21.3.0 (2024-12-17)
- add wmtsDimensions parameter for layer source (c6fab88)
- adds app logo in preview on landing page (e4b82e7)
21.2.0 (2024-11-18)
- add classifier (aadf6a8)
- add missing annotations and make findAllById cacheable (00b1459)
- add missing cache annotations (764b832)
- add missing cache regions (6362f59)
- adds missing lecense header (ac7b4e1)
- extract typename in WFS Transaction insert queries correctly (1cf15cb)
- typo (12705ae)
- adds endpoints to manually create users, groups and roles from the provider (7dd043e)
- introduces "mapInteractions" config (a5b3859)
21.1.2 (2024-10-25)
- ogcxmlutil: replace unsupported XML properties with feature-based security settings (801fde2)
21.1.1 (2024-10-14)
- handle unsupported external DTD and schema properties (0450f3c)
21.1.0 (2024-10-10)
- log: decrease log level in base permission evaluator (3716046)
- repository: introduce search by layername parameter (c0b157f)
21.0.0 (2024-09-26)
- inherit versions from spring-boot-dependencies if possible (0921b29)
- use correct version of spring-boot-starter-parent (872c744)
- use flyway progresql module (484e417)
- Upgrade to flyway 10 requires database specific modules
20.4.2 (2024-09-12)
- HttpProxy: use override instead of bean creation for HttpSecurity (62cd974)
20.4.1 (2024-08-20)
- downgrade openapi (again) (33648c2)
20.4.0 (2024-08-20)
- deps: downgrade springdoc (65e20ed)
- show public applications when signed out (d1ee3ef)
20.3.1 (2024-07-03)
- use correct mail dependencies (2b452e3)
20.3.0 (2024-06-24)
- remove read only transaction (7f90d6a)
20.2.1 (2024-06-17)
- check against the client role instead of the realm role (a1aa970)
- remove role permissions before removing the role (9716cec)
20.2.0 (2024-06-13)
- add missing Query annotation (dfc296c)
- remove role permissions before removing the role (3b596b4)
- set schema (30be7e6)
- init Role, RoleInstancePermission and RoleClassPermission (48042db)
20.1.0 (2024-05-21)
- prevent exception when keycloak group does not exist (9fb7732)
20.0.0 (2024-05-14)
- anonymous access to graphql interface (58d1c68)
- anonymous access to graphql interface
19.1.0 (2024-05-08)
- allow configuration of role extraction from jwt (23247c7)
19.0.0 (2024-05-02)
- add audit annoations to PublicInstancePermission (94cffac)
- add info for graphql version (46dd0a5)
- add logging for unknown exception (a38e1ab)
- add missing columns for revision table (ebbfaf9)
- clarify jts version comment (bd9d412)
- clean up dependencies (cdf7fd1)
- code smells (c819531)
- consistent transactional annotations (32619fa)
- fix licenserc pattern location (3f20985)
- fixes admin-btn from opening multiple links when clicked (778e9f6)
- jaxb-api version identifier (64ec323)
- remove duplicated badges (143eddb)
- remove duplicated fields (89fe47d)
- rename PublicEntity to PublicInstancePermission (4a8aca1)
- show applications despite empty configuration or description (47512f7)
- specify spdx id (6f7799d)
- use instanceof checks instead of class comparison (3f473cf)
- update to java 21 (084491d)
- add migration for publicentities (9a1d35e)
- configurable favicon (bf6a1b9)
- introduce PublicEntity (53d1941)
- permitAll for entity endpoints (90474d0)
- prevent public permission for User and Group (732ecf2)
- update permission handling for PublicEntity (f40b9f7)
- This changes a crucial security setting an might need adjustments in projects.
- requires java 21
18.0.0 (2023-09-18)
- adds missing git-commit-id-maven-plugin in gs-interceptor (a6b390a)
- allow extending WebSecurityConfig (10cb4e4)
- circular dependency problems (53aa861)
- cleanup (2db9a60)
- extract xmlbind version to property (e37392f)
- fix http proxy tests (b9e8be4)
- fix hypersistence-utils version (7958976)
- fix queryHints import (7df2511)
- optimize imports (d0e84f5)
- reenable csrfTokenRequestHandler (b32f02c)
- remove commented code (c3d5f7a)
- remove newline (53673e0)
- remove not needed hibernate version (7b0abc4)
- remove unneeded parameter (4565f49)
- reorganize imports (6fc6f8c)
- set correct creation time for docker images (8be68e5)
- temporarily allow circular references (4aefc55)
- temproarily allow circular references (98f731d)
- update dependency versions (e468350)
- update git-commit-id plugin (104b0b3)
- update java base image (caba9ce)
- update to apache httpUtil5 (8661561)
- web security setup (b4979bc)
- allow to only override security filterchain (4b37639)
- improve content type detection (4b754e3)
- include REFERENCE_TABLE and make PropertyFormItemEditConfig abstract (e4bbaf5)
- update for hibernate 6.1 and hibernate-types (b105159)
- update keycloak to 21.0.1 (f90de77)
- update spring-boot to 3.0.x (f95fcaf)
- requires migration for spring / spring-security 6 and hibernate 6 updates
Migration guide:
- update java EE 8 dependencies to jakarta EE 9 (see https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.0-Migration-Guide#jakarta-ee)
- update repositories
- update
@QueryHints
annotations - e.g.
org.hibernate.annotations.QueryHints.CACHEABLE
->AvailableHints.HINT_CACHEABLE
- if you use custom data fetching methods, migration steps for hibernate 6 / 6.1 / 6.2 might be necessary
- especially consider https://github.com/hibernate/hibernate-orm/blob/6.0/migration-guide.adoc#removals
- for more information see the hibernate migration guides listed below
- update
- update your SecurityConfigs which extend
KeycloakWebSecurityConfig
orSimpleWebSecurityConfig
- update your filter chain according to the the spring security migration guides below
- replace
antMatchers
withrequestMatchers
, ignoringAntMatchers with ignoringRequestMatchers - update your rules for swagger (
/v3/api-docs
) if they're not already updated
- update your
git-commit-id-plugin
configuration and check if the version set in shogun is overridden (for more information see #730)
17.2.0 (2023-07-18)
- delete all user/group permissions before deleting the user/group itself (365f31d)
- generate all args and required args constructor, remove annotations that were dealed by @Data (554caf0)
- add WMSTIME layer type (8d32f1b)
- adds all args constructor and constructor for required parameters of JSONB models (70d7192)
17.1.1 (2023-06-21)
- append the transient provider details for users and groups (72cb1e6)
- get the actual target entity class and set a common default permission evaluator (978426f)
17.1.0 (2023-06-02)
- fix return value of application findAll() endpoint (776f813)
- remove unneeded visible field (75d3ae9)
- replace deprecated usages (f9b64e1)
- set correct example value (3807a28)
- update types (804ecc7)
- add models for search configuration (d76c8db)
- add models for specifying form configurations(still without i18n support) (1ad6bba)
- adds layer editable flag (88dd6df)
17.0.0 (2023-05-17)
- convert permission query to non native query (3a151d4)
- determine read permission id from DB (ec5ba01)
- fix api docs for pageable parameter (11a3a6d)
- get base entity class dynamically (a3c6a35)
- improvements from code review (4416356)
- move securityExtension to ApplicationConfig (112dd89)
- remove SecurityContextEvaluationExtension (ce86a05)
- remove unneeded imports (7abf3ed)
- security evaluation extension (d3437e1)
- update tests for new findAll response (919c0e4)
- changes
BaseController::findAll
signature. Now returns paged entities.
Migration instructions
- BaseController::findAll() - method signature has changed
- the method now returns
Page<BaseEntity>
instead ofList<BaseEntity>
- this means the results are now wrapped into a paging object, e.g.:
{ "content": [ { "id": 475870, "created": "2022-10-07T14:01:43.11027Z" [...] } ], "pageable": { "sort": { "empty": true, "sorted": false, "unsorted": true }, "offset": 0, "pageNumber": 0, "pageSize": 1, "paged": true, "unpaged": false }, "last": false, "totalElements": 2, "totalPages": 2, "size": 1, "number": 0, "sort": { [...] }, "first": true, "numberOfElements": 1, "empty": false }
content
contains the list of entities- the object also contains metadata, for more information see https://docs.spring.io/spring-data/commons/docs/current/api/org/springframework/data/domain/Page.html
- the method has a new optional parameter
Pageable pageable
which can be used to specify which page and size is returned e.g.:{ "page": 0, "size": 10 }
- if no pagination configuration is provided, one page with all entities is returned. But it is recommended to use pagination for performance reasons
- Custom permission evaluators have to implement a
findAll
method
- if you project uses custom permission evaluators, you have to implement this method to provide a way to check permissions for requests with pagination
- BaseEntityPermissionEvaluator contains a default implemenation which performs the new improved permisison check described above
- the default only works for the "shogun way" (permission managment through UserInstance-, UserClass- GroupInstance- and GroupClassPermissions
16.4.0 (2023-04-28)
- add JsonInclude.Include.NON_NULL annotations to all jsonb models (38e4811)
- enable arbitrary objects in open api specification (563a2ba)
- readd terms of service url (bb09a79)
- replace deprecated mockito-inline by mockito-core (16fcbf0)
16.3.0 (2023-04-18)
- introduce crsDefinitions field on mapView config (7457fb7)
16.2.0 (2023-04-18)
- extend application client config model for legal information link config (21d4874)
- introduce crsDefinitions field on mapView config (7457fb7)
16.2.0 (2023-01-20)
- extend application client config model for legal information link config (21d4874)