vmario
/
wisemapping-open-source
mirror of https://bitbucket.org/wisemapping/wisemapping-open-source.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: vmario:ea6b2ad1063e52f7d87c5cbfcd36efd186d9352f
Branches Tags
vmario:develop
vmario:master
vmario:feature/springboot2
vmario:feature/change_aop
vmario:feature/springboot
vmario:feature/hiberate6
vmario:google-login-pagespeed
vmario:feature/lock2
vmario:feature/csfr
vmario:bugs/fix_mindplot_integration
vmario:v5.0.10
vmario:v5.0.5
vmario:v5.0.4
vmario:v5.0.2
vmario:v5.0.0
vmario:v4.0.4
vmario:v4.0.3
vmario:v4.0.2
vmario:v4.0.1
vmario:v4.0.0
vmario:v3.0.4
vmario:v3.0.3
vmario:v3.0.2
vmario:v3.0.1.GA
vmario:v3.0.GA
vmario:v3.0.RC3
vmario:v3.0.RC2
vmario:v3.0.RC1
vmario:v3.0.beta4
vmario:v3.0.beta3
vmario:v3.0.beta2
vmario:v3.0.beta1
vmario:v2.1.1
vmario:v2.1
vmario:v2.0
vmario:v1.0
vmario:v0.97
vmario:v0.96
vmario:v0.94
...
compare: vmario:fa06852806904044bee5b8a16164bd2f868f336b
Branches Tags
vmario:develop
vmario:master
vmario:feature/springboot2
vmario:feature/change_aop
vmario:feature/springboot
vmario:feature/hiberate6
vmario:google-login-pagespeed
vmario:feature/lock2
vmario:feature/csfr
vmario:bugs/fix_mindplot_integration
vmario:v5.0.10
vmario:v5.0.5
vmario:v5.0.4
vmario:v5.0.2
vmario:v5.0.0
vmario:v4.0.4
vmario:v4.0.3
vmario:v4.0.2
vmario:v4.0.1
vmario:v4.0.0
vmario:v3.0.4
vmario:v3.0.3
vmario:v3.0.2
vmario:v3.0.1.GA
vmario:v3.0.GA
vmario:v3.0.RC3
vmario:v3.0.RC2
vmario:v3.0.RC1
vmario:v3.0.beta4
vmario:v3.0.beta3
vmario:v3.0.beta2
vmario:v3.0.beta1
vmario:v2.1.1
vmario:v2.1
vmario:v2.0
vmario:v1.0
vmario:v0.97
vmario:v0.96
vmario:v0.94

2 Commits
ea6b2ad106 ... fa06852806

Author SHA1 Message Date
Paulo Gustavo Veiga fa06852806 Add static resources. 2023-11-27 21:47:22 -08:00
Paulo Gustavo Veiga 079f8ac417 Fix MVC 2023-11-27 21:09:00 -08:00
35 changed files with 347 additions and 437 deletions
Show Stats Expand all files Collapse all files

22
wise-webapp/pom.xml
View File

@ -67,16 +67,12 @@
<version>12.0</version>
<scope>compile</scope>
</dependency>
<!-- <dependency>-->
<!-- <groupId>org.springframework</groupId>-->
<!-- <artifactId>spring-messaging</artifactId>-->
<!-- <version>${org.springframework.version}</version>-->
<!-- </dependency>-->
<!-- <dependency>-->
<!-- <groupId>org.springframework</groupId>-->
<!-- <artifactId>spring-websocket</artifactId>-->
<!-- <version>${org.springframework.version}</version>-->
<!-- </dependency>-->
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-jasper</artifactId>
<version>10.1.9</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
@ -195,6 +191,12 @@
<artifactId>spring-security-config</artifactId>
<version>${org.springframework.addons}</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>RELEASE</version>
<scope>compile</scope>
</dependency>
</dependencies>
<profiles>
<profile>

31
wise-webapp/src/main/java/com/wisemapping/config/Application.java
View File

@ -1,18 +1,35 @@
package com.wisemapping.config;
import org.springframework.boot.SpringApplication;
import com.wisemapping.config.mvc.MvcAppConfig;
import com.wisemapping.config.mvc.MvcSecurityConfig;
import com.wisemapping.config.mvc.ServletConfig;
import com.wisemapping.config.rest.RestAppConfig;
import org.springframework.boot.WebApplicationType;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.ImportResource;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.security.web.firewall.StrictHttpFirewall;
@EnableTransactionManagement
@SpringBootApplication
@EnableJpaRepositories("com.wisemapping.model")
@ImportResource("classpath:spring/wisemapping-common.xml")
@ImportResource(value = {"classpath:spring/wisemapping-service.xml"})
@ComponentScan({"com.wisemapping.security", "com.wisemapping.service", "com.wisemapping.dao", "com.wisemapping.util"})
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
new SpringApplicationBuilder()
.parent(Application.class, HibernateConfig.class, MethodSecurityConfig.class).web(WebApplicationType.NONE)
.child(MvcAppConfig.class, MvcSecurityConfig.class, ServletConfig.class).web(WebApplicationType.SERVLET)
.sibling(RestAppConfig.class).web(WebApplicationType.SERVLET)
.run(args);
}
@Bean
public StrictHttpFirewall httpFirewall() {
StrictHttpFirewall firewall = new StrictHttpFirewall();
firewall.setAllowSemicolon(true);
return firewall;
}
}

2
wise-webapp/src/main/java/com/wisemapping/config/HibernateConfig.java
View File

@ -1,10 +1,12 @@
package com.wisemapping.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@Configuration
@EnableTransactionManagement
@EnableJpaRepositories("com.wisemapping.model")
public class HibernateConfig {
// @Value("${database.hibernate.dialect}")
// private String dbDialect;

159
wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java
View File

@ -1,159 +0,0 @@
package com.wisemapping.config;
import com.wisemapping.security.AuthenticationSuccessHandler;
import com.wisemapping.security.UserDetailsService;
import com.wisemapping.service.UserService;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.firewall.StrictHttpFirewall;
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Autowired
UserService userService;
@Value("${admin.user}")
String adminUser;
@Bean
public StrictHttpFirewall httpFirewall() {
StrictHttpFirewall firewall = new StrictHttpFirewall();
firewall.setAllowSemicolon(true);
return firewall;
}
@Bean
@Order(1)
public SecurityFilterChain embeddedDisabledXOrigin(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final MvcRequestMatcher.Builder mvcMatcher = new MvcRequestMatcher.Builder(introspector).servletPath("/c");
http
.securityMatchers((matchers) ->
matchers.requestMatchers(mvcMatcher.pattern(("/maps/*/embed"))))
.authorizeHttpRequests(
(auth) -> auth.requestMatchers(mvcMatcher.pattern("/maps/*/embed")).permitAll())
.headers((header -> header.frameOptions()
.disable()
))
.csrf(AbstractHttpConfigurer::disable);
return http.build();
}
@Bean
@Order(2)
SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final MvcRequestMatcher.Builder serviceMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/service");
return http
.securityMatchers((matchers) ->
matchers.requestMatchers(serviceMapper.pattern(("/**"))))
.authorizeHttpRequests(auth ->
auth
.requestMatchers(serviceMapper.pattern("/users/")).permitAll()
.requestMatchers(serviceMapper.pattern("/users/resetPassword")).permitAll()
.requestMatchers(serviceMapper.pattern("/oauth2/googlecallback")).permitAll()
.requestMatchers(serviceMapper.pattern("/oauth2/confirmaccountsync")).permitAll()
.requestMatchers(serviceMapper.pattern("/admin/**")).hasAnyRole("ADMIN")
.requestMatchers(serviceMapper.pattern("/**")).hasAnyRole("USER", "ADMIN")
)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.httpBasic(httpBasic -> {
})
.csrf(AbstractHttpConfigurer::disable)
.build();
}
@Bean
@Order(3)
public SecurityFilterChain mvcFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final AuthenticationSuccessHandler authenticationSuccessHandler = new AuthenticationSuccessHandler();
authenticationSuccessHandler.setAlwaysUseDefaultTargetUrl(false);
authenticationSuccessHandler.setDefaultTargetUrl("/c/maps/");
final MvcRequestMatcher.Builder restfullMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/c/restful");
final MvcRequestMatcher.Builder mvcMatcher = new MvcRequestMatcher.Builder(introspector).servletPath("/c");
http
.securityMatchers((matchers) ->
matchers.requestMatchers(restfullMapper.pattern(("/**"))).
requestMatchers(mvcMatcher.pattern(("/**"))))
.authorizeHttpRequests(
(auth) ->
auth
.requestMatchers(mvcMatcher.pattern("/login")).permitAll()
.requestMatchers(mvcMatcher.pattern("/logout")).permitAll()
.requestMatchers(mvcMatcher.pattern("/registration")).permitAll()
.requestMatchers(mvcMatcher.pattern("/registration-success")).permitAll()
.requestMatchers(mvcMatcher.pattern("/registration-google")).permitAll()
.requestMatchers(mvcMatcher.pattern("/forgot-password")).permitAll()
.requestMatchers(mvcMatcher.pattern("/forgot-password-success")).permitAll()
.requestMatchers(mvcMatcher.pattern("/maps/*/try")).permitAll()
.requestMatchers(mvcMatcher.pattern("/maps/*/public")).permitAll()
.requestMatchers(restfullMapper.pattern("/maps/*/document/xml-pub")).permitAll()
.requestMatchers(mvcMatcher.pattern("/**")).hasAnyRole("USER", "ADMIN")
.requestMatchers(restfullMapper.pattern("/**")).hasAnyRole("USER", "ADMIN")
.anyRequest().authenticated())
.formLogin((loginForm) ->
loginForm.loginPage("/c/login")
.loginProcessingUrl("/c/perform-login")
.defaultSuccessUrl("/c/maps/")
.failureUrl("/c/login?login_error=2"))
.logout((logout) ->
logout
.logoutUrl("/c/logout")
.logoutSuccessUrl("/c/login")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.permitAll()
).rememberMe(remember ->
remember
.tokenValiditySeconds(2419200)
.rememberMeParameter("remember-me"
).authenticationSuccessHandler(authenticationSuccessHandler)
).headers((header -> header.frameOptions()
.disable()
))
.csrf((csrf) ->
csrf.ignoringRequestMatchers(mvcMatcher.pattern("/logout")));
return http.build();
}
@Bean
@Order(4)
public SecurityFilterChain shareResourcesFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final MvcRequestMatcher.Builder restfullMapper = new MvcRequestMatcher.Builder(introspector);
return http.authorizeHttpRequests(
(auth) ->
auth.requestMatchers(restfullMapper.pattern("/static/**")).permitAll().
requestMatchers(restfullMapper.pattern("/css/**")).permitAll().
requestMatchers(restfullMapper.pattern("/js/**")).permitAll().
requestMatchers(restfullMapper.pattern("/images/**")).permitAll().
requestMatchers(restfullMapper.pattern("/*")).permitAll()
).build();
}
@Bean
public UserDetailsService userDetailsService() {
final UserDetailsService result = new UserDetailsService();
result.setUserService(userService);
result.setAdminUser(adminUser);
return result;
}
}

