The missing description of the plugin condition in the
logs during a condition mismatch is now included and
also displayed in a readable way. Additionally, a
specialised error will be displayed during the installation
or update of plugins detailing that a condition mismatch
happened and also which condition was not fulfilled
instead of a generic internal server error.
After uninstalling a plugin (without restart) and then discarding the
changes, plugins which are required for the plugin can be uninstalled
even if the uninstallation was reverted. This was caused by not updating
the dependency relations between the plugins when an uninstallation has
been canceled. Therefore, the updating step is added.
This removes repeated exceptions from the api key service when checking requests without an api key. Despite of throwing an exception, the service now simply returns `null`, when the authentication was not successful.
Pushed-by: Rene Pfeuffer<rene.pfeuffer@cloudogu.com>
Co-authored-by: René Pfeuffer<rene.pfeuffer@cloudogu.com>
In the general admin settings, the user can find two button to either invalidate the cache or rebuild the search index. The endpoints are defined in the InvalidationResource class in scm-webapp.
Co-authored-by: René Pfeuffer<rene.pfeuffer@cloudogu.com>
When importing a SCM exported Repo with Metadata the creator wasnt set as the owner and thus couldnt view the imported repository. This bug has been fixed.
Pushed-by: Tarik Gürsoy<tarik.guersoy@cloudogu.com>
Co-authored-by: Tarik Gürsoy<tarik.guersoy@cloudogu.com>
The DefaultNamespaceManager has not been a singleton.
Because of this, instances could be removed before
the event has been handled completely and therefore
the handler could no longer be removed from the queue,
resulting in an IllegalStateException.
By making the manager a singleton, it is no longer
garbage collected and therefore we do not get the
exception any longer.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Cypress did not work because of the stricter security header. We introduced a new stage named "TESTING" which ignores this security headers and allow testing tools to work as intended.
Committed-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
SCM-Manager created directories for each plugin every time the plugin is installed without deleting the old directories. With this change the old directories will be removed.
Committed-by: Rene Pfeuffer <rene.pfeuffer@cloudogu.com>
Make the repository file search deactivatable
via the global config. This feature could
overwhelm the server on repositories with
millions of file therefore it now can be turned off.
Committed-by: Rene Pfeuffer <rene.pfeuffer@cloudogu.com>
Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
This adds optional caches for configuration stores and
backing data files for data stores.
These stores can be enabled using the system properties
`scm.storeCache.enabled=true` and `scm.cache.dataFileCache.enabled=true`.
In addition, this adds the possibility to overwrite cache configurations
from the guice cache (see file `gcache.xml`) with system properties.
The maximum size of the external group cache for example can be
overwritten with the system property `scm.cache.externalGroups.maximumSize`.
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Fixes a null pointer exception resulting in an internal
server error in the permission overview for users with
external groups, for example from ldap or cas.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
- Add security headers:
- X-Frame-Options
- X-Content-Type-Options
- Content-Security-Policy
- Permissions-Policy
- Do not send server information header
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
The new implementations are ment to be used in test
classes replacing the older implementations like
`InMemoryConfigurationStoreFactory`. The benefit
of these new classes is that the serialization using JaxB
is testet implicitly avoiding mistakes made with XML
annotations on the data classes.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
If anonymous access is enabled and read requests are granted
to hg repositories for the anonymous user, write requests
fail also for users with write requests, because no
authentication header has been sent along with the 401.
This fixes this issue in the default cgi servlet.
Use standard configuration store api for general configuration. This is best practice and also required for the audit log to work properly.
Besides that we still need to load the general configuration manually for the instance injection binding in ScmServletModules. Since the instance injection does not resolve the bindings regularly we need also still need to update the injectable scm config using the "load" hack in the resource.
Committed-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
This uses 'RetryingTest' from junit jupiter to retry integration tests that are known to fail from time to time. We explicitly mark single tests in contrast to set a global retry to be able to trace those, whenever this is intended.
To do so, we have to update to the latest version of JUnit. Unfortunately, this brought a new behaviour for the @TempDir annotation: In contrast to the former behaviour where for one test all annotated parameters got the same directory, in the new version the parameters get different directories assigned. This led to the need of some consolidation between @BeforeEach methods and the related tests.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
