dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #42306
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 21628: smtp+remote put into systemSettings; systemSettings can now be encrypted; encryptionExceptions fr...
Merge authors:
Stian Sandvold (stian-sandvold)
------------------------------------------------------------
revno: 21628 [merge]
committer: Stian Sandvold <stian.sandvold@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2016-01-06 19:20:43 +0100
message:
smtp+remote put into systemSettings; systemSettings can now be encrypted; encryptionExceptions from changing password is now thrown on server, but not handled yet. old default password is now default only for systemSettings; Can be overwritten by encryption.password;
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SettingKey.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSetting.java
dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/ConfigurationPopulator.java
dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml
dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/synch/DefaultSynchronizationManager.java
dhis-2/dhis-support/dhis-support-external/src/main/java/org/hisp/dhis/external/conf/ConfigurationKey.java
dhis-2/dhis-support/dhis-support-hibernate/src/main/resources/META-INF/dhis/beans.xml
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/ConfigurationController.java
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemSettingController.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SettingKey.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SettingKey.java 2016-01-04 02:27:49 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SettingKey.java 2016-01-06 18:19:09 +0000
@@ -58,6 +58,7 @@
EMAIL_USERNAME( "keyEmailUsername" ),
EMAIL_TLS( "keyEmailTls", Boolean.TRUE, Boolean.class ),
EMAIL_SENDER( "keyEmailSender" ),
+ EMAIL_PASSWORD( "keyEmailPassword", "", String.class, true ),
INSTANCE_BASE_URL( "keyInstanceBaseUrl" ),
SCHEDULED_TASKS( "keySchedTasks", ListMap.class ),
SMS_CONFIG( "keySmsConfig", SmsConfiguration.class ),
@@ -112,7 +113,10 @@
APP_BASE_URL( "appBaseUrl" ),
APP_STORE_URL( "appStoreUrl", "https://www.dhis2.org/appstore";, String.class ),
APP_STORE_INDEX_URL( "appStoreIndexUrl", "https://s3-eu-west-1.amazonaws.com/dhis2-appstore/appstore.json";, String.class ),
- STYLE( "currentStyle", "light_blue/light_blue.css", String.class );
+ STYLE( "currentStyle", "light_blue/light_blue.css", String.class ),
+ REMOTE_INSTANCE_URL( "keyRemoteInstanceUrl", "", String.class ),
+ REMOTE_INSTANCE_USERNAME( "keyRemoteInstanceUsername", "", String.class ),
+ REMOTE_INSTANCE_PASSWORD( "keyRemoteInstancePassword", "", String.class, true );
private final String name;
@@ -120,6 +124,8 @@
private final Class<?> clazz;
+ private boolean confidential;
+
// -------------------------------------------------------------------------
// Constructors
// -------------------------------------------------------------------------
@@ -129,6 +135,7 @@
this.name = name;
this.defaultValue = null;
this.clazz = String.class;
+ this.confidential = false;
}
private SettingKey( String name, Class<?> clazz )
@@ -136,13 +143,23 @@
this.name = name;
this.defaultValue = null;
this.clazz = clazz;
+ this.confidential = false;
}
-
+
private SettingKey( String name, Serializable defaultValue, Class<?> clazz )
{
this.name = name;
this.defaultValue = defaultValue;
this.clazz = clazz;
+ this.confidential = false;
+ }
+
+ private SettingKey( String name, Serializable defaultValue, Class<?> clazz, boolean confidential )
+ {
+ this.name = name;
+ this.defaultValue = defaultValue;
+ this.clazz = clazz;
+ this.confidential = confidential;
}
// -------------------------------------------------------------------------
@@ -207,6 +224,7 @@
return name;
}
+
public Serializable getDefaultValue()
{
return defaultValue;
@@ -216,4 +234,6 @@
{
return clazz;
}
+
+ public boolean getConfidential() { return confidential; }
}
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSetting.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSetting.java 2016-01-04 02:27:49 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSetting.java 2016-01-06 18:19:09 +0000
@@ -44,6 +44,8 @@
private Serializable value;
+ private boolean confidential;
+
// -------------------------------------------------------------------------
// Constructor
// -------------------------------------------------------------------------
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2016-01-04 02:27:49 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2016-01-06 18:19:09 +0000
@@ -40,35 +40,35 @@
public interface SystemSettingManager
{
void saveSystemSetting( String name, Serializable value );
-
+
void saveSystemSetting( SettingKey setting, Serializable value );
void deleteSystemSetting( String name );
-
+
void deleteSystemSetting( SettingKey setting );
Serializable getSystemSetting( String name );
Serializable getSystemSetting( SettingKey setting );
-
+
Serializable getSystemSetting( SettingKey setting, Serializable defaultValue );
-
+
List<SystemSetting> getAllSystemSettings();
Map<String, Serializable> getSystemSettingsAsMap();
-
+
Map<String, Serializable> getSystemSettingsAsMap( Set<String> names );
-
+
Map<String, Serializable> getSystemSettings( Collection<SettingKey> settings );
-
+
void invalidateCache();
-
+
// -------------------------------------------------------------------------
// Specific methods
// -------------------------------------------------------------------------
List<String> getFlags();
-
+
List<StyleObject> getFlagObjects();
String getFlagImage();
@@ -80,7 +80,7 @@
String getEmailUsername();
boolean getEmailTls();
-
+
String getEmailSender();
String getInstanceBaseUrl();
@@ -90,14 +90,16 @@
boolean selfRegistrationNoRecaptcha();
boolean emailEnabled();
-
+
boolean systemNotificationEmailValid();
boolean hideUnapprovedDataInAnalytics();
-
+
boolean isOpenIdConfigured();
-
+
String googleAnalyticsUA();
Integer credentialsExpires();
+
+ boolean isConfidential( String name );
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java 2016-01-05 19:03:10 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java 2016-01-06 18:19:42 +0000
@@ -77,19 +77,12 @@
// -------------------------------------------------------------------------
private SystemSettingManager systemSettingManager;
-
+
public void setSystemSettingManager( SystemSettingManager systemSettingManager )
{
this.systemSettingManager = systemSettingManager;
}
- private DhisConfigurationProvider dhisConfigurationProvider;
-
- public void setDhisConfigurationProvider( DhisConfigurationProvider dhisConfigurationProvider)
- {
- this.dhisConfigurationProvider = dhisConfigurationProvider;
- }
-
private UserSettingService userSettingService;
public void setUserSettingService( UserSettingService userSettingService )
@@ -106,14 +99,15 @@
*/
@Async
@Override
- public String sendMessage( String subject, String text, String footer, User sender, Set<User> users, boolean forceSend )
+ public String sendMessage( String subject, String text, String footer, User sender, Set<User> users,
+ boolean forceSend )
{
- String hostName = dhisConfigurationProvider.getProperty( ConfigurationKey.SMTP_HOSTNAME );
- int port = Integer.parseInt( dhisConfigurationProvider.getProperty( ConfigurationKey.SMTP_PORT ) );
- String username = dhisConfigurationProvider.getProperty( ConfigurationKey.SMTP_USERNAME );
- String password = dhisConfigurationProvider.getProperty( ConfigurationKey.SMTP_PASSWORD );
- boolean tls = Boolean.parseBoolean( dhisConfigurationProvider.getProperty( ConfigurationKey.SMTP_TLS ) );
- String from = dhisConfigurationProvider.getProperty( ConfigurationKey.SMTP_SENDER );
+ String hostName = (String) systemSettingManager.getSystemSetting( SettingKey.EMAIL_HOST_NAME );
+ int port = (int) systemSettingManager.getSystemSetting( SettingKey.EMAIL_PORT );
+ String username = (String) systemSettingManager.getSystemSetting( SettingKey.EMAIL_USERNAME );
