kit-data-manager · github-actions · Dec 3, 2023 · Dec 11, 2023 · Dec 12, 2023 · Oct 14, 2024
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,6 @@
 /build/
 /.gradle/
+/.idea/
 /.nb-gradle/
 /.nb-gradle-properties
 /.settings/

diff --git a/build.gradle b/build.gradle
@@ -1,9 +1,9 @@
 plugins { 
-    id 'org.springframework.boot' version '3.5.3'
+    id 'org.springframework.boot' version '3.4.4'
     id 'io.spring.dependency-management' version '1.1.7'
-    id 'io.freefair.lombok' version '8.14'
-    id 'io.freefair.maven-publish-java' version '8.14'
-    id 'org.owasp.dependencycheck' version '12.1.3'
+    id 'io.freefair.lombok' version '8.13.1'
+    id 'io.freefair.maven-publish-java' version '8.13.1'
+    id 'org.owasp.dependencycheck' version '12.1.0'
     id 'org.asciidoctor.jvm.convert' version '4.0.4'
     id 'net.researchgate.release' version '3.1.0'
     id 'com.gorylenko.gradle-git-properties' version '2.5.0'
@@ -30,7 +30,7 @@ repositories {
 ext {
     set('javersVersion', "7.8.0")
     set('springBootVersion', "3.2.1")
-    set('springDocVersion', "2.8.9")
+    set('springDocVersion', "2.8.6")
     set('keycloakVersion', "19.0.0")
 
     // directory for generated code snippets during tests
@@ -60,29 +60,33 @@ dependencies {
     implementation "org.springframework.boot:spring-boot-starter-mail"
     implementation "org.springframework.boot:spring-boot-starter-security"
     implementation "org.springframework.boot:spring-boot-starter-actuator"
-    implementation 'org.springframework.data:spring-data-elasticsearch:5.5.1'
+    implementation 'org.springframework.data:spring-data-elasticsearch:5.4.4'
 
-    implementation "org.springframework:spring-messaging:6.2.8"
+    implementation "org.springframework:spring-messaging:6.2.5"
 
     // cloud support
-    implementation "org.springframework.cloud:spring-cloud-starter-config:4.3.0"
-    implementation "org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.3.0"
-    implementation "org.springframework.cloud:spring-cloud-gateway-mvc:4.3.0"
-    implementation 'de.codecentric:spring-boot-admin-starter-client:3.5.1'
+    implementation "org.springframework.cloud:spring-cloud-starter-config:4.2.1"
+    implementation "org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.2.1"
+    implementation "org.springframework.cloud:spring-cloud-gateway-mvc:4.2.1"
+    implementation 'de.codecentric:spring-boot-admin-starter-client:3.4.5'
 
     // springdoc
     implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${springDocVersion}"
     implementation "org.springdoc:springdoc-openapi-starter-common:${springDocVersion}"
     implementation "org.springdoc:springdoc-openapi-starter-webmvc-api:${springDocVersion}"
 
     implementation "edu.kit.datamanager:repo-core:1.2.5"
-    implementation "edu.kit.datamanager:service-base:1.3.4"
+    implementation "edu.kit.datamanager:service-base:1.3.3"
+
+    implementation ("edu.kit.datamanager:ro-crate-java:2.1.0-rc3"){
+        exclude group: 'org.slf4j' , module: 'slf4j-jdk14'
+    }
 
     //implementation "com.github.victools:jsonschema-generator:4.23.0"
 
     //Keycloak
     // implementation "org.keycloak:keycloak-spring-boot-starter:${keycloakVersion}"
-    implementation "com.nimbusds:nimbus-jose-jwt:10.3.1"
+    implementation "com.nimbusds:nimbus-jose-jwt:10.0.2"
    // implementation "io.jsonwebtoken:jjwt-api:0.11.5"
     //implementation "io.jsonwebtoken:jjwt-impl:0.11.5"
     //implementation "io.jsonwebtoken:jjwt-jackson:0.11.5"
@@ -97,11 +101,11 @@ dependencies {
     runtimeOnly    "org.apache.httpcomponents:httpclient:4.5.14"
 