15
wise-webapp/src/main/java/com/wisemapping/config/MvcConfig.java → wise-webapp/src/main/java/com/wisemapping/config/mvc/MvcAppConfig.java
View File

@ -1,7 +1,9 @@
package com.wisemapping.config;
package com.wisemapping.config.mvc;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.ImportResource;
import org.springframework.web.servlet.HandlerExceptionResolver;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
@ -11,9 +13,12 @@ import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
import org.springframework.web.servlet.view.JstlView;
@Configuration
@SpringBootApplication
@EnableWebMvc
public class MvcConfig implements WebMvcConfigurer {
@ImportResource(value = {"classpath:spring/wisemapping-servlet.xml"})
@ComponentScan("com.wisemapping.webmvc")
public class MvcAppConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry
@ -24,7 +29,7 @@ public class MvcConfig implements WebMvcConfigurer {
@Bean
public ViewResolver viewResolver() {
InternalResourceViewResolver resolver = new InternalResourceViewResolver();
resolver.setPrefix("/views/");
resolver.setPrefix("/WEB-INF/jsp/");
resolver.setSuffix(".jsp");
resolver.setViewClass(JstlView.class);
return resolver;

101
wise-webapp/src/main/java/com/wisemapping/config/mvc/MvcSecurityConfig.java Normal file
View File

