(introspector).servletPath("/c"); + + http + .securityMatchers((matchers) -> + matchers.requestMatchers(restfullMapper.pattern(("/**"))). + requestMatchers(mvcMatcher.pattern(("/**")))) + .authorizeHttpRequests( + (auth) -> + auth + .requestMatchers("/login", "logout").permitAll() + .requestMatchers("/registration", "registration-success", "/registration-google").permitAll() + .requestMatchers("/forgot-password", "/forgot-password-success").permitAll() + .requestMatchers("/maps/*/embed", "/maps/*/try", "/maps/*/public").permitAll() + .requestMatchers("/restful/maps/*/document/xml-pub").permitAll() + .requestMatchers("/**").hasAnyRole("USER", "ADMIN") + .anyRequest().authenticated()) + .formLogin((loginForm) -> + loginForm.loginPage("/c/login") + .loginProcessingUrl("/c/perform-login") + .defaultSuccessUrl("/c/maps/") + .failureUrl("/c/login?login_error=2")) + .logout((logout) -> + logout + .logoutUrl("/c/logout") + .logoutSuccessUrl("/c/login") + .invalidateHttpSession(true) + .deleteCookies("JSESSIONID") + .permitAll() + ).rememberMe(remember -> + remember + .tokenValiditySeconds(2419200) + .rememberMeParameter("remember-me" + ).authenticationSuccessHandler(authenticationSuccessHandler) + ) + .csrf((csrf) -> + csrf.ignoringRequestMatchers("/logout")); + + return http.build(); + } + + @Bean + @Order(3) + public SecurityFilterChain shareResourcesFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception { + return http.authorizeHttpRequests( + (auth) -> + auth.requestMatchers("/static/**", "/css/**", "/js/**", "/images/**", "/").permitAll() + ).build(); + } + + @Bean + public UserDetailsService userDetailsService() { + final UserDetailsService result = new UserDetailsService(); + result.setUserService(userService); + result.setAdminUser(adminUser); + return result; + } +} diff --git a/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java b/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java index 907a3a5e..1d8a5f8a 100644 --- a/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java +++ b/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java @@ -20,6 +20,7 @@ package com.wisemapping.dao; import com.wisemapping.model.*; import com.wisemapping.util.ZipUtils; +import jakarta.persistence.Query; import org.hibernate.Criteria; import org.hibernate.criterion.Junction; import org.hibernate.criterion.Order; @@ -30,7 +31,6 @@ import org.jetbrains.annotations.Nullable; import org.springframework.orm.hibernate5.HibernateTemplate; import org.springframework.orm.hibernate5.support.HibernateDaoSupport; -import javax.persistence.Query; import java.io.IOException; import java.util.Calendar; import java.util.List; diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java index 92739682..97cac72d 100755 --- a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java @@ -21,7 +21,7 @@ package com.wisemapping.exceptions; import org.springframework.lang.Nullable; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; public class InvalidEmailException extends ClientException { diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java index 59dcc5e9..d7db2b99 100755 --- a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java @@ -21,7 +21,7 @@ package com.wisemapping.exceptions; import org.springframework.lang.Nullable; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; public class InvalidMindmapException extends ClientException { diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java index ee8a641e..5ed7c5f3 100755 --- a/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java @@ -19,7 +19,7 @@ package com.wisemapping.exceptions; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; public class MapCouldNotFoundException extends ClientException diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/MapNonPublicException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/MapNotPublicSecurityException.java similarity index 88% rename from wise-webapp/src/main/java/com/wisemapping/exceptions/MapNonPublicException.java rename to wise-webapp/src/main/java/com/wisemapping/exceptions/MapNotPublicSecurityException.java index 93a6b6ec..6d30fcff 100755 --- a/wise-webapp/src/main/java/com/wisemapping/exceptions/MapNonPublicException.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/MapNotPublicSecurityException.java @@ -20,11 +20,11 @@ package com.wisemapping.exceptions; import org.jetbrains.annotations.NotNull; -public class MapNonPublicException +public class MapNotPublicSecurityException extends ClientException { public static final String MSG_KEY = "ACCESS_HAS_BEEN_REVOKED"; - public MapNonPublicException(@NotNull String msg) { + public MapNotPublicSecurityException(@NotNull String msg) { super(msg, Severity.FATAL); } diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java index f321ca30..816c423c 100644 --- a/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java @@ -3,7 +3,7 @@ package com.wisemapping.exceptions; import com.wisemapping.service.google.http.HttpInvokerException; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; public class OAuthAuthenticationException extends WiseMappingException { diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java index 6409ee29..fca34aad 100755 --- a/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java @@ -19,7 +19,7 @@ package com.wisemapping.exceptions; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; public class PasswordTooLongException extends ClientException { diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java index dc2c8428..dcdf5815 100755 --- a/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java @@ -19,7 +19,7 @@ package com.wisemapping.exceptions; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; public class TooManyInactiveAccountsExceptions extends ClientException { diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/ValidationException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/ValidationException.java similarity index 97% rename from wise-webapp/src/main/java/com/wisemapping/rest/ValidationException.java rename to wise-webapp/src/main/java/com/wisemapping/exceptions/ValidationException.java index a3962513..e5464ea5 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/ValidationException.java +++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/ValidationException.java @@ -16,7 +16,7 @@ * limitations under the License. */ -package com.wisemapping.rest; +package com.wisemapping.exceptions; import com.wisemapping.exceptions.WiseMappingException; diff --git a/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java b/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java index 5cc60cdb..fd0d53b9 100644 --- a/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java +++ b/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java @@ -20,13 +20,13 @@ package com.wisemapping.filter; import java.io.IOException; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.FilterConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletResponse; /** * diff --git a/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java b/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java index 1d257177..ddc03d1b 100644 --- a/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java +++ b/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java @@ -22,8 +22,8 @@ import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Value; import org.springframework.web.servlet.HandlerInterceptor; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; public class RequestPropertiesInterceptor implements HandlerInterceptor { diff --git a/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java b/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java index dfcaa888..ed72d796 100644 --- a/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java +++ b/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java @@ -22,12 +22,11 @@ import com.wisemapping.model.User; import com.wisemapping.security.Utils; import org.jetbrains.annotations.NotNull; import org.springframework.web.servlet.HandlerInterceptor; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import org.springframework.web.servlet.i18n.SessionLocaleResolver; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpSession; import java.util.Locale; public class UserLocaleInterceptor implements HandlerInterceptor { diff --git a/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java b/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java index 008c8155..1a706451 100644 --- a/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java +++ b/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java @@ -31,9 +31,9 @@ import org.apache.logging.log4j.Logger; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; -import javax.servlet.ServletContext; -import javax.servlet.http.HttpSessionEvent; -import javax.servlet.http.HttpSessionListener; +import jakarta.servlet.ServletContext; +import jakarta.servlet.http.HttpSessionEvent; +import jakarta.servlet.http.HttpSessionListener; public class UnlockOnExpireListener implements HttpSessionListener { private static final Logger logger = LogManager.getLogger(); diff --git a/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java b/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java index 04b05f52..0cca8d1f 100644 --- a/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java +++ b/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java @@ -21,11 +21,11 @@ package com.wisemapping.mail; import com.wisemapping.util.VelocityEngineUtils; import com.wisemapping.util.VelocityEngineWrapper; -import org.jetbrains.annotations.NotNull; import org.springframework.mail.javamail.JavaMailSender; import org.springframework.mail.javamail.MimeMessageHelper; import org.springframework.mail.javamail.MimeMessagePreparator; +import jakarta.validation.constraints.NotNull; import java.nio.charset.StandardCharsets; import java.util.Map; diff --git a/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java b/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java index ce52f098..fc7ce39b 100644 --- a/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java +++ b/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java @@ -32,7 +32,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.context.support.ResourceBundleMessageSource; -import javax.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequest; import java.io.IOException; import java.io.PrintWriter; import java.io.StringWriter; diff --git a/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java b/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java index 9b021285..6f9e6637 100755 --- a/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java @@ -20,7 +20,7 @@ package com.wisemapping.model; import org.jetbrains.annotations.NotNull; -import javax.persistence.*; +import jakarta.persistence.*; import java.io.Serializable; import java.util.Calendar; diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java b/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java index 40d892b8..3ff74905 100644 --- a/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java @@ -21,8 +21,8 @@ package com.wisemapping.model; import org.jetbrains.annotations.Nullable; -import javax.persistence.*; -import javax.validation.constraints.NotNull; +import jakarta.persistence.*; +import jakarta.validation.constraints.NotNull; import java.io.Serializable; import java.util.Objects; diff --git a/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java b/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java index 4c0fea46..155c4b82 100644 --- a/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java @@ -20,7 +20,7 @@ package com.wisemapping.model; import org.jetbrains.annotations.NotNull; -import javax.persistence.