The plugin center cache was not invalidated when the proxy configuration was changed in the global settings. This caused stale and inconsistent state to be displayed to the user while there was no feedback that something was wrong.
Cloning repositories with LFS data via ssh requires the creation of access tokens using a subject authenticated with an already scoped token (the first scoped token is created by the ssh lfs authentication command; with this token the further requests are issued which will create further tokens for the individual lfs download requests). This failed, because such a creation was rejected without further checks. Now we test, whether the requested scope is permitted by the current scope.
This adds the possibility to load files managed by lfs to the repository import of git repositories.
Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>
The pending queue is updated after all the plugins to be installed are collected, and then we already may have duplicate entries. Because of this we check right on the collecting step if the plugin was already added during this single action.
If a POST request is submitted to the rest api for repostory permissions, the regex validator ignores the name field if it is null, which leads to an internal server error and breaks any further attempts to interact with that repository. An additional not-null constraint resolves this problem.
This reduces the amount of lines logged with log level
'trace' from the DefaultRealm. This is done by concatenating
the single permissions and roles in a single line.
A log with the new layout looks something like this (the [...]
would list all further permissions in the real log output):
TRACE sonia.scm.security.DefaultRealm - authorization summary:
username : scmadmin
roles : user
scope :
permissions: repository:*:ChTG0dBeUH , group:autocomplete , repository:*:[...]
In contrast, with the old layout it looks like this:
TRACE sonia.scm.security.DefaultRealm - authorization summary:
username : scmadmin
roles :
- user
scope :
permissions:
- repository:*:ChTG0dBeUH
- group:autocomplete
- repository:*:5DTFWwBTiY
- repository:*:ASTGBIVz11D
- user:changeApiKeys:scmadmin
- user:changePassword:scmadmin
- user:changePublicKeys:scmadmin
- user:readAuthorizedKeys,writeAuthorizedKeys:scmadmin
- *
- user:read:scmadmin
- user:autocomplete
- repository:*:4rT7VPex5J
We stumbled upon errors accessing index from plugins which were not yet initialized. To prevent this errors we use our own No-Op IndexReader for missing indices.
After many days invested in making tailwind work in the SCM-Manager environment as well as a long discussion last week, we have decided not to move further with tailwind, but still keep adding new, independent modules for frontend components. Tailwind simply overcomplicated our build pipeline because bulma was already part of the api and the two were incompatible on several occasions. Styling will continue to be guided by bulma and all parts related to tailwind are removed. We therefore continue the trend of focusing on improving our existing stack rather than adding further complexity.
Adds a new button to repository settings to allow users to manually delete and re-create search indices. The actual re-indexing is happening in plugins that subscribe to the newly created event.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Introduce tailwind as new frontend styling library to replace bulma in the longer run. Also create the first new ui library `ui-buttons` which will be the new standard for buttons ins SCM-Manager. In this library we reconsidered which types of buttons should be used to create a clean and consistent ui.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Adds the CLI commands that are available to handle repository permissions on repositories for namespaces.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
First, we make "encryptPassword" in the PasswordService
idempotent, so that the method will not change the password
when the method is called with an already encrypted string.
Then, in the user manager, we will always call this method
to encrypt the password, if this is not already the case.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Passwords should be checked when created or changed in the frontend just as they are in the backend for REST and CLI.
Also extend the password validation to allow upto 1024 characters instead of 32.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Branches that have already been checked as valid should not be displayed as faulty on branch overview.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Adds a new initialization step after setting up the initial administration account that allows administrators to initialize the instance with a selection of plugin sets.
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: Matthias Thieroff <matthias.thieroff@cloudogu.com>
Unit tests which deal with translated text need to be specific about
the language the test should use. Otherwise system default gets used
which may lead to problems. Also line endings may be a problem on
different OS.
This fixes two of the above issues.
When a repository was exported synchronously with metadata,
the server ran into a NullPointerException. The was because
the resource tried to write an export result to a stored
export item, that does not exist for synchronous exports.
This simply removes this call.
The two BranchDetails resource endpoints were shown twice in the Rest Api documentation. Once each without path prefix.
This pr removes the duplicate endpoints.
Translate CLI parameter exceptions to german. We explictly do not translate the default english exceptions to custom ones since the default messages are more specific/helpful.
This limits the scope of all cli related classes, so that
they cannot be used outside of cli context and therefore
cannot confuse other developers.
Secondly, we rename RepositoryCommandDto to
RepositoryCommandBean, because we have no data transfers
here and the name might be confusing otherwise.
To make SCM-Manager more accessible and to make it easier using scripts against the server, we created a command line interface. This command line interface can be used to perform the default actions like create, modify and delete repositories. It is also very flexible and can be extended by plugins.
The CLI already supports internationalization, help texts, input validation, loose and table-like templates and nested subcommands. Check the cli guidelines to learn how add new cli commands.
Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
