From 98197c8829f216c641bb5700fcffd214e3193a6b Mon Sep 17 00:00:00 2001 From: DenisSinelnikov <142215442+DenisSinelnikov@users.noreply.github.com> Date: Tue, 24 Oct 2023 16:46:55 +0400 Subject: [PATCH 1/8] CB-4099. Create logic for save comfig and user for CB TE. (#2067) * CB-4099. Create logic for save comfig and user for CB TE. * CB-4099. Fixed checkstyle * CB-4099. Refactor after review --------- Co-authored-by: EvgeniaBzzz <139753579+EvgeniaBzzz@users.noreply.github.com> --- .../src/io/cloudbeaver/server/CBApplication.java | 6 +++--- .../src/io/cloudbeaver/server/CBApplicationCE.java | 5 ++--- .../cloudbeaver/service/admin/impl/WebServiceAdmin.java | 9 ++++++++- .../service/security/CBEmbeddedSecurityController.java | 3 +-- .../io/cloudbeaver/service/security/db/CBDatabase.java | 9 ++++----- 5 files changed, 18 insertions(+), 14 deletions(-) diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java index 946ba17e73..90b1b50d0f 100644 --- a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java +++ b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java @@ -16,6 +16,7 @@ */ package io.cloudbeaver.server; +import org.jkiss.dbeaver.model.auth.AuthInfo; import com.google.gson.Gson; import com.google.gson.GsonBuilder; import com.google.gson.InstanceCreator; @@ -24,7 +25,6 @@ import io.cloudbeaver.model.app.BaseWebApplication; import io.cloudbeaver.model.app.WebAuthApplication; import io.cloudbeaver.model.app.WebAuthConfiguration; -import io.cloudbeaver.model.session.WebAuthInfo; import io.cloudbeaver.registry.WebDriverRegistry; import io.cloudbeaver.registry.WebServiceRegistry; import io.cloudbeaver.server.jetty.CBJettyServer; @@ -825,7 +825,7 @@ public synchronized void finishConfiguration( @NotNull String newServerURL, @NotNull String adminName, @Nullable String adminPassword, - @NotNull List authInfoList, + @NotNull List authInfoList, long sessionExpireTime, @NotNull CBAppConfig appConfig, @Nullable SMCredentialsProvider credentialsProvider @@ -886,7 +886,7 @@ protected Map readRuntimeConfigurationProperties() throws DBExce protected abstract void finishSecurityServiceConfiguration( @NotNull String adminName, @Nullable String adminPassword, - @NotNull List authInfoList + @NotNull List authInfoList ) throws DBException; public synchronized void flushConfiguration(SMCredentialsProvider credentialsProvider) throws DBException { diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplicationCE.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplicationCE.java index 456970f70b..cfb125e488 100644 --- a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplicationCE.java +++ b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplicationCE.java @@ -16,9 +16,9 @@ */ package io.cloudbeaver.server; +import org.jkiss.dbeaver.model.auth.AuthInfo; import io.cloudbeaver.auth.NoAuthCredentialsProvider; import io.cloudbeaver.model.rm.local.LocalResourceController; -import io.cloudbeaver.model.session.WebAuthInfo; import io.cloudbeaver.service.security.CBEmbeddedSecurityController; import io.cloudbeaver.service.security.EmbeddedSecurityControllerFactory; import org.jkiss.code.NotNull; @@ -31,7 +31,6 @@ import org.jkiss.dbeaver.model.rm.RMController; import org.jkiss.dbeaver.model.security.SMAdminController; import org.jkiss.dbeaver.model.security.SMController; -import org.jkiss.dbeaver.registry.BasePlatformImpl; import org.jkiss.dbeaver.registry.LocalFileController; import org.jkiss.dbeaver.runtime.DBWorkbench; @@ -94,7 +93,7 @@ protected void shutdown() { protected void finishSecurityServiceConfiguration( @NotNull String adminName, @Nullable String adminPassword, - @NotNull List authInfoList + @NotNull List authInfoList ) throws DBException { if (securityController instanceof CBEmbeddedSecurityController) { ((CBEmbeddedSecurityController) securityController).finishConfiguration(adminName, adminPassword, authInfoList); diff --git a/server/bundles/io.cloudbeaver.service.admin/src/io/cloudbeaver/service/admin/impl/WebServiceAdmin.java b/server/bundles/io.cloudbeaver.service.admin/src/io/cloudbeaver/service/admin/impl/WebServiceAdmin.java index 9a903f9364..47df0055d1 100644 --- a/server/bundles/io.cloudbeaver.service.admin/src/io/cloudbeaver/service/admin/impl/WebServiceAdmin.java +++ b/server/bundles/io.cloudbeaver.service.admin/src/io/cloudbeaver/service/admin/impl/WebServiceAdmin.java @@ -40,6 +40,7 @@ import org.jkiss.dbeaver.model.DBPDataSourceContainer; import org.jkiss.dbeaver.model.app.DBPDataSourceRegistry; import org.jkiss.dbeaver.model.app.DBPProject; +import org.jkiss.dbeaver.model.auth.AuthInfo; import org.jkiss.dbeaver.model.navigator.DBNBrowseSettings; import org.jkiss.dbeaver.model.preferences.DBPPropertyDescriptor; import org.jkiss.dbeaver.model.security.*; @@ -514,6 +515,7 @@ public boolean configureServer(WebSession webSession, Map params adminName = curUser == null ? null : curUser.getUserId(); adminPassword = null; } + List authInfos = new ArrayList<>(); List authInfoList = webSession.getAllAuthInfo(); if (CommonUtils.isEmpty(adminName)) { // Try to get admin name from existing authentications (first one) @@ -524,6 +526,11 @@ public boolean configureServer(WebSession webSession, Map params if (CommonUtils.isEmpty(adminName)) { adminName = CBConstants.DEFAULT_ADMIN_NAME; } + for (WebAuthInfo webAuthInfo : authInfoList) { + authInfos.add(new AuthInfo( + webAuthInfo.getAuthProviderDescriptor().getId(), + webAuthInfo.getUserCredentials())); + } // Patch configuration by services for (DBWServiceServerConfigurator wsc : WebServiceRegistry.getInstance().getWebServices(DBWServiceServerConfigurator.class)) { @@ -541,7 +548,7 @@ public boolean configureServer(WebSession webSession, Map params serverURL, adminName, adminPassword, - authInfoList, + authInfos, sessionExpireTime, appConfig, webSession diff --git a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java index 0a06993d3d..8c9c332dd1 100644 --- a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java +++ b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java @@ -26,7 +26,6 @@ import io.cloudbeaver.model.app.WebAppConfiguration; import io.cloudbeaver.model.app.WebAuthApplication; import io.cloudbeaver.model.app.WebAuthConfiguration; -import io.cloudbeaver.model.session.WebAuthInfo; import io.cloudbeaver.registry.WebAuthProviderDescriptor; import io.cloudbeaver.registry.WebAuthProviderRegistry; import io.cloudbeaver.registry.WebMetaParametersRegistry; @@ -2625,7 +2624,7 @@ public void shutdown() { public void finishConfiguration( @NotNull String adminName, @Nullable String adminPassword, - @NotNull List authInfoList + @NotNull List authInfoList ) throws DBException { database.finishConfiguration(adminName, adminPassword, authInfoList); } diff --git a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java index 83607ab788..13475c8960 100644 --- a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java +++ b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java @@ -20,7 +20,6 @@ import com.google.gson.GsonBuilder; import io.cloudbeaver.auth.provider.local.LocalAuthProviderConstants; import io.cloudbeaver.model.app.WebApplication; -import io.cloudbeaver.model.session.WebAuthInfo; import io.cloudbeaver.registry.WebAuthProviderDescriptor; import io.cloudbeaver.registry.WebAuthProviderRegistry; import io.cloudbeaver.utils.WebAppUtils; @@ -32,6 +31,7 @@ import org.jkiss.dbeaver.DBException; import org.jkiss.dbeaver.Log; import org.jkiss.dbeaver.model.DBConstants; +import org.jkiss.dbeaver.model.auth.AuthInfo; import org.jkiss.dbeaver.model.connection.DBPDriver; import org.jkiss.dbeaver.model.impl.jdbc.JDBCUtils; import