This adds optional caches for configuration stores and
backing data files for data stores.
These stores can be enabled using the system properties
`scm.storeCache.enabled=true` and `scm.cache.dataFileCache.enabled=true`.
In addition, this adds the possibility to overwrite cache configurations
from the guice cache (see file `gcache.xml`) with system properties.
The maximum size of the external group cache for example can be
overwritten with the system property `scm.cache.externalGroups.maximumSize`.
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Fixes a null pointer exception resulting in an internal
server error in the permission overview for users with
external groups, for example from ldap or cas.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Move repository overview extension to avoid waiting for repositories. Also improve the extension points api to allow predicates without props.
Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
Squash commits of branch feature/update_debian_base_image:
- Update debian version for docker base image
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Fixes a null pointer exception resulting in an internal
server error in the permission overview for users with
external groups, for example from ldap or cas.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
We introduced a new accessible combobox component. This component is based on headless ui and made compatible with our components and forms. Also we replaced the outdated `Autocomplete` component with the new combobox.
Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
Reviewed-by: Florian Scholdei <florian.scholdei@cloudogu.com>
- Add security headers:
- X-Frame-Options
- X-Content-Type-Options
- Content-Security-Policy
- Permissions-Policy
- Do not send server information header
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
This fixes errors when deleting configurations.
The error occured during "unmirror" in the mirror plugin.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
The new implementations are ment to be used in test
classes replacing the older implementations like
`InMemoryConfigurationStoreFactory`. The benefit
of these new classes is that the serialization using JaxB
is testet implicitly avoiding mistakes made with XML
annotations on the data classes.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
If anonymous access is enabled and read requests are granted
to hg repositories for the anonymous user, write requests
fail also for users with write requests, because no
authentication header has been sent along with the 401.
This fixes this issue in the default cgi servlet.
There may be a race condition when loading plugin bundles with lazy dependencies:
The OpenAPI plugin depends on "redux" and "react-redux", which are bundled in the lazy "ui-legacy" module, as the usage of redux is deprecated in the scmm. The "ui-legacy" module also binds a global wrapper extension point around the whole app. Due to a bug in the plugin loader, plugin bundles were marked as successfully loaded even if a lazy dependency hadn't successfully loaded yet. This caused the extension point from the "ui-legacy" bundle to be bound after the initial render. As the process of extension point binding doesn't trigger a re-render, the redux provider was not wrapped around the app on initial load. When the user now moved focus out of and back into the window, react-query hooks automatically refetched e.g. the index links, which caused a re-render. Now with the bound extension point applied. This caused the whole app to be unmounted and re-mounted, which in turn reset all form fields anywhere below in the tree.
Also fixes a bug where the global notifications component was executing a state update while already unmounted.
Also fixes a bug in the user creation form where an object literal was passed to the form's default values which caused a form reset whenever the component re-rendered.
Committed-by: Rene Pfeuffer <rene.pfeuffer@cloudogu.com>
The git mirror command did not set the default branch correctly in all cases. If the source repository contained a 'master' branch, no default branch was set. This led to an error in the refresh process, when globally another branch has been configured as dafault (when not changed, this is 'main'), because the working copy should be created with the main branch checked out. Because no default was specified, the globally configured default (by default 'main') had been taken and that branch does not exist in the mirror.
So all subsequent mirror updates failed with a message like this one:
could not find branch with id main in repository with id ...
With this fix, the default branch is always set in the SCM-Manager configuration for the repository and therefore cannot be missing in subsequent updates.
Committed-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