      // driver for postgres
-    implementation "org.postgresql:postgresql:42.7.7"
+    implementation "org.postgresql:postgresql:42.7.5"
     //driver for h2
     implementation "com.h2database:h2:2.3.232"
 
-    testImplementation "org.springframework.restdocs:spring-restdocs-mockmvc:3.0.4"
+    testImplementation "org.springframework.restdocs:spring-restdocs-mockmvc:3.0.3"
     testImplementation "org.springframework.boot:spring-boot-starter-test"
     testImplementation "org.springframework:spring-test"
     testImplementation "org.springframework.security:spring-security-test"
@@ -149,7 +153,7 @@ bootJar {
 }
 
 jacoco {
-    toolVersion = "0.8.13"
+    toolVersion = "0.8.12"
 }
 
 // task for printing project name.

diff --git a/config/application-default.properties b/config/application-default.properties
@@ -61,16 +61,22 @@ spring.jpa.hibernate.ddl-auto: update
 ###############################################################################
 # Actuator Endpoints for Health Checks
 #
-# Spring Management Endpoint Settings. By default, the health endpoint will be 
-# enabled to apply service monitoring including detailed information. 
+# Spring Management Endpoint Settings. By default, health and info endpoints will be 
+# exposed to apply service monitoring including detailed information. Both endpoints
+# are accessible without authentication. 
 # Furthermore, all endpoints will be exposed to external access. If this is not desired, 
 # just comment the property 'management.endpoints.web.exposure.include' in order to only 
 # allow local access.
 ###############################################################################
 management.endpoint.health.enabled: true
-management.endpoint.health.show-details: WHEN-AUTHORIZED
-management.endpoint.health.sensitive: false
-management.endpoints.web.exposure.include: *
+management.endpoint.health.show-details: when-authorized
+management.endpoint.health.sensitive: true
+management.endpoints.web.exposure.include: health,info
+
+
+#spring.security.user.name=admin
+#spring.security.user.password=secret
+#spring.security.user.roles=ADMIN
 
 ###############################################################################
 # Spring Cloud

diff --git a/src/main/java/edu/kit/datamanager/repo/Application.java b/src/main/java/edu/kit/datamanager/repo/Application.java
@@ -21,7 +21,6 @@
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import edu.kit.datamanager.configuration.SearchConfiguration;
 import edu.kit.datamanager.repo.configuration.ApplicationProperties;
-import edu.kit.datamanager.repo.configuration.ElasticConfiguration;
 import edu.kit.datamanager.repo.configuration.RepoBaseConfiguration;
 import edu.kit.datamanager.repo.configuration.StorageServiceProperties;
 import edu.kit.datamanager.repo.domain.DataResource;
@@ -43,7 +42,6 @@
 import org.javers.core.Javers;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.InjectionPoint;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
@@ -54,7 +52,6 @@
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Scope;
 import org.springframework.context.event.EventListener;
 import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
 import org.springframework.scheduling.annotation.EnableScheduling;

diff --git a/src/main/java/edu/kit/datamanager/repo/configuration/WebSecurityConfig.java b/src/main/java/edu/kit/datamanager/repo/configuration/WebSecurityConfig.java
@@ -30,6 +30,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -88,13 +89,15 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                                 InfoEndpoint.class,
                                 HealthEndpoint.class
                         )).permitAll().
-                        requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyRole("ANONYMOUS", "ADMIN", "ACTUATOR", "SERVICE_WRITE").
+                        requestMatchers(new AntPathRequestMatcher("/actuator/**")).hasAnyRole("ADMIN", "ACTUATOR").
+                        requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyRole("ADMIN", "SERVICE_WRITE").
                         requestMatchers(new AntPathRequestMatcher("/oaipmh")).permitAll().
                         requestMatchers(new AntPathRequestMatcher("/static/**")).permitAll().
                         requestMatchers(new AntPathRequestMatcher("/api/v1/search")).permitAll().
                         requestMatchers(AUTH_WHITELIST_SWAGGER_UI).permitAll().
                         anyRequest().authenticated()
         ).
+                httpBasic(Customizer.withDefaults()).
                 cors(cors -> cors.configurationSource(corsConfigurationSource())).
                 sessionManagement(
                         session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));