diff --git a/datasafe-rest-impl/src/main/java/de/adorsys/datasafe/rest/impl/security/SecurityConfig.java b/datasafe-rest-impl/src/main/java/de/adorsys/datasafe/rest/impl/security/SecurityConfig.java index ed5677088..dab705ac1 100644 --- a/datasafe-rest-impl/src/main/java/de/adorsys/datasafe/rest/impl/security/SecurityConfig.java +++ b/datasafe-rest-impl/src/main/java/de/adorsys/datasafe/rest/impl/security/SecurityConfig.java @@ -26,10 +26,13 @@ import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.servlet.handler.HandlerMappingIntrospector; +import java.util.Arrays; import java.util.HashMap; +import java.util.List; import java.util.Map; import static de.adorsys.datasafe.rest.impl.security.SecurityConstants.TOKEN_HEADER; +import static org.springframework.security.config.Customizer.withDefaults; @Configuration @EnableWebSecurity @@ -44,7 +47,7 @@ public class SecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity http, MvcRequestMatcher.Builder mvc, AuthenticationManager authenticationManager) throws Exception { - MvcRequestMatcher[] SWAGGER_RESOURCES = { + MvcRequestMatcher[] swaggerResources = { mvc.pattern("/v2/api-docs"), mvc.pattern("/configuration/ui"), mvc.pattern("/swagger-resources"), @@ -54,11 +57,10 @@ public SecurityFilterChain filterChain(HttpSecurity http, MvcRequestMatcher.Buil mvc.pattern("/swagger-resources/configuration/ui"), mvc.pattern("/swagger-ui.html") }; - - http.cors(AbstractHttpConfigurer::disable) + http.cors(withDefaults()) .csrf(AbstractHttpConfigurer::disable) .authorizeHttpRequests(authz -> authz - .requestMatchers(SWAGGER_RESOURCES).permitAll() + .requestMatchers(swaggerResources).permitAll() .requestMatchers(mvc.pattern("/static/**")).permitAll() .requestMatchers(mvc.pattern(SecurityConstants.AUTH_LOGIN_URL)).permitAll() .requestMatchers(mvc.pattern(HttpMethod.OPTIONS, "/**")).permitAll() @@ -77,8 +79,8 @@ MvcRequestMatcher.Builder mvc(HandlerMappingIntrospector introspector) { } @Bean - public InMemoryUserDetailsManager userDetailsService(PasswordEncoder passwordEncoder) { - UserDetails user = User.withDefaultPasswordEncoder() + public InMemoryUserDetailsManager userDetailsService(PasswordEncoder encoder) { + UserDetails user = User.builder().passwordEncoder(encoder::encode) .username(securityProperties.getDefaultUser()) .password(securityProperties.getDefaultPassword()) .authorities("ROLE_USER") @@ -101,19 +103,15 @@ public PasswordEncoder passwordEncoder() { } @Bean - public CorsConfigurationSource corsConfigurationSource() { + CorsConfigurationSource corsConfigurationSource() { + CorsConfiguration configuration = new CorsConfiguration(); + configuration.setAllowedOrigins(List.of("http://localhost:4200")); + configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE")); + configuration.setAllowedHeaders(List.of("*")); + configuration.setAllowCredentials(true); + configuration.addExposedHeader(TOKEN_HEADER); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - - CorsConfiguration authConfig = new CorsConfiguration().applyPermitDefaultValues(); - authConfig.addExposedHeader(TOKEN_HEADER); - source.registerCorsConfiguration(SecurityConstants.AUTH_LOGIN_URL, authConfig); - - CorsConfiguration globalConfig = new CorsConfiguration().applyPermitDefaultValues(); - globalConfig.addAllowedMethod(HttpMethod.OPTIONS); - globalConfig.addAllowedMethod(HttpMethod.PUT); - globalConfig.addAllowedMethod(HttpMethod.DELETE); - source.registerCorsConfiguration("/**", globalConfig); - + source.registerCorsConfiguration("/**", configuration); return source; } diff --git a/frontend/README.md b/frontend/README.md index ca8275e3a..174a51035 100644 --- a/frontend/README.md +++ b/frontend/README.md @@ -3,6 +3,8 @@ Use `npm run-script ng:serve:web` for local development Use `npm run-script start` for electron development +Use `ng serve -c dev` if you need to debug + ### Notes - API url and credentials are provided by env.js file (API_URL, API_USERNAME, API_PASSWORD). Credentials (API_USERNAME, API_PASSWORD) are