+ String password = (String) systemSettingManager.getSystemSetting( SettingKey.EMAIL_PASSWORD );
+ boolean tls = (boolean) systemSettingManager.getSystemSetting( SettingKey.EMAIL_TLS );
+ String from = (String) systemSettingManager.getSystemSetting( SettingKey.EMAIL_SENDER );
if ( hostName == null )
{
@@ -134,13 +128,16 @@
for ( User user : users )
{
- boolean doSend = forceSend || (Boolean) userSettingService.getUserSetting( UserSettingKey.MESSAGE_EMAIL_NOTIFICATION, user );
+ boolean doSend = forceSend ||
+ (Boolean) userSettingService.getUserSetting( UserSettingKey.MESSAGE_EMAIL_NOTIFICATION, user );
if ( doSend && user.getEmail() != null && !user.getEmail().trim().isEmpty() )
{
email.addBcc( user.getEmail() );
- log.info( "Sending email to user: " + user.getUsername() + " with email address: " + user.getEmail() + " to host: " + hostName + ":" + port );
+ log.info(
+ "Sending email to user: " + user.getUsername() + " with email address: " + user.getEmail() +
+ " to host: " + hostName + ":" + port );
hasRecipients = true;
}
@@ -168,7 +165,8 @@
// Supportive methods
// -------------------------------------------------------------------------
- private HtmlEmail getHtmlEmail( String hostName, int port, String username, String password, boolean tls, String sender )
+ private HtmlEmail getHtmlEmail( String hostName, int port, String username, String password, boolean tls,
+ String sender )
throws EmailException
{
HtmlEmail email = new HtmlEmail();
@@ -187,11 +185,11 @@
private String renderPlainContent( String text, User sender )
{
- return sender == null ? text : ( text + LB + LB +
+ return sender == null ? text : (text + LB + LB +
sender.getName() + LB +
- ( sender.getOrganisationUnitsName() != null ? ( sender.getOrganisationUnitsName() + LB ) : StringUtils.EMPTY ) +
- ( sender.getEmail() != null ? ( sender.getEmail() + LB ) : StringUtils.EMPTY ) +
- ( sender.getPhoneNumber() != null ? ( sender.getPhoneNumber() + LB ) : StringUtils.EMPTY ) );
+ (sender.getOrganisationUnitsName() != null ? (sender.getOrganisationUnitsName() + LB) : StringUtils.EMPTY) +
+ (sender.getEmail() != null ? (sender.getEmail() + LB) : StringUtils.EMPTY) +
+ (sender.getPhoneNumber() != null ? (sender.getPhoneNumber() + LB) : StringUtils.EMPTY));
}
private String renderHtmlContent( String text, String footer, User sender )
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java 2016-01-06 11:43:22 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java 2016-01-06 18:19:42 +0000
@@ -28,27 +28,27 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-import java.io.Serializable;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Optional;
-import java.util.Set;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.TimeUnit;
-
+import com.google.common.cache.Cache;
+import com.google.common.cache.CacheBuilder;
+import com.google.common.collect.Lists;
import org.apache.commons.lang3.StringUtils;
+import org.hisp.dhis.external.conf.ConfigurationKey;
+import org.hisp.dhis.external.conf.DhisConfigurationProvider;
import org.hisp.dhis.i18n.I18n;
import org.hisp.dhis.i18n.I18nManager;
import org.hisp.dhis.system.util.ValidationUtils;
+import org.jasypt.encryption.pbe.PBEStringEncryptor;
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
+import org.jasypt.salt.StringFixedSaltGenerator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
-import com.google.common.cache.Cache;
-import com.google.common.cache.CacheBuilder;
-import com.google.common.collect.Lists;
+import javax.annotation.Resource;
+import java.io.Serializable;
+import java.util.*;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
/**
* @author Stian Strandli
@@ -66,7 +66,10 @@
.initialCapacity( 200 )
.maximumSize( 400 )
.build();
-
+
+ private static final Map<String, SettingKey> NAME_KEY_MAP = Lists.newArrayList(
+ SettingKey.values() ).stream().collect( Collectors.toMap( SettingKey::getName, e -> e ) );
+
// -------------------------------------------------------------------------
// Dependencies