*; +import jakarta.persistence.*; import java.io.Serializable; @Entity diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java b/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java index 02e507b7..4fa9def0 100755 --- a/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java @@ -22,7 +22,7 @@ import org.hibernate.annotations.CacheConcurrencyStrategy; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; -import javax.persistence.*; +import jakarta.persistence.*; import java.io.Serializable; import java.util.Calendar; import java.util.HashSet; diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Label.java b/wise-webapp/src/main/java/com/wisemapping/model/Label.java index 6126560d..36617fd8 100644 --- a/wise-webapp/src/main/java/com/wisemapping/model/Label.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/Label.java @@ -22,7 +22,7 @@ import org.hibernate.annotations.CacheConcurrencyStrategy; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; -import javax.persistence.*; +import jakarta.persistence.*; import java.io.Serializable; import java.util.Objects; diff --git a/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java b/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java index 5ef3c1c5..14a015f2 100755 --- a/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java @@ -22,7 +22,7 @@ import com.wisemapping.util.ZipUtils; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; -import javax.persistence.*; +import jakarta.persistence.*; import java.io.IOException; import java.util.Calendar; diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java b/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java index 68f18c82..5c273b83 100644 --- a/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java @@ -30,7 +30,7 @@ import org.hibernate.annotations.NotFoundAction; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; -import javax.persistence.*; +import jakarta.persistence.*; import java.io.IOException; import java.io.Serializable; import java.io.UnsupportedEncodingException; @@ -55,7 +55,7 @@ public class Mindmap implements Serializable { @JoinColumn(name = "creator_id", unique = true) private User creator; - @ManyToOne(fetch = FetchType.LAZY) + @ManyToOne @JoinColumn(name = "last_editor_id", nullable = false) @NotFound(action = NotFoundAction.IGNORE) private User lastEditor; diff --git a/wise-webapp/src/main/java/com/wisemapping/model/User.java b/wise-webapp/src/main/java/com/wisemapping/model/User.java index 615c6775..39f6e8a1 100644 --- a/wise-webapp/src/main/java/com/wisemapping/model/User.java +++ b/wise-webapp/src/main/java/com/wisemapping/model/User.java @@ -21,7 +21,7 @@ package com.wisemapping.model; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; -import javax.persistence.*; +import jakarta.persistence.*; import java.io.Serializable; import java.util.Calendar; @@ -90,7 +90,7 @@ public class User return password; } - public void setPassword(@javax.validation.constraints.NotNull String password) { + public void setPassword(@jakarta.validation.constraints.NotNull String password) { this.password = password; } diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java b/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java index e7ef928a..571d96e2 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java @@ -32,6 +32,7 @@ import com.wisemapping.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.http.HttpStatus; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -41,6 +42,7 @@ import org.springframework.web.bind.annotation.ResponseStatus; import java.util.List; @Controller +@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')") public class AccountController extends BaseController { @Qualifier("userService") @Autowired diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java b/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java index 352f5681..71cf2700 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java @@ -30,14 +30,16 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpStatus; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.*; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.List; @Controller +@PreAuthorize("isAuthenticated() and hasRole('ROLE_ADMIN')") public class AdminController extends BaseController { @Qualifier("userService") @Autowired diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java b/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java index 89d4953e..8acc8ece 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java @@ -20,6 +20,7 @@ package com.wisemapping.rest; import com.wisemapping.exceptions.ClientException; import com.wisemapping.exceptions.OAuthAuthenticationException; import com.wisemapping.exceptions.Severity; +import com.wisemapping.exceptions.ValidationException; import com.wisemapping.mail.NotificationService; import com.wisemapping.model.User; import com.wisemapping.rest.model.RestErrors; @@ -37,9 +38,9 @@ import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.ServletContext; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.lang.reflect.UndeclaredThrowableException; import java.util.Locale; diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java b/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java index 7b801bb7..9a8078c1 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java @@ -18,6 +18,7 @@ package com.wisemapping.rest; import com.wisemapping.exceptions.LabelCouldNotFoundException; +import com.wisemapping.exceptions.ValidationException; import com.wisemapping.exceptions.WiseMappingException; import com.wisemapping.model.Label; import com.wisemapping.model.User; @@ -30,15 +31,17 @@ import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.http.HttpStatus; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.validation.BeanPropertyBindingResult; import org.springframework.validation.BindingResult; import org.springframework.web.bind.annotation.*; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import java.util.List; @Controller +@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')") public class LabelController extends BaseController { @Qualifier("labelService") @@ -64,7 +67,7 @@ public class LabelController extends BaseController { response.setHeader("ResourceId", Long.toString(label.getId())); } - @RequestMapping(method = RequestMethod.GET, value = "/labels", produces = {"application/json"}) + @RequestMapping(method = RequestMethod.GET, value = "/labels/", produces = {"application/json"}) public RestLabelList retrieveList() { final User user = Utils.getUser(); assert user != null; diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java b/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java index 1ba785b9..d033d9f4 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java @@ -33,12 +33,13 @@ import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.validation.BeanPropertyBindingResult; import org.springframework.validation.BindingResult; import org.springframework.web.bind.annotation.*; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.*; @@ -46,6 +47,7 @@ import java.util.stream.Collectors; @Controller +@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')") public class MindmapController extends BaseController { final Logger logger = LogManager.getLogger(); diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java b/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java index feba7457..9130a4b5 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java @@ -34,8 +34,8 @@ import org.springframework.security.web.authentication.preauth.PreAuthenticatedA import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.*; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpSession; @Controller diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java b/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java index e2ee2ec2..5791fed8 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java @@ -35,13 +35,14 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpStatus; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.stereotype.Controller; import org.springframework.validation.BindException; import org.springframework.web.bind.annotation.*; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.util.Arrays; import java.util.List; @@ -61,7 +62,7 @@ public class UserController extends BaseController { @Autowired private AuthenticationManager authManager; - @Value("${google.recaptcha2.enabled}") + @Value("${google.recaptcha2.enabled:false}") private Boolean recatchaEnabled; @Value("${accounts.exclusion.domain:''}") @@ -70,7 +71,7 @@ public class UserController extends BaseController { private static final Logger logger = LogManager.getLogger(); private static final String REAL_IP_ADDRESS_HEADER = "X-Real-IP"; - @RequestMapping(method = RequestMethod.POST, value = "/users", produces = { "application/json" }) + @RequestMapping(method = RequestMethod.POST, value = "/users/", produces = { "application/json" }) @ResponseStatus(value = HttpStatus.CREATED) public void registerUser(@RequestBody RestUserRegistration registration, @NotNull HttpServletRequest request, @NotNull HttpServletResponse response) throws WiseMappingException, BindException { diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java index 1593af01..ede08c0e 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java @@ -24,9 +24,9 @@ import com.wisemapping.model.Collaborator; import com.wisemapping.util.TimeUtils; import org.jetbrains.annotations.NotNull; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlRootElement; +import jakarta.xml.bind.annotation.XmlAccessType; +import jakarta.xml.bind.annotation.XmlAccessorType; +import jakarta.xml.bind.annotation.XmlRootElement; import java.util.Calendar; @JsonAutoDetect( diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java index daf4a213..7591e567 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java @@ -30,9 +30,9 @@ import org.springframework.validation.Errors; import org.springframework.validation.FieldError; import org.springframework.validation.ObjectError; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlRootElement; +import jakarta.xml.bind.annotation.XmlAccessType; +import jakarta.xml.bind.annotation.XmlAccessorType; +import jakarta.xml.bind.annotation.XmlRootElement; import java.util.*; @JsonAutoDetect( diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java index 10f7f8f4..62a9e311 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java @@ -4,7 +4,7 @@ import com.fasterxml.jackson.annotation.JsonAutoDetect; import com.wisemapping.model.Label; import org.jetbrains.annotations.NotNull; -import javax.xml.bind.annotation.XmlElement; +import jakarta.xml.bind.annotation.XmlElement; import java.util.ArrayList; import java.util.List; diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java index 660fbb28..1e837b5c 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java @@ -29,9 +29,9 @@ import com.wisemapping.util.TimeUtils; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlRootElement; +import jakarta.xml.bind.annotation.XmlAccessType; +import jakarta.xml.bind.annotation.XmlAccessorType; +import jakarta.xml.bind.annotation.XmlRootElement; import java.io.IOException; import java.util.Calendar; diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java index aaef046c..48dc7b54 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java @@ -24,7 +24,7 @@ import com.wisemapping.model.Collaborator; import