@ -0,0 +1,101 @@
package com.wisemapping.config.mvc;
import org.jetbrains.annotations.NotNull;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
@Configuration
@EnableWebSecurity
public class MvcSecurityConfig {
@Bean
@Order(1)
public SecurityFilterChain embeddedDisabledXOrigin(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector);
http
.securityMatchers((matchers) ->
matchers.requestMatchers(matcher.pattern("c/maps/*/embed")))
.authorizeHttpRequests(
(auth) -> auth.requestMatchers(matcher.pattern(("c/maps/*/embed"))).permitAll())
.headers((header -> header.frameOptions()
.disable()
))
.csrf(AbstractHttpConfigurer::disable);
return http.build();
}
@Bean
@Order(2)
public SecurityFilterChain mvcFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector);
http
.securityMatchers((matchers) ->
matchers.requestMatchers(matcher.pattern("/c/**")))
.authorizeHttpRequests(
(auth) ->
auth
.requestMatchers(matcher.pattern("/c/login")).permitAll()
.requestMatchers(matcher.pattern("/c/logout")).permitAll()
.requestMatchers(matcher.pattern("/c/registration")).permitAll()
.requestMatchers(matcher.pattern("/c/registration-success")).permitAll()
.requestMatchers(matcher.pattern("/c/registration-google")).permitAll()
.requestMatchers(matcher.pattern("/c/forgot-password")).permitAll()
.requestMatchers(matcher.pattern("/c/forgot-password-success")).permitAll()
.requestMatchers(matcher.pattern("/c/maps/*/try")).permitAll()
.requestMatchers(matcher.pattern("/c/maps/*/public")).permitAll()
.requestMatchers(matcher.pattern("/c/**")).hasAnyRole("USER", "ADMIN")
.anyRequest().authenticated())
.formLogin((loginForm) ->
loginForm.loginPage("/c/login")
.loginProcessingUrl("/c/perform-login")
.defaultSuccessUrl("/c/maps/")
.failureUrl("/c/login?login_error=2"))
.logout((logout) ->
logout
.logoutUrl("/c/logout")
.logoutSuccessUrl("/c/login")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.permitAll()
).rememberMe(remember ->
remember
.tokenValiditySeconds(2419200)
.rememberMeParameter("remember-me"
)
).headers((header -> header.frameOptions()
.disable()
))
.csrf((csrf) ->
csrf.ignoringRequestMatchers(matcher.pattern("/c/logout")));
return http.build();
}
@Bean
@Order(3)
public SecurityFilterChain shareResourcesFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector);
return http.authorizeHttpRequests(
(auth) ->
auth.requestMatchers(matcher.pattern("/static/**")).permitAll().
requestMatchers(matcher.pattern("/css/**")).permitAll().
requestMatchers(matcher.pattern("/js/**")).permitAll().
// @todo: Wht this is required ...
requestMatchers(matcher.pattern("/WEB-INF/jsp/*.jsp")).permitAll().
requestMatchers(matcher.pattern("/images/**")).permitAll().
requestMatchers(matcher.pattern("/*")).permitAll()
).build();
}
}

12
wise-webapp/src/main/java/com/wisemapping/config/mvc/ServletConfig.java Normal file
View File

@ -0,0 +1,12 @@
package com.wisemapping.config.mvc;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
import org.springframework.context.annotation.Configuration;
@Configuration
public class ServletConfig implements WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> {
public void customize(ConfigurableServletWebServerFactory factory){
factory.setPort(8081);
}
}

44
wise-webapp/src/main/java/com/wisemapping/config/rest/RestAppConfig.java Normal file
View File

@ -0,0 +1,44 @@
package com.wisemapping.config.rest;
import org.jetbrains.annotations.NotNull;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
@SpringBootApplication
@EnableWebSecurity
@ComponentScan("com.wisemapping.rest")
public class RestAppConfig {
@Bean
@Order(2)
SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
final MvcRequestMatcher.Builder matcher = new MvcRequestMatcher.Builder(introspector).servletPath("/service");
return http
.securityMatchers((matchers) ->
matchers.requestMatchers(matcher.pattern(("/**"))))
.authorizeHttpRequests(auth ->
auth
.requestMatchers(matcher.pattern("/users/")).permitAll()
.requestMatchers(matcher.pattern("/users/resetPassword")).permitAll()
.requestMatchers(matcher.pattern("/oauth2/googlecallback")).permitAll()
.requestMatchers(matcher.pattern("/oauth2/confirmaccountsync")).permitAll()
.requestMatchers(matcher.pattern("/admin/**")).hasAnyRole("ADMIN")
.requestMatchers(matcher.pattern("/**")).hasAnyRole("USER", "ADMIN")
)
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.httpBasic(httpBasic -> {
})
.csrf(AbstractHttpConfigurer::disable)
.build();
}
}

7
wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java
View File

@ -34,14 +34,11 @@ import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@Controller
@RestController
@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
public class AccountController extends BaseController {
@Qualifier("userService")

2
wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
View File

@ -38,7 +38,7 @@ import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;
@Controller
@RestController
@PreAuthorize("isAuthenticated() and hasRole('ROLE_ADMIN')")
public class AdminController extends BaseController {
@Qualifier("userService")

2
wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java
View File

@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.*;
import jakarta.servlet.http.HttpServletResponse;
import java.util.List;
@Controller
@RestController
@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
public class LabelController extends BaseController {

2
wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java
View File

@ -49,7 +49,7 @@ import java.util.*;
import java.util.stream.Collectors;
@Controller
@RestController
@Transactional(propagation = Propagation.REQUIRED)
public class MindmapController extends BaseController {
private final Logger logger = LogManager.getLogger();

