upgrade spring boot and dependencies, migrate spring boot, add dyndns draft

2023-12-12 15:22:54 +01:00
parent 9ea02f8208
commit 5286d4f171
26 changed files with 602 additions and 93 deletions
@@ -15,6 +15,7 @@ import org.springframework.util.Assert;
 import com.google.common.collect.Lists;

 import de.bstly.we.model.QUserAlias;
+import de.bstly.we.model.User;
 import de.bstly.we.model.UserAlias;
 import de.bstly.we.model.UserData;
 import de.bstly.we.repository.UserAliasRepository;
@@ -110,6 +111,19 @@ public class UserAliasManager implements UserDataProvider {
 		return userAliasRepository.findAll(PageRequest.of(page, size, sort));
 	}

+	public User getUser(String name) {
+		User user = userManager.getByUsername(name);
+
+		if (user == null) {
+			UserAlias userAlias = getByAlias(name);
+			if (userAlias != null) {
+				user = userManager.get(userAlias.getTarget());
+			}
+		}
+
+		return user;
+	}
+
 	/*
 	 * @see de.bstly.we.businesslogic.UserDataProvider#getId()
 	 */
@@ -5,8 +5,8 @@ package de.bstly.we.controller;

 import java.util.List;
 import java.util.Optional;
+import java.util.SplittableRandom;

-import org.apache.commons.lang3.RandomUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.access.prepost.PreAuthorize;
@@ -124,6 +124,7 @@ public class UserProfileFieldController extends BaseController {

 		if (user == null) {
 			throttleForbidden();
+			return null;
 		}

 		List<UserProfileField> profileFields = Lists.newArrayList();
@@ -188,18 +189,21 @@ public class UserProfileFieldController extends BaseController {

 		if (user == null) {
 			throttleForbidden();
+			return null;
 		}

 		UserProfileField userProfileField = userProfileFieldManager.get(user.getId(), name);

 		if (userProfileField == null) {
 			throttleForbidden();
+			return null;
 		}

 		Long currentUserId = getCurrentUserId();

 		if (currentUserId == null && !Visibility.PUBLIC.equals(userProfileField.getVisibility())) {
 			throttleForbidden();
+			return null;
 		}

 		if (currentUserId != null && !currentUserId.equals(user.getId())
@@ -284,7 +288,7 @@ public class UserProfileFieldController extends BaseController {
 	 */
 	protected void throttleForbidden() {
 		try {
-			Thread.sleep(RandomUtils.nextInt(10, 500));
+			Thread.sleep(new SplittableRandom().nextInt(10, 500));
 		} catch (InterruptedException e) {
 			throw new EntityResponseStatusException(HttpStatus.FORBIDDEN);
 		}
@@ -5,7 +5,6 @@ package de.bstly.we.controller.support;

 import javax.annotation.Nullable;

-import org.springframework.core.NestedExceptionUtils;
 import org.springframework.core.NestedRuntimeException;
 import org.springframework.http.HttpStatusCode;
 import org.springframework.util.Assert;
@@ -82,8 +81,7 @@ public class EntityResponseStatusException extends NestedRuntimeException {
 	 */
 	@Override
 	public String getMessage() {
-		String msg = this.status + (this.body != null ? " \"" + this.body + "\"" : "");
-		return NestedExceptionUtils.buildMessage(msg, getCause());
+		return this.status + (this.body != null ? " \"" + this.body + "\"" : "");
 	}

 }
@@ -14,14 +14,12 @@ import jakarta.persistence.Convert;
 import jakarta.persistence.Converter;
 import jakarta.persistence.ElementCollection;
 import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.GenerationType;
 import jakarta.persistence.Id;
 import jakarta.persistence.Table;

-import org.hibernate.annotations.LazyCollection;
-import org.hibernate.annotations.LazyCollectionOption;
-
 /**
 * The Class PermissionMapping.
 */
@@ -39,8 +37,7 @@ public class PermissionMapping {
 	private String product;
 	@Column(name = "item", nullable = false)
 	private Integer item;
-	@ElementCollection
-	@LazyCollection(LazyCollectionOption.FALSE)
+	@ElementCollection(fetch = FetchType.EAGER)
 	@CollectionTable(name = "permission_mappings_names")
 	private Set<String> names;
 	@Column(name = "addon", columnDefinition = "boolean default false")
@@ -9,14 +9,12 @@ import jakarta.persistence.CollectionTable;
 import jakarta.persistence.Column;
 import jakarta.persistence.ElementCollection;
 import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.GenerationType;
 import jakarta.persistence.Id;
 import jakarta.persistence.Table;

-import org.hibernate.annotations.LazyCollection;
-import org.hibernate.annotations.LazyCollectionOption;
-
 /**
 * The Class QuotaMapping.
 */
@@ -28,12 +26,10 @@ public class QuotaMapping {
 	@GeneratedValue(strategy = GenerationType.IDENTITY)
 	@Column(name = "id", updatable = false)
 	private Long id;
-	@ElementCollection
-	@LazyCollection(LazyCollectionOption.FALSE)
+	@ElementCollection(fetch = FetchType.EAGER)
 	@CollectionTable(name = "quota_mappings_products")
 	private Set<String> products;
-	@ElementCollection
-	@LazyCollection(LazyCollectionOption.FALSE)
+	@ElementCollection(fetch = FetchType.EAGER)
 	@CollectionTable(name = "quota_mappings_items")
 	private Set<Integer> items;
 	@Column(name = "name", nullable = false)
@@ -20,7 +20,7 @@ public class SystemProperty {
 	@Column(name = "id")
 	private String key;
 	@Lob
-	@Column(name = "value")
+	@Column(name = "value",  length = 100000)
 	private String value;

