Merge pull request kit-data-manager#90 from kit-data-manager/v_1.0.0

V 1.0.0
LeoDuda · Mar 29, 2022 · b49122f · b49122f
2 parents 740239a + 177d292
commit b49122f
Show file tree

Hide file tree

Showing 83 changed files with 25,448 additions and 2,419 deletions.
diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
@@ -5,9 +5,9 @@ name: build with gradle
 
 on:
   push:
-    branches: [ master, main, testWorkflow ]
+    branches: [ master, main, testWorkflow, NEP ]
   pull_request:
-    branches: [ master, main ]
+    branches: [ master, main, NEP ]
 
 env:
     # JDK version used for building jar file

diff --git a/.lift.toml b/.lift.toml
@@ -0,0 +1,7 @@
+# Sonatype Lift Configuration
+
+# gitignore formatted string of files to ignore.
+ignoreFiles = """
+.github/**
+src/main/resources/static/editor/dependencies/**
+"""
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Fixed
 
+## [1.0.0] - 2022-03-29
+### Added
+- Finalized version of MetaStoreGui
+  - Fix issue #69
+- Allow also IDs for metadata documents (issue #76)
+- Access filter for monitoring.
+
+### Changed
+- Update to repo-core 1.0.2
+- Update to service-base 1.0.1
+- Update to postgresql 42.2.25
+- Downgrade library due to some issues regarding validation
+  - json-schema-validator 1.0.64. -> 1.0.59 (#issue 77)
+
+### Fixed
+- Fix bug listing resources without proper authorization (issue #71)
+- Fix bug listing all metadata documents related to a specific schema
+- Fix a bug that can cause the metadata document/schema to become invalid due to an update. (issue #78)
+- Fix bug with path in Windows. (#issue 88)
+- CSRF is now disabled by default. (#issue 70) 
+- Check ACLs while creating/updating records (#issue 39)
+
 ## [0.3.7] - 2022-01-11
 ### Added
 - First version of GUI for MetaStore.
@@ -140,7 +162,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Registry for XSD files and support for XML metadata
 
-[Unreleased]: https://github.com/kit-data-manager/metastore2/compare/v0.3.6...HEAD
+[Unreleased]: https://github.com/kit-data-manager/metastore2/compare/v1.0.0...HEAD
+[0.3.6]: https://github.com/kit-data-manager/metastore2/compare/v0.3.7...v1.0.0
+[0.3.7]: https://github.com/kit-data-manager/metastore2/compare/v0.3.6...v0.3.7
 [0.3.6]: https://github.com/kit-data-manager/metastore2/compare/v0.3.5...v0.3.6
 [0.3.5]: https://github.com/kit-data-manager/metastore2/compare/v0.3.4...v0.3.5
 [0.3.4]: https://github.com/kit-data-manager/metastore2/compare/v0.3.3...v0.3.4

diff --git a/README.md b/README.md
@@ -202,6 +202,7 @@ http://localhost:8040/static/docs/documentation.html
 1. Don't open port to public (as long as AAI is not implemented)
 2. Use a productive database (e.g. postgres)
 3. Setup directories for schemata and metadata to a reliable disc. (metastore.schema.schemaFolder, metastore.metadata.metadataFolder)
+4. Check all settings in application.properties. (e.g. CSRF)
 
 :information_source: If metaStore should be used standalone (without KIT Data Manager) 
 you have to setup a database before. (See ['Installation PostgreSQL'](installation_postgres.md)) 

diff --git a/build.gradle b/build.gradle
@@ -17,6 +17,7 @@ ext {
     springBootVersion = '2.4.13' 
     springDocVersion  = '1.5.13'
     javersVersion     = '6.5.3'
+    keycloakVersion   = '15.0.2'
 
     // directory for generated code snippets during tests
     snippetsDir = file("build/generated-snippets")
@@ -74,6 +75,14 @@ dependencies {
     implementation "org.springdoc:springdoc-openapi-ui:${springDocVersion}"
     implementation "org.springdoc:springdoc-openapi-data-rest:${springDocVersion}"
     implementation "org.springdoc:springdoc-openapi-webmvc-core:${springDocVersion}"
+
+   //Keycloak
+    implementation "org.keycloak:keycloak-spring-boot-starter:${keycloakVersion}"
+    implementation "com.nimbusds:nimbus-jose-jwt:9.15.2"
+    implementation "io.jsonwebtoken:jjwt-api:0.11.2"
+    implementation "io.jsonwebtoken:jjwt-impl:0.11.2"
+    implementation "io.jsonwebtoken:jjwt-jackson:0.11.2"
+
     // apache
     implementation "commons-configuration:commons-configuration:1.10"
     implementation "org.apache.commons:commons-collections4:4.4"
@@ -87,7 +96,7 @@ dependencies {
     implementation "org.javers:javers-spring-boot-starter-sql:${javersVersion}"
 
     // driver for postgres
-    implementation "org.postgresql:postgresql:42.2.1"
+    implementation "org.postgresql:postgresql:42.2.25"
     //driver for h2
     implementation "com.h2database:h2:1.4.200"
 