org.jkiss.dbeaver.model.impl.jdbc.exec.JDBCTransaction; @@ -246,7 +246,7 @@ protected PoolingDataSource initConnectionPool( public void finishConfiguration( @NotNull String adminName, @Nullable String adminPassword, - @NotNull List authInfoList + @NotNull List authInfoList ) throws DBException { if (!application.isConfigurationMode()) { throw new DBException("Database is already configured"); @@ -264,12 +264,11 @@ public void finishConfiguration( createAdminUser(adminName, adminPassword); // Associate all auth credentials with admin user - for (WebAuthInfo ai : authInfoList) { + for (AuthInfo ai : authInfoList) { if (!ai.getAuthProvider().equals(LocalAuthProviderConstants.PROVIDER_ID)) { - WebAuthProviderDescriptor authProvider = ai.getAuthProviderDescriptor(); Map userCredentials = ai.getUserCredentials(); if (!CommonUtils.isEmpty(userCredentials)) { - adminSecurityController.setUserCredentials(adminName, authProvider.getId(), userCredentials); + adminSecurityController.setUserCredentials(adminName, ai.getAuthProvider(), userCredentials); } } } From f67835d2d2de847be7450e72a9d1700a7584bff8 Mon Sep 17 00:00:00 2001 From: Ainur <59531286+yagudin10@users.noreply.github.com> Date: Tue, 24 Oct 2023 15:49:51 +0200 Subject: [PATCH 2/8] CB-2700 delimeter support (#2068) Co-authored-by: EvgeniaBzzz <139753579+EvgeniaBzzz@users.noreply.github.com> --- .../service/sql/WebSQLProcessor.java | 114 +++++++++--------- .../service/sql/WebSQLQueryDataContainer.java | 5 + 2 files changed, 64 insertions(+), 55 deletions(-) diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLProcessor.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLProcessor.java index 3ee8dffdd3..4b9dfc3b7e 100644 --- a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLProcessor.java +++ b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLProcessor.java @@ -43,9 +43,7 @@ import org.jkiss.dbeaver.model.navigator.DBNDatabaseItem; import org.jkiss.dbeaver.model.navigator.DBNNode; import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor; -import org.jkiss.dbeaver.model.sql.SQLQuery; -import org.jkiss.dbeaver.model.sql.SQLSyntaxManager; -import org.jkiss.dbeaver.model.sql.SQLUtils; +import org.jkiss.dbeaver.model.sql.*; import org.jkiss.dbeaver.model.sql.parser.SQLParserContext; import org.jkiss.dbeaver.model.sql.parser.SQLRuleManager; import org.jkiss.dbeaver.model.sql.parser.SQLScriptParser; @@ -173,7 +171,7 @@ public WebSQLExecuteInfo processQuery( long startTime = System.currentTimeMillis(); WebSQLExecuteInfo executeInfo = new WebSQLExecuteInfo(); - DBSDataContainer dataContainer = new WebSQLQueryDataContainer(connection.getDataSource(), sql); + var dataContainer = new WebSQLQueryDataContainer(connection.getDataSource(), sql); DBCExecutionContext context = getExecutionContext(dataContainer); @@ -198,63 +196,69 @@ public WebSQLExecuteInfo processQuery( ruleManager, document); - SQLQuery sqlQuery = (SQLQuery) SQLScriptParser.extractActiveQuery(parserContext, 0, sql.length()); - - DBExecUtils.tryExecuteRecover(monitor, connection.getDataSource(), param -> { - try (DBCSession session = context.openSession(monitor, resolveQueryPurpose(dataFilter), "Execute SQL")) { - AbstractExecutionSource source = new AbstractExecutionSource( - dataContainer, - session.getExecutionContext(), - WebSQLProcessor.this, - sqlQuery); - - try (DBCStatement dbStat = DBUtils.makeStatement( - source, - session, - DBCStatementType.SCRIPT, - sqlQuery, - webDataFilter.getOffset(), - webDataFilter.getLimit())) - { - SqlOutputLogReaderJob sqlOutputLogReaderJob = null; - if (readLogs) { - DBPDataSource dataSource = context.getDataSource(); - DBCServerOutputReader dbcServerOutputReader = DBUtils.getAdapter(DBCServerOutputReader.class, dataSource); - if (dbcServerOutputReader == null) { - dbcServerOutputReader = new