- Avoiding read attempts for stores that do not exist (AbstractStore).
- Use of ReadWrite locks (everything withLockedFileForRead or withLockedFileForWrite)
- Caching of JAXB Context (TypedStoreContext.java)
- Avoid unnecessary writes to the UserGroupCache
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
The sshd dependency in version 2.8.0 that came with SvnKIT
1.10.10 may cause an injection failure in bouncy castle
due to incompatible sshd versions on server startup when
the ssh plugin is installed (the ssh plugin uses version
2.9.0 of apache sshd).
Committed-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Our current tooltip component has been causing ui glitches for over a year now because it did not use react portal to render the tooltip content outside the react render tree which interfered with html/css. The new component is based on a fully accessible component by radix-ui. The styling, for now, has been kept from the original tooltip.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Adds the new abstract class ConfigurationAdapterBase to simplify the creation of global configuration views. In addition there is some cleanup, interfaces and extension points for the repository trash bin plugin.
Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
This adds a markdown renderer for images, so that images
that are referenced by their repository path are resolved
correctly. In this case, the content rest endpoint is
rendered as source url. For this, two new contexts
(RepositoryContext and RepositoryRevisionContext)
have been added, that make the repository and the
current revision available, so that the content url can
be resolved properly. These new contexts may be used
by plugins like the scm-readme-plugin.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Reviewed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
An accessibility requirement dictates that our custom shortcut system must be allowed to be disabled. A new accessibility settings page has been added to the user profile, similar to the theme settings. It is persisted in local storage.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
In `751343f` we forced words to wrap in a variety of places in the SCM-Manager to prevent unintentional overflow breaking the layout. This was also added to the markdown view which had implications for tables in these views including long headers that would now break in a not so pretty fashion. After investigating potential implications and checking other usages of the markdown view, we removed the problematic class again in this particular instance as it was seemingly not serving any positive purpose and removing it had no negative impact.
A new api is introduced to allow focus-based list iteration through keyboard shortcuts. The api is initially considered closed and only used in the repository overview.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
The plugin center cache was not invalidated when the proxy configuration was changed in the global settings. This caused stale and inconsistent state to be displayed to the user while there was no feedback that something was wrong.
Global Modals as components, and as a result their registration hooks, have a lifecycle that spans the whole application. Because of this, they never get unmounted. The registration hook will simply be re-rendered with an updated "active" flag. Because the hook did not reset to its initial state when switching from "active" to "deactive", it decremented the modal count twice. Once in the cleanup of the previous hook render and once in the else block ("inactive").
Cloning repositories with LFS data via ssh requires the creation of access tokens using a subject authenticated with an already scoped token (the first scoped token is created by the ssh lfs authentication command; with this token the further requests are issued which will create further tokens for the individual lfs download requests). This failed, because such a creation was rejected without further checks. Now we test, whether the requested scope is permitted by the current scope.
This adds the possibility to load files managed by lfs to the repository import of git repositories.
Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
Sometimes it happens that a git diff command request is performed with a non-existent target branch. This is usually fine but the underlying system might have already garbage-collected the revisions associated with that branch. In this case, the revision for that deleted branch might turn up null which currently causes a 500 error. We catch this specific corner-case and throw the correct NotFoundException instead.
In recent weeks we have created an api for declaring keyboard shortcuts and tested its usage in internal modules. After successfully verifying it, we are now exposing it for plugins to use. The api has also received some tweaks in the process to make it more flexible, such as allowing bound shortcuts not to appear in the documentation dialog or allowing shortcuts to explicitly allow event bubbling.
The pending queue is updated after all the plugins to be installed are collected, and then we already may have duplicate entries. Because of this we check right on the collecting step if the plugin was already added during this single action.
If a new branch is pushed in Git without new commits (the branch
is created on a commit that already exists in the SCM-Manager repository
and pushed without any further commit), all ancestors of the commit
the branch points to have been treated as if they were new by the
hook changeset provider. This led to severe errors like wrong
push logs (by the pushlog plugin) or re-evaluated commit messages
by the commit message checker plugin.
This fixes this wrong behaviour. If new commits are not provided by
the pack parser, no commit will be treated as a new one.
There is currently no documentation which shortcuts are available to the end user, neither within the application nor the documentation published on scm-manager.org. This PR adds the missing documentation in both places and introduces a new api for developers to add documentation when using `useShortcut`. It also improves the api for conditional shortcuts significantly.
If a POST request is submitted to the rest api for repostory permissions, the regex validator ignores the name field if it is null, which leads to an internal server error and breaks any further attempts to interact with that repository. An additional not-null constraint resolves this problem.
The global navigation can be accessed with the following key combination:
Option-R = Repositories
Option-U = User
Option-G = Groups
Option-A = Administration
The navigation within a repository can be accessed with a combination with g:
gi = Information
gb = Branches
gt = Tags
gc = Code
gs = Settings
Enable users to jump to the global search bar by pressing the "/" key from anywhere. Open modals block this shortcut. This PR also introduces a generic system for declaring global shortcuts by utilizing the third-party library mousetrap.
This reduces the amount of lines logged with log level
'trace' from the DefaultRealm. This is done by concatenating
the single permissions and roles in a single line.
A log with the new layout looks something like this (the [...]
would list all further permissions in the real log output):
TRACE sonia.scm.security.DefaultRealm - authorization summary:
username : scmadmin
roles : user
scope :
permissions: repository:*:ChTG0dBeUH , group:autocomplete , repository:*:[...]
In contrast, with the old layout it looks like this:
TRACE sonia.scm.security.DefaultRealm - authorization summary:
username : scmadmin
roles :
- user
scope :
permissions:
- repository:*:ChTG0dBeUH
- group:autocomplete
- repository:*:5DTFWwBTiY
- repository:*:ASTGBIVz11D
- user:changeApiKeys:scmadmin
- user:changePassword:scmadmin
- user:changePublicKeys:scmadmin
- user:readAuthorizedKeys,writeAuthorizedKeys:scmadmin
- *
- user:read:scmadmin
- user:autocomplete
- repository:*:4rT7VPex5J
