Skip to content

Latest commit

 

History

History
430 lines (266 loc) · 23.4 KB

CHANGELOG.md

File metadata and controls

430 lines (266 loc) · 23.4 KB
Raw

21.2.0 (2024-11-18)

Bug Fixes

  • add classifier (aadf6a8)
  • add missing annotations and make findAllById cacheable (00b1459)
  • add missing cache annotations (764b832)
  • add missing cache regions (6362f59)
  • adds missing lecense header (ac7b4e1)
  • extract typename in WFS Transaction insert queries correctly (1cf15cb)
  • typo (12705ae)

Features

  • adds endpoints to manually create users, groups and roles from the provider (7dd043e)
  • introduces "mapInteractions" config (a5b3859)

21.1.2 (2024-10-25)

Bug Fixes

  • ogcxmlutil: replace unsupported XML properties with feature-based security settings (801fde2)

21.1.1 (2024-10-14)

Bug Fixes

  • handle unsupported external DTD and schema properties (0450f3c)

21.1.0 (2024-10-10)

Bug Fixes

  • log: decrease log level in base permission evaluator (3716046)

Features

  • repository: introduce search by layername parameter (c0b157f)

21.0.0 (2024-09-26)

Bug Fixes

  • inherit versions from spring-boot-dependencies if possible (0921b29)
  • use correct version of spring-boot-starter-parent (872c744)
  • use flyway progresql module (484e417)

BREAKING CHANGES

  • Upgrade to flyway 10 requires database specific modules

20.4.2 (2024-09-12)

Bug Fixes

  • HttpProxy: use override instead of bean creation for HttpSecurity (62cd974)

20.4.1 (2024-08-20)

Bug Fixes

  • downgrade openapi (again) (33648c2)

20.4.0 (2024-08-20)

Bug Fixes

  • deps: downgrade springdoc (65e20ed)

Features

  • show public applications when signed out (d1ee3ef)

20.3.1 (2024-07-03)

Bug Fixes

  • use correct mail dependencies (2b452e3)

20.3.0 (2024-06-24)

Bug Fixes

  • remove read only transaction (7f90d6a)

Features

20.2.1 (2024-06-17)

Bug Fixes

  • check against the client role instead of the realm role (a1aa970)
  • remove role permissions before removing the role (9716cec)

20.2.0 (2024-06-13)

Bug Fixes

  • add missing Query annotation (dfc296c)
  • remove role permissions before removing the role (3b596b4)
  • set schema (30be7e6)

Features

  • init Role, RoleInstancePermission and RoleClassPermission (48042db)

20.1.0 (2024-05-21)

Bug Fixes

  • prevent exception when keycloak group does not exist (9fb7732)

Features

  • add printApp to DefaultApplicationClientConfig (#862) (83f8ecb)

20.0.0 (2024-05-14)

Features

  • anonymous access to graphql interface (58d1c68)

BREAKING CHANGES

  • anonymous access to graphql interface

19.1.0 (2024-05-08)

Features

  • allow configuration of role extraction from jwt (23247c7)

19.0.0 (2024-05-02)

Bug Fixes

  • add audit annoations to PublicInstancePermission (94cffac)
  • add info for graphql version (46dd0a5)
  • add logging for unknown exception (a38e1ab)
  • add missing columns for revision table (ebbfaf9)
  • clarify jts version comment (bd9d412)
  • clean up dependencies (cdf7fd1)
  • code smells (c819531)
  • consistent transactional annotations (32619fa)
  • fix licenserc pattern location (3f20985)
  • fixes admin-btn from opening multiple links when clicked (778e9f6)
  • jaxb-api version identifier (64ec323)
  • remove duplicated badges (143eddb)
  • remove duplicated fields (89fe47d)
  • rename PublicEntity to PublicInstancePermission (4a8aca1)
  • show applications despite empty configuration or description (47512f7)
  • specify spdx id (6f7799d)
  • use instanceof checks instead of class comparison (3f473cf)

chore

Features

  • add migration for publicentities (9a1d35e)
  • configurable favicon (bf6a1b9)
  • introduce PublicEntity (53d1941)
  • permitAll for entity endpoints (90474d0)
  • prevent public permission for User and Group (732ecf2)
  • update permission handling for PublicEntity (f40b9f7)

BREAKING CHANGES

  • This changes a crucial security setting an might need adjustments in projects.
  • requires java 21

18.0.0 (2023-09-18)

Bug Fixes

  • adds missing git-commit-id-maven-plugin in gs-interceptor (a6b390a)
  • allow extending WebSecurityConfig (10cb4e4)
  • circular dependency problems (53aa861)
  • cleanup (2db9a60)
  • extract xmlbind version to property (e37392f)
  • fix http proxy tests (b9e8be4)
  • fix hypersistence-utils version (7958976)
  • fix queryHints import (7df2511)
  • optimize imports (d0e84f5)
  • reenable csrfTokenRequestHandler (b32f02c)
  • remove commented code (c3d5f7a)
  • remove newline (53673e0)
  • remove not needed hibernate version (7b0abc4)
  • remove unneeded parameter (4565f49)
  • reorganize imports (6fc6f8c)
  • set correct creation time for docker images (8be68e5)
  • temporarily allow circular references (4aefc55)
  • temproarily allow circular references (98f731d)
  • update dependency versions (e468350)
  • update git-commit-id plugin (104b0b3)
  • update java base image (caba9ce)
  • update to apache httpUtil5 (8661561)
  • web security setup (b4979bc)

