Merge pull request #213 from kit-data-manager/development

PR for v1.5.4

Author: ThomasJejkal

CHANGELOG.md

@@ -14,6 +14,37 @@ Fixed
 
 Security
 
+## [1.5.4] - 2024-04-03
+Added
+* Allow builds outside Git repository, e.g., when building from release packages
+
+Changed
+* Pagination now returns HTTP 416 (RangeNotSatisfiable) if page number exceeds total pages
+
+Fixed
+* Added fix in default application.properties to make Elastic proxy work again
+* Fixed issue disallowing OPTIONS requests outside browser
+
+Security
+* Bump gradle to 8.5
+* Bump jacoco to 0.8.11
+* Bump org.owasp.dependencycheck to 9.0.10
+* Bump io.freefair.maven-publish-java to 8.6
+* Bump org.springframework.boot to 3.2.4
+* Bump spring-security-web to 6.2.1
+* Bump spring-security-config to 6.2.1
+* Bump spring-messaging to 6.1.4
+* Bump spring-cloud-gateway-mvc to 4.1.2
+* Bump spring-boot-admin-starter-client to 3.2.3
+* Bump spring-cloud-starter-netflix-eureka-client to 4.1.1
+* Bump spring-cloud-starter-config to 4.1.1
+* Bump spring-data-elasticsearch to 5.2.4
+* Bump io.freefair.lombok to 8.6
+* Bump org.asciidoctor.jvm.convert to 4.0.2 
+* Bump postgresql to 42.7.3
+* Bump service-base to 1.2.1
+* Bump repo-core to 1.2.2
+
 ## [1.5.3] - 2023-12-17
 Fixed
 * Added data folder creation to Docker build as workaround
@@ -212,7 +243,8 @@ Added
 
 - First public version
 
-[Unreleased]: https://github.com/kit-data-manager/base-repo/compare/v1.5.3...HEAD
+[Unreleased]: https://github.com/kit-data-manager/base-repo/compare/v1.5.4...HEAD
+[1.5.4]: https://github.com/kit-data-manager/base-repo/compare/v1.5.3...v1.5.4
 [1.5.3]: https://github.com/kit-data-manager/base-repo/compare/v1.5.2...v1.5.3
 [1.5.2]: https://github.com/kit-data-manager/base-repo/compare/v1.5.1...v1.5.2
 [1.5.1]: https://github.com/kit-data-manager/base-repo/compare/v1.5.0...v1.5.1

build.gradle

@@ -1,10 +1,10 @@
 plugins { 
-    id 'org.springframework.boot' version '3.2.0'
+    id 'org.springframework.boot' version '3.2.4'
     id 'io.spring.dependency-management' version '1.1.4'
-    id 'io.freefair.lombok' version '8.4'
-    id 'io.freefair.maven-publish-java' version '8.4'
-    id 'org.owasp.dependencycheck' version '9.0.2'
-    id 'org.asciidoctor.jvm.convert' version '3.3.2'
+    id 'io.freefair.lombok' version '8.6'
+    id 'io.freefair.maven-publish-java' version '8.6'
+    id 'org.owasp.dependencycheck' version '9.1.0'
+    id 'org.asciidoctor.jvm.convert' version '4.0.2'
     id 'net.researchgate.release' version '3.0.2'
     id 'com.gorylenko.gradle-git-properties' version '2.4.1'
     id 'java'
@@ -28,9 +28,9 @@ repositories {
 //}
 
 ext {
-    set('javersVersion', "7.0.0")
-    set('springBootVersion', "3.2.0")
-    set('springDocVersion', "2.1.0")
+    set('javersVersion', "7.3.7")
+    set('springBootVersion', "3.2.1")
+    set('springDocVersion', "2.3.0")
     set('keycloakVersion', "19.0.0")
 
     // directory for generated code snippets during tests
@@ -41,8 +41,8 @@ println "Running gradle version: $gradle.gradleVersion"
 println "Building ${name} version: ${version}"
 println "JDK version: ${JavaVersion.current()}"
 
-sourceCompatibility = 1.17
-targetCompatibility = 1.17
+sourceCompatibility = JavaVersion.VERSION_17
+targetCompatibility = JavaVersion.VERSION_17
 
 if (System.getProperty('profile') == 'minimal') {
     println 'Using minimal profile for building ' + project.getName()
@@ -58,27 +58,25 @@ dependencies {
     implementation "org.springframework.boot:spring-boot-starter-data-jpa"
     implementation "org.springframework.boot:spring-boot-starter-data-rest"
     implementation "org.springframework.boot:spring-boot-starter-mail"
+    implementation "org.springframework.boot:spring-boot-starter-security"
     implementation "org.springframework.boot:spring-boot-starter-actuator"
-    implementation 'org.springframework.data:spring-data-elasticsearch:5.2.0'
+    implementation 'org.springframework.data:spring-data-elasticsearch:5.2.4'
 
