Skip to content

Commit

Permalink
Fixed: #4599 - Index Busy is not loaded properly
Browse files Browse the repository at this point in the history
  • Loading branch information
@delchev
delchev committed Jan 29, 2025
1 parent 6ad2c4e commit 42ba556
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 21 deletions.
12 changes: 7 additions & 5 deletions ...n/java/org/eclipse/dirigible/components/base/http/access/HttpSecurityURIConfigurator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
public class HttpSecurityURIConfigurator {

/** The Constant PUBLIC_PATTERNS. */
private static final String[] PUBLIC_PATTERNS = {//
private static final String[] PUBLIC_PATTERNS = { //
"/", //
"/home", //
"/index.html", //
Expand All @@ -37,6 +37,7 @@ public class HttpSecurityURIConfigurator {
"/services/web/resources/**", //
"/services/web/resources-core/**", //
"/services/web/platform-core/**", //
"/services/web/theme-blimpkit/**", //
"/services/js/platform-core/**", //
"/services/js/resources-core/**", //
"/services/integrations/**", //
Expand All @@ -45,7 +46,7 @@ public class HttpSecurityURIConfigurator {
"/actuator/health"};

/** The Constant AUTHENTICATED_PATTERNS. */
private static final String[] AUTHENTICATED_PATTERNS = {//
private static final String[] AUTHENTICATED_PATTERNS = { //
"/services/**", //
"/websockets/**", //
"/api-docs/swagger-config", //
Expand All @@ -54,12 +55,12 @@ public class HttpSecurityURIConfigurator {
"/swagger-ui/**"};

/** The Constant DEVELOPER_PATTERNS. */
private static final String[] DEVELOPER_PATTERNS = {//
private static final String[] DEVELOPER_PATTERNS = { //
"/services/bpm/**", //
"/services/ide/**", //
"/websockets/ide/**"};

private static final String[] OPERATOR_PATTERNS = {//
private static final String[] OPERATOR_PATTERNS = { //
"/spring-admin/**", //
"/actuator/**"};

Expand All @@ -74,7 +75,8 @@ public static void configure(HttpSecurity http) throws Exception {
authz.requestMatchers(PUBLIC_PATTERNS)
.permitAll()

// NOTE!: the order is important - role checks should be before just authenticated paths
// NOTE!: the order is important - role checks should be before just
// authenticated paths

// Fine grained configurations
.requestMatchers(HttpMethod.GET, "/services/bpm/bpm-processes/tasks")
Expand Down
21 changes: 15 additions & 6 deletions .../src/main/java/org/eclipse/dirigible/components/security/config/SecurityFilterConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,21 @@ public FilterRegistrationBean<SecurityFilter> securityFilterRegistrationBean(Sec
FilterRegistrationBean<SecurityFilter> filterRegistrationBean = new FilterRegistrationBean<>(securityFilter);

filterRegistrationBean.setFilter(securityFilter);
filterRegistrationBean.addUrlPatterns("/services/js/*", "/services/public/*", "/services/web/*", "/services/wiki/*",
"/services/command/*",

"/public/js/*", "/public/ts/*", "/public/public/*", "/public/web/*", "/public/wiki/*", "/public/command/*",

"/odata/v2/*");
filterRegistrationBean.addUrlPatterns(//
"/services/js/*", //
"/services/ts/*", //
"/services/public/*", //
"/services/web/*", //
"/services/wiki/*", //
"/services/command/*", //
"/public/js/*", //
"/public/ts/*", //
"/public/public/*", //
"/public/web/*", //
"/public/wiki/*", //
"/public/command/*", //
"/odata/v2/*" //
);

return filterRegistrationBean;
}
Expand Down
40 changes: 30 additions & 10 deletions ...curity/src/main/java/org/eclipse/dirigible/components/security/filter/SecurityFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,14 +47,14 @@ public class SecurityFilter implements Filter {
* The Constant logger.
*/
private static final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);
/**
* The Constant PATH_WEB_RESOURCES.
*/
private static final String PATH_WEB_RESOURCES = "/web/resources";
/**
* The Constant SECURED_PREFIXES.
*/
private static final Set<String> SECURED_PREFIXES = new HashSet<>();
/**
* The Constant ALLOWED_PREFIXES.
*/
private static final Set<String> ALLOWED_PREFIXES = new HashSet<>();

/** The security access verifier. */
private final AccessVerifier securityAccessVerifier;
Expand All @@ -76,11 +76,16 @@ public SecurityFilter(AccessVerifier securityAccessVerifier) {
*/
@Override
public void init(FilterConfig filterConfig) {
SECURED_PREFIXES.add("/js");
SECURED_PREFIXES.add("/public");
SECURED_PREFIXES.add("/web");
SECURED_PREFIXES.add("/wiki");
SECURED_PREFIXES.add("/command");
SECURED_PREFIXES.add("/services/js");
SECURED_PREFIXES.add("/services/ts");
SECURED_PREFIXES.add("/services/public");
SECURED_PREFIXES.add("/services/web");
SECURED_PREFIXES.add("/services/wiki");
SECURED_PREFIXES.add("/services/command");

ALLOWED_PREFIXES.add("/services/web/resources");
ALLOWED_PREFIXES.add("/services/js/platform");
ALLOWED_PREFIXES.add("/services/web/theme-blimpkit");
}

/**
Expand All @@ -100,7 +105,7 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha

String path =
!"".equals(httpServletRequest.getServletPath()) ? httpServletRequest.getServletPath() : IRepositoryStructure.SEPARATOR;
if (!path.startsWith(PATH_WEB_RESOURCES)) {
if (!isAllowed(path)) {
for (String prefix : SECURED_PREFIXES) {
if (path.startsWith(prefix)) {
path = path.substring(prefix.length());
Expand Down Expand Up @@ -153,6 +158,21 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
chain.doFilter(request, response);
}

/**
* Checks if is allowed.
*
* @param path the path
* @return true, if is allowed
*/
private boolean isAllowed(String path) {
for (String prefix : ALLOWED_PREFIXES) {
if (path.startsWith(prefix)) {
return true;
}
}
return false;
}

/**
* Forbidden.
*
Expand Down

0 comments on commit 42ba556

Please sign in to comment.