Skip to content

Commit 121e6da

Browse files
ThomasJejkalThomasJejkal
authored
Merge branch 'development' into fixAccessToDeletedResourcesForAdmins
2 parents 7cd78d6 + 7611161 commit 121e6da

File tree

4 files changed

+20
-17
lines changed

4 files changed

+20
-17
lines changed

build.gradle

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,11 @@
1414
* limitations under the License.
1515
*/
1616
plugins {
17-
id "io.freefair.lombok" version "8.11"
18-
id "io.freefair.maven-publish-java" version "8.11"
17+
id "io.freefair.lombok" version "8.12"
18+
id "io.freefair.maven-publish-java" version "8.12"
1919
id "io.spring.dependency-management" version "1.1.7"
2020
//id "com.github.kt3k.coveralls" version "2.8.1"
21-
id "org.owasp.dependencycheck" version "12.0.0"
21+
id "org.owasp.dependencycheck" version "12.0.1"
2222
id "org.asciidoctor.jvm.convert" version "4.0.4"
2323
//id "org.ajoberstar.grgit" version "2.0.1"
2424
id "java"
@@ -32,7 +32,7 @@ plugins {
3232

3333
ext {
3434
// versions of dependencies
35-
springBootVersion = '3.4.1'
35+
springBootVersion = '3.4.2'
3636
springDocVersion = '2.8.3'
3737
javersVersion = '7.7.0'
3838
}
@@ -77,7 +77,7 @@ dependencies {
7777
implementation "org.springframework.boot:spring-boot-starter-security"
7878
implementation "org.springframework.boot:spring-boot-starter-actuator"
7979
implementation "org.springframework.boot:spring-boot-starter-data-jpa"
80-
implementation 'org.springframework.data:spring-data-elasticsearch:5.4.1'
80+
implementation 'org.springframework.data:spring-data-elasticsearch:5.4.2'
8181

8282

8383
// springdoc

gradle/wrapper/gradle-wrapper.properties

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
distributionBase=GRADLE_USER_HOME
22
distributionPath=wrapper/dists
3-
distributionUrl=https\://services.gradle.org/distributions/gradle-8.12-bin.zip
3+
distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
44
networkTimeout=10000
55
validateDistributionUrl=true
66
zipStoreBase=GRADLE_USER_HOME

src/main/java/edu/kit/datamanager/repo/util/DataResourceUtils.java

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -119,9 +119,11 @@ public static ResponseEntity<DataResource> readResource(RepoBaseConfiguration ap
119119

120120
if (currentVersion > 0) {
121121
//trigger response creation and set etag...the response body is set automatically
122-
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").header("Resource-Version", Long.toString((version != null) ? version : currentVersion)).body(filterResource(resource));
122+
//return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").header("Resource-Version", Long.toString((version != null) ? version : currentVersion)).body(filterResource(resource));
123+
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").header("Resource-Version", Long.toString((version != null) ? version : currentVersion)).body(resource);
123124
} else {
124-
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").body(filterResource(resource));
125+
//return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").body(filterResource(resource));
126+
return ResponseEntity.ok().eTag("\"" + resource.getEtag() + "\"").body(resource);
125127
}
126128
}
127129

@@ -370,7 +372,7 @@ public static Optional<String> getAuditInformation(RepoBaseConfiguration applica
370372
* @param resource data resource.
371373
* @return data resource without acls.
372374
*/
373-
public static DataResource filterResource(DataResource resource) {
375+
/*public static DataResource filterResource(DataResource resource) {
374376
if (!AuthenticationHelper.isAuthenticatedAsService() && !DataResourceUtils.hasPermission(resource, PERMISSION.ADMINISTRATE) && !AuthenticationHelper.hasAuthority(RepoUserRole.ADMINISTRATOR.toString())) {
375377
LOGGER.debug("Removing ACL information from resources due to non-administrator access.");
376378
//exclude ACLs if not administrate or administrator permissions are set
@@ -380,15 +382,15 @@ public static DataResource filterResource(DataResource resource) {
380382
}
381383
382384
return resource;
383-
}
385+
}*/
384386

385387
/**
386388
* Remove ACLs from a list of data resources.
387389
*
388390
* @param resources list of data resources.
389391
* @return list of data resources without acls.
390392
*/
391-
public static List<DataResource> filterResources(List<DataResource> resources) {
393+
/*public static List<DataResource> filterResources(List<DataResource> resources) {
392394
393395
if (!AuthenticationHelper.isAuthenticatedAsService() && !AuthenticationHelper.hasAuthority(RepoUserRole.ADMINISTRATOR.toString())) {
394396
LOGGER.debug("Removing ACL information from resources due to non-administrator access.");
@@ -402,7 +404,7 @@ public static List<DataResource> filterResources(List<DataResource> resources) {
402404
}
403405
404406
return resources;
405-
}
407+
}*/
406408

407409
public static Collection<? extends GrantedAuthority> getUserAuthorities(DataResource resource) {
408410
LOGGER.trace("Determining user grants from authorization context.");
@@ -494,7 +496,6 @@ public static void performPermissionCheck(DataResource resource, PERMISSION requ
494496
} else {
495497
LOGGER.debug("{} permission to resource granted to principal with identifiers {}.", requiredPermission, AuthenticationHelper.getAuthorizationIdentities());
496498
}
497-
498499
}
499500

500501
/**

src/test/java/edu/kit/datamanager/repo/web/DataResourceController.java

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -166,8 +166,8 @@ public ResponseEntity<List<DataResource>> findByExample(@RequestBody DataResourc
166166
//set content-range header for react-admin (index_start-index_end/total
167167
PageRequest request = ControllerUtils.checkPaginationInformation(pgbl);
168168
response.addHeader(CONTENT_RANGE_HEADER, ControllerUtils.getContentRangeHeader(page.getNumber(), request.getPageSize(), page.getTotalElements()));
169-
return ResponseEntity.ok().body(DataResourceUtils.filterResources(page.getContent()));
170-
169+
//return ResponseEntity.ok().body(DataResourceUtils.filterResources(page.getContent()));
170+
return ResponseEntity.ok().body(page.getContent());
171171
}
172172

173173
@Override
@@ -205,9 +205,11 @@ public ResponseEntity put(@PathVariable("id") final String identifier,
205205

206206
if (currentVersion > 0) {
207207
//trigger response creation and set etag...the response body is set automatically
208-
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").header(VERSION_HEADER, Long.toString(currentVersion)).body(DataResourceUtils.filterResource(result));
208+
//return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").header(VERSION_HEADER, Long.toString(currentVersion)).body(DataResourceUtils.filterResource(result));
209+
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").header(VERSION_HEADER, Long.toString(currentVersion)).body(result);
209210
} else {
210-
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").body(DataResourceUtils.filterResource(result));
211+
//return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").body(DataResourceUtils.filterResource(result));
212+
return ResponseEntity.ok().eTag("\"" + result.getEtag() + "\"").body(result);
211213
}
212214

213215
}

0 commit comments

Comments
 (0)