From f8b8aea9014879b83a6b29139de435300558d6fb Mon Sep 17 00:00:00 2001 From: Paulo Gustavo Veiga Date: Sat, 10 Feb 2024 13:53:44 -0800 Subject: [PATCH] Add support for configure http basic. --- .../config/common/CommonConfig.java | 12 +++++----- .../config/rest/RestAppConfig.java | 17 ++++++++++---- .../filter/SupportedUserAgent.java | 23 ------------------- .../wisemapping/rest/MindmapController.java | 12 +++++----- .../wisemapping/service/HibernateUtil.java | 1 - .../service/NotificationService.java | 3 +-- wise-api/src/main/resources/application.yml | 2 ++ .../test/rest/RestAccountControllerTest.java | 6 ++++- .../test/rest/RestJwtAuthControllerTest.java | 5 +++- .../test/rest/RestLabelControllerTest.java | 5 +++- .../test/rest/RestMindmapControllerTest.java | 5 +++- .../test/rest/RestUserControllerTest.java | 5 +++- 12 files changed, 49 insertions(+), 47 deletions(-) delete mode 100644 wise-api/src/main/java/com/wisemapping/filter/SupportedUserAgent.java diff --git a/wise-api/src/main/java/com/wisemapping/config/common/CommonConfig.java b/wise-api/src/main/java/com/wisemapping/config/common/CommonConfig.java index 43f06c96..561fce36 100644 --- a/wise-api/src/main/java/com/wisemapping/config/common/CommonConfig.java +++ b/wise-api/src/main/java/com/wisemapping/config/common/CommonConfig.java @@ -7,7 +7,7 @@ import com.wisemapping.security.Utils; import com.wisemapping.service.MindmapServiceImpl; import com.wisemapping.util.VelocityEngineUtils; import jakarta.servlet.http.HttpServletRequest; -import org.jetbrains.annotations.Nullable; +import org.jetbrains.annotations.NotNull; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; @@ -23,14 +23,15 @@ import java.util.Locale; public class CommonConfig { @Bean public LocaleResolver localeResolver() { - final LocaleResolver localeResolver = new AcceptHeaderLocaleResolver() { + return new AcceptHeaderLocaleResolver() { @Override - public Locale resolveLocale(@Nullable HttpServletRequest request) { + public Locale resolveLocale(@NotNull HttpServletRequest request) { final User user = Utils.getUser(); Locale result; - String locale = user.getLocale(); - if (user != null && locale != null) { + if (user != null && user.getLocale() != null) { + String locale = user.getLocale(); final String locales[] = locale.split("_"); + Locale.Builder builder = new Locale.Builder().setLanguage(locales[0]); if (locales.length > 1) { builder.setVariant(locales[1]); @@ -42,7 +43,6 @@ public class CommonConfig { return result; } }; - return localeResolver; } } diff --git a/wise-api/src/main/java/com/wisemapping/config/rest/RestAppConfig.java b/wise-api/src/main/java/com/wisemapping/config/rest/RestAppConfig.java index 918d1278..ada33915 100644 --- a/wise-api/src/main/java/com/wisemapping/config/rest/RestAppConfig.java +++ b/wise-api/src/main/java/com/wisemapping/config/rest/RestAppConfig.java @@ -5,6 +5,7 @@ import com.wisemapping.rest.MindmapController; import jakarta.servlet.http.HttpServletResponse; import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Import; @@ -25,6 +26,9 @@ import static org.springframework.security.config.Customizer.withDefaults; @EnableWebSecurity public class RestAppConfig { + @Value("${app.api.http-basic-enabled:false}") + private boolean enableHttpBasic; + @Autowired private JwtAuthenticationFilter jwtAuthenticationFilter; @@ -35,7 +39,7 @@ public class RestAppConfig { @Bean SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final MvcRequestMatcher.Builder mvc) throws Exception { - return http + http .securityMatcher("/**") .addFilterAfter(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) .authorizeHttpRequests(auth -> auth @@ -54,8 +58,13 @@ public class RestAppConfig { response.setStatus(HttpServletResponse.SC_OK); })) .csrf(AbstractHttpConfigurer::disable) - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .httpBasic(withDefaults()) - .build(); + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)); + + // Http basic is mainly used by automation tests. + if (enableHttpBasic) { + http.httpBasic(withDefaults()); + } + + return http.build(); } } diff --git a/wise-api/src/main/java/com/wisemapping/filter/SupportedUserAgent.java b/wise-api/src/main/java/com/wisemapping/filter/SupportedUserAgent.java deleted file mode 100644 index 13919387..00000000 --- a/wise-api/src/main/java/com/wisemapping/filter/SupportedUserAgent.java +++ /dev/null @@ -1,23 +0,0 @@ -/* -* Copyright [2022] [wisemapping] -* -* Licensed under WiseMapping Public License, Version 1.0 (the "License"). -* It is basically the Apache License, Version 2.0 (the "License") plus the -* "powered by wisemapping" text requirement on every single page; -* you may not use this file except in compliance with the License. -* You may obtain a copy of the license at -* -* http://www.wisemapping.org/license -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ - -package com.wisemapping.filter; - -public interface SupportedUserAgent{ - String USER_AGENT_HEADER = "User-Agent"; -} diff --git a/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java b/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java index 276e20aa..c69f0cbf 100644 --- a/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java +++ b/wise-api/src/main/java/com/wisemapping/rest/MindmapController.java @@ -225,7 +225,7 @@ public class MindmapController extends BaseController { final String title = restMindmap.getTitle(); if (title != null && !title.equals(mindmap.getTitle())) { if (mindmapService.getMindmapByTitle(title, user) != null) { - throw buildValidationException("title", "You already have a map with this title"); + throw buildValidationException("You already have a map with this title"); } mindmap.setTitle(title); } @@ -273,7 +273,7 @@ public class MindmapController extends BaseController { // Is there a map with the same name ? if (mindmapService.getMindmapByTitle(title, user) != null) { - throw buildValidationException("title", "You already have a mindmap with this title"); + throw buildValidationException("You already have a mindmap with this title"); } // Update map ... @@ -497,7 +497,7 @@ public class MindmapController extends BaseController { // Update map status ... final boolean starred = Boolean.parseBoolean(value); final Optional collaboration = mindmap.findCollaboration(user); - if (!collaboration.isPresent()) { + if (collaboration.isEmpty()) { throw new WiseMappingException("No enough permissions."); } collaboration.get().getCollaborationProperties().setStarred(starred); @@ -512,7 +512,7 @@ public class MindmapController extends BaseController { final User user = Utils.getUser(); final Optional collaboration = mindmap.findCollaboration(user); - if (!collaboration.isPresent()) { + if (collaboration.isEmpty()) { throw new WiseMappingException("No enough permissions."); } boolean result = collaboration.get().getCollaborationProperties().getStarred(); @@ -659,9 +659,9 @@ public class MindmapController extends BaseController { mindmapService.updateMindmap(mindMap, !minor); } - private ValidationException buildValidationException(@NotNull String fieldName, @NotNull String message) throws WiseMappingException { + private ValidationException buildValidationException(@NotNull String message) throws WiseMappingException { final BindingResult result = new BeanPropertyBindingResult(new RestMindmap(), ""); - result.rejectValue(fieldName, "error.not-specified", null, message); + result.rejectValue("title", "error.not-specified", null, message); return new ValidationException(result); } diff --git a/wise-api/src/main/java/com/wisemapping/service/HibernateUtil.java b/wise-api/src/main/java/com/wisemapping/service/HibernateUtil.java index 600b3305..92e969e5 100755 --- a/wise-api/src/main/java/com/wisemapping/service/HibernateUtil.java +++ b/wise-api/src/main/java/com/wisemapping/service/HibernateUtil.java @@ -22,7 +22,6 @@ import org.hibernate.SessionFactory; import org.hibernate.cfg.Configuration; public class HibernateUtil { - private static final SessionFactory sessionFactory; static { diff --git a/wise-api/src/main/java/com/wisemapping/service/NotificationService.java b/wise-api/src/main/java/com/wisemapping/service/NotificationService.java index 81e4f24e..4534df18 100644 --- a/wise-api/src/main/java/com/wisemapping/service/NotificationService.java +++ b/wise-api/src/main/java/com/wisemapping/service/NotificationService.java @@ -18,7 +18,6 @@ package com.wisemapping.service; -import com.wisemapping.filter.SupportedUserAgent; import com.wisemapping.model.Collaboration; import com.wisemapping.model.Mindmap; import com.wisemapping.model.User; @@ -202,7 +201,7 @@ final public class NotificationService { final String userEmail = user != null ? user.getEmail() : "'anonymous'"; model.put("email", userEmail); - model.put("userAgent", request.getHeader(SupportedUserAgent.USER_AGENT_HEADER)); + model.put("userAgent", request.getHeader("User-Agent")); model.put("server", request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()); model.put("requestURI", request.getRequestURI()); model.put("method", request.getMethod()); diff --git a/wise-api/src/main/resources/application.yml b/wise-api/src/main/resources/application.yml index 12e87cc1..38d3c5c5 100644 --- a/wise-api/src/main/resources/application.yml +++ b/wise-api/src/main/resources/application.yml @@ -50,6 +50,8 @@ logging: # Application Configuration. app: + api: + http-basic-enabled: false jwt: secret: dlqxKAg685SaKhsQXIMeM=JWCw3bkl3Ei3Tb7LMlnd19oMd66burPNlJ0Po1qguyjgpakQTk2CN3 expirationMin: 10080 # One week diff --git a/wise-api/src/test/java/com/wisemapping/test/rest/RestAccountControllerTest.java b/wise-api/src/test/java/com/wisemapping/test/rest/RestAccountControllerTest.java index 9d94943f..04b673ca 100644 --- a/wise-api/src/test/java/com/wisemapping/test/rest/RestAccountControllerTest.java +++ b/wise-api/src/test/java/com/wisemapping/test/rest/RestAccountControllerTest.java @@ -40,7 +40,11 @@ import static com.wisemapping.test.rest.RestHelper.