@@ -98,14 +107,14 @@ dependencies {
     implementation "org.javers:javers-core:${javersVersion}"
 
     // JSON validator
-    implementation "com.networknt:json-schema-validator:1.0.64"
+    implementation "com.networknt:json-schema-validator:1.0.59"
 
     // XML validator // https://mvnrepository.com/artifact/xerces/xercesImpl
     implementation 'xerces:xercesImpl:2.12.1'
 
     // datamanager
-    implementation "edu.kit.datamanager:repo-core:0.9.2"
-    implementation "edu.kit.datamanager:service-base:0.3.2"
+    implementation "edu.kit.datamanager:repo-core:1.0.2"
+    implementation "edu.kit.datamanager:service-base:1.0.1"
 
     // DOIP SDK
     implementation "net.dona.doip:doip-sdk:2.1.0"
@@ -137,6 +146,7 @@ test {
     finalizedBy jacocoTestReport
     environment "spring.config.location", "classpath:/test-config/"
 
+    maxHeapSize = "8192m"
     testLogging {
         outputs.upToDateWhen {false}
         showStandardStreams = true

diff --git a/gradle.properties b/gradle.properties
@@ -1,6 +1,6 @@
 systemProp.jdk.tls.client.protocols="TLSv1,TLSv1.1,TLSv1.2"
 
-version=0.4.0
+version=1.0.0-SNAPSHOT
 
 
 action.custom-1=releaseNewVersion

diff --git a/settings/application-default.properties b/settings/application-default.properties
@@ -46,13 +46,19 @@ logging.level.edu.kit: WARN
 ###############################################################################
 # KIT DM settings
 ###############################################################################
-repo.auth.jwtSecret:test123
+repo.auth.jwtSecret:vkfvoswsohwrxgjaxipuiyyjgubggzdaqrcuupbugxtnalhiegkppdgjgwxsmvdb
+
+###############################################################################
+# KIT DM JaVers settings
+###############################################################################
+## Default should be OK. Only set to higher value if problems occur.
+# metastore.javers.scope: 20
 
 ###############################################################################
 # Messaging - RabbitMQ
 ###############################################################################
 repo.schedule.rate:1000
-repo.messaging.enabled: true
+repo.messaging.enabled: false
 repo.messaging.hostname:localhost
 repo.messaging.port:5672
 repo.messaging.sender.exchange: metastore_events
@@ -94,5 +100,30 @@ spring.jpa.properties.javax.persistence.validation.mode:none
 
 ###############################################################################
 # Add detailed message to REST response (NOT RECOMMENDED for PRODUCTION MODE)
+# If this is disabled, the error messages of the GUI are unfortunately 
+# no longer meaningful.
+###############################################################################
+server.error.include-message=always
+
+###############################################################################
+# Disable Cross-Site-Request-Forgery (NOT RECOMMENDED for PRODUCTION MODE)
+# Please adapt origin patterns to your needs
+###############################################################################
+metastore.security.enable-csrf=false
+metastore.security.allowedOriginPattern=http[*]://localhost:[*]
+
 ###############################################################################
-#server.error.include-message=always# Server settings
+# If you want to use Keycloak please disble first line and enable 
+# the following lines and adapt to your needs. 
+###############################################################################
+### Following line disables keycloak filters.
+spring.autoconfigure.exclude=org.keycloak.adapters.springboot.KeycloakAutoConfiguration,org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
+#keycloakjwt.jwk-url=http://localhost:8080/auth/realms/myrealm/protocol/openid-connect/certs
+#keycloakjwt.resource=keycloak-angular
+#keycloakjwt.jwt-claim=preferred_username
+##keycloakjwt.connect-timeoutms=500 //optional
+##keycloakjwt.read-timeoutms=500 // optional
+#
+#keycloak.realm = myrealm
+#keycloak.auth-server-url = http://localhost:8080/auth
+#keycloak.resource = keycloak-angular
diff --git a/settings/application-docker.properties b/settings/application-docker.properties
@@ -45,13 +45,19 @@ logging.level.edu.kit: WARN
 ###############################################################################
 # KIT DM settings
 ###############################################################################
-repo.auth.jwtSecret:test123
+repo.auth.jwtSecret:vkfvoswsohwrxgjaxipuiyyjgubggzdaqrcuupbugxtnalhiegkppdgjgwxsmvdb
+
+###############################################################################
+# KIT DM JaVers settings
+###############################################################################
+## Default should be OK. Only set to higher value if problems occur.
+# metastore.javers.scope: 20
 
 ###############################################################################
 # Messaging - RabbitMQ
 ###############################################################################
 repo.schedule.rate:1000
-repo.messaging.enabled: true
+repo.messaging.enabled: false
 repo.messaging.hostname:rabbitmq4docker
 repo.messaging.port:5672
 repo.messaging.sender.exchange: metastore_events
@@ -93,5 +99,30 @@ spring.jpa.properties.javax.persistence.validation.mode:none
 
