Fixed merge conflict

TIER · Nov 1, 2021 · 49e0e98 · 49e0e98
2 parents f5c5678 + a0655a6
commit 49e0e98
Show file tree

Hide file tree

Showing 57 changed files with 330 additions and 117 deletions.
diff --git a/...eth/admin/ui/controller/MetadataResolverControllerVersionEndpointsIntegrationTests.groovy b/...eth/admin/ui/controller/MetadataResolverControllerVersionEndpointsIntegrationTests.groovy
@@ -150,6 +150,37 @@ class MetadataResolverControllerVersionEndpointsIntegrationTests extends Specifi
         mrv2.body.name == 'resolverUPDATED'
     }
 
+    def "SHIBUI-2182"() {
+        given:
+        def mr = new DynamicHttpMetadataResolver().with {
+            it.name = 'resolver2'
+            it.metadataRequestURLConstructionScheme = new RegexScheme().with {
+                it.match = 'This is the match field'
+                it.content = 'some content'
+                it
+            }
+            it
+        }
+        mr = repository.save(mr)
+        //Will create a second version for UPDATE revision
+        mr.name = 'resolverUPDATED'
+        mr.metadataRequestURLConstructionScheme.match = 'This is the match field too'
+        repository.save(mr)
+
+        when:
+        def allVersions = getAllMetadataResolverVersions(mr.resourceId, List)
+        def mrv1 = getMetadataResolverForVersion(mr.resourceId, allVersions.body[0].id, MetadataResolver)
+        def mrv2 = getMetadataResolverForVersion(mr.resourceId, allVersions.body[1].id, MetadataResolver)
+
+        then:
+        mrv1.statusCodeValue == 200
+        mrv1.body.name == 'resolver2'
+        mrv1.body.metadataRequestURLConstructionScheme.match == 'This is the match field'
+        mrv2.statusCodeValue == 200
+        mrv2.body.name == 'resolverUPDATED'
+        mrv2.body.metadataRequestURLConstructionScheme.match == 'This is the match field too'
+    }
+
     def "SHIBUI-1386"() {
         given:
         MetadataResolver mr = new FileBackedHttpMetadataResolver(name: 'testme')
@@ -292,4 +323,4 @@ trait AttributeReleaseAndOverrides {
     Map<String, Object> overrides(int filterIndex) {
         (this.metadataFilters[filterIndex] as EntityAttributesFilter).relyingPartyOverrides
     }
-}
+}
diff --git a/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -89,6 +89,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
     }
 
     void constructXmlNodeForFilter(EntityAttributesFilter filter, def markupBuilderDelegate) {
+        if (!filter.isFilterEnabled()) { return }
         markupBuilderDelegate.MetadataFilter('xsi:type': 'EntityAttributes') {
             // TODO: enhance. currently this does weird things with namespaces
             filter.attributes.each { attribute ->
@@ -128,6 +129,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
 
     // TODO: enhance
     void constructXmlNodeForFilter(EntityRoleWhiteListFilter filter, def markupBuilderDelegate) {
+        if (!filter.isFilterEnabled()) { return }
         if (!filter.retainedRoles?.isEmpty()) {
             markupBuilderDelegate.MetadataFilter(
                     'xsi:type': 'EntityRoleWhiteList',
@@ -142,6 +144,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
     }
 
     void constructXmlNodeForFilter(NameIdFormatFilter filter, def markupBuilderDelegate) {
+        if (!filter.isFilterEnabled()) { return }
         def type = filter.nameIdFormatFilterTarget.nameIdFormatFilterTargetType
         markupBuilderDelegate.MetadataFilter(
                 'xsi:type': 'NameIDFormat',
@@ -180,6 +183,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
     }
 
     void constructXmlNodeForFilter(RequiredValidUntilFilter filter, def markupBuilderDelegate) {
+        if (!filter.isFilterEnabled()) { return }
         if (filter.xmlShouldBeGenerated()) {
             markupBuilderDelegate.MetadataFilter(
                     'xsi:type': 'RequiredValidUntil',
@@ -189,6 +193,7 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
     }
 
     void constructXmlNodeForFilter(SignatureValidationFilter filter, def markupBuilderDelegate) {
+        if (!filter.isFilterEnabled()) { return }
         if (filter.xmlShouldBeGenerated()) {
             markupBuilderDelegate.MetadataFilter(id: filter.name,
                     'xsi:type': 'SignatureValidation',
@@ -459,8 +464,10 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                                     }
                                 }
                                 mr.metadataFilters.each { edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter filter ->
-                                    doNamespaceProtectionFilter()
-                                    constructXmlNodeForFilter(filter, delegate)
+                                    if (filter.isFilterEnabled()) {
+                                        doNamespaceProtectionFilter()
+                                        constructXmlNodeForFilter(filter, delegate)
+                                    }
                                 }
                                 doNamespaceProtectionFilter()
                             }

diff --git a/...rnet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java b/...rnet2/tier/shibboleth/admin/ui/domain/resolvers/MetadataRequestURLConstructionScheme.java
@@ -64,4 +64,7 @@ public String toString() {
     String type;
 
