From 7482e7f58c19e9489ed7d2dc71879de48336177b Mon Sep 17 00:00:00 2001
From: ThanKarab <tkarabatsis@hotmail.com>
Date: Thu, 19 Nov 2020 18:22:00 +0200
Subject: [PATCH] Removing deployed on production env variable, not needed.
---
docker/README.md | 4 ----
docker/config/application.tmpl | 5 -----
.../configurations/SecurityConfiguration.java | 18 +++++-------------
src/main/resources/application.yml | 5 -----
4 files changed, 5 insertions(+), 27 deletions(-)
diff --git a/docker/README.md b/docker/README.md
index eb3c76498..9636ff324 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -16,10 +16,6 @@ To use this image, you need a running instance of PostgreSQL and to configure th
* AUTHENTICATION: true for production, false for development.
-### RELEASE STAGE ###
-* PRODUCTION: Deployed on production? (True/False) Default is True.
-
-
### DATABASE CONFIGURATION ###
* PORTAL_DB_URL: JDBC URL to connect to the portal database, default value is "jdbc:postgresql://127.0.0.1:5432/portal".
* PORTAL_DB_SCHEMA: Database schema, default value is "public".
diff --git a/docker/config/application.tmpl b/docker/config/application.tmpl
index 423baccff..5859f78a8 100644
--- a/docker/config/application.tmpl
+++ b/docker/config/application.tmpl
@@ -14,11 +14,6 @@ authentication:
enabled: {{ default .Env.AUTHENTICATION "true" }}
-### RELEASE STAGE ###
-release_stage:
- production: {{ default .Env.PRODUCTION "true" }}
-
-
### DATABASE CONFIGURATION ###
spring:
portal-datasource:
diff --git a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
index 4e2905945..59929212b 100644
--- a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
+++ b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
@@ -42,9 +42,6 @@ public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter
@Value("#{'${authentication.enabled}'}")
private boolean authenticationEnabled;
- @Value("#{'${release_stage.production}'}")
- private boolean deployedOnProduction;
-
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
@@ -56,19 +53,14 @@ public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter
"/v2/api-docs", "/swagger-ui/**", "/swagger-resources/**" // Swagger URLs
).permitAll()
.antMatchers("/galaxy*", "/galaxy/*").hasRole("DATA MANAGER")
- .anyRequest().hasRole("RESEARCHER");
+ .anyRequest().hasRole("RESEARCHER")
+ .and().csrf().ignoringAntMatchers("/logout").csrfTokenRepository(csrfTokenRepository())
+ .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
} else {
http.antMatcher("/**")
.authorizeRequests()
- .antMatchers("/**").permitAll();
- }
-
- if (!deployedOnProduction) {
- // If deployed for development, csrf can be disabled
- http.csrf().disable();
- } else {
- http.csrf().ignoringAntMatchers("/logout").csrfTokenRepository(csrfTokenRepository())
- .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
+ .antMatchers("/**").permitAll()
+ .and().csrf().disable();
}
}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index a62d819f6..84053f912 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -14,11 +14,6 @@ authentication:
enabled: true
-### RELEASE STAGE ###
-release_stage:
- production: true
-
-
### DATABASE CONFIGURATION ###
spring:
portal-datasource:
--
GitLab