DefaultServerOutputReader(); + SQLScriptElement element = SQLScriptParser.extractActiveQuery(parserContext, 0, sql.length()); + + if (element instanceof SQLControlCommand command) { + dataContainer.getScriptContext().executeControlCommand(command); + WebSQLQueryResults stats = new WebSQLQueryResults(webSession, dataFormat); + executeInfo.setResults(new WebSQLQueryResults[]{stats}); + } else if (element instanceof SQLQuery sqlQuery) { + DBExecUtils.tryExecuteRecover(monitor, connection.getDataSource(), param -> { + try (DBCSession session = context.openSession(monitor, resolveQueryPurpose(dataFilter), "Execute SQL")) { + AbstractExecutionSource source = new AbstractExecutionSource( + dataContainer, + session.getExecutionContext(), + WebSQLProcessor.this, + sqlQuery); + + try (DBCStatement dbStat = DBUtils.makeStatement( + source, + session, + DBCStatementType.SCRIPT, + sqlQuery, + webDataFilter.getOffset(), + webDataFilter.getLimit())) + { + SqlOutputLogReaderJob sqlOutputLogReaderJob = null; + if (readLogs) { + DBPDataSource dataSource = context.getDataSource(); + DBCServerOutputReader dbcServerOutputReader = DBUtils.getAdapter(DBCServerOutputReader.class, dataSource); + if (dbcServerOutputReader == null) { + dbcServerOutputReader = new DefaultServerOutputReader(); + } + sqlOutputLogReaderJob = new SqlOutputLogReaderJob( + webSession, context, dbStat, dbcServerOutputReader, contextInfo.getId()); + sqlOutputLogReaderJob.schedule(); } - sqlOutputLogReaderJob = new SqlOutputLogReaderJob( - webSession, context, dbStat, dbcServerOutputReader, contextInfo.getId()); - sqlOutputLogReaderJob.schedule(); - } - // Set query timeout - int queryTimeout = (int) session.getDataSource().getContainer().getPreferenceStore() - .getDouble(WebSQLConstants.QUOTA_PROP_SQL_QUERY_TIMEOUT); - if (queryTimeout <= 0) { - queryTimeout = CommonUtils.toInt( - getWebSession().getApplication().getAppConfiguration() - .getResourceQuota(WebSQLConstants.QUOTA_PROP_SQL_QUERY_TIMEOUT)); - } - if (queryTimeout > 0) { - try { - dbStat.setStatementTimeout(queryTimeout); - } catch (Throwable e) { - log.debug("Can't set statement timeout:" + e.getMessage()); + // Set query timeout + int queryTimeout = (int) session.getDataSource().getContainer().getPreferenceStore() + .getDouble(WebSQLConstants.QUOTA_PROP_SQL_QUERY_TIMEOUT); + if (queryTimeout <= 0) { + queryTimeout = CommonUtils.toInt( + getWebSession().getApplication().getAppConfiguration() + .getResourceQuota(WebSQLConstants.QUOTA_PROP_SQL_QUERY_TIMEOUT)); + } + if (queryTimeout > 0) { + try { + dbStat.setStatementTimeout(queryTimeout); + } catch (Throwable e) { + log.debug("Can't set statement timeout:" + e.getMessage()); + } } - } - boolean hasResultSet = dbStat.executeStatement(); + boolean hasResultSet = dbStat.executeStatement(); - // Wait SqlLogStateJob, if its starts - if (sqlOutputLogReaderJob != null) { - sqlOutputLogReaderJob.join(); + // Wait SqlLogStateJob, if its starts + if (sqlOutputLogReaderJob != null) { + sqlOutputLogReaderJob.join(); + } + fillQueryResults(contextInfo, dataContainer, dbStat, hasResultSet, executeInfo, webDataFilter, dataFilter, dataFormat); + } catch (DBException e) { + throw new InvocationTargetException(e); } - fillQueryResults(contextInfo, dataContainer, dbStat, hasResultSet, executeInfo, webDataFilter, dataFilter, dataFormat); - } catch (DBException e) { - throw new InvocationTargetException(e); } - } - }); + }); + } } catch (DBException e) { throw new DBWebException("Error executing query", e); } diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLQueryDataContainer.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLQueryDataContainer.java index c0e1c39136..0c86d13d4d 100644 --- a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLQueryDataContainer.java +++ b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/service/sql/WebSQLQueryDataContainer.java @@ -104,4 +104,9 @@ public DBCExecutionContext getExecutionContext() { return DBUtils.getDefaultContext(dataSource, false); } + @NotNull + public SQLScriptContext getScriptContext() { + return queryDataContainer.getScriptContext(); + } + } From 6c609d7f62337463a66a34e76dbcb57cb2190472 Mon Sep 17 00:00:00 2001 From: Ainur <59531286+yagudin10@users.noreply.github.com> Date: Tue, 24 Oct 2023 15:51:00 +0200 Subject: [PATCH 3/8] CB-4139 update clickhouse driver (#2070) Co-authored-by: Daria Marutkina <125263541+dariamarutkina@users.noreply.github.com> --- server/drivers/clickhouse_com/pom.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server/drivers/clickhouse_com/pom.xml b/server/drivers/clickhouse_com/pom.xml index c3d83b333d..62b70a3708 100644 --- a/server/drivers/clickhouse_com/pom.xml +++ b/server/drivers/clickhouse_com/pom.xml @@ -18,7 +18,8 @@ com.clickhouse clickhouse-jdbc - 0.3.2-patch7 + 0.4.6 + all From 97dc309bcb003a0a7a46eda724da64c85a1b6a35 Mon Sep 17 00:00:00 2001 From: alex <48489896+devnaumov@users.noreply.github.com> Date: Tue, 24 Oct 2023 17:10:45 +0200 Subject: [PATCH 4/8] CB-4022 make filter case insensitive (#2080) Co-authored-by: EvgeniaBzzz <139753579+EvgeniaBzzz@users.noreply.github.com> --- .../src/SqlResultTabs/OutputLogs/useOutputLogsPanelState.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/webapp/packages/plugin-sql-editor/src/SqlResultTabs/OutputLogs/useOutputLogsPanelState.ts b/webapp/packages/plugin-sql-editor/src/SqlResultTabs/OutputLogs/useOutputLogsPanelState.ts index f2cfa2e591..edd91716c7 100644 --- a/webapp/packages/plugin-sql-editor/src/SqlResultTabs/OutputLogs/useOutputLogsPanelState.ts +++ b/webapp/packages/plugin-sql-editor/src/SqlResultTabs/OutputLogs/useOutputLogsPanelState.ts @@ -38,9 +38,11 @@ export const useOutputLogsPanelState = (outputLogs: IOutputLog[], sqlEditorTabSt if (!selectedLogTypes.includes(log.severity)) { return false; } - if (this.searchValue.length > 0 && !log.message?.includes(this.searchValue)) { + + if (this.searchValue.length > 0 && !log.message.toLowerCase().includes(this.searchValue.toLowerCase())) { return false; } + return true; }); }, From d3cf9e393873cc6178d77b23c5038c2d228914f4 Mon Sep 17 00:00:00 2001 From: alex <48489896+devnaumov@users.noreply.github.com> Date: Tue, 24 Oct 2023 17:11:02 +0200 Subject: [PATCH 5/8] CB-4035 do not show confirm if it is only output tab (#2079) Co-authored-by: Daria Marutkina <125263541+dariamarutkina@users.noreply.github.com> --- .../packages/plugin-sql-editor/src/SqlEditor/useSqlEditor.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webapp/packages/plugin-sql-editor/src/SqlEditor/useSqlEditor.ts b/webapp/packages/plugin-sql-editor/src/SqlEditor/useSqlEditor.ts index 0e9eccaf61..19194d93bd 100644 --- a/webapp/packages/plugin-sql-editor/src/SqlEditor/useSqlEditor.ts +++ b/webapp/packages/plugin-sql-editor/src/SqlEditor/useSqlEditor.ts @@ -311,9 +311,9 @@ export function useSqlEditor(state: ISqlEditorTabState): ISQLEditorData { return; } - if (this.state.tabs.length) { - const processableTabs = this.state.tabs.filter(tab => tab.id !== OUTPUT_LOGS_TAB_ID); + const processableTabs = this.state.tabs.filter(tab => tab.id !== OUTPUT_LOGS_TAB_ID); + if (processableTabs.length > 0) { const result = await this.commonDialogService.open(ConfirmationDialog, { title: 'sql_editor_close_result_tabs_dialog_title', message: `Do you want to close ${processableTabs.length} tabs before executing script?