     String content;
-}
+
+    @Transient
+    String match;
+}
diff --git a/.../edu/internet2/tier/shibboleth/admin/ui/service/EnversMetadataResolverVersionService.java b/.../edu/internet2/tier/shibboleth/admin/ui/service/EnversMetadataResolverVersionService.java
@@ -40,4 +40,4 @@ public MetadataResolver findSpecificVersionOfMetadataResolver(String resourceId,
         return resolver;
 
     }
-}
+}
diff --git a/backend/src/main/resources/dynamic-http-metadata-provider.schema.json b/backend/src/main/resources/dynamic-http-metadata-provider.schema.json
@@ -9,7 +9,7 @@
     "properties": {
         "name": {
             "title": "label.metadata-provider-name-dashboard-display-only",
-            "description": "tooltip.metadata-provider-name-dashboard-display-only",
+            "description": "tooltip.metadata-provider-name",
             "type": "string"
         },
         "@type": {
@@ -47,13 +47,10 @@
                                     ]
                                 },
                                 "match": {
+                                    "$id": "match",
                                     "title": "label.match",
                                     "description": "tooltip.match",
-                                    "type": "string",
-                                    "widget": {
-                                        "id": "string",
-                                        "required": true
-                                    }
+                                    "type": "string"
                                 }
                             },
                             "required": [

diff --git a/backend/src/main/resources/file-system-metadata-provider.schema.json b/backend/src/main/resources/file-system-metadata-provider.schema.json
@@ -9,7 +9,7 @@
     "properties": {
         "name": {
             "title": "label.metadata-provider-name-dashboard-display-only",
-            "description": "tooltip.metadata-provider-name-dashboard-display-only",
+            "description": "tooltip.metadata-provider-name",
             "type": "string",
             "widget": {
                 "id": "string",

diff --git a/backend/src/main/resources/filebacked-http-metadata-provider.schema.json b/backend/src/main/resources/filebacked-http-metadata-provider.schema.json
@@ -28,7 +28,7 @@
     "properties": {
         "name": {
             "title": "label.metadata-provider-name-dashboard-display-only",
-            "description": "tooltip.metadata-provider-name-dashboard-display-only",
+            "description": "tooltip.metadata-provider-name",
             "type": "string",
             "widget": {
                 "id": "string",

diff --git a/backend/src/main/resources/i18n/messages.properties b/backend/src/main/resources/i18n/messages.properties
@@ -69,12 +69,15 @@ action.groups=Groups
 action.source-group=Group
 action.enable=Enable
 action.disable=Disable
+action.get-latest=Get latest changes
 
 action.add-new-role=Add new role
 action.roles=Roles
 action.source-role=Role
 action.select-bundle=Select Bundle
 
+action.get-latest=Get latest
+
 value.enabled=Enabled
 value.disabled=Disabled
 value.current=Current
@@ -597,6 +600,7 @@ message.invalid-signing=Unless the response or the assertions are signed, SAML s
 
 message.session-timeout-heading=Session timed out
 message.session-timeout-body=Your session has timed out. Please login again.
+message.session-timeout=An error has occurred while saving. Your session may have timed out.
 
 tooltip.entity-id=Entity ID
 tooltip.service-provider-name=Service Provider Name (Dashboard Display Only)
@@ -662,7 +666,7 @@ tooltip.max-cache-entry-size=The maximum response body size that may be cached,
 tooltip.metadata-provider-name=Metadata Provider Name (for display on the Dashboard only)
 tooltip.metadata-provider-type=Metadata Provider Type
 tooltip.xml-id=Identifier for logging, identification for command line reload, etc.
-tooltip.metadata-url=Identifier for logging, identification for command line reload, etc.
+tooltip.metadata-url=The URL that the metadata is served from.
 tooltip.metadata-file=The absolute path to the local metadata file to be loaded.
 tooltip.init-from-backup=Flag indicating whether initialization should first attempt to load metadata from the backup file.  If true, foreground initialization will be performed by loading the backing file, and then a refresh from the remote HTTP server will be scheduled to execute in a background thread, after a configured delay. This can improve IdP startup times when the remote HTTP file is large in size.
 tooltip.backing-file=Specifies where the backing file is located. If the remote server is unavailable at startup, the backing file is loaded instead.
@@ -718,4 +722,6 @@ tooltip.group-name=Group Name
 tooltip.group-description=Group Description
 
 tooltip.role-name=Role Name
-tooltip.role-description=Role Description
+tooltip.role-description=Role Description
+
+tooltip.contact-information=Contact Information
diff --git a/backend/src/main/resources/i18n/messages_en.properties b/backend/src/main/resources/i18n/messages_en.properties
@@ -513,7 +513,7 @@ tooltip.max-cache-entry-size=The maximum response body size that may be cached,
 tooltip.metadata-provider-name=Metadata Provider Name (for display on the Dashboard only)
 tooltip.metadata-provider-type=Metadata Provider Type
 tooltip.xml-id=Identifier for logging, identification for command line reload, etc.
-tooltip.metadata-url=Identifier for logging, identification for command line reload, etc.
+tooltip.metadata-url=The URL that the metadata is served from.
 tooltip.metadata-file=The absolute path to the local metadata file to be loaded.
 tooltip.init-from-backup=Flag indicating whether initialization should first attempt to load metadata from the backup file.  If true, foreground initialization will be performed by loading the backing file, and then a refresh from the remote HTTP server will be scheduled to execute in a background thread, after a configured delay. This can improve IdP startup times when the remote HTTP file is large in size.
 tooltip.backing-file=Specifies where the backing file is located. If the remote server is unavailable at startup, the backing file is loaded instead.

diff --git a/backend/src/main/resources/local-dynamic-metadata-provider.schema.json b/backend/src/main/resources/local-dynamic-metadata-provider.schema.json
@@ -9,7 +9,7 @@
     "properties": {
         "name": {
             "title": "label.metadata-provider-name-dashboard-display-only",
-            "description": "tooltip.metadata-provider-name-dashboard-display-only",
+            "description": "tooltip.metadata-provider-name",
             "type": "string",
             "widget": {
                 "id": "string",

diff --git a/...rnet2/tier/shibboleth/admin/ui/service/IncommonJPAMetadataResolverServiceImplTests.groovy b/...rnet2/tier/shibboleth/admin/ui/service/IncommonJPAMetadataResolverServiceImplTests.groovy
@@ -38,7 +38,7 @@ class IncommonJPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTes
     def 'simple test generation of metadata-providers.xml'() {
         when:
         def mr = metadataResolverRepository.findAll().iterator().next()
-        mr.metadataFilters << new SignatureValidationFilter(requireSignedRoot: true, certificateFile: '%{idp.home}/credentials/inc-md-cert.pem')
+        mr.metadataFilters << new SignatureValidationFilter(enabled: true, requireSignedRoot: true, certificateFile: '%{idp.home}/credentials/inc-md-cert.pem')
         mr.metadataFilters << requiredValidUntilFilterForXmlGenerationTests()
         mr.metadataFilters << entityRoleWhiteListFilterForXmlGenerationTests()
         metadataResolverRepository.save(mr)
@@ -52,9 +52,10 @@ class IncommonJPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTes
         when:
         //TODO: this might break later
         def mr = metadataResolverRepository.findAll().iterator().next()
-        mr.metadataFilters << new SignatureValidationFilter(requireSignedRoot: true, certificateFile: '%{idp.home}/credentials/inc-md-cert.pem')
+        mr.metadataFilters << new SignatureValidationFilter(enabled: true, requireSignedRoot: true, certificateFile: '%{idp.home}/credentials/inc-md-cert.pem')
         mr.metadataFilters << requiredValidUntilFilterForXmlGenerationTests()
         mr.metadataFilters.add(new EntityAttributesFilter().with {
+            it.enabled = true
             it.entityAttributesFilterTarget = new EntityAttributesFilterTarget().with {
                 it.entityAttributesFilterTargetType = EntityAttributesFilterTarget.EntityAttributesFilterTargetType.ENTITY
                 it.value = ['https://sp1.example.org']
@@ -81,13 +82,15 @@ class IncommonJPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTes
     EntityRoleWhiteListFilter entityRoleWhiteListFilterForXmlGenerationTests() {
         new EntityRoleWhiteListFilter().with {
             it.retainedRoles = ['md:SPSSODescriptor']
+            it.enabled = true
             it
         }
     }
 
     RequiredValidUntilFilter requiredValidUntilFilterForXmlGenerationTests() {
         new RequiredValidUntilFilter().with {
             it.maxValidityInterval = 'P14D'
+            it.enabled = true
             it
         }
     }

diff --git a/...edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/...edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
@@ -149,6 +149,20 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest {
         generatedXmlIsTheSameAsExpectedXml('/conf/661.xml', domBuilder.parseText(writer.toString()))
     }
 
+    def 'test generating xml when filter is disabled'() {
+        given:
+        def filter = testObjectGenerator.entityAttributesFilterWithConditionScript()
+        filter.setEnabled(Boolean.FALSE)
+
+        when:
+        genXmlSnippet(markupBuilder) {
+            JPAMetadataResolverServiceImpl.cast(metadataResolverService).constructXmlNodeForFilter(filter, it)
+        }
+
+        then:
+        generatedXmlIsTheSameAsExpectedXml('/conf/661.3.xml', domBuilder.parseText(writer.toString()))
+    }
+
     def 'test generating EntityAttributesFilter xml snippet with regex'() {
         given:
         def filter = testObjectGenerator.entityAttributesFilterWithRegex()
@@ -177,6 +191,7 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest {
     def 'test generating RequiredValidUntilFilter xml snippet'() {
         given:
         def filter = new RequiredValidUntilFilter().with {
+            it.enabled = true
             it.maxValidityInterval = 'P14D'
             it
         }

diff --git a/...nd/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy b/...nd/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestObjectGenerator.groovy
@@ -193,6 +193,7 @@ class TestObjectGenerator {
             it.dynamicTrustedNamesStrategyRef = generator.randomString(10)
             it.trustEngineRef = generator.randomString(10)
             it.publicKey = generator.randomString(50)
+            it.enabled = true;
             it
         }
     }
@@ -202,6 +203,7 @@ class TestObjectGenerator {
             it.name = 'EntityRoleWhiteList'
             it.retainedRoles = ['role1', 'role2']
             it.removeRolelessEntityDescriptors = true
+            it.enabled = true;
             it
         }
     }
@@ -212,6 +214,7 @@ class TestObjectGenerator {
             it.setEntityAttributesFilterTarget(buildEntityAttributesFilterTarget())
             it.setAttributes(buildAttributesList())
             it.intoTransientRepresentation()
+            it.enabled = true;
             it
         }
     }
@@ -221,6 +224,7 @@ class TestObjectGenerator {
             it.name = 'EntityAttributes'
             it.setEntityAttributesFilterTarget(buildEntityAttributesFilterTargetWithConditionScript())
             it.intoTransientRepresentation()
+            it.enabled = true;
             it
         }
     }
@@ -230,13 +234,15 @@ class TestObjectGenerator {
             it.name = 'EntityAttributes'
             it.setEntityAttributesFilterTarget(buildEntityAttributesFilterTargetWithRegex())
             it.intoTransientRepresentation()
+            it.enabled = true;
             it
         }
     }
 
     RequiredValidUntilFilter requiredValidUntilFilter() {
         return new RequiredValidUntilFilter().with {
             it.maxValidityInterval = 'P14D'
+            it.enabled = true;
             it
         }
     }
@@ -246,6 +252,7 @@ class TestObjectGenerator {
             it.name = "NameIDFormat"
             it.formats = ['urn:oasis:names:tc:SAML:2.0:nameid-format:persistent']
             it.setNameIdFormatFilterTarget(new NameIdFormatFilterTarget(nameIdFormatFilterTargetType: ENTITY, singleValue: 'https://sp1.example.org'))
+            it.enabled = true;
             it
         }
     }
@@ -255,6 +262,7 @@ class TestObjectGenerator {
             it.name = requiredValidUntilFilter.name
             it.resourceId = requiredValidUntilFilter.resourceId
             it.maxValidityInterval = requiredValidUntilFilter.maxValidityInterval
+            it.enabled = true;
             it
         }
     }
@@ -270,6 +278,7 @@ class TestObjectGenerator {
             it.requireSignedRoot = signatureValidationFilter.requireSignedRoot
             it.certificateFile = signatureValidationFilter.certificateFile
             it.defaultCriteriaRef = signatureValidationFilter.defaultCriteriaRef
+            it.enabled = true;
             it
         }
     }

diff --git a/backend/src/test/resources/conf/661.3.xml b/backend/src/test/resources/conf/661.3.xml
@@ -0,0 +1,2 @@
+<MetadataProvider id='ShibbolethMetadata' xmlns='urn:mace:shibboleth:2.0:metadata' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:type='ChainingMetadataProvider' xsi:schemaLocation='urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd'>
+</MetadataProvider>
diff --git a/gradle.properties b/gradle.properties
@@ -1,6 +1,6 @@
 name=shibui
 group=edu.internet2.tier.shibboleth.admin.ui
-version=1.10.0-SNAPSHOT
+version=1.11.0-SNAPSHOT
 
 shibboleth.version=3.4.4
 opensaml.version=3.4.3