// -------------------------------------------------------------------------
@@ -88,6 +91,9 @@
@Autowired
private I18nManager i18nManager;
+ @Resource( name = "stringEncryptor" )
+ private PBEStringEncryptor pbeStringEncryptor;
+
// -------------------------------------------------------------------------
// SystemSettingManager implementation
// -------------------------------------------------------------------------
@@ -96,9 +102,14 @@
public void saveSystemSetting( String name, Serializable value )
{
SETTING_CACHE.invalidate( name );
-
+
SystemSetting setting = systemSettingStore.getByName( name );
+ if ( NAME_KEY_MAP.get( name ).getConfidential() )
+ {
+ value = pbeStringEncryptor.encrypt( value.toString() );
+ }
+
if ( setting == null )
{
setting = new SystemSetting();
@@ -118,7 +129,7 @@
@Override
public void saveSystemSetting( SettingKey setting, Serializable value )
- {
+ {
saveSystemSetting( setting.getName(), value );
}
@@ -130,7 +141,7 @@
if ( setting != null )
{
SETTING_CACHE.invalidate( name );
-
+
systemSettingStore.delete( setting );
}
}
@@ -146,6 +157,13 @@
{
SystemSetting setting = systemSettingStore.getByName( name );
+ if ( NAME_KEY_MAP.get( name ).getConfidential() )
+ {
+
+ setting.setValue( pbeStringEncryptor.decrypt( setting.getValue().toString() ) );
+
+ }
+
return setting != null && setting.hasValue() ? setting.getValue() : null;
}
@@ -154,8 +172,9 @@
{
try
{
- Optional<Serializable> value = SETTING_CACHE.get( setting.getName(), () -> getSystemSettingOptional( setting.getName(), setting.getDefaultValue() ) );
-
+ Optional<Serializable> value = SETTING_CACHE.get( setting.getName(),
+ () -> getSystemSettingOptional( setting.getName(), setting.getDefaultValue() ) );
+
return value.orElse( null );
}
catch ( ExecutionException ignored )
@@ -173,31 +192,49 @@
private Optional<Serializable> getSystemSettingOptional( String name, Serializable defaultValue )
{
SystemSetting setting = systemSettingStore.getByName( name );
-
- return setting != null && setting.hasValue() ? Optional.of( setting.getValue() ) : Optional.ofNullable( defaultValue );
+
+ if ( setting != null && setting.hasValue() )
+ {
+ return NAME_KEY_MAP.get( name ).getConfidential() ?
+ Optional.of( pbeStringEncryptor.decrypt( setting.getValue().toString() ) ) :
+ Optional.of( setting.getValue() );
+ }
+ else
+ {
+ return Optional.ofNullable( defaultValue );
+ }
+
}
@Override
public List<SystemSetting> getAllSystemSettings()
{
- return systemSettingStore.getAll();
+
+ /*
+ * Remove confidential settings from this list!
+ */
+ return systemSettingStore.getAll().stream()
+ .filter( systemSetting -> !NAME_KEY_MAP.containsKey( systemSetting.getName() ) ||
+ !NAME_KEY_MAP.get( systemSetting.getName() ).getConfidential() )
+ .collect( Collectors.toList() );
+
}
-
+
@Override
public Map<String, Serializable> getSystemSettingsAsMap()
{
Map<String, Serializable> settingsMap = new HashMap<>();
-
+
Collection<SystemSetting> systemSettings = getAllSystemSettings();
for ( SystemSetting systemSetting : systemSettings )
{
Serializable settingValue = systemSetting.getValue();
-
+
if ( settingValue == null )
{
Optional<SettingKey> setting = SettingKey.getByName( systemSetting.getName() );
-
+
if ( setting.isPresent() )
{
settingValue = setting.get().getDefaultValue();
@@ -222,13 +259,13 @@
if ( settingValue == null )
{
Optional<SettingKey> setting = SettingKey.getByName( name );
-
+
if ( setting.isPresent() )
{
settingValue = setting.get().getDefaultValue();
}
}
-
+
if ( settingValue != null )
{
map.put( name, settingValue );
@@ -242,26 +279,26 @@
public Map<String, Serializable> getSystemSettings( Collection<SettingKey> settings )
{
Map<String, Serializable> map = new HashMap<>();
-
+
for ( SettingKey setting : settings )
{
Serializable value = getSystemSetting( setting );
-
+
if ( value != null )
{
map.put( setting.getName(), value );
}
}
-
+
return map;
}
-
+
@Override
public void invalidateCache()
{
SETTING_CACHE.invalidateAll();
}
-
+
// -------------------------------------------------------------------------
// Specific methods
// -------------------------------------------------------------------------
@@ -272,24 +309,24 @@
Collections.sort( flags );
return flags;
}
-
+
@Override
public List<StyleObject> getFlagObjects()
{
Collections.sort( flags );
-
+
I18n i18n = i18nManager.getI18n();
-
+
List<StyleObject> list = Lists.newArrayList();
-
+
for ( String flag : flags )
{
String name = i18n.getString( flag );
String file = flag + ".png";
-
+
list.add( new StyleObject( name, flag, file ) );
}
-
+
return list;
}
@@ -372,7 +409,8 @@
@Override
public boolean isOpenIdConfigured()
{
- return getSystemSetting( SettingKey.OPENID_PROVIDER ) != null && getSystemSetting( SettingKey.OPENID_PROVIDER_LABEL ) != null;
+ return getSystemSetting( SettingKey.OPENID_PROVIDER ) != null &&
+ getSystemSetting( SettingKey.OPENID_PROVIDER_LABEL ) != null;
}
@Override
@@ -386,4 +424,11 @@
{
return (Integer) getSystemSetting( SettingKey.CREDENTIALS_EXPIRES );
}
+
+ @Override
+ public boolean isConfidential( String name )
+ {
+ return NAME_KEY_MAP.containsKey( name ) && NAME_KEY_MAP.get( name ).getConfidential();
+ }
+
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/ConfigurationPopulator.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/ConfigurationPopulator.java 2016-01-05 18:25:17 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/startup/ConfigurationPopulator.java 2016-01-06 18:19:09 +0000
@@ -54,7 +54,6 @@
public void execute()
throws Exception
{
-
checkSecurityConfiguration();
Configuration config = configurationService.getConfiguration();
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml 2016-01-06 14:37:53 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml 2016-01-06 18:19:42 +0000
@@ -876,7 +876,6 @@
<bean id="emailMessageSender" class="org.hisp.dhis.message.EmailMessageSender">
<property name="systemSettingManager" ref="org.hisp.dhis.setting.SystemSettingManager" />
- <property name="dhisConfigurationProvider" ref="dhisConfigurationProvider" />
<property name="userSettingService" ref="org.hisp.dhis.user.UserSettingService" />
</bean>
=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/synch/DefaultSynchronizationManager.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/synch/DefaultSynchronizationManager.java 2016-01-05 14:03:19 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/synch/DefaultSynchronizationManager.java 2016-01-06 18:19:09 +0000
@@ -102,9 +102,6 @@
@Autowired
private RestTemplate restTemplate;
- @Autowired
- private DhisConfigurationProvider dhisConfigurationProvider;
-
// -------------------------------------------------------------------------
// SynchronizatonManager implementation
// -------------------------------------------------------------------------
@@ -119,14 +116,14 @@
return new AvailabilityStatus( false, "Remote server is not configured" );
}
- String url = dhisConfigurationProvider.getProperty( ConfigurationKey.REMOTE_INSTANCE_URL ) + PING_PATH;
-
- log.info( "Remote server ping URL: " + url + ", username: " + dhisConfigurationProvider.getProperty(
- ConfigurationKey.REMOTE_INSTANCE_USERNAME ) );
-
- HttpEntity<String> request = getBasicAuthRequestEntity( dhisConfigurationProvider.getProperty(
- ConfigurationKey.REMOTE_INSTANCE_USERNAME ), dhisConfigurationProvider.getProperty(
- ConfigurationKey.REMOTE_INSTANCE_PASSWORD ) );
+ String url = systemSettingManager.getSystemSetting( SettingKey.REMOTE_INSTANCE_URL ) + PING_PATH;
+
+ log.info( "Remote server ping URL: " + url + ", username: " + systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_USERNAME ) );
+
+ HttpEntity<String> request = getBasicAuthRequestEntity( (String) systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_USERNAME ), (String) systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_PASSWORD ) );
ResponseEntity<String> response = null;
HttpStatus sc = null;
@@ -217,8 +214,8 @@
final Configuration config = configurationService.getConfiguration();
- String url = dhisConfigurationProvider.getProperty( ConfigurationKey.REMOTE_INSTANCE_URL ) +
- "/api/dataValueSets";
+ String url = systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_URL ) + "/api/dataValueSets";
log.info( "Remote server POST URL: " + url );
@@ -230,10 +227,12 @@
{
request.getHeaders().setContentType( MediaType.APPLICATION_JSON );
request.getHeaders().add( HEADER_AUTHORIZATION,
- CodecUtils.getBasicAuthString( dhisConfigurationProvider.getProperty(
- ConfigurationKey.REMOTE_INSTANCE_USERNAME ),
- dhisConfigurationProvider.getProperty(
- ConfigurationKey.REMOTE_INSTANCE_PASSWORD ) ) );
+ CodecUtils.getBasicAuthString(
+ (String) systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_USERNAME ),
+ (String) systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_PASSWORD ) ) );
+
dataValueSetService
.writeDataValueSetJson( lastSuccessTime, request.getBody(), new IdSchemes() );
}
@@ -316,16 +315,17 @@
*/
private boolean isRemoteServerConfigured( Configuration config )
{
- if ( trimToNull( dhisConfigurationProvider.getProperty( ConfigurationKey.REMOTE_INSTANCE_URL ) ) ==
+ if ( trimToNull( (String) systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_URL ) ) ==
null )
{
log.info( "Remote server URL not set" );
return false;
}
- if ( trimToNull( dhisConfigurationProvider.getProperty( ConfigurationKey.REMOTE_INSTANCE_USERNAME ) ) ==
+ if ( trimToNull( (String) systemSettingManager.getSystemSetting( SettingKey.REMOTE_INSTANCE_USERNAME ) ) ==
null ||
- trimToNull( dhisConfigurationProvider.getProperty( ConfigurationKey.REMOTE_INSTANCE_URL ) ) ==
+ trimToNull( (String) systemSettingManager.getSystemSetting( SettingKey.REMOTE_INSTANCE_URL ) ) ==
null )
{
log.info( "Remote server username or password not set" );
@@ -345,4 +345,4 @@
headers.set( HEADER_AUTHORIZATION, CodecUtils.getBasicAuthString( username, password ) );
return new HttpEntity<>( headers );
}
-}
+}
\ No newline at end of file
=== modified file 'dhis-2/dhis-support/dhis-support-external/src/main/java/org/hisp/dhis/external/conf/ConfigurationKey.java'
--- dhis-2/dhis-support/dhis-support-external/src/main/java/org/hisp/dhis/external/conf/ConfigurationKey.java 2016-01-05 18:25:17 +0000
+++ dhis-2/dhis-support/dhis-support-external/src/main/java/org/hisp/dhis/external/conf/ConfigurationKey.java 2016-01-06 18:19:09 +0000
@@ -51,17 +51,7 @@
FILE_STORE_CONTAINER( "filestore.container", "files" ),
FILE_STORE_LOCATION( "filestore.location" ),
FILE_STORE_IDENTITY( "filestore.identity", "" ),
- FILE_STORE_SECRET( "filestore.secret", "" ),
- SMTP_HOSTNAME( "smtp.hostname", "" ),
- SMTP_PORT( "smtp.port", "587" ),
- SMTP_TLS( "smtp.tls", "true" ),
- SMTP_USERNAME( "smtp.username", "" ),
- SMTP_PASSWORD( "smtp.password", "" ),
- SMTP_SENDER( "smtp.sender", "" ),
- REMOTE_INSTANCE_URL( "remote_instance.url", "" ),
- REMOTE_INSTANCE_USERNAME( "remote_instance.username", "" ),
- REMOTE_INSTANCE_PASSWORD( "remote_instance.password", "" );
-
+ FILE_STORE_SECRET( "filestore.secret", "" );
private final String key;
=== modified file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-support/dhis-support-hibernate/src/main/resources/META-INF/dhis/beans.xml 2015-12-23 13:59:37 +0000
+++ dhis-2/dhis-support/dhis-support-hibernate/src/main/resources/META-INF/dhis/beans.xml 2016-01-06 18:19:09 +0000
@@ -93,6 +93,11 @@
<bean id="encryptionPassword" class="org.hisp.dhis.hibernate.ConnectionPropertyFactoryBean">
<property name="hibernateConfigurationProvider" ref="hibernateConfigurationProvider" />
<property name="hibernateProperty" value="encryption.password" />
+ </bean>
+
+ <bean id="systemSettingEncryptionPassword" class="org.hisp.dhis.hibernate.ConnectionPropertyFactoryBean">
+ <property name="hibernateConfigurationProvider" ref="hibernateConfigurationProvider" />
+ <property name="hibernateProperty" value="encryption.password" />
<property name="defaultValue" value="J7GhAs287hsSQlKd9g5" />
</bean>
@@ -118,7 +123,7 @@
<bean id="stringEncryptor" class="org.jasypt.encryption.pbe.PooledPBEStringEncryptor">
