From 92ee21d1366e183d9feaf24745c95c092efdf7a8 Mon Sep 17 00:00:00 2001 From: DenisSinelnikov <142215442+DenisSinelnikov@users.noreply.github.com> Date: Fri, 27 Dec 2024 20:52:10 +0400 Subject: [PATCH 1/2] CB-5609. Added validate name for renaming s3 files (#3163) * CB-5609. Added validate name for renaming s3 files * CB-5609. Refactor after review * CB-5609. Refactor after review * CB-5609. Refactor after review * CB-5609. Remove symbol --------- Co-authored-by: Daria Marutkina <125263541+dariamarutkina@users.noreply.github.com> --- .../cloudbeaver/service/fs/impl/WebServiceFS.java | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/server/bundles/io.cloudbeaver.service.fs/src/io/cloudbeaver/service/fs/impl/WebServiceFS.java b/server/bundles/io.cloudbeaver.service.fs/src/io/cloudbeaver/service/fs/impl/WebServiceFS.java index 187184c780..6dd3d2dcaa 100644 --- a/server/bundles/io.cloudbeaver.service.fs/src/io/cloudbeaver/service/fs/impl/WebServiceFS.java +++ b/server/bundles/io.cloudbeaver.service.fs/src/io/cloudbeaver/service/fs/impl/WebServiceFS.java @@ -36,12 +36,16 @@ import java.nio.file.Path; import java.text.MessageFormat; import java.util.Arrays; +import java.util.regex.Matcher; +import java.util.regex.Pattern; /** * Web file system implementation */ public class WebServiceFS implements DBWServiceFS { + private static final Pattern FORBIDDEN_FILENAME_PATTERN = Pattern.compile("[%#:;№$]"); + @NotNull @Override public FSFileSystem[] getAvailableFileSystems(@NotNull WebSession webSession, @NotNull String projectId) @@ -208,6 +212,7 @@ public FSFile renameFile( @NotNull String nodePath, @NotNull String newName ) throws DBWebException { + validateFilename(newName); try { DBNPathBase node = FSUtils.getNodeByPath(webSession, nodePath); node.rename(webSession.getProgressMonitor(), newName); @@ -276,4 +281,12 @@ public boolean deleteFile( throw new DBWebException("Failed to create folder: " + e.getMessage(), e); } } + + private void validateFilename(@NotNull String filename) throws DBWebException { + Matcher matcher = FORBIDDEN_FILENAME_PATTERN.matcher(filename); + + if (matcher.find()) { + throw new DBWebException(String.format("File %s contains forbidden symbols", filename)); + } + } } From ca83a1f1672ea0dc2133b3db7d580d855cb50d47 Mon Sep 17 00:00:00 2001 From: Ainur <59531286+yagudin10@users.noreply.github.com> Date: Fri, 27 Dec 2024 18:58:15 +0200 Subject: [PATCH 2/2] CB-5734 return template configuration for auth provider (#3162) * CB-5734 return template configuration for auth provider * CB-5734 feat: fetch templateConfiguration --------- Co-authored-by: Sychev Andrey <44414066+SychevAndrey@users.noreply.github.com> Co-authored-by: Andrey Sychev Co-authored-by: Evgenia <139753579+EvgeniaBzzz@users.noreply.github.com> --- .../auth/SMAuthProviderFederated.java | 2 +- .../WebAuthProviderConfiguration.java | 24 ++++++++++++------- .../schema/service.auth.graphqls | 2 ++ .../auth/model/user/WebAuthProviderInfo.java | 14 ++++++----- .../CBEmbeddedSecurityController.java | 2 +- .../queries/fragments/AuthProviderInfo.gql | 8 +++++++ 6 files changed, 35 insertions(+), 17 deletions(-) diff --git a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/auth/SMAuthProviderFederated.java b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/auth/SMAuthProviderFederated.java index 6fd0ead93f..3193905e12 100644 --- a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/auth/SMAuthProviderFederated.java +++ b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/auth/SMAuthProviderFederated.java @@ -30,7 +30,7 @@ public interface SMAuthProviderFederated extends SMSignOutLinkProvider { @NotNull - String getSignInLink(String id, @NotNull