From f0ba3918990849f43444956672fa2c05a59e1690 Mon Sep 17 00:00:00 2001 From: tawoe Date: Wed, 1 Mar 2023 10:11:50 +0100 Subject: [PATCH 1/6] Update CONTRIBUTING.md --- CONTRIBUTING.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 92722f43d..431095853 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -22,6 +22,7 @@ Please structure git commit messages in a way as shown below: 5. performance/Something 6. test/Something 7. enhancement/Something +8. secfix/Something Please also check if it also needs to be tagged (see below) From ef8f61322289eddbd46342f6d6cc850d9772d60e Mon Sep 17 00:00:00 2001 From: tawoe Date: Wed, 1 Mar 2023 10:13:00 +0100 Subject: [PATCH 2/6] Update CONTRIBUTING.md --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 431095853..68aa54df4 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -22,7 +22,7 @@ Please structure git commit messages in a way as shown below: 5. performance/Something 6. test/Something 7. enhancement/Something -8. secfix/Something +8. security/Something Please also check if it also needs to be tagged (see below) From ac4e159f64666a44e05e3233a77749955b8514c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 1 Mar 2023 13:43:22 +0100 Subject: [PATCH 3/6] feature/View name check --- .../main/scala/bootstrap/liftweb/Boot.scala | 2 ++ .../scala/code/api/util/ApiWarnings.scala | 25 +++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala index 4fd63c46e..d637deeb0 100644 --- a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala +++ b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala @@ -799,6 +799,8 @@ class Boot extends MdcLoggable { } ApiWarnings.logWarningsRegardingProperties() + ApiWarnings.incorrectCustomViewNames() + ApiWarnings.incorrectSystemViewNames() //see the notes for this method: createDefaultBankAndDefaultAccountsIfNotExisting() diff --git a/obp-api/src/main/scala/code/api/util/ApiWarnings.scala b/obp-api/src/main/scala/code/api/util/ApiWarnings.scala index 3b8838445..2a8f588f4 100644 --- a/obp-api/src/main/scala/code/api/util/ApiWarnings.scala +++ b/obp-api/src/main/scala/code/api/util/ApiWarnings.scala @@ -1,6 +1,7 @@ package code.api.util import code.util.Helper.MdcLoggable +import code.views.system.ViewDefinition import net.liftweb.util.Props object ApiWarnings extends MdcLoggable { @@ -17,4 +18,28 @@ object ApiWarnings extends MdcLoggable { logger.warn(s"!!!!!!!!!!!!!! Security Consideration: consents.sca.enabled=$scaEnabled !!!!!!!!!!!!!!") } } + + def customViewNamesCheck() = { + val incorrectViews = ViewDefinition.getCustomViews().filter { view => + view.viewId.value.startsWith("_") == false + } + if(incorrectViews.size > 0) { + logger.warn(s"VIEW_NAME_CHECK") + logger.warn(s"!!!!!!!!!!!!!! There are ${incorrectViews.size} custom view(s) with incorrect names !!!!!!!!!!!!!!") + } else { + logger.info(s"Custom VIEW_NAME_CHECK passed") + } + } + def systemViewNamesCheck() = { + val incorrectViews = ViewDefinition.getSystemViews().filter { view => + view.viewId.value.startsWith("_") == true + } + if(incorrectViews.size > 0) { + logger.warn(s"VIEW_NAME_CHECK") + logger.warn(s"!!!!!!!!!!!!!! There are ${incorrectViews.size} system view(s) with incorrect names !!!!!!!!!!!!!!") + } else { + logger.info(s"System VIEW_NAME_CHECK passed") + } + } + } From 27eec2775eb63318a3525ed6f26a1236155df25a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 1 Mar 2023 13:50:57 +0100 Subject: [PATCH 4/6] feature/View name check 2 --- obp-api/src/main/scala/bootstrap/liftweb/Boot.scala | 4 ++-- .../main/scala/code/views/system/ViewDefinition.scala | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala index d637deeb0..4e38a3d4e 100644 --- a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala +++ b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala @@ -799,8 +799,8 @@ class Boot extends MdcLoggable { } ApiWarnings.logWarningsRegardingProperties() - ApiWarnings.incorrectCustomViewNames() - ApiWarnings.incorrectSystemViewNames() + ApiWarnings.customViewNamesCheck() + ApiWarnings.systemViewNamesCheck() //see the notes for this method: createDefaultBankAndDefaultAccountsIfNotExisting() diff --git a/obp-api/src/main/scala/code/views/system/ViewDefinition.scala b/obp-api/src/main/scala/code/views/system/ViewDefinition.scala index 21e62737e..891170e5c 100644 --- a/obp-api/src/main/scala/code/views/system/ViewDefinition.scala +++ b/obp-api/src/main/scala/code/views/system/ViewDefinition.scala @@ -544,6 +544,11 @@ object