Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,358 Commits 11 Branches 174 Tags 63 MiB
Commit Graph

184 Commits

Author SHA1 Message Date
Robert von Burg 50c379d06d [Major] Using executor pools with names in StrolchAgent 2017-12-19 14:54:57 +01:00
Robert von Burg ca06ff954e [Fix] Fixed REST response for PrivilegeUsersService 2017-12-13 11:26:07 +01:00
Robert von Burg 875c9dd27f [Minor] Allow to call VersionQuery REST API without certificate... 
but only if enabled in AuthenticationRequestFilter
 2017-12-04 13:19:34 +01:00
msmock ea047e1080 do it 
Merge feature/soql into feature/soql
 2017-12-03 20:00:00 +01:00
msmock 92915b4552 initial commit of SOQL, the object query language for strolch 2017-11-30 17:05:10 +01:00
Robert von Burg 743a52ed85 [WIP] Added new REST method to do SOQL queries 2017-11-30 12:55:19 +01:00
Robert von Burg b48c760d42 [New] New ResponseUtil.toResponse() methods 2017-11-28 18:52:06 +01:00
Robert von Burg 2bc98cdee4 [Minor] Added JavaDoc to StrolchSessionHandler 2017-11-23 15:41:11 +01:00
Robert von Burg 3e116b6b34 [Major] Added export to inspector REST API 2017-11-09 16:11:46 +01:00
Robert von Burg 1e79ea43de [Fix] Fixes for SSO 2017-10-13 09:48:15 +02:00
Reto Breitenmoser 32b186219b [Major] added single sign on support 2017-10-12 16:43:19 +02:00
Robert von Burg efb15f305c [Minor] fixed typo 2017-10-09 10:21:07 +02:00
Robert von Burg adf53dd49f [Major] Implemented SingleSignOn facility for Privilege 2017-10-06 16:59:22 +02:00
Robert von Burg c69d5ec9a7 [Minor] set msg = exceptionMsg if msg is null 2017-10-04 17:35:05 +02:00
Robert von Burg b2604f7ab5 [Minor] only save permissions if required 2017-10-03 12:51:22 +02:00
Robert von Burg 2cb799dfb4 [Major] Removed the need for javax.xml.bind.* imports. Using gson 2017-09-29 15:57:21 +02:00
Robert von Burg 0c68006f77 [Minor] Use ScheduledExecutor for session timeout and persistence 2017-09-22 17:00:59 +02:00
Robert von Burg c11f01afeb [Fix] Fixed Session TTL not being respected in some cases 2017-09-19 13:45:29 +02:00
Robert von Burg 16862070e0 [New] Added import REST API to Inspector 2017-08-28 17:11:03 +02:00
Robert von Burg 76b2fd2eb2 [New] Added add REST API for root elements to inspector 2017-08-28 12:46:03 +02:00
Robert von Burg c174d8c28a [Fix] Sort types in inspector 2017-08-21 13:08:22 +02:00
Robert von Burg 3f28d9aa9f [New] Allow to set if type is allowed in QueryParser 2017-08-18 11:48:09 +02:00
Robert von Burg 5efb426f10 [New] Added remove REST api for root elements 2017-08-17 14:42:20 +02:00
Robert von Burg c79f1d6ae6 [Fix] Returning 401 if session is invalid, 403 for privilege 2017-07-26 15:15:20 +02:00
Robert von Burg 1183000520 [Major] Implemented privilege checking for DAO 
Now the PrivilegeConfig.xml must include:

	<Policies>
		<Policy name="ModelPrivilege"
class="li.strolch.runtime.privilege.ModelPrivilege" />
	</Policies>

And PrivilegeRoles.xml must include:

	<Role>
		<Privilege name="GetResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="GetOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="GetActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="AddResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="AddOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="AddActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="UpdateResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="UpdateOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="UpdateActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="RemoveResource" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="RemoveOrder" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
		<Privilege name="RemoveActivity" policy="ModelPrivilege">
			<AllAllowed>true</AllAllowed>
		</Privilege>
	</Role>
 2017-07-24 20:07:10 +02:00
Robert von Burg a214853e94 [Major] Inspector can now update StrolchElements from JSON/XML 2017-07-05 15:07:51 +02:00
Robert von Burg 08631498dc [Major] Creating LogMessages for exceptions in Migrations, TX, Execution 2017-06-14 15:54:58 +02:00
Robert von Burg 8cec401ec0 [New] Added methods to ResponseUtil 2017-06-01 12:42:08 +02:00
Reto Breitenmoser a3b7a08aaf [Minor] set default memory for jersey entity logging 2017-05-30 14:26:03 +02:00
Robert von Burg 96771b40ba [Project] Update to Jersey 2.25.1 2017-05-26 11:37:38 +02:00
Robert von Burg 603703f681 [Minor] Added ResponseUtil.toResponse() override 2017-05-23 13:16:18 +02:00
Robert von Burg 4c9e66876a [Major] Privilege passwords are now salted! 2017-05-22 14:37:48 +02:00
Robert von Burg f87c42f399 [Project] switched tests to use logback-classic 2017-05-22 09:50:48 +02:00
Robert von Burg 3622339896 [Major] Total refactoring of StrolchElementVisitor hierarchy 2017-05-17 09:20:27 +02:00
Robert von Burg eedc587bed [Minor] Added identity visitors to queries, eliminating NoStrategy usage 2017-05-05 09:59:17 +02:00
Robert von Burg 8e06ccb7e1 [Minor] Don't log exceptions if user fails to auth 2017-03-09 11:07:39 +01:00
Robert von Burg 1102f34d18 [Minor] Don't log stack trace if certificate does not exist 2017-03-08 17:51:49 +01:00
Robert von Burg e4e35e5392 [Fix] AuthenticationRequestFilter now has priority AUTHENTICATION 2017-03-06 17:27:44 +01:00
Robert von Burg e0149cc4b0 [Major] Removed many visitors and implemented proper visitor pattern... 2017-03-02 16:52:50 +01:00
Robert von Burg cf5f717a69 [New] Added JsonServiceResult constructors 2017-03-01 01:42:38 +01:00
Robert von Burg 70e4214915 [Fix] Fixing CORS not working for cordova apps 2017-03-01 01:41:59 +01:00
Robert von Burg e27a0969ee [Major] Changes in FlatJsonVisitor 2017-02-27 17:25:24 +01:00
Robert von Burg c89e04a356 [Major] Moved *ToFlat and *FromFlat Json Visitors to strolch model 2017-02-27 14:11:49 +01:00
Martin Voigt 6466157c90 [minor] use execpetion message instead of empty text, if no restrictable is given for unauthorized access (#2) 2017-02-20 13:21:57 +01:00
Robert von Burg 0852557aaa [New] Added ResponseUtil.toResponse(ServiceResult) 2017-02-20 12:13:51 +01:00
Robert von Burg 0e5176df62 [Major] Inspector now has offset/limit for queries 2017-02-08 20:16:05 +01:00
Robert von Burg b70106260a [Fix] Fix bugs in formatting to JSON 2017-02-08 15:43:23 +01:00
Robert von Burg 753806f672 [New] Added inspector REST api for activities 2017-02-02 12:55:59 +01:00
Robert von Burg 90d9dead32 [Major] Refactored code for REST Inspector to use gson 2017-02-02 12:34:46 +01:00
Robert von Burg 1d25a2a46b [Major] Json Tags are now in Tags.Json and are drinking camel-case 2017-02-02 11:58:59 +01:00
Robert von Burg bff0215510 [Major] Refactored the DurationExecutionTimer to not be singleton 
Once again it is clear how bad singletons are. One test killed the
timer, thus all other tests failed. Now the DelayedExecutionTimer is
retrieved from the ExecutionHandler and is called DelayedExecutionTimer
with a default implementation of SimpleDurationExecutionTimer
instantiated by the EventBasedExecutionHandler
 2016-10-11 14:59:52 +02:00
Robert von Burg 992f3966dc [New] Rewrote the Paging class to use offset/limit 
Also returns next, previous and last offsets. Added helper method to
create a REST Response from a page in ResponseUtil
 2016-10-07 11:55:08 +02:00
Robert von Burg 2b701d5d74 [Fix] Fixed json object not marshalled in AuthenticationService 2016-10-05 17:03:01 +02:00
Robert von Burg 7a537e7886 [Major] REST APIs are supposed to be plural 2016-09-30 10:13:22 +02:00
Robert von Burg dd227c65d0 [Major] Refactored SystemAction in privileges 
Simplified the API, removed the privileged user - now always use the
agent system user for running system actions. One method has no return
value and one has a return value. Now it is easy to perform a system
action using:

    runAsAgent(ctx -> {
      // do work			
    });

    String result = runAsAgentWithResult(ctx -> {
      // do work
      return "done";
    });

    // execute a SystemAction
    runAsAgent(action);

    // execute a SystemActionWithResult
    String result = runAsAgentWithResult(actionWithResult);
 2016-09-29 12:26:27 +02:00
Robert von Burg 813c7bc13d [Minor] Added JsonElement service argument result objects 2016-09-19 21:19:51 +02:00
Robert von Burg 6d65064117 [New] Allow for optional parameters in to flat json 2016-09-17 17:20:45 +02:00
Robert von Burg 2fe9f74be8 [Project] Extended documentation with policies and transactions 2016-09-16 10:58:47 +02:00
Robert von Burg b8834b9b82 [Major] Refactored to not use JAXB in PrivilegeUsersService 2016-09-08 20:06:38 +02:00
Robert von Burg 68327da042 [Minor] Added further helper methods to ResponseUtil 2016-09-08 15:53:48 +02:00
Robert von Burg 7a090f3d68 [Major] REST APIs are now singular 2016-09-08 13:19:44 +02:00
Robert von Burg bcc0bf4a10 [Major] Now users can reset their own passwords 
- built in User Challenge feature (currently only console)
- extended REST API to allow user to initiate a challenge and then use
the challenge to authenticate for a one time change password session
 2016-09-07 14:41:16 +02:00
Robert von Burg 2cbdca3da8 [Minor] Allow to query by Id and Name when without prefix 2016-08-31 18:33:35 +02:00
Robert von Burg d25e7577f7 [New] QueryParser can now handle parameters incl. without prefixes 2016-08-30 11:44:55 +02:00
Robert von Burg c5cd74b168 [New] Added hooks to ToFlatJsonVisitor 2016-08-29 14:27:46 +02:00
Robert von Burg 313eaf0026 [New] New classes to flat map elements to/from Json 2016-08-26 16:43:36 +02:00
Robert von Burg d2de579b84 [New] Added convenience methods to open TXs on RestfulStrolchComponent 2016-08-26 16:43:11 +02:00
Robert von Burg 249ba41944 [New] AuthenicationRequestFilter now allows overriding of paths 
This is needed to be able to add project specific unsecured paths which
should be allowed to be accessed without being authenticated
 2016-08-20 13:38:12 +02:00
Robert von Burg 11ba7eb1de [Major] Moved ch.eitchnet to li.strolch 2016-06-26 11:38:41 +02:00
Robert von Burg 454b36d659 [New] Now also showing activities in model view 2016-04-08 18:04:37 +02:00
Robert von Burg 2a0d7c93ab [Fix] Fixed ordering by name and type problem 2016-04-06 09:29:54 +02:00
Robert von Burg 9294711639 [Major] Now using a nice query parser for resource querying in planning 2016-04-06 09:25:55 +02:00
Robert von Burg 8a5c4468c5 [Major] Now using a nice query parser for resource querying in planning 2016-04-05 08:30:40 +02:00
Robert von Burg 5f71427d33 [New] Added a QueryParser to parse String queries to Strolch queries 2016-04-05 08:30:07 +02:00
Robert von Burg 0246adb4ab [WIP] Added Resource table loading to planning web with filter 2016-04-03 17:58:47 +02:00
Robert von Burg a74508ba12 [WIP] Added Resource table loading to planning web 2016-04-01 18:24:35 +02:00
Robert von Burg 0cadf66f3f [Major] Refactored Privilege to use separate mode files 
So now users and roles are in their own files. This makes it far easier
to add new privileges without needing to take care if the user changed
their data.
 2016-02-28 19:54:17 +01:00