Map providerConfig) throws DBException; + String getSignInLink(String id) throws DBException; @Override default String getUserSignOutLink( diff --git a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/registry/WebAuthProviderConfiguration.java b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/registry/WebAuthProviderConfiguration.java index d99352ea22..4a5ec8da69 100644 --- a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/registry/WebAuthProviderConfiguration.java +++ b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/registry/WebAuthProviderConfiguration.java @@ -74,8 +74,8 @@ public Map getParameters() { @Property public String getSignInLink() throws DBException { SMAuthProvider instance = providerDescriptor.getInstance(); - return instance instanceof SMAuthProviderFederated ? - buildRedirectUrl(((SMAuthProviderFederated) instance).getSignInLink(getId(), config.getParameters())) + return instance instanceof SMAuthProviderFederated smAuthProviderFederated ? + buildRedirectUrl(smAuthProviderFederated.getSignInLink(getId())) : null; } @@ -86,34 +86,40 @@ private String buildRedirectUrl(String baseUrl) { @Property public String getSignOutLink() throws DBException { SMAuthProvider instance = providerDescriptor.getInstance(); - return instance instanceof SMSignOutLinkProvider - ? ((SMSignOutLinkProvider) instance).getCommonSignOutLink(getId(), config.getParameters()) + return instance instanceof SMSignOutLinkProvider smSignOutLinkProvider + ? smSignOutLinkProvider.getCommonSignOutLink(getId(), config.getParameters()) : null; } @Property public String getRedirectLink() throws DBException { SMAuthProvider instance = providerDescriptor.getInstance(); - return instance instanceof SMAuthProviderFederated ? ((SMAuthProviderFederated) instance).getRedirectLink(getId(), config.getParameters()) : null; + return instance instanceof SMAuthProviderFederated smAuthProviderFederated + ? smAuthProviderFederated.getRedirectLink(getId(), config.getParameters()) + : null; } @Property public String getMetadataLink() throws DBException { SMAuthProvider instance = providerDescriptor.getInstance(); - return instance instanceof SMAuthProviderFederated ? ((SMAuthProviderFederated) instance).getMetadataLink(getId(), config.getParameters()) : null; + return instance instanceof SMAuthProviderFederated smAuthProviderFederated + ? smAuthProviderFederated.getMetadataLink(getId(), config.getParameters()) + : null; } @Property public String getAcsLink() throws DBException { SMAuthProvider instance = providerDescriptor.getInstance(); - return instance instanceof SMAuthProviderFederated ? ((SMAuthProviderFederated) instance).getAcsLink(getId(), config.getParameters()) : null; + return instance instanceof SMAuthProviderFederated smAuthProviderFederated + ? smAuthProviderFederated.getAcsLink(getId(), config.getParameters()) + : null; } @Property public String getEntityIdLink() throws DBException { SMAuthProvider instance = providerDescriptor.getInstance(); - return instance instanceof SMAuthProviderFederated - ? ((SMAuthProviderFederated) instance).getEntityIdLink(getId(), config.getParameters()) + return instance instanceof SMAuthProviderFederated smAuthProviderFederated + ? smAuthProviderFederated.getEntityIdLink(getId(), config.getParameters()) : null; } diff --git a/server/bundles/io.cloudbeaver.service.auth/schema/service.auth.graphqls b/server/bundles/io.cloudbeaver.service.auth/schema/service.auth.graphqls index 3e8078ab1c..6f718022fc 100644 --- a/server/bundles/io.cloudbeaver.service.auth/schema/service.auth.graphqls +++ b/server/bundles/io.cloudbeaver.service.auth/schema/service.auth.graphqls @@ -72,6 +72,8 @@ type AuthProviderInfo { # Provider configurations (applicable only if configurable=true) configurations: [AuthProviderConfiguration!] + templateConfiguration: AuthProviderConfiguration! @since(version: "24.1.2") + credentialProfiles: [AuthProviderCredentialsProfile!]