2
wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java
View File

@ -38,7 +38,7 @@ import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
@Controller
@RestController
@CrossOrigin
public class OAuth2Controller extends BaseController {
@Qualifier("userService")

2
wise-webapp/src/main/java/com/wisemapping/rest/UserController.java
View File

@ -47,7 +47,7 @@ import jakarta.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.List;
@Controller
@RestController
@CrossOrigin
public class UserController extends BaseController {

60
wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java
View File

@ -1,60 +0,0 @@
/*
* Copyright [2022] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
public class AuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
private final RequestCache cache;
public AuthenticationSuccessHandler() {
cache = new HttpSessionRequestCache();
this.setRequestCache(cache);
}
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
SavedRequest savedRequest = cache.getRequest(request, response);
if (savedRequest != null && savedRequest.getRedirectUrl().contains("c/restful")) {
cache.removeRequest(request, response);
}
super.onAuthenticationSuccess(request, response, authentication);
}
@Override
protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response) {
String url = super.determineTargetUrl(request, response);
// Prevent redirecting to rest services on login ...
if (url.contains("c/restful")) {
url = this.getDefaultTargetUrl();
}
return url;
}
}

3
wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
View File

@ -24,6 +24,7 @@ import com.wisemapping.service.UserService;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@ -34,6 +35,8 @@ public class UserDetailsService
implements org.springframework.security.core.userdetails.UserDetailsService {
@Autowired
private UserService userService;
@Value("${admin.user}")
private String adminUser;
@Override

1
wise-webapp/src/main/java/com/wisemapping/service/MindmapServiceImpl.java
View File

@ -54,7 +54,6 @@ public class MindmapServiceImpl
@Autowired
private NotificationService notificationService;
@Value("${admin.user}")
private String adminUser;
final private LockManager lockManager;

5
wise-webapp/src/main/java/com/wisemapping/webmvc/MvcLoginController.java
View File

@ -31,10 +31,8 @@ import org.springframework.web.servlet.ModelAndView;
@PreAuthorize("permitAll()")
public class MvcLoginController {
// @Value("${database.driver}")
private String driver;
@RequestMapping(value = "login", method = RequestMethod.GET)
@RequestMapping(value = "c/login", method = RequestMethod.GET)
protected ModelAndView showLoginPage() {
final User user = Utils.getUser(false);
ModelAndView result;
@ -42,7 +40,6 @@ public class MvcLoginController {
result = new ModelAndView("forward:/c/maps/");
} else {
result = new ModelAndView("reactInclude");
result.addObject("isHsql", driver.contains("hsql"));
}
return result;
}

30
wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java
View File

@ -55,7 +55,7 @@ public class MvcMindmapController {
@Autowired
private MindmapService mindmapService;
@RequestMapping(value = "maps/{id}/print")
@RequestMapping(value = "c/maps/{id}/print")
public String showPrintPage(@PathVariable int id, @NotNull Model model) throws MapCouldNotFoundException, AccessDeniedSecurityException {
final MindMapBean mindmap = findMindmapBean(id);
@ -67,12 +67,12 @@ public class MvcMindmapController {
return "mindmapViewonly";
}
@RequestMapping(value = "maps/")
@RequestMapping(value = "c/maps/")
public String showListPage(@NotNull Model model) {
return "reactInclude";
}
@RequestMapping(value = "maps/{id}/edit", method = RequestMethod.GET)
@RequestMapping(value = "c/maps/{id}/edit", method = RequestMethod.GET)
public String showMindmapEditorPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException {
return showEditorPage(id, model, true);
}
@ -104,26 +104,26 @@ public class MvcMindmapController {
return "mindmapEditor";
}
@RequestMapping(value = "maps/{id}/view", method = RequestMethod.GET)
@RequestMapping(value = "c/maps/{id}/view", method = RequestMethod.GET)
public String showMindmapViewerPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException {
final String result = showPrintPage(id, model);
return result;
}
@RequestMapping(value = "maps/{id}/try", method = RequestMethod.GET)
@RequestMapping(value = "c/maps/{id}/try", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public String showMindmapTryPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException {
return showEditorPage(id, model, false);
}
@RequestMapping(value = "maps/{id}/{hid}/view", method = RequestMethod.GET)
@RequestMapping(value = "c/maps/{id}/{hid}/view", method = RequestMethod.GET)
public String showMindmapViewerRevPage(@PathVariable int id, @PathVariable int hid, @NotNull Model model) throws WiseMappingException {
final String result = showPrintPage(id, model);
model.addAttribute("hid", String.valueOf(hid));
return result;
}
@RequestMapping(value = "maps/{id}/embed")
@RequestMapping(value = "c/maps/{id}/embed")
@PreAuthorize("permitAll()")
public ModelAndView showEmbeddedPage(@PathVariable int id, @RequestParam(required = false) Float zoom) throws MapCouldNotFoundException, MapNotPublicSecurityException, AccessDeniedSecurityException {
if (!mindmapService.isMindmapPublic(id)) {
@ -138,7 +138,7 @@ public class MvcMindmapController {
return view;
}
@RequestMapping(value = "maps/{id}/public", method = RequestMethod.GET)
@RequestMapping(value = "c/maps/{id}/public", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public String showPublicViewPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException {
if (!mindmapService.isMindmapPublic(id)) {
@ -147,20 +147,6 @@ public class MvcMindmapController {
return this.showPrintPage(id, model);
}
@Deprecated
@RequestMapping(value = "publicView", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public String showPublicViewPageLegacy(@RequestParam(required = true) int mapId) {
return "redirect:maps/" + mapId + "/public";
}
@Deprecated
@RequestMapping(value = "embeddedView", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public String showPublicViewLegacyPage(@RequestParam(required = true) int mapId, @RequestParam(required = false) int zoom) {
return "redirect:maps/" + mapId + "/embed?zoom=" + zoom;
}
@NotNull
private Mindmap findMindmap(int mapId) throws MapCouldNotFoundException {
final Mindmap result = mindmapService.findMindmapById(mapId);