intended for local use only. diff --git a/frontend/datasafe-ui/angular.json b/frontend/datasafe-ui/angular.json index 544edcee8..bb53be0a1 100755 --- a/frontend/datasafe-ui/angular.json +++ b/frontend/datasafe-ui/angular.json @@ -40,7 +40,6 @@ "optimization": true, "outputHashing": "all", "sourceMap": false, - "extractCss": true, "namedChunks": false, "aot": true, "extractLicenses": true, @@ -53,6 +52,17 @@ "maximumError": "5mb" } ] + }, + "dev": { + "fileReplacements": [ + { + "replace": "src/environments/environment.ts", + "with": "src/environments/environment.dev.ts" + } + ], + "optimization": false, + "extractLicenses": false, + "sourceMap": true } } }, @@ -64,6 +74,9 @@ "configurations": { "production": { "browserTarget": "my-app:build:production" + }, + "dev": { + "browserTarget": "my-app:build:dev" } } }, diff --git a/frontend/datasafe-ui/main.js b/frontend/datasafe-ui/main.js index 49966638b..c6746dce1 100644 --- a/frontend/datasafe-ui/main.js +++ b/frontend/datasafe-ui/main.js @@ -21,7 +21,7 @@ function createWindow() { }); if (serve) { require('electron-reload')(__dirname, { - electron: require(__dirname + "/node_modules/electron") + electron: require("".concat(__dirname, "/node_modules/electron")) }); win.loadURL('http://localhost:4200'); } diff --git a/frontend/datasafe-ui/main.js.map b/frontend/datasafe-ui/main.js.map deleted file mode 100644 index f967e92ff..000000000 --- a/frontend/datasafe-ui/main.js.map +++ /dev/null @@ -1 +0,0 @@ -{"version":3,"file":"main.js","sourceRoot":"","sources":["main.ts"],"names":[],"mappings":";;AAAA,qCAAsD;AACtD,2BAA6B;AAC7B,yBAA2B;AAE3B,IAAI,GAAG,EAAE,KAAK,CAAC;AACf,IAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,UAAA,GAAG,IAAI,OAAA,GAAG,KAAK,SAAS,EAAjB,CAAiB,CAAC,CAAC;AAE5C,SAAS,YAAY;IAEnB,IAAM,cAAc,GAAG,iBAAM,CAAC;IAC9B,IAAM,IAAI,GAAG,cAAc,CAAC,iBAAiB,EAAE,CAAC,YAAY,CAAC;IAE7D,6BAA6B;IAC7B,GAAG,GAAG,IAAI,wBAAa,CAAC;QACtB,CAAC,EAAE,CAAC;QACJ,CAAC,EAAE,CAAC;QACJ,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,cAAc,EAAE;YACd,eAAe,EAAE,IAAI;SACtB;KACF,CAAC,CAAC;IAEH,IAAI,KAAK,EAAE;QACT,OAAO,CAAC,iBAAiB,CAAC,CAAC,SAAS,EAAE;YACpC,QAAQ,EAAE,OAAO,CAAI,SAAS,2BAAwB,CAAC;SACxD,CAAC,CAAC;QACH,GAAG,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;KACtC;SAAM;QACL,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;YACrB,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,iBAAiB,CAAC;YACjD,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,IAAI;SACd,CAAC,CAAC,CAAC;KACL;IAED,IAAI,KAAK,EAAE;QACT,GAAG,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC;KAChC;IAED,qCAAqC;IACrC,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE;QACf,gEAAgE;QAChE,mEAAmE;QACnE,oDAAoD;QACpD,GAAG,GAAG,IAAI,CAAC;IACb,CAAC,CAAC,CAAC;AAEL,CAAC;AAED,IAAI;IAEF,wDAAwD;IACxD,yDAAyD;IACzD,sDAAsD;IACtD,cAAG,CAAC,EAAE,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAE9B,oCAAoC;IACpC,cAAG,CAAC,EAAE,CAAC,mBAAmB,EAAE;QAC1B,2DAA2D;QAC3D,8DAA8D;QAC9D,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE;YACjC,cAAG,CAAC,IAAI,EAAE,CAAC;SACZ;IACH,CAAC,CAAC,CAAC;IAEH,cAAG,CAAC,EAAE,CAAC,UAAU,EAAE;QACjB,gEAAgE;QAChE,4DAA4D;QAC5D,IAAI,GAAG,KAAK,IAAI,EAAE;YAChB,YAAY,EAAE,CAAC;SAChB;IACH,CAAC,CAAC,CAAC;CAEJ;AAAC,OAAO,CAAC,EAAE;IACV,cAAc;IACd,WAAW;CACZ"} \ No newline at end of file diff --git a/frontend/datasafe-ui/package.json b/frontend/datasafe-ui/package.json index 3195a72de..3fb060927 100644 --- a/frontend/datasafe-ui/package.json +++ b/frontend/datasafe-ui/package.json @@ -4,7 +4,7 @@ "description": "datasafe-ui with web and electron interface", "keywords": [ "angular", - "angular 8", + "angular 15", "electron", "typescript", "sass" @@ -40,7 +40,6 @@ "@angular/compiler": "15.2.9", "@angular/compiler-cli": "15.2.9", "@angular/core": "15.2.9", - "@angular/forms": "15.2.9", "@angular/material": "15.2.9", "@angular/material-moment-adapter": "15.2.9", @@ -53,7 +52,7 @@ "@types/node": "20.8.0", "codelyzer": "6.0.2", "core-js": "3.33.0", - "electron": "26.2.4", + "electron": "^26.2.4", "electron-builder": "24.7.0", "electron-reload": "1.5.0", "hammerjs": "2.0.8", @@ -75,7 +74,7 @@ "wait-on": "7.0.1", "web-animations-js": "2.3.2", "webdriver-manager": "13.0.2", - "zone.js": "0.14.0" + "zone.js": "0.13.0" }, "engines": { "node": ">=18.10.0" diff --git a/frontend/datasafe-ui/src/app/app.component.ts b/frontend/datasafe-ui/src/app/app.component.ts index 788f93502..852e4d829 100644 --- a/frontend/datasafe-ui/src/app/app.component.ts +++ b/frontend/datasafe-ui/src/app/app.component.ts @@ -1,5 +1,5 @@ import {Component, OnInit} from '@angular/core'; -import {ErrorStateMatcher} from "@angular/material"; +import {ErrorStateMatcher} from "@angular/material/core"; import {FormControl, FormGroupDirective, NgForm} from "@angular/forms"; export class Env { diff --git a/frontend/datasafe-ui/src/app/component/filetree/filetree.component.ts b/frontend/datasafe-ui/src/app/component/filetree/filetree.component.ts index 57aee9256..9269168d4 100644 --- a/frontend/datasafe-ui/src/app/component/filetree/filetree.component.ts +++ b/frontend/datasafe-ui/src/app/component/filetree/filetree.component.ts @@ -7,7 +7,7 @@ import {ApiService} from "../../service/api/api.service"; import {CredentialsService} from "../../service/credentials/credentials.service"; import {Router} from "@angular/router"; import {ErrorMessageUtil} from "../../app.component"; -import {MAT_DIALOG_DATA, MatDialog, MatDialogRef} from "@angular/material"; +import {MAT_DIALOG_DATA, MatDialog, MatDialogRef} from "@angular/material/dialog"; class UserFileSystem { @@ -39,6 +39,7 @@ class UserFileSystem { var fullPath = ""; var folder = ""; + path = (path.startsWith('/')) ? path.substring(1) : path; path.split("/").forEach(segment => { fullPath += segment; fullPath += (fullPath === path ? "" : "/"); @@ -302,7 +303,7 @@ export class FiletreeComponent { this.error = ''; this.removePathFromUiCreatedFolders(path); this.api.deleteDocument(path, this.creds.getCredentialsForApi()) - .then(res => this.loadTree()) + .then(_ => this.loadTree()) .catch(err => this.error = 'Delete failed: ' + ErrorMessageUtil.extract(err)); } @@ -316,7 +317,7 @@ export class FiletreeComponent { uploadFile(event) { this.error = ''; this.api.uploadDocument(event.target.files[0], event.target.files[0].name, this.creds.getCredentialsForApi()) - .then(res => this.loadTree()) + .then(_ => this.loadTree()) .catch(err => { this.error = 'Upload failed: ' + ErrorMessageUtil.extract(err); }); @@ -328,7 +329,7 @@ export class FiletreeComponent { event.currentTarget.files[0], event.currentTarget.name + event.currentTarget.files[0].name, this.creds.getCredentialsForApi()) - .then(res => this.loadTree()) + .then(_ => this.loadTree()) .catch(err => { this.error = 'Upload failed: ' + ErrorMessageUtil.extract(err); }); diff --git a/frontend/datasafe-ui/src/app/component/login/login.component.ts b/frontend/datasafe-ui/src/app/component/login/login.component.ts index f943deeff..b2c947f34 100644 --- a/frontend/datasafe-ui/src/app/component/login/login.component.ts +++ b/frontend/datasafe-ui/src/app/component/login/login.component.ts @@ -3,7 +3,7 @@ import {Router} from '@angular/router'; import {FormBuilder, FormControl, Validators} from '@angular/forms'; import {CredentialsService} from '../../service/credentials/credentials.service'; import {Env, FieldErrorStateMatcher} from '../../app.component'; -import {MAT_DIALOG_DATA, MatDialog, MatDialogRef} from '@angular/material'; +import {MAT_DIALOG_DATA, MatDialog, MatDialogRef} from '@angular/material/dialog'; export interface ApiConfigData { apiUrl: string; diff --git a/frontend/datasafe-ui/src/app/polyfills.ts b/frontend/datasafe-ui/src/app/polyfills.ts index 5134b24e9..203549750 100755 --- a/frontend/datasafe-ui/src/app/polyfills.ts +++ b/frontend/datasafe-ui/src/app/polyfills.ts @@ -1,5 +1,4 @@ -import 'core-js/es6/reflect'; -import 'core-js/es7/reflect'; +import 'core-js/features/reflect'; import 'zone.js/dist/zone'; import 'hammerjs'; import 'web-animations-js'; \ No newline at end of file