ViewDefinition extends ViewDefinition with LongKeyedMetaMapper[ViewDefini By(ViewDefinition.view_id, viewId), ) } + def getSystemViews(): List[ViewDefinition] = { + ViewDefinition.findAll( + By(ViewDefinition.isSystem_, true) + ) + } def findCustomView(bankId: String, accountId: String, viewId: String): Box[ViewDefinition] = { ViewDefinition.find( @@ -553,6 +558,11 @@ object ViewDefinition extends ViewDefinition with LongKeyedMetaMapper[ViewDefini By(ViewDefinition.view_id, viewId), ) } + def getCustomViews(): List[ViewDefinition] = { + ViewDefinition.findAll( + By(ViewDefinition.isSystem_, false) + ) + } @deprecated("This is method only used for migration stuff, please use @findCustomView and @findSystemView instead.","13-12-2019") def findByUniqueKey(bankId: String, accountId: String, viewId: String): Box[ViewDefinition] = { From 767169e621d1387f603e2874431cfdbe9a171626 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Thu, 2 Mar 2023 16:18:25 +0100 Subject: [PATCH 5/6] bugfix/Take the local_identity_provider value if any --- obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala index fa5a9375e..29c7f6a81 100644 --- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala +++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala @@ -328,9 +328,9 @@ class AuthUser extends MegaProtoUser[AuthUser] with CreatedUpdated with MdcLogga def getProvider() = { if(provider.get == null) { - Constant.HostName - } else if ( provider.get == "" || provider.get == Constant.HostName ) { - Constant.HostName + Constant.localIdentityProvider + } else if ( provider.get == "" || provider.get == Constant.localIdentityProvider ) { + Constant.localIdentityProvider } else { provider.get } From 928d20c747a8b9f701895aa36942e9a648027823 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Fri, 3 Mar 2023 12:53:59 +0100 Subject: [PATCH 6/6] bugfix/Take the local_identity_provider value if any 2 --- obp-api/src/main/resources/props/sample.props.template | 2 +- obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala | 6 ++---- .../src/main/scala/code/model/dataAccess/ResourceUser.scala | 2 +- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/obp-api/src/main/resources/props/sample.props.template b/obp-api/src/main/resources/props/sample.props.template index 55ccceeae..e372d61f4 100644 --- a/obp-api/src/main/resources/props/sample.props.template +++ b/obp-api/src/main/resources/props/sample.props.template @@ -1132,7 +1132,7 @@ personal_data_collection_consent_country_waiver_list = Austria, Belgium, Bulgari # Local identity provider url # it defaults to the hostname props value -# local_identity_provider=this is the hostname of the local obp server including scheme +# local_identity_provider=strongly recomended to use top level domain name so that all nodes in the cluster share same provider name # enable dynamic code sandbox, default is false, this will make sandbox works for code running in Future, will make performance lower than disable diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala index 29c7f6a81..c072b0d79 100644 --- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala +++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala @@ -322,14 +322,12 @@ class AuthUser extends MegaProtoUser[AuthUser] with CreatedUpdated with MdcLogga override def displayName = S.?("provider") override val fieldId = Some(Text("txtProvider")) override def validations = validUri(this) _ :: super.validations - override def defaultValue: String = Constant.HostName + override def defaultValue: String = Constant.localIdentityProvider } def getProvider() = { - if(provider.get == null) { - Constant.localIdentityProvider - } else if ( provider.get == "" || provider.get == Constant.localIdentityProvider ) { + if(provider.get == null || provider.get == "") { Constant.localIdentityProvider } else { provider.get diff --git a/obp-api/src/main/scala/code/model/dataAccess/ResourceUser.scala b/obp-api/src/main/scala/code/model/dataAccess/ResourceUser.scala index d0dcb5c52..13a89a2ac 100644 --- a/obp-api/src/main/scala/code/model/dataAccess/ResourceUser.scala +++ b/obp-api/src/main/scala/code/model/dataAccess/ResourceUser.scala @@ -69,7 +69,7 @@ class ResourceUser extends LongKeyedMapper[ResourceUser] with User with ManyToMa override def defaultValue = "" } object provider_ extends MappedString(this, 100){ - override def defaultValue = Constant.HostName + override def defaultValue: String = Constant.localIdentityProvider } /**