10
wise-webapp/src/main/java/com/wisemapping/webmvc/MvcUsersController.java
View File

@ -35,31 +35,31 @@ public class MvcUsersController {
@Autowired
private UserService userService;
@RequestMapping(value = "forgot-password", method = RequestMethod.GET)
@RequestMapping(value = "c/forgot-password", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public ModelAndView showResetPasswordPage() {
return new ModelAndView("reactInclude");
}
@RequestMapping(value = "registration-google", method = RequestMethod.GET)
@RequestMapping(value = "c/registration-google", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public ModelAndView processGoogleCallback() {
return new ModelAndView("reactInclude");
}
@RequestMapping(value = "registration", method = RequestMethod.GET)
@RequestMapping(value = "c/registration", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public ModelAndView showRegistrationPage() {
return new ModelAndView("reactInclude");
}
@RequestMapping(value = "registration-success", method = RequestMethod.GET)
@RequestMapping(value = "c/registration-success", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public ModelAndView showRegistrationSuccess() {
return new ModelAndView("reactInclude");
}
@RequestMapping(value = "forgot-password-success", method = RequestMethod.GET)
@RequestMapping(value = "c/forgot-password-success", method = RequestMethod.GET)
@PreAuthorize("permitAll()")
public ModelAndView showResetPasswordSuccess() {
return new ModelAndView("reactInclude");

3
wise-webapp/src/main/resources/application.properties
View File

@ -179,3 +179,6 @@ spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.HSQLDialect
spring.jpa.open-in-view=true
spring.h2.console.enabled=true
spring.h2.console.path=/h2-ui
logging.level.root=DEBUG

7
wise-webapp/src/main/resources/log4j2.xml
View File

@ -1,14 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="DEBUG">
<Configuration status="TRACE">
<Appenders>
<Console name="LogToConsole" target="SYSTEM_OUT">
<PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
</Console>
<File name="LogToFile" fileName="/var/log/wisemapping.log">
<PatternLayout>
<Pattern>%d %p %c{1.} [%t] %m%n</Pattern>
</PatternLayout>
</File>
</Appenders>
<Loggers>
<Logger name="com.wisemapping" level="trace">

1
wise-webapp/src/main/resources/public/static/mindplot Symbolic link
View File

@ -0,0 +1 @@
../../../../../../wise-ui/target/wisemapping-mindplot/package/dist

1
wise-webapp/src/main/resources/public/static/webapp Symbolic link
View File

@ -0,0 +1 @@
../../../../../../wise-ui/target/wisemapping-webapp/package/dist

11
wise-webapp/src/main/resources/spring/wisemapping-common.xml
View File

@ -1,11 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<!-- <context:property-placeholder location="/WEB-INF/app.properties" ignore-unresolvable="true"/>-->
<import resource="wisemapping-service.xml"/>
<import resource="wisemapping-servlet.xml"/>
</beans>

9
wise-webapp/src/main/resources/spring/wisemapping-rest.xml
View File

@ -49,13 +49,4 @@
</list>
</property>
</bean>
<!-- <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">-->
<!-- <property name="defaultEncoding" value="UTF-8"/>-->
<!-- <property name="basenames">-->
<!-- <list>-->
<!-- <value>messages</value>-->
<!-- </list>-->
<!-- </property>-->
<!-- </bean>-->
</beans>