*; import static org.junit.jupiter.api.Assertions.*; -@SpringBootTest(classes = {RestAppConfig.class, CommonConfig.class, MindmapController.class, AdminController.class, UserController.class}, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@SpringBootTest( + classes = {RestAppConfig.class, CommonConfig.class, MindmapController.class, AdminController.class, UserController.class}, + webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, + properties = {"app.api.http-basic-enabled=true"} +) @AutoConfigureMockMvc public class RestAccountControllerTest { private static final String ADMIN_USER = "admin@wisemapping.org"; diff --git a/wise-api/src/test/java/com/wisemapping/test/rest/RestJwtAuthControllerTest.java b/wise-api/src/test/java/com/wisemapping/test/rest/RestJwtAuthControllerTest.java index 1159e4d3..cc401536 100644 --- a/wise-api/src/test/java/com/wisemapping/test/rest/RestJwtAuthControllerTest.java +++ b/wise-api/src/test/java/com/wisemapping/test/rest/RestJwtAuthControllerTest.java @@ -38,7 +38,10 @@ import static org.junit.jupiter.api.Assertions.assertTrue; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; -@SpringBootTest(classes = {RestAppConfig.class, CommonConfig.class, JwtAuthController.class}) +@SpringBootTest( + classes = {RestAppConfig.class, CommonConfig.class, JwtAuthController.class}, + properties = {"app.api.http-basic-enabled=true"} +) @AutoConfigureMockMvc public class RestJwtAuthControllerTest { diff --git a/wise-api/src/test/java/com/wisemapping/test/rest/RestLabelControllerTest.java b/wise-api/src/test/java/com/wisemapping/test/rest/RestLabelControllerTest.java index bd3ed821..2a77c464 100644 --- a/wise-api/src/test/java/com/wisemapping/test/rest/RestLabelControllerTest.java +++ b/wise-api/src/test/java/com/wisemapping/test/rest/RestLabelControllerTest.java @@ -28,7 +28,10 @@ import static com.wisemapping.test.rest.RestHelper.createHeaders; import static org.junit.jupiter.api.Assertions.*; -@SpringBootTest(classes = {RestAppConfig.class, CommonConfig.class, LabelController.class, AdminController.class, UserController.class}, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@SpringBootTest( + classes = {RestAppConfig.class, CommonConfig.class, LabelController.class, AdminController.class, UserController.class}, + properties = {"app.api.http-basic-enabled=true"}, + webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) public class RestLabelControllerTest { private static final String COLOR = "#000000"; diff --git a/wise-api/src/test/java/com/wisemapping/test/rest/RestMindmapControllerTest.java b/wise-api/src/test/java/com/wisemapping/test/rest/RestMindmapControllerTest.java index 6e01a87a..55e42408 100644 --- a/wise-api/src/test/java/com/wisemapping/test/rest/RestMindmapControllerTest.java +++ b/wise-api/src/test/java/com/wisemapping/test/rest/RestMindmapControllerTest.java @@ -31,7 +31,10 @@ import java.util.stream.Collectors; import static com.wisemapping.test.rest.RestHelper.createHeaders; import static org.junit.jupiter.api.Assertions.*; -@SpringBootTest(classes = {RestAppConfig.class, CommonConfig.class, MindmapController.class, AdminController.class, UserController.class}, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@SpringBootTest( + classes = {RestAppConfig.class, CommonConfig.class, MindmapController.class, AdminController.class, UserController.class}, + webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, + properties = {"app.api.http-basic-enabled=true"}) public class RestMindmapControllerTest { private RestUser user; diff --git a/wise-api/src/test/java/com/wisemapping/test/rest/RestUserControllerTest.java b/wise-api/src/test/java/com/wisemapping/test/rest/RestUserControllerTest.java index 73fe8128..7baae30e 100644 --- a/wise-api/src/test/java/com/wisemapping/test/rest/RestUserControllerTest.java +++ b/wise-api/src/test/java/com/wisemapping/test/rest/RestUserControllerTest.java @@ -45,7 +45,10 @@ import static org.springframework.test.web.servlet.result.MockMvcResultHandlers. import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; -@SpringBootTest(classes = {RestAppConfig.class, CommonConfig.class, UserController.class}) +@SpringBootTest( + classes = {RestAppConfig.class, CommonConfig.class, UserController.class}, + properties = {"app.api.http-basic-enabled=true"} +) @AutoConfigureMockMvc public class RestUserControllerTest {