From d559376339e1c09c4e6f3f6fd9f570e71a78f2cc Mon Sep 17 00:00:00 2001 From: Joris Borgdorff Date: Wed, 19 Jan 2022 15:07:36 +0100 Subject: [PATCH] Fix dependencies, migrated H2 to HSQLDB H2 2.x is not compatible with 1.4.x, but 1.4.x has some vulnerabilities. It's easier to migrate to HSQLDB altogether. The H2 console is removed because HSQLDB does not have a console. --- build.gradle | 2 +- gradle.properties | 1 + proxy.conf.json | 3 +-- .../config/DatabaseConfiguration.java | 15 --------------- .../config/SecurityConfiguration.java | 1 - .../management/config/WebConfigurer.java | 17 ----------------- src/main/resources/.h2.server.properties | 6 ------ src/main/resources/config/application-dev.yml | 9 ++++----- src/main/resources/config/application.yml | 2 ++ .../changelog/00000000000000_initial_schema.xml | 4 ++-- .../00000000000001_added_entity_Project.xml | 4 ++-- .../00000000000002_added_entity_Source.xml | 6 +++--- .../00000000000003_added_entity_SourceType.xml | 4 ++-- .../00000000000004_added_entity_SourceData.xml | 4 ++-- .../00000000000005_added_entity_Role.xml | 4 ++-- .../00000000000006_added_entity_Subject.xml | 4 ++-- ...00000000007_added_source_metadata_entity.xml | 4 ++-- ...0000000008_added_subject_metadata_entity.xml | 4 ++-- ...0000000009_added_project_metadata_entity.xml | 4 ++-- .../20180313103735_enable_envers_revisions.xml | 10 ++++++++-- .../changelog/20210920101000_add_groups.xml | 2 +- .../changelog/20211026_extra_demo_data.xml | 13 ++++++------- .../config/liquibase/organization_roles.csv | 2 +- .../config/liquibase/organization_user.csv | 2 +- .../app/layouts/navbar/navbar.component.html | 7 ------- src/test/resources/config/application.yml | 8 +++++--- 26 files changed, 52 insertions(+), 90 deletions(-) delete mode 100644 src/main/resources/.h2.server.properties diff --git a/build.gradle b/build.gradle index 4c692b7ff..1dbc0faf9 100644 --- a/build.gradle +++ b/build.gradle @@ -188,7 +188,7 @@ dependencies { implementation "org.hibernate:hibernate-validator:7.0.1.Final" implementation "org.postgresql:postgresql:${postgresql_version}" - implementation "com.h2database:h2" + implementation "org.hsqldb:hsqldb:${hsqldb_version}" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.security:spring-security-data" diff --git a/gradle.properties b/gradle.properties index 42b8b4c31..6d311b7e2 100644 --- a/gradle.properties +++ b/gradle.properties @@ -26,6 +26,7 @@ logback_version=1.2.10 oauth_jwt_version=3.18.3 junit_version=5.8.2 okhttp_version=4.9.3 +hsqldb_version=2.6.1 kotlin.code.style=official org.gradle.vfs.watch=true diff --git a/proxy.conf.json b/proxy.conf.json index 95f474bb4..e4cb46524 100644 --- a/proxy.conf.json +++ b/proxy.conf.json @@ -6,8 +6,7 @@ "/management", "/api-docs", "/swagger-ui.html", - "/swagger-ui", - "/h2-console" + "/swagger-ui" ], "target": "http://127.0.0.1:8080", "secure": false diff --git a/src/main/java/org/radarbase/management/config/DatabaseConfiguration.java b/src/main/java/org/radarbase/management/config/DatabaseConfiguration.java index 1a8de0e9e..971954b6f 100644 --- a/src/main/java/org/radarbase/management/config/DatabaseConfiguration.java +++ b/src/main/java/org/radarbase/management/config/DatabaseConfiguration.java @@ -2,14 +2,12 @@ import com.fasterxml.jackson.datatype.hibernate5.Hibernate5Module; import liquibase.integration.spring.SpringLiquibase; -import org.h2.tools.Server; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.liquibase.LiquibaseProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; import org.springframework.core.env.Environment; import org.springframework.core.env.Profiles; import org.springframework.data.envers.repository.support.EnversRevisionRepositoryFactoryBean; @@ -19,7 +17,6 @@ import tech.jhipster.config.JHipsterConstants; import javax.sql.DataSource; -import java.sql.SQLException; @Configuration @EnableJpaRepositories(basePackages = "org.radarbase.management.repository", @@ -33,18 +30,6 @@ public class DatabaseConfiguration { @Autowired private Environment env; - /** - * Open the TCP port for the H2 database, so it is available remotely. - * - * @return the H2 database TCP server - * @throws SQLException if the server failed to start - */ - @Bean(initMethod = "start", destroyMethod = "stop") - @Profile(JHipsterConstants.SPRING_PROFILE_DEVELOPMENT) - public Server h2TCPServer() throws SQLException { - return Server.createTcpServer("-tcp", "-tcpAllowOthers"); - } - @Bean public SpringLiquibase liquibase(DataSource dataSource, LiquibaseProperties liquibaseProperties) { diff --git a/src/main/java/org/radarbase/management/config/SecurityConfiguration.java b/src/main/java/org/radarbase/management/config/SecurityConfiguration.java index 058d76dab..4ed1e7176 100644 --- a/src/main/java/org/radarbase/management/config/SecurityConfiguration.java +++ b/src/main/java/org/radarbase/management/config/SecurityConfiguration.java @@ -99,7 +99,6 @@ public void configure(WebSecurity web) { .antMatchers("/api/account/reset_password/init") .antMatchers("/api/account/reset_password/finish") .antMatchers("/test/**") - .antMatchers("/h2-console/**") .antMatchers("/management/health") .antMatchers(HttpMethod.GET, "/api/meta-token/**"); } diff --git a/src/main/java/org/radarbase/management/config/WebConfigurer.java b/src/main/java/org/radarbase/management/config/WebConfigurer.java index 22fa5683f..38a5f4bfa 100644 --- a/src/main/java/org/radarbase/management/config/WebConfigurer.java +++ b/src/main/java/org/radarbase/management/config/WebConfigurer.java @@ -23,7 +23,6 @@ import javax.servlet.DispatcherType; import javax.servlet.FilterRegistration; import javax.servlet.ServletContext; -import javax.servlet.ServletRegistration; import java.io.File; import java.nio.file.Paths; import java.util.Arrays; @@ -55,9 +54,6 @@ public void onStartup(ServletContext servletContext) { .of(DispatcherType.REQUEST, DispatcherType.FORWARD, DispatcherType.ASYNC); initCachingHttpHeadersFilter(servletContext, disps); } - if (env.acceptsProfiles(Profiles.of(JHipsterConstants.SPRING_PROFILE_DEVELOPMENT))) { - initH2Console(servletContext); - } log.info("Web application fully configured"); } @@ -132,17 +128,4 @@ public CorsFilter corsFilter() { public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } - - /** - * Initializes H2 console. - */ - private void initH2Console(ServletContext servletContext) { - log.debug("Initialize H2 console"); - ServletRegistration.Dynamic h2ConsoleServlet = servletContext - .addServlet("H2Console", new org.h2.server.web.WebServlet()); - h2ConsoleServlet.addMapping("/h2-console/*"); - h2ConsoleServlet.setInitParameter("-properties", "src/main/resources/"); - h2ConsoleServlet.setLoadOnStartup(1); - } - } diff --git a/src/main/resources/.h2.server.properties b/src/main/resources/.h2.server.properties deleted file mode 100644 index ff7b967a8..000000000 --- a/src/main/resources/.h2.server.properties +++ /dev/null @@ -1,6 +0,0 @@ -#H2 Server Properties -#Thu Oct 21 09:11:42 CEST 2021 -0=JHipster H2 (Memory)|org.h2.Driver|jdbc\:h2\:mem\:managementportal|ManagementPortal -webSSL=false -webAllowOthers=true -webPort=8082 diff --git a/src/main/resources/config/application-dev.yml b/src/main/resources/config/application-dev.yml index 91fade117..50b2e4684 100644 --- a/src/main/resources/config/application-dev.yml +++ b/src/main/resources/config/application-dev.yml @@ -23,16 +23,15 @@ spring: jackson: serialization.indent_output: true datasource: - url: jdbc:h2:mem:managementportal;DB_CLOSE_DELAY=-1 + url: jdbc:hsqldb:mem:managementportal;DB_CLOSE_DELAY=-1 username: ManagementPortal password: h2: console: - enabled: true - path: /h2-console + enabled: false jpa: - database-platform: org.hibernate.dialect.H2Dialect - database: H2 + database-platform: org.hibernate.dialect.HSQLDialect + database: HSQL show-sql: true properties: hibernate.id.new_generator_mappings: true diff --git a/src/main/resources/config/application.yml b/src/main/resources/config/application.yml index fbdf04531..c751266d0 100644 --- a/src/main/resources/config/application.yml +++ b/src/main/resources/config/application.yml @@ -74,6 +74,8 @@ spring: jdbc: lob: non_contextual_creation: true + main: + allow-circular-references: true messages: basename: i18n/messages thymeleaf: diff --git a/src/main/resources/config/liquibase/changelog/00000000000000_initial_schema.xml b/src/main/resources/config/liquibase/changelog/00000000000000_initial_schema.xml index 78c7a9f86..a5a5822bb 100644 --- a/src/main/resources/config/liquibase/changelog/00000000000000_initial_schema.xml +++ b/src/main/resources/config/liquibase/changelog/00000000000000_initial_schema.xml @@ -6,11 +6,11 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.4.xsd http://www.liquibase.org/xml/ns/dbchangelog-ext http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd"> - + - + diff --git a/src/main/resources/config/liquibase/changelog/20210920101000_add_groups.xml b/src/main/resources/config/liquibase/changelog/20210920101000_add_groups.xml index 4fbe5b480..82c8aa875 100644 --- a/src/main/resources/config/liquibase/changelog/20210920101000_add_groups.xml +++ b/src/main/resources/config/liquibase/changelog/20210920101000_add_groups.xml @@ -17,7 +17,7 @@ http://www.liquibase.org/xml/ns/dbchangelog-ext https://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd"> - + + xmlns="http://www.liquibase.org/xml/ns/dbchangelog" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog https://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.7.xsd"> - -
  • - - - - -
  • diff --git a/src/test/resources/config/application.yml b/src/test/resources/config/application.yml index fc702c0af..c24c09b6c 100644 --- a/src/test/resources/config/application.yml +++ b/src/test/resources/config/application.yml @@ -28,13 +28,13 @@ spring: type: none datasource: type: com.zaxxer.hikari.HikariDataSource - url: jdbc:h2:mem:ManagementPortal;DB_CLOSE_DELAY=-1 + url: jdbc:hsqldb:mem:ManagementPortal;DB_CLOSE_DELAY=-1 name: username: password: jpa: - database-platform: org.hibernate.dialect.H2Dialect - database: H2 + database-platform: org.hibernate.dialect.HSQLDialect + database: HSQL open-in-view: false show-sql: false hibernate: @@ -56,6 +56,8 @@ spring: track_entities_changed_in_revision: true mail: host: localhost + main: + allow-circular-references: true messages: basename: i18n/messages thymeleaf: