CHANGELOG.md 10.3 KB
Newer Older
1
2
# Changelog

3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
## 2.0 Release

November 16, 2020.

- 0f29476 OAuthClientOriginCheckFilter: extra Origin header check
- 7ba4c20 Reduce logging noise
- acb687c OAuth: Check if origin is registered
- 15bce20 A copy constructor for AuditLog
- 7d17bdb NumberFilter: support path expression filtering
- bb7ac98 Maven: Java 8
- 672a0b8 Code cleanup
- 6b359fd Avoid logging a message if model is not persisted
- 93c1065 Fix: aclService#getSidId() may return null, causing an NPE in Optional.of
- 48ecd31 Logging: Reduced log level
- 158d8c2 FIX: GrantedAuthority deserialization issue in OAuthClient
- 6e05a83 Create or update permissions for specified SID
- 8603605 Extended Copyable interface, introduced @NotCopyable annotation
- 88a25a5 @JsonIdentityInfo is a bad idea
- 682742c Added helper methods to StringFilter
- 72fb173 StringFilter with array of options
- cdbb5f4 Querydsl does not allow `null` predicate for `findAll()`
- 1805b00 BasicModel implements Persistable
- 107dcf5 Don't use GenerationType.AUTO
- 73f5ecb Removed spring-data-elasticsearch dependency
- edda758 Introduce EmptyModel and EmptyModelFilter
- ab043cb Updated property placeholder configurer for Spring 5
- deb48f1 Removed deprecated methods
- e17d758 Added missing Javadoc
- e30abcc throw exception if oauthClient or user not found
- eb51d62 Upgrade to Spring Data ElasticSearch 3.2.5.RELEASE
- 0d22210 Upgrade to Spring Data JPA 2.2.5 and Hibernate 5.4
- c83715c Hibernate 5

36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
## 1.6 Release

March 31, 2020.

- c03a202 Removed deprecated methods
- e17d758 Added missing Javadoc
- 2b84c84 Log more information on login events
- cfd9a0c Handle successful login only for users
- 66a63f0 Account expired
- 2edabb5 Introduce `SuperModelFilter`
- 2409f4e Fixed generation of NULL/NOTNULL paths for collection paths
- d6c0215 @Cacheable `ClassPKServiceImpl#getClassPk()`
- 8690dff Use object mapper with default config in filter copy method
- ca1faeb Fixed appearing of default values in the NOT filter
- eb82757 Fix: ensure `ROLE_EVERYONE` authority
- 169882e ACL: Setting parent ACL object
- ab6dc88 Support for runtime-define authorities granted to users
- 2452397 Fixed generation of NULL/NOTNULL paths for nested fields
- fb0bc5c Added `normalize()` method to filters
- 2fe361d Drop all OAuth token related code
- df1f2a0 Enhanced filter handling
- 695991b Changed building of filter predicate to collecting them into list
- 61e0b5f Extended clearFilters functionality
- 2819f03 Fixed generating of `NULL` filter predicate
- c3a0777 Fixed json serialization of Boolean filters
- f6372ec Added clearing of NULL and NOTNULL sets in clearFilter
- eeea83b Fix: check Referrer header if Origin header is missing or method is GET
- 9fa2323 Handling for arrays
- f5f1a31 Updated BasicModelFilter to fix issues with NULL and NOTNULL
- 6090c3d Fix: Request Origin filter logging
- 843d1e7 Added method for clearing one of Filter fields
- a782127 CI: Cache maven dependencies
- 4a2ef15 Fix JsonSidConverter
- 3aadc3d Added accessors to object filters
- 35d4621 ES: Store UUID field
- e27ee1f Use `@Type(type = "uuid-binary")` for UUID
- 6dc323d Audit logs: ignore order of referenced entity IDs
- 83ed6a5 OriginCheckFilter: check Referrer header for GET requests
- 75c2294 Serialize @Transitive properties with Jackson
- 1459ebd Fix: ACL cache should be cleared on `#removeAclAwareModel()`
- 205daff Fix: ACL cache should be cleared in createOrUpdatePermissions
- 73599ef FIX: Missing @CacheEvict on OAuth updateClient()
- 158cecf FIX: allowedOrigins not copied on update
- da0a58c Implemented a CORS Origins filter
- 4f1122a Sort set values before writing audit log change

82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
## 1.5 Release

January 24, 2019.

- 394bf92 Using a `ThreadLocal` stack for audit logs entries for individual (sub) transactions
- 25f2518 added listClientDetails by Page, fixed Json for `OAuthClient#scopes`
- 431f9c7 `SpringSecurityAuditorAware`: Reduce logging level when security principal not available
- 4d0de99 createdDate, lastModifiedDate marked with Public JsonView
- ab895bc Fix: Auth failure listener -- apparently it can be a String
- c074fd8 Fix: Auth failure listener
- 967826d ES: Set createdBy, lastModifiedBy to not_analyzed string type
- 222e045 Do not deserialize Audited properties createdBy, lastModifiedBy from JSON
- 7ef27f2 Fix: `AclObjectIdentityExt` cannot serialize `OAuthClient#roles`
- ce45ba7 `AclObjectIdentityExt` provides extended information on Object Identity
- f70eb99 ACL removePermission for SID
- c161f60 Introduced ClassAclOid as AclAwareModel
- e136701 Serialize Audited `lastModifiedBy` and `createdBy` using JsonSidConverter
- a3c4dfd SpringSecurityAuditorAware fetches AclSid#id directly with getSidId()
- bd408e8 added clearing Acl cache after updating permissions
- f5163f3 Extend ACL service
- a05c655 Fix: `Permissions.public = false` when EVERYONE's permissions cannot be read
- b89154b Fix: SecurityContextUtil should re-check context for `permissionEvaluator`
- f1e08ed mvn surefire plugin problem
- a16fb36 Include VersionedModel#version in default serialization
- 40f0a90 ACL: Added support for #aclParentObjectIdentity()
- 6f25333 Fix: `CurrentPermissionsWriter` for ADMIN
- cd95da7 Added `Permissions#isPublic` = EVERYONE can read the object
- c091982 Update core filters
- de9e43d Better logging for ACL cleanUp
- 6ac18d8 Stddev function for HSQL
- 9b43f46 hasRole and hasPermission added to SecurityContextUtil
- b38eb76 Updated UuidModel class
- 2791bd6 Updated `AclSid` class: serialize the identity of the SID
- 9fa5496 FIX: Properly handle Hibernate proxy classes
- 7099be8 FIX: only set ownerSid if it is persisted
- 9f21c3d FIX: creatorPermission ensures objectIdentity entry even if owner is null


120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
## 1.4 Release

September 19, 2018.

- 4456892 Added support for **IS_NULL**, **IS_NOT_NULL** and **NOT** filtering
- c72e9c4 `BasicModelFilter#toString()` as JSON
- 855d7fc Model filters should be abstract
- 1038e7d Test if password matches after user is created
- 4ed845f Updated javadoc
- e47c0f1 Added setters to `OAuthClient` for Jackson deserialization
- 566f5e6 `BasicModel#id` is included in Minimal JSON view
- 37d4869 Added method to clean up ACL entries
- 669962d `PermissionWriter` updated
- bce713c Improved collection handling in Audit Log
- 22502ff `SelfCleaning` trims strings to `null`
- 8eb3871 **FIX:** Build fails
- 0163e53 Remove all ACL data when `AclAwareModel` is deleted
- eb23106 `AclAwareModel` exposes `#aclParentObject` for inheriting permissions
- 4817a4c Added `UuidModelFilter`
- 445adbb Added `JsonViews.Indexed` for tagging properties that should be posted to indexing service
- 3cc46a8 JSON prop `_type` conflicts with Elasticsearch
- 53efa2c `@Type` annotations for `@Lob`