Robert von Burg e2b3e5f7b0 [Minor] removed unnecessary else 2016-02-10 17:48:18 +01:00
Robert von Burg fba2b09e04 [New] Also write a cookie when authenticating 
- and of course allow the user to authenticate using the cookie
 2015-12-04 15:10:52 +01:00
Robert von Burg e6697eb9c2 [Fix] Fixing startup race condition on timeout of old sessions 2015-11-20 19:58:46 +01:00
Robert von Burg d06fe4fb04 [New][Major] Initial to JSON visitors for Resources and Orders 
- added PolicyDefs to Actions
- also fixed a bug in StringSetValue().getValueAsString()
- further refactorings and clean-up
 2015-11-16 22:37:00 +01:00
Robert von Burg 8e76e5658e [New] AuthenticationService now uses byte array for password 2015-10-25 11:55:28 +01:00
Robert von Burg 292050a8f9 [New] Use InvalidCredentialsException 2015-10-23 18:22:05 +02:00
Robert von Burg a22a6db408 [Fix] fixed compiler error 2015-10-16 17:59:20 +02:00
Robert von Burg c37fd20efb [Major] Added persisting and reloading of sessions 2015-10-16 17:21:49 +02:00
Robert von Burg 60300ab21d [New] Added AbstractService.runPrivilege() 
- This runs the given action as the system user 'privileged'
 2015-10-08 22:09:45 +02:00
Robert von Burg d8650b0ab1 [Minor] Added gson to rest 2015-09-28 11:15:07 +02:00
Robert von Burg 69eb5ccf38 [Major] Refactored query API 
- Now added ordering
- added setters for visitors on query
-
 2015-08-10 22:21:45 +02:00
Robert von Burg 29a88fe6ab [New] Added StrolchComponent.getConfiguration() 
- and thus removed any instance variables to it in subclasses
 2015-07-10 10:48:17 +02:00
Robert von Burg 521bd84ce0 [Major] StrolchComponent methods can now throw Exception 
- execption handling is done in the ComponentContainerStateHandler
- clients now not need to worry about exceptions which would make them
  rethrow anyhow as a runtime exception
 2015-06-11 19:19:52 +02:00
Robert von Burg 503bdbe4d6 [Major] refactored SystemUserActions in privilege 
Now a SystemUserAction is defined as follows:
<Privilege name="ch.eitchnet.privilege.handler.SystemUserAction" 
    policy="DefaultPrivilege">
  <Allow>li.strolch.agent.impl.StartRealms</Allow>
</Privilege>
 2015-06-03 23:32:23 +02:00
Robert von Burg d31e9ffc6d [Project] Added missing license headers 2015-04-22 13:20:28 +02:00
Robert von Burg 608a374f99 [New] Added REST methods to update a specific Resource or Order from XML 2015-04-19 16:39:49 +02:00
Robert von Burg d0e27a3a1f [New] add RestfulStrolchComponent.getServiceHandler() 2015-04-19 16:39:18 +02:00
Robert von Burg 69c842034a [New] Added rest GET of Order and Resource as XML 2015-04-19 16:13:26 +02:00
Robert von Burg 91a08057c1 [Minor] fixed session timeout not being audit action timeout 2015-04-05 01:27:50 +02:00
Robert von Burg bd4291b483 [Major] Moved privilege management into separate services 
- instead of just calling the methods from the REST API, now we call
services
- this allows auditing who changes which privileges
 2015-04-05 01:11:54 +02:00
Robert von Burg 6bd1ed58ad [New] Added limit and sorting to Audit query incl. REST API 2015-04-04 18:29:33 +02:00
Robert von Burg 5d7cf8469f [New] added elementSubType to REST API for querying Audits 2015-04-04 18:05:39 +02:00
Robert von Burg aa11f8098a [New] Added elementSubType to Audit 2015-04-04 17:53:54 +02:00