16
wise-webapp/src/main/resources/spring/wisemapping-servlet.xml
View File

@ -1,18 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<context:component-scan base-package="com.wisemapping"/>
<!-- Interceptors Registration -->
<mvc:interceptors>
<bean id="userLocaleInterceptor" class="com.wisemapping.filter.UserLocaleInterceptor"/>
@ -23,12 +17,4 @@
<!-- class="org.springframework.web.servlet.i18n.SessionLocaleResolver">-->
<!-- </bean>-->
<!-- <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">-->
<!-- <property name="defaultEncoding" value="UTF-8"/>-->
<!-- <property name="basenames">-->
<!-- <list>-->
<!-- <value>messages</value>-->
<!-- </list>-->
<!-- </property>-->
<!-- </bean>-->
</beans>

0
wise-webapp/src/main/resources/views/init.jsp → wise-webapp/src/main/webapp/WEB-INF/jsp/init.jsp
View File

0
wise-webapp/src/main/resources/views/mindmapEditor.jsp → wise-webapp/src/main/webapp/WEB-INF/jsp/mindmapEditor.jsp
View File

0
wise-webapp/src/main/resources/views/mindmapViewonly.jsp → wise-webapp/src/main/webapp/WEB-INF/jsp/mindmapViewonly.jsp
View File

0
wise-webapp/src/main/resources/views/pageHeaders.jsf → wise-webapp/src/main/webapp/WEB-INF/jsp/pageHeaders.jsf
View File

0
wise-webapp/src/main/resources/views/reactInclude.jsp → wise-webapp/src/main/webapp/WEB-INF/jsp/reactInclude.jsp
View File