-    implementation "org.springframework:spring-messaging:6.1.1"
-    implementation "org.springframework.security:spring-security-web:6.2.0"
-    implementation "org.springframework.security:spring-security-config:6.2.0"
+    implementation "org.springframework:spring-messaging:6.1.5"
 
     // cloud support
-    implementation "org.springframework.cloud:spring-cloud-starter-config:4.1.0"
-    implementation "org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.1.0"
-    implementation "org.springframework.cloud:spring-cloud-gateway-mvc:4.1.0"
-    implementation 'de.codecentric:spring-boot-admin-starter-client:3.1.8'
-
+    implementation "org.springframework.cloud:spring-cloud-starter-config:4.1.1"
+    implementation "org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.1.1"
+    implementation "org.springframework.cloud:spring-cloud-gateway-mvc:4.1.2"
+    implementation 'de.codecentric:spring-boot-admin-starter-client:3.2.3'
 
     // springdoc
     implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${springDocVersion}"
     implementation "org.springdoc:springdoc-openapi-starter-common:${springDocVersion}"
     implementation "org.springdoc:springdoc-openapi-starter-webmvc-api:${springDocVersion}"
 
-    implementation "edu.kit.datamanager:repo-core:1.2.1"
-    implementation "edu.kit.datamanager:service-base:1.2.0"
+    implementation "edu.kit.datamanager:repo-core:1.2.2"
+    implementation "edu.kit.datamanager:service-base:1.2.1"
 
     //implementation "com.github.victools:jsonschema-generator:4.23.0"
 
@@ -99,7 +97,7 @@ dependencies {
     runtimeOnly    "org.apache.httpcomponents:httpclient:4.5.14"
 
      // driver for postgres
-    implementation "org.postgresql:postgresql:42.7.1"
+    implementation "org.postgresql:postgresql:42.7.3"
     //driver for h2
     implementation "com.h2database:h2:2.2.224"
 
@@ -136,6 +134,10 @@ springBoot {
     buildInfo()
 }
 
+gitProperties {
+    failOnNoGitDirectory = false
+}
+
 bootJar {
     println 'Create bootable jar...'
     archiveFileName = "${archiveBaseName.get()}.${archiveExtension.get()}"
@@ -146,6 +148,10 @@ bootJar {
     launchScript()
 }
 
+jacoco {
+    toolVersion = "0.8.11"
+}
+
 // task for printing project name.
 task printProjectName {
     doLast {

config/application-default.properties

@@ -15,6 +15,8 @@ server.port: 8090
 server.compression.enabled: false
 spring.servlet.multipart.max-file-size: 100MB
 spring.servlet.multipart.max-request-size: 100MB
+# Added as workaround for issue https://github.com/spring-cloud/spring-cloud-gateway/issues/3154
+spring.cloud.gateway.proxy.sensitive=content-length
 
 #server.ssl.key-store: keystore.p12
 #server.ssl.key-store-password: test123

gradle/profile-complete.gradle

@@ -7,7 +7,7 @@ test {
 jacocoTestReport {
     dependsOn test
     reports {
-        xml.enabled true
-        html.enabled false
+        xml.required = true
+        html.required = true
     }
 }

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.6.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