`, From 390f53f36b64c2cf094863fd46ec1d793f80d986 Mon Sep 17 00:00:00 2001 From: Alexander Skoblikov Date: Tue, 24 Oct 2023 18:54:28 +0200 Subject: [PATCH 6/8] CB-4161 auth fix (#2084) * CB-4161 auth fix * CB-4161 validate custom config status --------- Co-authored-by: EvgeniaBzzz <139753579+EvgeniaBzzz@users.noreply.github.com> --- .../model/session/WebSessionAuthProcessor.java | 11 ----------- .../service/auth/impl/WebServiceAuthImpl.java | 5 +++++ .../security/CBEmbeddedSecurityController.java | 18 ++++++++++++++++-- 3 files changed, 21 insertions(+), 13 deletions(-) diff --git a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/model/session/WebSessionAuthProcessor.java b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/model/session/WebSessionAuthProcessor.java index e94167c33d..d08768b66f 100644 --- a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/model/session/WebSessionAuthProcessor.java +++ b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/model/session/WebSessionAuthProcessor.java @@ -17,7 +17,6 @@ package io.cloudbeaver.model.session; -import io.cloudbeaver.DBWConstants; import io.cloudbeaver.DBWUserIdentity; import io.cloudbeaver.DBWebException; import io.cloudbeaver.auth.SMAuthProviderExternal; @@ -38,7 +37,6 @@ import java.time.OffsetDateTime; import java.util.ArrayList; -import java.util.Collections; import java.util.List; import java.util.Map; @@ -114,15 +112,6 @@ private List finishWebSessionAuthorization(SMAuthInfo authInfo) thr SMAuthProviderExternal authProviderExternal = authProviderInstance instanceof SMAuthProviderExternal ? (SMAuthProviderExternal) authProviderInstance : null; - boolean providerDisabled = !isProviderEnabled(providerId); - if (configMode || webSession.hasPermission(DBWConstants.PERMISSION_ADMIN)) { - // 1. Admin can authorize in any providers - // 2. When it authorizes in non-local provider for the first time we force linkUser flag - if (providerDisabled && webSession.getUser() != null) { - linkWithActiveUser = true; - } - } - SMSession authSession; if (authProviderExternal != null && !configMode && !alreadyLoggedIn) { diff --git a/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/impl/WebServiceAuthImpl.java b/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/impl/WebServiceAuthImpl.java index 0fb04946ba..6496f65ec4 100644 --- a/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/impl/WebServiceAuthImpl.java +++ b/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/impl/WebServiceAuthImpl.java @@ -68,6 +68,11 @@ public WebAuthStatus authLogin( if (CommonUtils.isEmpty(providerId)) { throw new DBWebException("Missing auth provider parameter"); } + WebAuthProviderDescriptor authProviderDescriptor = WebAuthProviderRegistry.getInstance() + .getAuthProvider(providerId); + if (authProviderDescriptor.isTrusted()) { + throw new DBWebException(authProviderDescriptor.getLabel() + " not allowed for authorization via GQL API"); + } if (authParameters == null) { authParameters = Map.of(); } diff --git a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java index 8c9c332dd1..5e53e4c5df 100644 --- a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java +++ b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java @@ -1241,6 +1241,9 @@ private String createSmSession( @Override public SMAuthInfo authenticateAnonymousUser(@NotNull String appSessionId, @NotNull Map sessionParameters, @NotNull SMSessionType sessionType) throws DBException { + if (!application.getAppConfiguration().isAnonymousAccessEnabled()) { + throw new SMException("Anonymous access restricted"); + } try (Connection dbCon = database.openConnection()) { try (JDBCTransaction txn = new JDBCTransaction(dbCon)) { var smSessionId = createSmSession(appSessionId, null, sessionParameters, sessionType, dbCon); @@ -1276,6 +1279,9 @@ public SMAuthInfo authenticate( @Nullable String authProviderConfigurationId, @NotNull Map userCredentials ) throws DBException { + if (isProviderDisabled(authProviderId, authProviderConfigurationId)) { + throw new SMException("Unsupported authentication provider: " + authProviderId); + } var