Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CB-5738 api for tokens #3023

Merged
merged 23 commits into from
Nov 5, 2024
Merged

CB-5738 api for tokens #3023

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
d4d2953
CB-5738 api for tokens
yagudin10 Oct 23, 2024
64dede9
Merge branch 'devel' into CB-5738-te-support-user-access-token
sergeyteleshev Oct 24, 2024
4c0966d
CB-5738 add token auth provider
yagudin10 Oct 24, 2024
f736def
CB-5738 fixes after review
yagudin10 Oct 24, 2024
87068d7
Merge branch 'devel' into CB-5738-te-support-user-access-token
sergeyteleshev Oct 24, 2024
afa9c8f
Merge branch 'devel' into CB-5738-te-support-user-access-token
sergeyteleshev Oct 24, 2024
1410dfc
CB-5738 move logic to ee
yagudin10 Oct 24, 2024
bfa1190
Merge remote-tracking branch 'origin/CB-5738-te-support-user-access-t…
yagudin10 Oct 24, 2024
db96680
CB-5738 adds boilerplate logic for user API tokens
sergeyteleshev Oct 24, 2024
f593054
Merge branch 'devel' into CB-5738-te-support-user-access-token
sergeyteleshev Oct 25, 2024
01ebb3e
CB-5738 if nothing is changed in password form - do nothing during fo…
sergeyteleshev Oct 25, 2024
5094c66
CB-5738 redesigns use api token feature
sergeyteleshev Oct 26, 2024
3cb9f8d
CB-5738 allows to use feature only for admin and developer roles
sergeyteleshev Oct 26, 2024
4cb4d6f
CB-5738 cleanup
sergeyteleshev Oct 26, 2024
3c69ad0
CB-5738 fixes after review
yagudin10 Oct 28, 2024
854484f
CB-5738 thread fixes
sergeyteleshev Oct 28, 2024
2090e83
CB-5738 reverts exception delete on reset
sergeyteleshev Oct 29, 2024
dc902ab
Merge branch 'devel' into CB-5738-te-support-user-access-token
EvgeniaBzzz Oct 29, 2024
342c3ee
CB-5738 add auth hidden param to auth provider
yagudin10 Oct 29, 2024
cfa093c
CB-5738 adds authHidden prop + changes text for create
sergeyteleshev Oct 29, 2024
801f8a3
Merge branch 'devel' into CB-5738-te-support-user-access-token
sergeyteleshev Oct 29, 2024
7d544f9
Merge branch 'devel' into CB-5738-te-support-user-access-token
sergeyteleshev Oct 30, 2024
153e723
Merge branch 'devel' into CB-5738-te-support-user-access-token
alexander-skoblikov Nov 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions ...r/bundles/io.cloudbeaver.model/src/io/cloudbeaver/registry/WebAuthProviderDescriptor.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ public class WebAuthProviderDescriptor extends AbstractDescriptor {
private final boolean configurable;
private final boolean trusted;
private final boolean isPrivate;
private final boolean isAuthHidden;
private final String[] requiredFeatures;
private final boolean isRequired;
private final String[] types;
Expand All @@ -67,6 +68,7 @@ public WebAuthProviderDescriptor(IConfigurationElement cfg) {
this.trusted = CommonUtils.toBoolean(cfg.getAttribute("trusted"));
this.isPrivate = CommonUtils.toBoolean(cfg.getAttribute("private"));
this.isRequired = CommonUtils.toBoolean(cfg.getAttribute("required"));
this.isAuthHidden = CommonUtils.toBoolean(cfg.getAttribute("authHidden"));

for (IConfigurationElement cfgElement : cfg.getChildren("configuration")) {
List<WebAuthProviderProperty> properties = WebAuthProviderRegistry.readProperties(cfgElement);
Expand Down Expand Up @@ -126,6 +128,10 @@ public boolean isRequired() {
return isRequired;
}

public boolean isAuthHidden() {
return isAuthHidden;
}

public List<WebAuthProviderProperty> getConfigurationParameters() {
return new ArrayList<>(configurationParameters.values());
}
Expand Down
1 change: 1 addition & 0 deletions server/bundles/io.cloudbeaver.server/schema/schema.graphqls
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
scalar Object
# Date/Time
scalar DateTime
scalar Date

input PageInput {
limit: Int
Expand Down
5 changes: 5 additions & 0 deletions server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/model/user/WebAuthProviderInfo.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,12 @@
public boolean isRequired() {
return descriptor.isRequired();
}

public boolean isAuthHidden() {
return descriptor.isAuthHidden();
}

public boolean isAuthRoleProvided(SMAuthProviderCustomConfiguration configuration) {

Check warning on line 98 in server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/model/user/WebAuthProviderInfo.java

View workflow job for this annotation

GitHub Actions / Server / Lint 

[checkstyle] reported by reviewdog 🐶
Missing a Javadoc comment.