src/main/java/edu/kit/datamanager/repo/configuration/WebSecurityConfig.java

@@ -39,6 +39,7 @@
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 import org.springframework.security.web.firewall.DefaultHttpFirewall;
 import org.springframework.security.web.firewall.HttpFirewall;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@@ -80,22 +81,30 @@ public WebSecurityConfig() {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+        
+        
+        
         HttpSecurity httpSecurity = http.authorizeHttpRequests(
-                authorize -> authorize.requestMatchers(HttpMethod.OPTIONS, "/**").permitAll().
-                        requestMatchers("/oaipmh").permitAll().
-                        requestMatchers("/static/**").permitAll().
-                        requestMatchers(AUTH_WHITELIST_SWAGGER_UI).permitAll().
+                authorize -> authorize.
+                        requestMatchers(HttpMethod.OPTIONS).permitAll().
                         requestMatchers(EndpointRequest.to(
                                 InfoEndpoint.class,
                                 HealthEndpoint.class
                         )).permitAll().
                         requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyRole("ANONYMOUS", "ADMIN", "ACTUATOR", "SERVICE_WRITE").
-                        requestMatchers("/**").authenticated()).
+                        requestMatchers(new AntPathRequestMatcher("/oaipmh")).permitAll().
+                        requestMatchers(new AntPathRequestMatcher("/static/**")).permitAll().
+                        requestMatchers(new AntPathRequestMatcher("/api/v1/search")).permitAll().
+                        requestMatchers(AUTH_WHITELIST_SWAGGER_UI).permitAll().
+                        anyRequest().authenticated()
+        ).
+                cors(cors -> cors.configurationSource(corsConfigurationSource())).
                 sessionManagement(
                         session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
-        logger.info("Disable CSRF");
+        
+        logger.info("CSRF disabled!");
         httpSecurity = httpSecurity.csrf(csrf -> csrf.disable());
-
+       
         logger.info("Adding 'NoAuthenticationFilter' to authentication chain.");
         if (keycloaktokenFilterBean.isPresent()) {
             logger.info("Add keycloak filter!");
@@ -128,18 +137,17 @@ public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
         return firewall;
     }
 
-    @Bean
-    public CorsConfigurationSource corsConfigurationSource() {
-        CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(Arrays.asList(
-        "*"));
-	configuration.setAllowedMethods(Arrays.asList("*"));
-        configuration.addAllowedHeader("*");
-        configuration.addExposedHeader("Content-Range");
-        configuration.addExposedHeader("ETag");
+    public CorsConfigurationSource  corsConfigurationSource() {
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowCredentials(true);
+        config.addAllowedOriginPattern("*");
+        config.setAllowedHeaders(Arrays.asList("*"));
+        config.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
+        config.addExposedHeader("Content-Range");
+        config.addExposedHeader("ETag");
+        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
 
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        source.registerCorsConfiguration("/**", configuration);
+        source.registerCorsConfiguration("/**", config);
         return source;
     }
 }

src/main/java/edu/kit/datamanager/repo/elastic/ElasticWrapper.java

@@ -43,6 +43,7 @@ public class ElasticWrapper {
     @Id
     private String id;
 
+    @Field(type = FieldType.Text)
     private String pid;
 
     @Field(type = FieldType.Object, name = "metadata")

src/test/java/edu/kit/datamanager/repo/test/integration/DataResourceControllerTest.java

@@ -358,7 +358,7 @@ public void testFindDataResourcesByExampleWithInvalidPageNumber() throws Excepti
         ObjectMapper mapper = createObjectMapper();
 
         this.mockMvc.perform(post("/api/v1/dataresources/search").contentType(MediaType.APPLICATION_JSON).content(mapper.writeValueAsString(example)).param("page", "10").param("size", "10").header(HttpHeaders.AUTHORIZATION,
-                "Bearer " + userToken)).andDo(print()).andExpect(status().isOk()).andExpect(MockMvcResultMatchers.jsonPath("$").isEmpty());
+                "Bearer " + userToken)).andDo(print()).andExpect(status().is(416));
     }
 
     @Test

src/test/java/edu/kit/datamanager/repo/test/integration/DataResourceControllerTestReadOnly.java

@@ -359,7 +359,7 @@ public void testFindDataResourcesByExampleWithInvalidPageNumber() throws Excepti
     ObjectMapper mapper = createObjectMapper();
 
     this.mockMvc.perform(post("/api/v1/dataresources/search").contentType(MediaType.APPLICATION_JSON).content(mapper.writeValueAsString(example)).param("page", "10").param("size", "10").header(HttpHeaders.AUTHORIZATION,
-            "Bearer " + userToken)).andDo(print()).andExpect(status().isOk()).andExpect(MockMvcResultMatchers.jsonPath("$").isEmpty());
+            "Bearer " + userToken)).andDo(print()).andExpect(status().is(416));
   }
 
   @Test

src/test/java/edu/kit/datamanager/repo/test/integration/DataResourceControllerTestWithoutVersioning.java

@@ -355,7 +355,7 @@ public void testFindDataResourcesByExampleWithInvalidPageNumber() throws Excepti
     ObjectMapper mapper = createObjectMapper();
 
     this.mockMvc.perform(post("/api/v1/dataresources/search").contentType(MediaType.APPLICATION_JSON).content(mapper.writeValueAsString(example)).param("page", "10").param("size", "10").header(HttpHeaders.AUTHORIZATION,
-            "Bearer " + userToken)).andDo(print()).andExpect(status().isOk()).andExpect(MockMvcResultMatchers.jsonPath("$").isEmpty());
+            "Bearer " + userToken)).andDo(print()).andExpect(status().is(416));
   }
 
   @Test