222
wise-webapp/src/main/webapp/WEB-INF/web.xml
View File

@ -1,131 +1,131 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--<?xml version="1.0" encoding="UTF-8"?>-->
<web-app version="5.0"
xmlns="https://jakarta.ee/xml/ns/jakartaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/web-app_5_0.xsd">
<!--<web-app version="5.0"-->
<!-- xmlns="https://jakarta.ee/xml/ns/jakartaee"-->
<!-- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"-->
<!-- xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/web-app_5_0.xsd">-->
<filter>
<filter-name>charsetFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<!-- <filter>-->
<!-- <filter-name>charsetFilter</filter-name>-->
<!-- <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>-->
<!-- <init-param>-->
<!-- <param-name>encoding</param-name>-->
<!-- <param-value>UTF-8</param-value>-->
<!-- </init-param>-->
<!-- </filter>-->
<distributable/>
<!-- <distributable/>-->
<context-param>
<param-name>jakarta.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>messages</param-value>
</context-param>
<!-- <context-param>-->
<!-- <param-name>jakarta.servlet.jsp.jstl.fmt.localizationContext</param-name>-->
<!-- <param-value>messages</param-value>-->
<!-- </context-param>-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:spring/wisemapping-common.xml
</param-value>
</context-param>
<!-- <context-param>-->
<!-- <param-name>contextConfigLocation</param-name>-->
<!-- <param-value>-->
<!-- classpath:spring/wisemapping-common.xml-->
<!-- </param-value>-->
<!-- </context-param>-->
<context-param>
<param-name>contextInitializerClasses</param-name>
<param-value>com.wisemapping.webmvc.ApplicationContextInitializer</param-value>
</context-param>
<!--
- Loads the root application context of this web app at startup.
- The application context is then available via
- WebApplicationContextUtils.getWebApplicationContext(servletContext).
-->
<!-- <context-param>-->
<!-- <param-name>contextInitializerClasses</param-name>-->
<!-- <param-value>com.wisemapping.webmvc.ApplicationContextInitializer</param-value>-->
<!-- </context-param>-->
<!-- -->
<!-- &lt;!&ndash;-->
<!-- - Loads the root application context of this web app at startup.-->
<!-- - The application context is then available via-->
<!-- - WebApplicationContextUtils.getWebApplicationContext(servletContext).-->
<!-- &ndash;&gt;-->
<listener>
<listener-class>com.wisemapping.listener.UnlockOnExpireListener</listener-class>
</listener>
<!-- <listener>-->
<!-- <listener-class>com.wisemapping.listener.UnlockOnExpireListener</listener-class>-->
<!-- </listener>-->
<filter>
<filter-name>hibernate</filter-name>
<filter-class>org.springframework.orm.hibernate5.support.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>singleSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>sessionFactoryBeanName</param-name>
<param-value>sessionFactory</param-value>
</init-param>
</filter>
<!-- <filter>-->
<!-- <filter-name>hibernate</filter-name>-->
<!-- <filter-class>org.springframework.orm.hibernate5.support.OpenSessionInViewFilter</filter-class>-->
<!-- <init-param>-->
<!-- <param-name>singleSession</param-name>-->
<!-- <param-value>true</param-value>-->
<!-- </init-param>-->
<!-- <init-param>-->
<!-- <param-name>sessionFactoryBeanName</param-name>-->
<!-- <param-value>sessionFactory</param-value>-->
<!-- </init-param>-->
<!-- </filter>-->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!-- <filter>-->
<!-- <filter-name>springSecurityFilterChain</filter-name>-->
<!-- <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>-->
<!-- </filter>-->
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- <filter-mapping>-->
<!-- <filter-name>springSecurityFilterChain</filter-name>-->
<!-- <url-pattern>/*</url-pattern>-->
<!-- </filter-mapping>-->
<filter-mapping>
<filter-name>hibernate</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- <filter-mapping>-->
<!-- <filter-name>hibernate</filter-name>-->
<!-- <url-pattern>/*</url-pattern>-->
<!-- </filter-mapping>-->
<filter-mapping>
<filter-name>charsetFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- <filter-mapping>-->
<!-- <filter-name>charsetFilter</filter-name>-->
<!-- <url-pattern>/*</url-pattern>-->
<!-- </filter-mapping>-->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- <listener>-->
<!-- <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>-->
<!-- </listener>-->
<servlet>
<servlet-name>mvc-servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:spring/wisemapping-servlet.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- <servlet>-->
<!-- <servlet-name>mvc-servlet</servlet-name>-->
<!-- <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>-->
<!-- <init-param>-->
<!-- <param-name>contextConfigLocation</param-name>-->
<!-- <param-value>-->
<!-- classpath:spring/wisemapping-servlet.xml-->
<!-- </param-value>-->
<!-- </init-param>-->
<!-- <load-on-startup>1</load-on-startup>-->
<!-- </servlet>-->
<servlet>
<servlet-name>mvc-rest</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:spring/wisemapping-rest.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- <servlet>-->
<!-- <servlet-name>mvc-rest</servlet-name>-->
<!-- <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>-->
<!-- <init-param>-->
<!-- <param-name>contextConfigLocation</param-name>-->
<!-- <param-value>-->
<!-- classpath:spring/wisemapping-rest.xml-->
<!-- </param-value>-->
<!-- </init-param>-->
<!-- <load-on-startup>1</load-on-startup>-->
<!-- </servlet>-->
<servlet-mapping>
<servlet-name>mvc-servlet</servlet-name>
<url-pattern>/c/*</url-pattern>
</servlet-mapping>
<!-- <servlet-mapping>-->
<!-- <servlet-name>mvc-servlet</servlet-name>-->
<!-- <url-pattern>/c/*</url-pattern>-->
<!-- </servlet-mapping>-->
<servlet-mapping>
<servlet-name>mvc-rest</servlet-name>
<url-pattern>/service/*</url-pattern>
</servlet-mapping>
<!-- <servlet-mapping>-->
<!-- <servlet-name>mvc-rest</servlet-name>-->
<!-- <url-pattern>/service/*</url-pattern>-->
<!-- </servlet-mapping>-->
<servlet-mapping>
<servlet-name>mvc-rest</servlet-name>
<url-pattern>/c/restful/*</url-pattern>
</servlet-mapping>
<!-- <servlet-mapping>-->
<!-- <servlet-name>mvc-rest</servlet-name>-->
<!-- <url-pattern>/c/restful/*</url-pattern>-->
<!-- </servlet-mapping>-->
<welcome-file-list>
<welcome-file>
index.jsp
</welcome-file>
</welcome-file-list>
<session-config>
<session-timeout>1440</session-timeout>
</session-config>
</web-app>
<!-- <welcome-file-list>-->
<!-- <welcome-file>-->
<!-- index.jsp-->
<!-- </welcome-file>-->
<!-- </welcome-file-list>-->
<!-- <session-config>-->
<!-- <session-timeout>1440</session-timeout>-->
<!-- </session-config>-->
<!--</web-app>-->

1
wise-webapp/src/main/webapp/static/mindplot
View File

@ -1 +0,0 @@
../../../../../wise-ui/target/wisemapping-mindplot/package/dist

1
wise-webapp/src/main/webapp/static/webapp
View File

@ -1 +0,0 @@
../../../../../wise-ui/target/wisemapping-webapp/package/dist