Raw Output:
/github/workspace/./server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/model/user/WebAuthProviderInfo.java:98:5: warning: Missing a Javadoc comment. (com.puppycrawl.tools.checkstyle.checks.javadoc.MissingJavadocMethodCheck)
if (descriptor.getInstance() instanceof SMProvisioner provisioner) {
return provisioner.isAuthRoleProvided(configuration);
}
Expand Down
1 change: 1 addition & 0 deletions ...undles/io.cloudbeaver.server/src/io/cloudbeaver/server/graphql/GraphQLBindingContext.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ RuntimeWiring buildRuntimeWiring() {
runtimeWiring = RuntimeWiring.newRuntimeWiring();
runtimeWiring
.scalar(ExtendedScalars.DateTime)
.scalar(ExtendedScalars.Date)
.scalar(ExtendedScalars.Object);
queryType = TypeRuntimeWiring.newTypeWiring("Query");
mutationType = TypeRuntimeWiring.newTypeWiring("Mutation");
Expand Down
1 change: 1 addition & 0 deletions server/bundles/io.cloudbeaver.service.auth/schema/service.auth.graphqls
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ type AuthProviderInfo {
defaultProvider: Boolean!
trusted: Boolean!
private: Boolean!
authHidden: Boolean! @since(version: "24.2.4")
supportProvisioning: Boolean!

# Configurable providers must be configured first. See configurations field.
Expand Down
1 change: 0 additions & 1 deletion .../io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/impl/WebServiceAuthImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -309,5 +309,4 @@ public WebUserInfo setUserConfigurationParameters(
throw new DBWebException("Error setting user parameters", e);
}
}

}
13 changes: 13 additions & 0 deletions server/bundles/io.cloudbeaver.service.security/db/cb_schema_create.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -283,3 +283,16 @@ CREATE TABLE {table_prefix}CB_TASKS

PRIMARY KEY (TASK_ID)
);

CREATE TABLE {table_prefix}CB_ACCESS_TOKEN
(
TOKEN_ID VARCHAR(128) NOT NULL,
USER_ID VARCHAR(128) NOT NULL,
TOKEN_NAME VARCHAR(128) NOT NULL,
CREATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
EXPIRATION_TIME TIMESTAMP NULL,

PRIMARY KEY (USER_ID, TOKEN_ID),
UNIQUE (USER_ID, TOKEN_NAME),
FOREIGN KEY (USER_ID) REFERENCES {table_prefix}CB_USER(USER_ID) ON DELETE CASCADE
);
12 changes: 12 additions & 0 deletions server/bundles/io.cloudbeaver.service.security/db/cb_schema_update_22.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
CREATE TABLE {table_prefix}CB_ACCESS_TOKEN
(
TOKEN_ID VARCHAR(128) NOT NULL,
USER_ID VARCHAR(128) NOT NULL,
TOKEN_NAME VARCHAR(128) NOT NULL,
CREATE_TIME TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL,
EXPIRATION_TIME TIMESTAMP NULL,

PRIMARY KEY (USER_ID, TOKEN_ID),
alexander-skoblikov marked this conversation as resolved.
Show resolved Hide resolved
UNIQUE (USER_ID, TOKEN_NAME),
FOREIGN KEY (USER_ID) REFERENCES {table_prefix}CB_USER(USER_ID) ON DELETE CASCADE
);
2 changes: 1 addition & 1 deletion ...es/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabase.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ public class CBDatabase {
public static final String SCHEMA_UPDATE_SQL_PATH = "db/cb_schema_update_";

private static final int LEGACY_SCHEMA_VERSION = 1;
private static final int CURRENT_SCHEMA_VERSION = 21;
private static final int CURRENT_SCHEMA_VERSION = 22;

private static final String DEFAULT_DB_USER_NAME = "cb-data";
private static final String DEFAULT_DB_PWD_FILE = ".database-credentials.dat";
Expand Down
1 change: 1 addition & 0 deletions webapp/packages/core-root/src/EAdminPermission.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,5 @@

export enum EAdminPermission {
admin = 'admin',
developer = 'database-developer',
}
1 change: 1 addition & 0 deletions webapp/packages/core-sdk/src/queries/fragments/AuthProviderInfo.gql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ fragment AuthProviderInfo on AuthProviderInfo {
private
supportProvisioning
required
authHidden

#configurationParameters {
# id
Expand Down
2 changes: 1 addition & 1 deletion webapp/packages/plugin-authentication/src/Dialog/useAuthDialogState.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ export function useAuthDialogState(accessRequest: boolean, providerId: string |
const providers = authProvidersResource.data.filter(notEmptyProvider).sort(compareProviders);

const activeProviders = providers.filter(provider => {
if (provider.federated || provider.trusted || provider.private) {
if (provider.federated || provider.trusted || provider.private || provider.authHidden) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why we can't use private? or trusted

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

private does not fit here due to the fact we won't see the setting in the server config
trusted does not fit also here, but not sure why - the backend said so

we had a call with all of the flags which can fit to our needs, so we decided to extend the scheme cause there was no best candidate to fit our needs

return false;
}

Expand Down
2 changes: 1 addition & 1 deletion webapp/packages/plugin-user-profile-settings/src/UserProfileSettingsPluginBootstrap.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ export class UserProfileSettingsPluginBootstrap extends Bootstrap {
this.userProfileTabsService.tabContainer.add({
key: SETTINGS_TAB_ID,
name: 'plugin_user_profile_settings_tab_label',
order: 2,
order: 3,
panel: () => UserProfileSettings,
});

Expand Down
Loading