! requiredFeatures: [String!]! diff --git a/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/model/user/WebAuthProviderInfo.java b/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/model/user/WebAuthProviderInfo.java index 7919d5b7b1..9b7a617075 100644 --- a/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/model/user/WebAuthProviderInfo.java +++ b/server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/model/user/WebAuthProviderInfo.java @@ -20,11 +20,11 @@ import io.cloudbeaver.auth.SMAuthProviderFederated; import io.cloudbeaver.auth.provisioning.SMProvisioner; import io.cloudbeaver.model.app.ServletAuthConfiguration; -import io.cloudbeaver.model.session.WebSession; import io.cloudbeaver.registry.WebAuthProviderConfiguration; import io.cloudbeaver.registry.WebAuthProviderDescriptor; import io.cloudbeaver.server.CBApplication; import io.cloudbeaver.server.WebAppUtils; +import org.jkiss.code.NotNull; import org.jkiss.dbeaver.Log; import org.jkiss.dbeaver.model.security.SMAuthCredentialsProfile; import org.jkiss.dbeaver.model.security.SMAuthProviderCustomConfiguration; @@ -38,17 +38,15 @@ public class WebAuthProviderInfo { private static final Log log = Log.getLog(WebAuthProviderInfo.class); + private static final SMAuthProviderCustomConfiguration TEMPLATE_CONFIG = new SMAuthProviderCustomConfiguration("{configuration_id}"); + @NotNull private final WebAuthProviderDescriptor descriptor; - public WebAuthProviderInfo(WebAuthProviderDescriptor descriptor) { + public WebAuthProviderInfo(@NotNull WebAuthProviderDescriptor descriptor) { this.descriptor = descriptor; } - WebAuthProviderDescriptor getDescriptor() { - return descriptor; - } - public String getId() { return descriptor.getId(); } @@ -126,6 +124,10 @@ public String[] getRequiredFeatures() { return rf == null ? new String[0] : rf; } + public WebAuthProviderConfiguration getTemplateConfiguration() { + return new WebAuthProviderConfiguration(descriptor, TEMPLATE_CONFIG); + } + @Override public String toString() { return getLabel(); diff --git a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java index b96bf96a45..189f429c8c 100644 --- a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java +++ b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java @@ -1607,7 +1607,7 @@ public SMAuthInfo authenticate( if (SMAuthProviderFederated.class.isAssignableFrom(authProviderInstance.getClass())) { //async auth var authProviderFederated = (SMAuthProviderFederated) authProviderInstance; - String signInLink = buildRedirectLink(authProviderFederated.getSignInLink(authProviderConfigurationId, Map.of()), + String signInLink = buildRedirectLink(authProviderFederated.getSignInLink(authProviderConfigurationId), authAttemptId); String signOutLink = authProviderFederated.getCommonSignOutLink(authProviderConfigurationId, providerConfig.getParameters()); diff --git a/webapp/packages/core-sdk/src/queries/fragments/AuthProviderInfo.gql b/webapp/packages/core-sdk/src/queries/fragments/AuthProviderInfo.gql index e678767a95..6e9270fb2f 100644 --- a/webapp/packages/core-sdk/src/queries/fragments/AuthProviderInfo.gql +++ b/webapp/packages/core-sdk/src/queries/fragments/AuthProviderInfo.gql @@ -9,6 +9,14 @@ fragment AuthProviderInfo on AuthProviderInfo { supportProvisioning required authHidden + templateConfiguration { + id + signInLink + signOutLink + metadataLink + acsLink + entityIdLink + } #configurationParameters { # id