Features

  • allow to only override security filterchain (4b37639)
  • improve content type detection (4b754e3)
  • include REFERENCE_TABLE and make PropertyFormItemEditConfig abstract (e4bbaf5)
  • update for hibernate 6.1 and hibernate-types (b105159)
  • update keycloak to 21.0.1 (f90de77)
  • update spring-boot to 3.0.x (f95fcaf)

BREAKING CHANGES

  • requires migration for spring / spring-security 6 and hibernate 6 updates

Migration guide:

  • update java EE 8 dependencies to jakarta EE 9 (see https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.0-Migration-Guide#jakarta-ee)
  • update repositories
  • update your SecurityConfigs which extend KeycloakWebSecurityConfig or SimpleWebSecurityConfig
    • update your filter chain according to the the spring security migration guides below
    • replace antMatchers with requestMatchers, ignoringAntMatchers with ignoringRequestMatchers
    • update your rules for swagger (/v3/api-docs) if they're not already updated
  • update your git-commit-id-plugin configuration and check if the version set in shogun is overridden (for more information see #730)

17.2.0 (2023-07-18)

Bug Fixes

  • delete all user/group permissions before deleting the user/group itself (365f31d)
  • generate all args and required args constructor, remove annotations that were dealed by @Data (554caf0)

Features

  • add WMSTIME layer type (8d32f1b)
  • adds all args constructor and constructor for required parameters of JSONB models (70d7192)

17.1.1 (2023-06-21)

Bug Fixes

  • append the transient provider details for users and groups (72cb1e6)
  • get the actual target entity class and set a common default permission evaluator (978426f)

17.1.0 (2023-06-02)

Bug Fixes

  • fix return value of application findAll() endpoint (776f813)
  • remove unneeded visible field (75d3ae9)
  • replace deprecated usages (f9b64e1)
  • set correct example value (3807a28)
  • update types (804ecc7)

Features

  • add models for search configuration (d76c8db)
  • add models for specifying form configurations(still without i18n support) (1ad6bba)
  • adds layer editable flag (88dd6df)

17.0.0 (2023-05-17)

Bug Fixes

  • convert permission query to non native query (3a151d4)
  • determine read permission id from DB (ec5ba01)
  • fix api docs for pageable parameter (11a3a6d)
  • get base entity class dynamically (a3c6a35)
  • improvements from code review (4416356)
  • move securityExtension to ApplicationConfig (112dd89)
  • remove SecurityContextEvaluationExtension (ce86a05)
  • remove unneeded imports (7abf3ed)
  • security evaluation extension (d3437e1)
  • update tests for new findAll response (919c0e4)

Features

  • add paging and simplify permission check (c378348)
  • also check group permissions (f887da9)

BREAKING CHANGES

  • changes BaseController::findAll signature. Now returns paged entities.

Migration instructions

  1. BaseController::findAll() - method signature has changed
  • the method now returns Page<BaseEntity> instead of List<BaseEntity>
  • this means the results are now wrapped into a paging object, e.g.: 
    {
 "content": [
   {
     "id": 475870,
     "created": "2022-10-07T14:01:43.11027Z"
     [...]
   }
 ],
 "pageable": {
   "sort": {
     "empty": true,
     "sorted": false,
     "unsorted": true
   },
   "offset": 0,
   "pageNumber": 0,
   "pageSize": 1,
   "paged": true,
   "unpaged": false
 },
 "last": false,
 "totalElements": 2,
 "totalPages": 2,
 "size": 1,
 "number": 0,
 "sort": {
   [...]
 },
 "first": true,
 "numberOfElements": 1,
 "empty": false
}
  • the method has a new optional parameter Pageable pageable which can be used to specify which page and size is returned e.g.: 
    {
 "page": 0,
 "size": 10
}
  • if no pagination configuration is provided, one page with all entities is returned. But it is recommended to use pagination for performance reasons
  1. Custom permission evaluators have to implement a findAll method
  • if you project uses custom permission evaluators, you have to implement this method to provide a way to check permissions for requests with pagination
  • BaseEntityPermissionEvaluator contains a default implemenation which performs the new improved permisison check described above
    • the default only works for the "shogun way" (permission managment through UserInstance-, UserClass- GroupInstance- and GroupClassPermissions

16.4.0 (2023-04-28)

Bug Fixes

  • add JsonInclude.Include.NON_NULL annotations to all jsonb models (38e4811)
  • enable arbitrary objects in open api specification (563a2ba)
  • readd terms of service url (bb09a79)
  • replace deprecated mockito-inline by mockito-core (16fcbf0)

Features

  • add defaultLanguage param to clientConfig (#685) (c85dc96)

16.3.0 (2023-04-18)

Features

  • introduce crsDefinitions field on mapView config (7457fb7)

16.2.0 (2023-04-18)

Features

  • extend application client config model for legal information link config (21d4874)
  • introduce crsDefinitions field on mapView config (7457fb7)

16.2.0 (2023-01-20)

Features

  • extend application client config model for legal information link config (21d4874)

16.1.1 (2023-01-18)

Bug Fixes

  • introduce custom date-time scalar for Instant serialization (1050d96)
  • link to original source (85cf9b2)
  • path to ignore DateTimeScalar from licence check (504a3c4)