 ###############################################################################
 # Add detailed message to REST response (NOT RECOMMENDED for PRODUCTION MODE)
+# If this is disabled, the error messages of the GUI are unfortunately 
+# no longer meaningful.
+###############################################################################
+server.error.include-message=always
+
+###############################################################################
+# Disable Cross-Site-Request-Forgery (NOT RECOMMENDED for PRODUCTION MODE)
+# Please adapt origin patterns to your needs
+###############################################################################
+metastore.security.enable-csrf=false
+metastore.security.allowedOriginPattern=*
+
 ###############################################################################
-#server.error.include-message=always# Server settings
+# If you want to use Keycloak please disble first line and enable 
+# the following lines and adapt to your needs. 
+###############################################################################
+### Following line disables keycloak filters.
+spring.autoconfigure.exclude=org.keycloak.adapters.springboot.KeycloakAutoConfiguration,org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
+#keycloakjwt.jwk-url=http://localhost:8080/auth/realms/myrealm/protocol/openid-connect/certs
+#keycloakjwt.resource=keycloak-angular
+#keycloakjwt.jwt-claim=preferred_username
+##keycloakjwt.connect-timeoutms=500 //optional
+##keycloakjwt.read-timeoutms=500 // optional
+#
+#keycloak.realm = myrealm
+#keycloak.auth-server-url = http://localhost:8080/auth
+#keycloak.resource = keycloak-angular
diff --git a/settings/application-postgres.properties b/settings/application-postgres.properties
@@ -45,7 +45,13 @@ logging.level.edu.kit: WARN
 ###############################################################################
 # KIT DM settings
 ###############################################################################
-repo.auth.jwtSecret:test123
+repo.auth.jwtSecret:vkfvoswsohwrxgjaxipuiyyjgubggzdaqrcuupbugxtnalhiegkppdgjgwxsmvdb
+
+###############################################################################
+# KIT DM JaVers settings
+###############################################################################
+## Default should be OK. Only set to higher value if problems occur.
+# metastore.javers.scope: 20
 
 ###############################################################################
 # Messaging - RabbitMQ
@@ -99,5 +105,30 @@ spring.jpa.properties.javax.persistence.validation.mode:none
 
 ###############################################################################
 # Add detailed message to REST response (NOT RECOMMENDED for PRODUCTION MODE)
+# If this is disabled, the error messages of the GUI are unfortunately 
+# no longer meaningful.
+###############################################################################
+server.error.include-message=always
+
+###############################################################################
+# Disable Cross-Site-Request-Forgery (NOT RECOMMENDED for PRODUCTION MODE)
+# Please adapt origin patterns to your needs
+###############################################################################
+metastore.security.enable-csrf=false
+metastore.security.allowedOriginPattern=http[*]://localhost:[*]
+
 ###############################################################################
-#server.error.include-message=always
+# If you want to use Keycloak please disble first line and enable 
+# the following lines and adapt to your needs. 
+###############################################################################
+### Following line disables keycloak filters.
+spring.autoconfigure.exclude=org.keycloak.adapters.springboot.KeycloakAutoConfiguration,org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
+#keycloakjwt.jwk-url=http://localhost:8080/auth/realms/myrealm/protocol/openid-connect/certs
+#keycloakjwt.resource=keycloak-angular
+#keycloakjwt.jwt-claim=preferred_username
+##keycloakjwt.connect-timeoutms=500 //optional
+##keycloakjwt.read-timeoutms=500 // optional
+#
+#keycloak.realm = myrealm
+#keycloak.auth-server-url = http://localhost:8080/auth
+#keycloak.resource = keycloak-angular
diff --git a/settings/logback-spring.xml b/settings/logback-spring.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+
+    <property name="LOGS" value="./log/" />
+
+    <appender name="Console"
+        class="ch.qos.logback.core.ConsoleAppender">
+        <layout class="ch.qos.logback.classic.PatternLayout">
+          <pattern>%gray(%d{YYYY-MM-dd HH:mm:ss.SSS}) %green(%highlight(%5p)) - %gray([%10thread]) %cyan(%42logger{42}) : %msg%n</pattern> 
+        </layout>
+    </appender>
+
+    <appender name="RollingFile"
+        class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${LOGS}/accessLog.log</file>
+        <encoder
+            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
+            <Pattern>%d{YYYY-MM-dd}, %m%n</Pattern>
+        </encoder>
+        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+            <!-- daily rollover -->
+            <fileNamePattern>${LOGS}/accessLog.%d{yyyy-MM-dd}.log</fileNamePattern>
+            <!-- keep 1 days' worth of history -->
+            <maxHistory>2</maxHistory>
+        </rollingPolicy>
+    </appender>
+
+    <!-- LOG everything at INFO level  -->
+    <root level="info">
+        <appender-ref ref="Console" />
+    </root> 
+
+    <!-- LOG "edu.kit.datamanager.metastore2.filter.*" at TRACE level -->
+    <logger name="edu.kit.datamanager.metastore2.filter" level="trace" additivity="false">
+        <appender-ref ref="RollingFile" />
+    </logger>
+
+</configuration>