<property name="algorithm" value="PBEWithSHA1AndDESede" />
- <property name="password" ref="encryptionPassword" />
+ <property name="password" ref="systemSettingEncryptionPassword" />
<property name="saltGenerator" ref="fixedSaltGenerator" />
<property name="poolSize" value="4" />
</bean>
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/ConfigurationController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/ConfigurationController.java 2016-01-05 19:03:10 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/ConfigurationController.java 2016-01-06 18:19:42 +0000
@@ -46,6 +46,8 @@
import org.hisp.dhis.organisationunit.OrganisationUnitLevel;
import org.hisp.dhis.period.PeriodService;
import org.hisp.dhis.period.PeriodType;
+import org.hisp.dhis.setting.SettingKey;
+import org.hisp.dhis.setting.SystemSettingManager;
import org.hisp.dhis.user.UserAuthorityGroup;
import org.hisp.dhis.user.UserGroup;
import org.hisp.dhis.webapi.controller.exception.NotFoundException;
@@ -71,7 +73,7 @@
@Autowired
private DhisConfigurationProvider config;
-
+
@Autowired
private IdentifiableObjectManager identifiableObjectManager;
@@ -81,6 +83,9 @@
@Autowired
private RenderService renderService;
+ @Autowired
+ private SystemSettingManager systemSettingManager;
+
// -------------------------------------------------------------------------
// Resources
// -------------------------------------------------------------------------
@@ -90,7 +95,7 @@
{
return setModel( model, configurationService.getConfiguration() );
}
-
+
@PreAuthorize( "hasRole('ALL') or hasRole('F_SYSTEM_SETTING')" )
@ResponseStatus( value = HttpStatus.OK )
@RequestMapping( value = "/systemId", method = RequestMethod.GET )
@@ -238,7 +243,7 @@
}
Configuration config = configurationService.getConfiguration();
-
+
periodType = periodService.reloadPeriodType( periodType );
config.setInfrastructuralPeriodType( periodType );
@@ -300,14 +305,15 @@
@RequestMapping( value = "/remoteServerUrl", method = RequestMethod.GET )
public String getRemoteServerUrl( Model model, HttpServletRequest request )
{
- return setModel( model, config.getProperty( ConfigurationKey.REMOTE_INSTANCE_URL ) );
+ return setModel( model, systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_URL ) );
}
-
@RequestMapping( value = "/remoteServerUsername", method = RequestMethod.GET )
public String getRemoteServerUsername( Model model, HttpServletRequest request )
{
- return setModel( model, config.getProperty( ConfigurationKey.REMOTE_INSTANCE_USERNAME) );
+ return setModel( model, systemSettingManager.getSystemSetting(
+ SettingKey.REMOTE_INSTANCE_USERNAME ) );
}
@RequestMapping( value = "/corsWhitelist", method = RequestMethod.GET, produces = "application/json" )
@@ -315,8 +321,8 @@
{
return setModel( model, configurationService.getConfiguration().getCorsWhitelist() );
}
-
- @SuppressWarnings("unchecked")
+
+ @SuppressWarnings( "unchecked" )
@PreAuthorize( "hasRole('ALL') or hasRole('F_SYSTEM_SETTING')" )
@ResponseStatus( value = HttpStatus.OK )
@RequestMapping( value = "/corsWhitelist", method = RequestMethod.POST, consumes = "application/json" )
@@ -324,14 +330,14 @@
throws IOException
{
Set<String> corsWhitelist = renderService.fromJson( input, Set.class );
-
+
Configuration config = configurationService.getConfiguration();
-
+
config.setCorsWhitelist( corsWhitelist );
-
+
configurationService.setConfiguration( config );
}
-
+
@RequestMapping( value = "/systemBaseUrl", method = RequestMethod.GET )
public String getSystemBaseUrl( Model model, HttpServletRequest request )
{
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemSettingController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemSettingController.java 2016-01-06 17:08:06 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/SystemSettingController.java 2016-01-06 18:19:42 +0000
@@ -32,6 +32,7 @@
import java.io.Serializable;
import java.util.Map;
import java.util.Set;