144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
## 1.3.2 Release

- 0a1ff49 Updated OAuth service
- 7c42917 BUGFIX: Added getter for JSP EL access
- 29cfa93 BUGFIX: Handle case where OAuth client secret is null
- 0cac90e Encrypt OAuth client secrets in the database
- 69da33d Update last login date on successful login
- c3fd313 Moved Spring Security annotations to service implementation
- 8c98d11 First delete issue
- 3b1a22f Utility method to make entities publicly readable
- 1ae92a7 Default user roles can be provided as a collection and are not persisted to the database
- c690ddd Throw LockedException in AccountLockoutManager
- 32191fc Added JsonView.Minimal < JsonView.Public
- c42edc8 FIX: SidPermissions are properly converted for authority (role) SIDs
- 1b0006b CustomAclService allowed for multiple entries per SID for object identity
- 3c5d531 Better autocomplete for OAuthClients
- 4c069b8 ACL management made easier
- 4f24951 Include class short name in JSON-serialized entities extending BasicModel
- 56db528 Updated ACL service and model serialization
- b74449f User repository can't be @Autowired
- 9b2ccaf VersionedModelWithoutId should have 1 as first persisted version
- 8d3cf21 Require SYSTEM_ADMIN account

167
168
169
170
171
172
173
174
175
## 1.3.1 Release

- 3e5b11d `BasicUserService#setAccountType` added
- bb783aa Added equals on `VersionedModel`
- 2d4cd74 `PreAuthorize` for service method
- ea5cec8 Fixed test logger for core
- 2887170 Basic Unit tests for core are implemented
- 9310fd8 Unit testing improved

176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
## 1.3 Release

The **1.3** focuses on improved OAuth implementation and enhances the audit trail.

- e23f2c1 `#email` is used as `AclSid#sid` name
- 477f063 `BasicUser#username` must return the username used by - `UserDetailsService#loadUserByUsername`
- 551d23d ACL service updates for temporary SID
- 3f57a18 `AclAwareModel` JSON serialization includes `_permissions` property
- 6e829eb New signature of `OAuthService#addClient` method
- 543342b BasicUserService updates
- f1f0894 Data migration for User and OAuthClient extend AclSid
- 767e808 ACL services and repositories cleaned up
- 9fc9a60 Services and tests updated for AclSid
- 637b33e BasicUser and OAuthClient extend AclSid
- 54afbc2 Incorrect exception thrown in user lookup method
- e090c51 OAuthClient management
- 2c93b9d oauthclient autocomplete
- 6501349 AuditTrailService made useful
- d8a6c80 Fixed AuditLog interceptor and service
- d91b031 QueryDsl for OAuth model
- 17c96f3 Autocomplete OAuthClient
- 36bb342 Source code cleanup
- eb20bd2 BasicUserService exposes `#listAvailableRoles` and `#getDefaultUserRole` - methods
- 1df778d Annotated BLOB types for HSQL
- 8b91b0a OAuth client management methods
- 9c36866 Extra OAuth token properties
- 27f3614 Extra OAuth service methods
- 42f1859 Updated OAuthClient model

205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
## 1.2 Release

- 8435ad9 Tests and refactoring for getClassPkId(String)
- 88449b5 Create new classPk if it doesn't exist
- e710e47 Added NumberFilter#between and DateFilter#between operation
- cbc79dc Properly typed NumberFilter
- 131c206 Fixed NPE in NumberFilter
- 8ba68ee Expose #handleFailedLogin, #handleSuccessfulLogin
- 9f0a7be VersionedModel#version must not be null in database
- b37b91d Expose #assureGoodPassword
- 9afc28c Cleanup
- d322dc5 List ACL SIDs by their IDs
- 53607dd gpg: signing failed: No such file or directory
- 1b44cbf Fixed typo
- 697791f Updated failing changePasswordTest (PasswordPolicy)
- 06126fa AclAssignerAspect handles Iterables
- 8b36e96 @Transactional does nothing on private methods, TODOs for issue
- 2906a1d GPG key import using --batch
- 03dc333 Fixed bug in #ensureObjectIdentity using user email instead of uuid
- 7b55e2a Only sign artifacts in 'release' mode
- 186bf8f Use random UUID for BasicUser!
- 1d140c5 Declare the generic UserException in #createUser
- af08c8e Added BasicModel#isPersisted() method to consistently test value of the #id
- 0d1eac8 Updated README.md