 	/**
@@ -9,15 +9,13 @@ import jakarta.persistence.CollectionTable;
 import jakarta.persistence.Column;
 import jakarta.persistence.ElementCollection;
 import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
 import jakarta.persistence.GeneratedValue;
 import jakarta.persistence.GenerationType;
 import jakarta.persistence.Id;
 import jakarta.persistence.Table;
 import jakarta.persistence.UniqueConstraint;

-import org.hibernate.annotations.LazyCollection;
-import org.hibernate.annotations.LazyCollectionOption;
-
 /**
 * The Class UserTotp.
 */
@@ -35,8 +33,7 @@ public class UserTotp implements SecondFactor {
 	private String secret;
 	@Column(name = "totp_qr_data", nullable = false)
 	private String qrData;
-	@ElementCollection
-	@LazyCollection(LazyCollectionOption.FALSE)
+	@ElementCollection(fetch = FetchType.EAGER)
 	@CollectionTable(name = "user_totps_recovery_codes")
 	private List<String> recoveryCodes;

@@ -90,19 +90,22 @@ public class SecurityConfig {
 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		http
 				// anonymous
-				.anonymous().authenticationFilter(localAnonymousAuthenticationFilter()).and()
+				.anonymous((anonymous) -> anonymous.authenticationFilter(localAnonymousAuthenticationFilter()))
 				// session
-				.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
-				.sessionAuthenticationStrategy(new SessionFixationProtectionStrategy()).and()
-				// disable deprectated xss protection
-				.headers().xssProtection().disable().and()
+				.sessionManagement((anonymous) -> anonymous.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
+						.sessionAuthenticationStrategy(new SessionFixationProtectionStrategy()))
+				// disable deprectated xss protection, x-frame
+				.headers((headers) -> headers.xssProtection((xssProtection) -> xssProtection.disable())
+						.frameOptions((frameOptions) -> frameOptions.disable()
+								.referrerPolicy((referrerPolicy) -> referrerPolicy.policy(ReferrerPolicy.UNSAFE_URL))))
 				// form login
-				.formLogin().loginPage(loginUrl).usernameParameter("username").passwordParameter("password")
-				.loginProcessingUrl("/auth/login").defaultSuccessUrl(loginTargetUrl)
-				.successHandler(formAuthenticationSuccessHandler())
-				.failureHandler(new SimpleUrlAuthenticationFailureHandler(loginUrl + "?error")).and()
+				.formLogin((formLogin) -> formLogin.loginPage(loginUrl).usernameParameter("username")
+						.passwordParameter("password")
+						.loginProcessingUrl("/auth/login").defaultSuccessUrl(loginTargetUrl)
+						.successHandler(formAuthenticationSuccessHandler())
+						.failureHandler(new SimpleUrlAuthenticationFailureHandler(loginUrl + "?error")))
 				// remember me
-				.rememberMe().rememberMeServices(rememberMeServices()).and()
+				.rememberMe((rememberMe) -> rememberMe.rememberMeServices(rememberMeServices()))
 				// form totp
 				.addFilterBefore(formSecondFactorAuthenticationFilter(http), LocalAnonymousAuthenticationFilter.class)
 				// rest login
@@ -110,21 +113,20 @@ public class SecurityConfig {
 				// rest totp
 				.addFilterAfter(restSecondFactorAuthenticationFilter(http), UsernamePasswordAuthenticationFilter.class)
 				// Logout
-				.logout().logoutUrl("/auth/logout").logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler())
-				.and()
+				.logout((logout) -> logout.logoutUrl("/auth/logout")
+						.logoutSuccessHandler(new HttpStatusReturningLogoutSuccessHandler()))
 				// exception
-				.exceptionHandling().accessDeniedHandler(localAccessDeniedHandler)
-				.authenticationEntryPoint(localAuthenticationEntryPoint()).and()
+				.exceptionHandling(
+						(exceptionHandling) -> exceptionHandling.accessDeniedHandler(localAccessDeniedHandler)
+								.authenticationEntryPoint(localAuthenticationEntryPoint()))
 				// crsf
-				.csrf().disable()
-				// x-frame
-				.headers().frameOptions().disable().referrerPolicy(ReferrerPolicy.UNSAFE_URL);
+				.csrf((csrf) -> csrf.disable());

 		if (disableCors) {
-			http.cors().disable();
+			http.cors((cors) -> cors.disable());
 		} else if (!allowedOriginPatterns.isEmpty()) {
 			// cors
-			http.cors().configurationSource(corsConfigurationSource());
+			http.cors((cors) -> cors.configurationSource(corsConfigurationSource()));
 		}

 		return http.build();