Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request #66 from netroms/final_sec_merge_2.36.12.1
fix: merge latest security advisories 2.36.12.1
  • Loading branch information
Philip-Larsen-Donnelly committed Nov 28, 2022
2 parents 5ce6c7b + 99564a1 commit dc3166c
Show file tree
Hide file tree
Showing 30 changed files with 623 additions and 270 deletions.
63 changes: 0 additions & 63 deletions .github/workflows/analyse-pr.yml

This file was deleted.

26 changes: 0 additions & 26 deletions .github/workflows/check-formatting.yml

This file was deleted.

66 changes: 0 additions & 66 deletions .github/workflows/codeql-analysis.yml

This file was deleted.

40 changes: 0 additions & 40 deletions .github/workflows/run-api-tests.yml

This file was deleted.

73 changes: 39 additions & 34 deletions .github/workflows/run-tests.yml
@@ -1,53 +1,58 @@
name: Test

on: [ pull_request ]

env:
# This is to make sure Maven don't timeout fetching dependencies. See: https://github.com/actions/virtual-environments/issues/1499
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=125
on:
push:
branches:
- master
pull_request:
concurrency:
group: ${{ github.workflow}}-${{ github.ref }}
cancel-in-progress: true
jobs:
cleanup-runs:
runs-on: ubuntu-latest
steps:
- uses: rokroskar/workflow-run-cleanup-action@035a48f84b47e111d72cf492a513179c92cd29ed
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: "!startsWith(github.ref, 'refs/tags/') && github.ref != 'refs/heads/master'"

unit-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: netroms/checkout@main
- name: Set up JDK 11
uses: actions/setup-java@v1
uses: netroms/setup-java@main
with:
java-version: 11

- name: Cache maven artifacts
uses: actions/cache@v2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('pom.xml') }}
restore-keys: ${{ runner.os }}-maven-

- name: Test core
run: mvn clean install -Pdefault -Pjdk11 --update-snapshots -f ./dhis-2/pom.xml
distribution: temurin
cache: maven
- name: Test core # NOTE: dhis-2/pom.xml needs to be installed as built artifacts are needed by dhis-web
run: mvn clean install --threads 2C --batch-mode --no-transfer-progress --update-snapshots -f ./dhis-2/pom.xml
timeout-minutes: 30

- name: Test dhis-web
run: mvn clean install -Pdefault -Pjdk11 --update-snapshots -f ./dhis-2/dhis-web/pom.xml
run: mvn test --threads 2C --batch-mode --no-transfer-progress --update-snapshots -f ./dhis-2/dhis-web/pom.xml
timeout-minutes: 30

integration-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: netroms/checkout@main
- name: Set up JDK 11
uses: actions/setup-java@v1
uses: netroms/setup-java@main
with:
java-version: 11
distribution: temurin
cache: maven
- name: Run integration tests
run: mvn clean verify --threads 2C --batch-mode --no-transfer-progress -Pintegration -f ./dhis-2/pom.xml
timeout-minutes: 30

- name: Cache maven artifacts
uses: actions/cache@v2
integration-h2-test:
runs-on: ubuntu-latest
steps:
- uses: netroms/checkout@main
- name: Set up JDK 11
uses: netroms/setup-java@main
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('pom.xml') }}
restore-keys: ${{ runner.os }}-maven-

- name: Run integration tests
run: mvn clean install -Pintegration -Pjdk11 -f ./dhis-2/pom.xml
java-version: 11
distribution: temurin
cache: maven
- name: Run integration h2 tests
run: mvn clean verify --threads 2C --batch-mode --no-transfer-progress -PintegrationH2 -f ./dhis-2/pom.xml
timeout-minutes: 30
Expand Up @@ -93,6 +93,22 @@ public static String generateCode( int codeSize )
return new String( randomChars );
}

/**
* Generates a random token encoded in Base64
*
* @param lengthInBytes length in bytes of the token
* @return a Base64 encoded string of the token
*/
public static String getRandomNonSecureToken( int lengthInBytes )
{
ThreadLocalRandom random = ThreadLocalRandom.current();
byte[] tokenBytes = new byte[lengthInBytes];
random.nextBytes( tokenBytes );

Base64.Encoder encoder = Base64.getUrlEncoder().withoutPadding();
return encoder.encodeToString( tokenBytes );
}

/**
* Generates a cryptographically strong random token encoded in Base64
*
Expand Down
Expand Up @@ -121,6 +121,7 @@
E3016( "Data sharing is not enabled for this object" ),
E3017( "Invalid user group access string: `{0}`" ),
E3018( "Invalid user access string: `{0}`" ),
E3028( "User `{0}` does not have access to user role" ),

/* Metadata Validation */
E4000( "Missing required property `{0}`." ),
Expand Down
Expand Up @@ -119,4 +119,14 @@
void copyContent( String key, OutputStream output )
throws IOException,
NoSuchElementException;

/**
* Copies the content of the resource stored under key to the byte array.
*
* @param key the key used to store a resource
* @return byte array of the content
*/
byte[] copyContent( String key )
throws IOException,
NoSuchElementException;
}
Expand Up @@ -69,6 +69,18 @@ void copyFileResourceContent( FileResource fileResource, OutputStream outputStre
throws IOException,
NoSuchElementException;

/**
* Copy fileResource content to a byte array
*
* @param fileResource
* @return a byte array of the content
* @throws IOException
* @throws NoSuchElementException
*/
byte[] copyFileResourceContent( FileResource fileResource )
throws IOException,
NoSuchElementException;

boolean fileResourceExists( String uid );

void updateFileResource( FileResource fileResource );
Expand Down

0 comments on commit dc3166c

Please sign in to comment.