com.wisemapping.model.Mindmap; import org.jetbrains.annotations.NotNull; -import javax.xml.bind.annotation.XmlElement; +import jakarta.xml.bind.annotation.XmlElement; import java.util.Collections; import java.util.List; import java.util.stream.Collectors; diff --git a/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java b/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java index 923eefca..2e3945b6 100644 --- a/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java +++ b/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java @@ -23,9 +23,9 @@ import org.springframework.security.web.savedrequest.HttpSessionRequestCache; import org.springframework.security.web.savedrequest.RequestCache; import org.springframework.security.web.savedrequest.SavedRequest; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; diff --git a/wise-webapp/src/main/java/com/wisemapping/security/CSFRRequestMatcher.java b/wise-webapp/src/main/java/com/wisemapping/security/CSFRRequestMatcher.java deleted file mode 100644 index 4f3421eb..00000000 --- a/wise-webapp/src/main/java/com/wisemapping/security/CSFRRequestMatcher.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright [2022] [wisemapping] - * - * Licensed under WiseMapping Public License, Version 1.0 (the "License"). - * It is basically the Apache License, Version 2.0 (the "License") plus the - * "powered by wisemapping" text requirement on every single page; - * you may not use this file except in compliance with the License. - * You may obtain a copy of the license at - * - * http://www.wisemapping.org/license - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.wisemapping.security; - -import org.springframework.security.web.util.matcher.RequestMatcher; - -import javax.servlet.http.HttpServletRequest; -import java.util.Arrays; - -public class CSFRRequestMatcher implements RequestMatcher { - - private String prefix; - static String[] supportedMethods = {"POST", "PUT", "GET", "DELETE", "PATCH"}; - - @Override - public boolean matches(HttpServletRequest request) { - final String requestURI = request.getRequestURI(); - return Arrays.stream(supportedMethods).anyMatch(p -> request.getMethod().toUpperCase().equals(p)) - && requestURI.startsWith(prefix); - } - - public String getPrefix() { - return prefix; - } - - public void setPrefix(String prefix) { - this.prefix = prefix; - } -} diff --git a/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java b/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java index 0d86c946..f74a582d 100644 --- a/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java +++ b/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java @@ -1,20 +1,20 @@ /* -* Copyright [2022] [wisemapping] -* -* Licensed under WiseMapping Public License, Version 1.0 (the "License"). -* It is basically the Apache License, Version 2.0 (the "License") plus the -* "powered by wisemapping" text requirement on every single page; -* you may not use this file except in compliance with the License. -* You may obtain a copy of the license at -* -* http://www.wisemapping.org/license -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ + * Copyright [2022] [wisemapping] + * + * Licensed under WiseMapping Public License, Version 1.0 (the "License"). + * It is basically the Apache License, Version 2.0 (the "License") plus the + * "powered by wisemapping" text requirement on every single page; + * you may not use this file except in compliance with the License. + * You may obtain a copy of the license at + * + * http://www.wisemapping.org/license + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package com.wisemapping.security; @@ -23,12 +23,13 @@ import com.wisemapping.model.User; import com.wisemapping.service.UserService; import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.Nullable; +import org.springframework.context.annotation.Bean; import org.springframework.dao.DataAccessException; import org.springframework.security.core.userdetails.UsernameNotFoundException; public class UserDetailsService - implements org.springframework.security.core.userdetails.UserDetailsService{ + implements org.springframework.security.core.userdetails.UserDetailsService { private UserService userService; private String adminUser; diff --git a/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java b/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java deleted file mode 100644 index 3bea2f97..00000000 --- a/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java +++ /dev/null @@ -1,99 +0,0 @@ -package com.wisemapping.security.ldap; - - -import com.wisemapping.exceptions.WiseMappingException; -import com.wisemapping.model.AuthenticationType; -import com.wisemapping.model.User; -import com.wisemapping.security.UserDetails; -import com.wisemapping.service.UserService; -import org.jetbrains.annotations.NotNull; -import org.jetbrains.annotations.Nullable; -import org.springframework.ldap.core.DirContextAdapter; -import org.springframework.ldap.core.DirContextOperations; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.ldap.userdetails.UserDetailsContextMapper; - -import java.util.Calendar; -import java.util.Collection; - -public class LdapUserDetailsContextMapper implements UserDetailsContextMapper { - - private UserService userService; - private String adminUser; - private String ldapAttributeFirstName; - private String ldapAttributeLastName; - - - public UserService getUserService() { - return userService; - } - - public void setUserService(UserService userService) { - this.userService = userService; - } - - - private boolean isAdmin(@Nullable String email) { - return email != null && adminUser != null && email.trim().endsWith(adminUser); - } - - public String getAdminUser() { - return adminUser; - } - - public void setAdminUser(String