+import java.util.function.Predicate;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -73,13 +74,15 @@
@Autowired
private WebMessageService webMessageService;
- @RequestMapping( value = "/{key}", method = RequestMethod.POST, consumes = { ContextUtils.CONTENT_TYPE_TEXT, ContextUtils.CONTENT_TYPE_HTML } )
+ @RequestMapping( value = "/{key}", method = RequestMethod.POST, consumes = { ContextUtils.CONTENT_TYPE_TEXT,
+ ContextUtils.CONTENT_TYPE_HTML } )
@PreAuthorize( "hasRole('ALL') or hasRole('F_SYSTEM_SETTING')" )
public void setSystemSetting(
@PathVariable( value = "key" ) String key,
@RequestParam( value = "value", required = false ) String value,
@RequestBody( required = false ) String valuePayload,
- HttpServletResponse response, HttpServletRequest request ) throws WebMessageException
+ HttpServletResponse response, HttpServletRequest request )
+ throws WebMessageException
{
if ( key == null )
{
@@ -88,21 +91,25 @@
if ( value == null && valuePayload == null )
{
- throw new WebMessageException( WebMessageUtils.conflict( "Value must be specified as query param or as payload" ) );
+ throw new WebMessageException(
+ WebMessageUtils.conflict( "Value must be specified as query param or as payload" ) );
}
value = ObjectUtils.firstNonNull( value, valuePayload );
-
+
Serializable valueObject = SettingKey.getAsRealClass( key, value );
-
+
systemSettingManager.saveSystemSetting( key, valueObject );
- webMessageService.send( WebMessageUtils.ok( "System setting " + key + " set as value '" + valueObject + "'." ), response, request );
+ webMessageService
+ .send( WebMessageUtils.ok( "System setting " + key + " set as value '" + valueObject + "'." ), response,
+ request );
}
@RequestMapping( method = RequestMethod.POST, consumes = { ContextUtils.CONTENT_TYPE_JSON } )
@PreAuthorize( "hasRole('ALL') or hasRole('F_SYSTEM_SETTING')" )
- public void setSystemSetting( @RequestBody Map<String, Object> settings, HttpServletResponse response, HttpServletRequest request )
+ public void setSystemSetting( @RequestBody Map<String, Object> settings, HttpServletResponse response,
+ HttpServletRequest request )
{
for ( String key : settings.keySet() )
{
@@ -113,16 +120,30 @@
}
@RequestMapping( value = "/{key}", method = RequestMethod.GET, produces = ContextUtils.CONTENT_TYPE_TEXT )
- public @ResponseBody String getSystemSettingAsText( @PathVariable( "key" ) String key )
+ public
+ @ResponseBody
+ String getSystemSettingAsText( @PathVariable( "key" ) String key )
{
- Serializable setting = systemSettingManager.getSystemSetting( key );
+ if ( systemSettingManager.isConfidential( key ) )
+ {
+ return "";
+ }
+ else
+ {
+ Serializable setting = systemSettingManager.getSystemSetting( key );
- return setting != null ? String.valueOf( setting ) : null;
+ return setting != null ? String.valueOf( setting ) : null;
+ }
}
- @RequestMapping( method = RequestMethod.GET, produces = { ContextUtils.CONTENT_TYPE_JSON, ContextUtils.CONTENT_TYPE_HTML } )
- public void getSystemSettingsJson( @RequestParam( value = "key", required = false ) Set<String> key, HttpServletResponse response ) throws IOException
+ @RequestMapping( method = RequestMethod.GET, produces = { ContextUtils.CONTENT_TYPE_JSON,
+ ContextUtils.CONTENT_TYPE_HTML } )
+ public void getSystemSettingsJson( @RequestParam( value = "key", required = false ) Set<String> key,
+ HttpServletResponse response )
+ throws IOException
{
+ if ( key != null )
+ key.removeIf( systemSettingManager::isConfidential );
response.setContentType( MediaType.APPLICATION_JSON_VALUE );
renderService.toJson( response.getOutputStream(), getSystemSettings( key ) );
}
@@ -131,7 +152,8 @@
public void getSystemSettingsJsonP(
@RequestParam( value = "key", required = false ) Set<String> key,
@RequestParam( defaultValue = "callback" ) String callback,
- HttpServletResponse response ) throws IOException
+ HttpServletResponse response )
+ throws IOException
{
response.setContentType( "application/javascript" );
renderService.toJsonP( response.getOutputStream(), getSystemSettings( key ), callback );