authProgressMonitor = new LoggingProgressMonitor(log); try (Connection dbCon = database.openConnection()) { try (JDBCTransaction txn = new JDBCTransaction(dbCon)) { @@ -2726,9 +2732,17 @@ private String getUserIdOrNull() { return activeUserCredentials.getUserId(); } - private boolean isProviderEnabled(@NotNull String providerId) { + private boolean isProviderDisabled(@NotNull String providerId, @Nullable String authConfigurationId) { WebAuthConfiguration appConfiguration = application.getAuthConfiguration(); - return appConfiguration.isAuthProviderEnabled(providerId); + if (!appConfiguration.isAuthProviderEnabled(providerId)) { + return true; + } + if (authConfigurationId != null) { + SMAuthProviderCustomConfiguration configuration = + appConfiguration.getAuthProviderConfiguration(authConfigurationId); + return configuration == null || configuration.isDisabled(); + } + return false; } public void clearOldAuthAttemptInfo() throws DBException { From df9de51bda87a4ff02e70673d82d47ec40b1034a Mon Sep 17 00:00:00 2001 From: alex <48489896+devnaumov@users.noreply.github.com> Date: Wed, 25 Oct 2023 12:34:59 +0200 Subject: [PATCH 7/8] CB-4128 review fixes (#2082) * CB-4128 review fixes * CB-4128 declare styles once --------- Co-authored-by: Daria Marutkina <125263541+dariamarutkina@users.noreply.github.com> --- .../CommonDialog/CommonDialog/CommonDialogWrapper.m.css | 4 ++++ .../src/CommonDialog/CommonDialog/CommonDialogWrapper.tsx | 8 ++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.m.css b/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.m.css index 9cfc79c109..de8c1dcc8b 100644 --- a/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.m.css +++ b/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.m.css @@ -57,6 +57,10 @@ width: 720px; } } + + &.freeHeight { + min-height: unset; + } } .loader { diff --git a/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.tsx b/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.tsx index 0417046710..3b24f96e03 100644 --- a/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.tsx +++ b/webapp/packages/core-blocks/src/CommonDialog/CommonDialog/CommonDialogWrapper.tsx @@ -22,13 +22,17 @@ export interface CommonDialogWrapperProps { 'aria-label'?: string; fixedSize?: boolean; fixedWidth?: boolean; + freeHeight?: boolean; className?: string; children?: React.ReactNode; style?: ComponentStyle; } export const CommonDialogWrapper = observer( - forwardRef(function CommonDialogWrapper({ size = 'medium', fixedSize, fixedWidth, 'aria-label': ariaLabel, className, children, style }, ref) { + forwardRef(function CommonDialogWrapper( + { size = 'medium', fixedSize, fixedWidth, freeHeight, 'aria-label': ariaLabel, className, children, style }, + ref, + ) { const computedStyles = useS(styles, style); const context = useContext(DialogContext); const dialogState = useDialogState({ visible: true }); @@ -52,7 +56,7 @@ export const CommonDialogWrapper = observer From 72b3838fa9160c01720867f537dab435a3b3f06e Mon Sep 17 00:00:00 2001 From: Alexander Skoblikov Date: Wed, 25 Oct 2023 14:41:47 +0200 Subject: [PATCH 8/8] fix package folders (#2083) --- .../cloudbeaver/slf4j}/CloudBeaverLogServiceProvider.java | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename server/bundles/io.cloudbeaver.slf4j/src/{io.cloudbeaver.slf4j => io/cloudbeaver/slf4j}/CloudBeaverLogServiceProvider.java (100%) diff --git a/server/bundles/io.cloudbeaver.slf4j/src/io.cloudbeaver.slf4j/CloudBeaverLogServiceProvider.java b/server/bundles/io.cloudbeaver.slf4j/src/io/cloudbeaver/slf4j/CloudBeaverLogServiceProvider.java similarity index 100% rename from server/bundles/io.cloudbeaver.slf4j/src/io.cloudbeaver.slf4j/CloudBeaverLogServiceProvider.java rename to server/bundles/io.cloudbeaver.slf4j/src/io/cloudbeaver/slf4j/CloudBeaverLogServiceProvider.java