adminUser) { - this.adminUser = adminUser; - } - - @Override - public UserDetails mapUserFromContext(@NotNull DirContextOperations userData, - String email, Collection arg2) { - User user = userService.getUserBy(email); - if (user == null) { - // If the user was not found in the database, create a new one ... - user = new User(); - user.setEmail(email); - - final String firstName = userData.getStringAttribute(ldapAttributeFirstName); - user.setFirstname(firstName); - - final String lastName = userData.getStringAttribute(ldapAttributeLastName); - user.setLastname(lastName); - - user.setPassword(email); - final Calendar now = Calendar.getInstance(); - user.setActivationDate(now); - - try { - user.setAuthenticationType(AuthenticationType.LDAP); - user = userService.createUser(user, false, false); - } catch (WiseMappingException e) { - throw new IllegalStateException(e); - } - } - return new UserDetails(user, isAdmin(email)); - } - - public String getLdapAttributeLastName() { - return ldapAttributeLastName; - } - - public void setLdapAttributeLastName(String ldapAttributLastName) { - this.ldapAttributeLastName = ldapAttributLastName; - } - - public String getLdapAttrbutFirstName() { - return ldapAttributeFirstName; - } - - public void setLdapAttributeFirstName(String ldapAttributeFirstName) { - this.ldapAttributeFirstName = ldapAttributeFirstName; - } - - @Override - public void mapUserToContext(org.springframework.security.core.userdetails.UserDetails userDetails, DirContextAdapter dirContextAdapter) { - // To be implemented ... - } - - -} diff --git a/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java b/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java index 06aa1455..1e9da9a2 100755 --- a/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java +++ b/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java @@ -18,8 +18,8 @@ package com.wisemapping.service; -import javax.servlet.ServletContextEvent; -import javax.servlet.ServletContextListener; +import jakarta.servlet.ServletContextEvent; +import jakarta.servlet.ServletContextListener; public class HibernateAppListener implements ServletContextListener { diff --git a/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java b/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java index 927a05ca..02574da7 100755 --- a/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java +++ b/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java @@ -22,7 +22,7 @@ import com.wisemapping.exceptions.WiseMappingException; import com.wisemapping.model.*; import org.jetbrains.annotations.Nullable; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.io.IOException; import java.util.List; diff --git a/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java b/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java index e947090f..17d6cb1f 100644 --- a/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java +++ b/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java @@ -28,7 +28,7 @@ import org.apache.http.client.fluent.Form; import org.apache.http.client.fluent.Request; import org.jetbrains.annotations.Nullable; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; import java.io.IOException; import java.util.HashMap; import java.util.List; diff --git a/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java b/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java index a33bf8af..4a8da4c1 100644 --- a/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java +++ b/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java @@ -47,7 +47,7 @@ import org.springframework.stereotype.Service; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; -import javax.validation.constraints.NotNull; +import jakarta.validation.constraints.NotNull; @Service public class HttpInvoker { diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcLoginController.java similarity index 87% rename from wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java rename to wise-webapp/src/main/java/com/wisemapping/webmvc/MvcLoginController.java index 4c01c51d..2e972b5e 100644 --- a/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java +++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcLoginController.java @@ -21,13 +21,15 @@ package com.wisemapping.webmvc; import com.wisemapping.model.User; import com.wisemapping.security.Utils; import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.servlet.ModelAndView; @Controller -public class LoginController { +@PreAuthorize("permitAll()") +public class MvcLoginController { @Value("${database.driver}") private String driver; @@ -39,7 +41,7 @@ public class LoginController { if (user != null) { result = new ModelAndView("forward:/c/maps/"); } else { - result = new ModelAndView("login"); + result = new ModelAndView("reactInclude"); result.addObject("isHsql", driver.contains("hsql")); } return result; diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java similarity index 90% rename from wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java rename to wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java index 03317139..7d3517f3 100644 --- a/wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java +++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java @@ -21,7 +21,7 @@ package com.wisemapping.webmvc; import com.wisemapping.exceptions.AccessDeniedSecurityException; import com.wisemapping.exceptions.MapCouldNotFoundException; -import com.wisemapping.exceptions.MapNonPublicException; +import com.wisemapping.exceptions.MapNotPublicSecurityException; import com.wisemapping.exceptions.WiseMappingException; import com.wisemapping.model.CollaborationRole; import com.wisemapping.model.Mindmap; @@ -34,6 +34,7 @@ import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.i18n.LocaleContextHolder; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.PathVariable; @@ -45,7 +46,7 @@ import org.springframework.web.servlet.ModelAndView; import java.util.Locale; @Controller -public class MindmapController { +public class MvcMindmapController { @Qualifier("mindmapService") @Autowired @@ -59,12 +60,12 @@ public class MindmapController { model.addAttribute("mindmap", mindmap); final Locale locale = LocaleContextHolder.getLocale(); model.addAttribute("locale", locale.toString().toLowerCase()); - return "mindmapPrint"; + return "mindmapViewonly"; } @RequestMapping(value = "maps/") public String showListPage(@NotNull Model model) { - return "mindmapList"; + return "reactInclude"; } @RequestMapping(value = "maps/{id}/edit", method = RequestMethod.GET) @@ -106,6 +107,7 @@ public class MindmapController { } @RequestMapping(value = "maps/{id}/try", method = RequestMethod.GET) + @PreAuthorize("permitAll()") public String showMindmapTryPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException { return showEditorPage(id, model, false); } @@ -118,13 +120,14 @@ public class MindmapController { } @RequestMapping(value = "maps/{id}/embed") - public ModelAndView showEmbeddedPage(@PathVariable int id, @RequestParam(required = false) Float zoom) throws MapCouldNotFoundException, MapNonPublicException, AccessDeniedSecurityException { + @PreAuthorize("permitAll()") + public ModelAndView showEmbeddedPage(@PathVariable int id, @RequestParam(required = false) Float zoom) throws MapCouldNotFoundException, MapNotPublicSecurityException, AccessDeniedSecurityException { if (!mindmapService.isMindmapPublic(id)) { - throw new MapNonPublicException("Map " + id + " is not public."); + throw new MapNotPublicSecurityException("Map " + id + " is not public."); } final MindMapBean mindmap = findMindmapBean(id); - final ModelAndView view = new ModelAndView("mindmapEmbedded", "mindmap", mindmap); + final ModelAndView view = new ModelAndView("mindmapViewonly", "mindmap", mindmap); view.addObject("zoom", zoom == null ? 1 : zoom); final Locale locale = LocaleContextHolder.getLocale(); view.addObject("locale", locale.toString().toLowerCase()); @@ -132,21 +135,24 @@ public class MindmapController { } @RequestMapping(value = "maps/{id}/public", method = RequestMethod.GET) + @PreAuthorize("permitAll()") public String showPublicViewPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException { if (!mindmapService.isMindmapPublic(id)) { - throw new MapNonPublicException("Map " + id + " is not public."); + throw new MapNotPublicSecurityException("Map " + id + " is not public."); } return this.showPrintPage(id, model); } @Deprecated @RequestMapping(value = "publicView", method = RequestMethod.GET) + @PreAuthorize("permitAll()") public String showPublicViewPageLegacy(@RequestParam(required = true) int mapId) { return "redirect:maps/" + mapId + "/public"; } @Deprecated @RequestMapping(value = "embeddedView", method = RequestMethod.GET) + @PreAuthorize("permitAll()") public String showPublicViewLegacyPage(@RequestParam(required = true) int mapId, @RequestParam(required = false) int zoom) { return "redirect:maps/" + mapId + "/embed?zoom=" + zoom; } diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcUsersController.java similarity index 83% rename from wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java rename to wise-webapp/src/main/java/com/wisemapping/webmvc/MvcUsersController.java index e760c017..83add065 100644 --- a/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java +++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcUsersController.java @@ -22,31 +22,35 @@ package com.wisemapping.webmvc; import com.wisemapping.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.servlet.ModelAndView; @Controller -public class UsersController { +public class MvcUsersController { @Qualifier("userService") @Autowired private UserService userService; @RequestMapping(value = "forgot-password", method = RequestMethod.GET) + @PreAuthorize("permitAll()") public ModelAndView showResetPasswordPage() { - return new ModelAndView("forgot-password"); + return new ModelAndView("reactInclude"); } @RequestMapping(value = "registration-google", method = RequestMethod.GET) + @PreAuthorize("permitAll()") public ModelAndView processGoogleCallback() { - return new ModelAndView("registration-google"); + return new ModelAndView("reactInclude"); } @RequestMapping(value = "registration", method = RequestMethod.GET) + @PreAuthorize("permitAll()") public ModelAndView showRegistrationPage() { - return new ModelAndView("registration"); + return new ModelAndView("reactInclude"); } } diff --git a/wise-webapp/src/main/resources/Bundle.properties b/wise-webapp/src/main/resources/Bundle.properties index c09305ac..06dfc929 100644 --- a/wise-webapp/src/main/resources/Bundle.properties +++ b/wise-webapp/src/main/resources/Bundle.properties @@ -1 +1 @@ -# Solves error Can't find bundle for base name javax.xml.bind.Messages, locale en_US \ No newline at end of file +# Solves error Can't find bundle for base name jakarta.xml.bind.Messages, locale en_US \ No newline at end of file diff --git a/wise-webapp/src/main/resources/messages_en.properties b/wise-webapp/src/main/resources/messages_en.properties index ec30a85d..06248f2d 100644 --- a/wise-webapp/src/main/resources/messages_en.properties +++ b/wise-webapp/src/main/resources/messages_en.properties @@ -8,7 +8,6 @@ INVALID_EMAIL_ADDRESS=Invalid email address. Please, verify that your entered v CREATOR=Creator WELCOME=Welcome SHARE=Share -UNEXPECTED_ERROR=An unexpected error has occurred. MAP_TITLE_ALREADY_EXISTS=You have already a map with the same name LABEL_TITLE_ALREADY_EXISTS=You have already a label with the same name TUTORIAL.MULTIPLE_TEXT_STYLES=Multiple Text Styles @@ -47,9 +46,7 @@ MINDMAP_IS_LOCKED=Min