Added CORS configuration to speedup development + minor changes

d2667302 · Sonia Zorba · d4cb9838 · d2667302 · d2667302 · d2667302
Commit d2667302 authored 5 years ago by Sonia Zorba
--- a/.gitignore
+++ b/.gitignore
@@ -55,3 +55,5 @@ nbactions.xml
 .vscode/

 /gms-ui/target/
+/gms/nbactions-release-profile.xml
+
--- a/gms-ui/src/api/server/index.js
+++ b/gms-ui/src/api/server/index.js
@@ -4,12 +4,12 @@ export default {
  fetchMainModel () {
    return fetch(BASE_API_URL + 'groups?groupId=ROOT&tab=groups&paginatorPageSize=20&paginatorPage=1', {
      method: 'GET',
-      mode: 'cors',
      cache: 'no-cache',
      credentials: 'include',
      headers: {
-        'Content-Type': 'application/json'
+        'Content-Type': 'application/json',
+        'Accept': 'application/json',
      }
-    });
+    }).then(response => response.json());
  }
 };
--- a/gms-ui/src/components/GroupsPanel.vue
+++ b/gms-ui/src/components/GroupsPanel.vue
@@ -6,7 +6,7 @@
      </b-col>
    </b-row>
    <div id="groups-list">
-      <b-list-group v-for="group in model.groupsPanel.groups">
+      <b-list-group v-for="group in model.groupsPanel.items">
        <b-list-group-item href="#">
          <span class="float-left">{{group.name}}</span>
          <span v-if="group.permission === 'ADMIN'" class="float-right">
@@ -23,9 +23,9 @@
    <div class="row">
      <div class="col-md-9">
        <b-pagination
-          v-model="model.groupsPanel.paginator.page"
-          :total-rows="model.groupsPanel.paginator.totalItems"
-          :per-page="model.groupsPanel.paginator.pageSize"
+          v-model="model.groupsPanel.currentPage"
+          :total-rows="model.groupsPanel.totalItems"
+          :per-page="model.groupsPanel.pageSize"
          aria-controls="groups-list"
          align="center"
          v-on:change="setPage"
@@ -57,7 +57,7 @@ export default {
  },
  data: function() {
    return {
-      selectedPageSize: this.model.groupsPanel.paginator.pageSize,
+      selectedPageSize: this.model.groupsPanel.pageSize,
      pageSizeOptions: [
        { value: 20, text: "20" },
        { value: 50, text: "50" },

--- a/gms-ui/src/components/MembersPanel.vue
+++ b/gms-ui/src/components/MembersPanel.vue
 <template>
-  <b-tab title="Members">
+  <b-tab title="Members" v-if="model.membersPanel !== null">
    <b-list-group v-for="member in model.membersPanel.members" id="members-list">
      <b-list-group-item href="#">
        {{member.label}}

--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
 package it.inaf.ia2.gms.authn;

+import java.util.Arrays;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.core.Ordered;
+import org.springframework.core.env.Environment;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;

 @Configuration
 @EnableOAuth2Sso
 public class SecurityConfig extends WebSecurityConfigurerAdapter {

+    @Autowired
+    private Environment env;
+
+    @Value("${cors.allowed.origin}")
+    private String corsAllowedOrigin;
+
    @Override
    public void configure(HttpSecurity http) throws Exception {
+
        super.configure(http);
+
+        if (Arrays.asList(env.getActiveProfiles()).contains("dev")) {
+            http.authorizeRequests()
+                    .antMatchers(HttpMethod.OPTIONS, "/**").permitAll();
+        }
+
        http.csrf().disable();
    }
+
+    @Bean
+    @Profile("dev")
+    public FilterRegistrationBean corsFilter() {
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues();
+        config.setAllowedOrigins(Arrays.asList(corsAllowedOrigin));
+        config.setAllowCredentials(true);
+        source.registerCorsConfiguration("/**", config);
+        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
+        bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
+        return bean;
+    }
 }
--- a/gms/src/main/java/it/inaf/ia2/gms/model/GroupNode.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/model/GroupNode.java
 package it.inaf.ia2.gms.model;

+import com.fasterxml.jackson.annotation.JsonProperty;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashSet;
@@ -17,6 +18,7 @@ public class GroupNode {
        permissions = new HashSet<>();
    }

+    @JsonProperty("id")
    public String getGroupId() {
        return groupId;
    }
@@ -25,6 +27,7 @@ public class GroupNode {
        this.groupId = groupId;
    }

+    @JsonProperty("name")
    public String getGroupName() {
        return groupName;
    }

--- a/gms/src/main/resources/application.properties
+++ b/gms/src/main/resources/application.properties
@@ -17,4 +17,8 @@ spring.datasource.username=gms
 spring.datasource.password=gms
 #spring.jpa.open-in-view=false

-rap.ws-url=http://localhost/rap-ia2/ws
\ No newline at end of file
+rap.ws-url=http://localhost/rap-ia2/ws
+
+# For development only:
+spring.profiles.active=dev
+cors.allowed.origin=http://localhost:8080