map is locked for edition. # Confirmed RESET_PASSWORD_INVALID_EMAIL=The email provided is not a valid user account. Please, try again with a valid email. TRY_WELCOME=This edition space showcases some of the mind map editor capabilities \!. -UNEXPECTED_ERROR_DETAILS=Unexpected error processing request. NO_ENOUGH_PERMISSIONS=This mind map cannot be opened. -NO_ENOUGH_PERMISSIONS_DETAILS=You do not have enough right access to see this map. This map has been changed to private or deleted. CAPTCHA_TIMEOUT_OUT_DUPLICATE=Please, refresh the page and try again. CAPTCHA_INVALID_INPUT_RESPONSE=Invalid input response, refresh the page and try again. MINDMAP_EMPTY_ERROR=Mind map can not be empty. diff --git a/wise-webapp/src/main/webapp/WEB-INF/app.properties b/wise-webapp/src/main/webapp/WEB-INF/app.properties index aec7793d..0046539e 100755 --- a/wise-webapp/src/main/webapp/WEB-INF/app.properties +++ b/wise-webapp/src/main/webapp/WEB-INF/app.properties @@ -160,3 +160,4 @@ security.oauth2.google.url=https://accounts.google.com/o/oauth2/v2/auth?redirect # Coma separated list of domains and emails ban #accounts.exclusion.domain= + diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.properties b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.properties deleted file mode 100644 index 58885ada..00000000 --- a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.properties +++ /dev/null @@ -1,7 +0,0 @@ -# Debug level -log4j.rootLogger=INFO,stdout - -# Stdout logger -log4j.appender.stdout=org.apache.log4j.ConsoleAppender -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%d %p %c - %m%n \ No newline at end of file diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.xml b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.xml new file mode 100644 index 00000000..27ef8dd7 --- /dev/null +++ b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.xml @@ -0,0 +1,19 @@ + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j.properties b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j.properties deleted file mode 100644 index 75809f93..00000000 --- a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j.properties +++ /dev/null @@ -1,24 +0,0 @@ -# Log levels -log4j.rootLogger=INFO, stdout, R -log4j.logger.com.wisemapping=DEBUG,R -log4j.logger.org.springframework=DEBUG,R -log4j.logger.org.hibernate=INFO,R -log4j.logger.org.hibernate.type.descriptor.sql.BasicBinder=TRACE,R -log4j.logger.org.hibernate.SQL=DEBUG,R - -# Stdout logger -log4j.appender.stdout=org.apache.log4j.ConsoleAppender -log4j.appender.stdout.layout=org.apache.log4j.PatternLayout -log4j.appender.stdout.layout.ConversionPattern=%d %p %c - %m%n - - -# File Writer Logger -log4j.appender.R=org.apache.log4j.RollingFileAppender -log4j.appender.R.File=wisemapping.log - -log4j.appender.R.MaxFileSize=100KB -# Keep one backup file -log4j.appender.R.MaxBackupIndex=1 - -log4j.appender.R.layout=org.apache.log4j.PatternLayout -log4j.appender.R.layout.ConversionPattern=%d %p %c - %m%n diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j2.xml b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j2.xml new file mode 100644 index 00000000..26b88e6e --- /dev/null +++ b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j2.xml @@ -0,0 +1,24 @@ + + + + + + + + + %d %p %c{1.} [%t] %m%n + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml b/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml deleted file mode 100644 index 0277589b..00000000 --- a/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml +++ /dev/null @@ -1,33 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/wise-webapp/src/main/webapp/WEB-INF/views/init.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/init.jsp new file mode 100644 index 00000000..94a2f9ba --- /dev/null +++ b/wise-webapp/src/main/webapp/WEB-INF/views/init.jsp @@ -0,0 +1,7 @@ +<%@taglib uri="jakarta.tags.functions" prefix="fn" %> +<%@taglib uri="jakarta.tags.core" prefix="c"%> +<% + + request.setAttribute("principal", com.wisemapping.security.Utils.getUser()); +%> + diff --git a/wise-webapp/src/main/webapp/jsp/mindmapEditor.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapEditor.jsp similarity index 96% rename from wise-webapp/src/main/webapp/jsp/mindmapEditor.jsp rename to wise-webapp/src/main/webapp/WEB-INF/views/mindmapEditor.jsp index 4c7434b1..e3478e1d 100644 --- a/wise-webapp/src/main/webapp/jsp/mindmapEditor.jsp +++ b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapEditor.jsp @@ -1,7 +1,7 @@ <%@ page import="com.wisemapping.security.Utils" %> <%@ page import="com.wisemapping.model.User" %> <%@ page pageEncoding="UTF-8" contentType="text/html; charset=UTF-8" %> -<%@ include file="/jsp/init.jsp" %> +<%@ include file="init.jsp" %> <%--@elvariable id="mindmap" type="com.wisemapping.model.Mindmap"--%> <%--@elvariable id="editorTryMode" type="java.lang.Boolean"--%> @@ -16,7 +16,7 @@ - <%@ include file="/jsp/pageHeaders.jsf" %> + <%@ include file="pageHeaders.jsf" %> Loading ... | WiseMapping diff --git a/wise-webapp/src/main/webapp/jsp/mindmapViewonly.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapViewonly.jsp similarity index 97% rename from wise-webapp/src/main/webapp/jsp/mindmapViewonly.jsp rename to wise-webapp/src/main/webapp/WEB-INF/views/mindmapViewonly.jsp index 495ec993..b4fdc6ab 100644 --- a/wise-webapp/src/main/webapp/jsp/mindmapViewonly.jsp +++ b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapViewonly.jsp @@ -1,5 +1,5 @@ <%@page pageEncoding="UTF-8" %> -<%@include file="/jsp/init.jsp" %> +<%@include file="init.jsp" %> <%--@elvariable id="mindmap" type="com.wisemapping.model.Mindmap"--%> @@ -15,7 +15,7 @@ ${mindmap.title} | <spring:message code="SITE.TITLE"/> - <%@ include file="/jsp/pageHeaders.jsf" %> + <%@ include file="pageHeaders.jsf" %> +