diff --git a/gradle.properties b/gradle.properties index 1cf9f87a5..24b2eb20f 100644 --- a/gradle.properties +++ b/gradle.properties @@ -10,5 +10,5 @@ mavenPassword=YourPassword # When updating the version, please as well consider: # - here-naksha-lib-core/src/main/com/here/naksha/lib/core/NakshaVersion (static property: latest) # - here-naksha-app-service/src/main/resources/swagger/openapi.yaml (info.version property) -version=2.2.2 +version=2.2.3 diff --git a/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/ops/MaskingUtil.java b/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/ops/MaskingUtil.java index a487d57f1..5822b41dc 100644 --- a/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/ops/MaskingUtil.java +++ b/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/ops/MaskingUtil.java @@ -25,26 +25,27 @@ import java.util.Set; public class MaskingUtil { - + public static final Set SENSITIVE_PROPERTIES = Set.of("password", "authorization"); static final String MASK = "xxxxxx"; private MaskingUtil() {} - public static void maskProperties(XyzFeature feature, Set propertiesToMask) { - maskProperties(feature.getProperties(), propertiesToMask); + public static void maskProperties(XyzFeature feature) { + maskProperties(feature.getProperties()); } - private static void maskProperties(Map propertiesAsMap, Set propertiesToMask) { + private static void maskProperties(Map propertiesAsMap) { for (Entry entry : propertiesAsMap.entrySet()) { - if (propertiesToMask.stream().anyMatch(entry.getKey()::contains)) { + if (SENSITIVE_PROPERTIES.stream() + .anyMatch(property -> entry.getKey().toLowerCase().contains(property.toLowerCase()))) { entry.setValue(MASK); } else if (entry.getValue() instanceof Map) { - maskProperties((Map) entry.getValue(), propertiesToMask); + maskProperties((Map) entry.getValue()); } else if (entry.getValue() instanceof ArrayList array) { // recursive call to the nested array json for (Object arrayEntry : array) { if (arrayEntry instanceof Map) { - maskProperties((Map) arrayEntry, propertiesToMask); + maskProperties((Map) arrayEntry); } } } diff --git a/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/EventHandlerApiTask.java b/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/EventHandlerApiTask.java index 035f61ea9..fa08f151e 100644 --- a/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/EventHandlerApiTask.java +++ b/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/EventHandlerApiTask.java @@ -39,9 +39,7 @@ import com.here.naksha.lib.core.util.json.Json; import com.here.naksha.lib.core.util.storage.RequestHelper; import com.here.naksha.lib.core.view.ViewDeserialize; -import com.here.naksha.lib.psql.PsqlInstanceConfig; import io.vertx.ext.web.RoutingContext; -import java.util.Set; import org.jetbrains.annotations.NotNull; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -50,9 +48,6 @@ public class EventHandlerApiTask extends AbstractApiTask< private static final Logger logger = LoggerFactory.getLogger(EventHandlerApiTask.class); - private static final Set SENSITIVE_PROPERTIES = - Set.of(PsqlInstanceConfig.PASSWORD, "Authorization", "authorization"); - private final @NotNull EventHandlerApiReqType reqType; public EventHandlerApiTask( @@ -103,11 +98,7 @@ protected void init() {} // Read request JSON final EventHandler newHandler = handlerFromRequestBody(); final WriteXyzFeatures writeRequest = RequestHelper.createFeatureRequest(EVENT_HANDLERS, newHandler, false); - // persist new handler in Admin DB (if doesn't exist already) - try (Result writeResult = executeWriteRequestFromSpaceStorage(writeRequest)) { - return transformWriteResultToXyzFeatureResponse( - writeResult, EventHandler.class, this::handlerWithMaskedSensitiveProperties); - } + return transformedResponseTo(writeRequest); } private @NotNull XyzResponse executeGetHandlers() { @@ -116,8 +107,7 @@ protected void init() {} // Submit request to NH Space Storage try (Result rdResult = executeReadRequestFromSpaceStorage(request)) { // transform ReadResult to Http FeatureCollection response - return transformReadResultToXyzCollectionResponse( - rdResult, EventHandler.class, this::handlerWithMaskedSensitiveProperties); + return transformReadResultToXyzCollectionResponse(rdResult, EventHandler.class); } } @@ -125,11 +115,7 @@ protected void init() {} // Create ReadFeatures Request to read the handler with the specific ID from Admin DB final String handlerId = routingContext.pathParam(HANDLER_ID); final ReadFeatures request = new ReadFeatures(EVENT_HANDLERS).withPropertyOp(POp.eq(PRef.id(), handlerId)); - // Submit request to NH Space Storage - try (Result rdResult = executeReadRequestFromSpaceStorage(request)) { - return transformReadResultToXyzFeatureResponse( - rdResult, EventHandler.class, this::handlerWithMaskedSensitiveProperties); - } + return transformedResponseTo(request); } private @NotNull XyzResponse executeUpdateHandler() throws JsonProcessingException { @@ -141,10 +127,7 @@ protected void init() {} } else { final WriteXyzFeatures updateHandlerReq = RequestHelper.updateFeatureRequest(EVENT_HANDLERS, handlerToUpdate); - try (Result updateHandlerResult = executeWriteRequestFromSpaceStorage(updateHandlerReq)) { - return transformWriteResultToXyzFeatureResponse( - updateHandlerResult, EventHandler.class, this::handlerWithMaskedSensitiveProperties); - } + return transformedResponseTo(updateHandlerReq); } } @@ -157,8 +140,25 @@ protected void init() {} } } + @NotNull + private XyzResponse transformedResponseTo(ReadFeatures rdRequest) { + try (Result rdResult = executeReadRequestFromSpaceStorage(rdRequest)) { + return transformReadResultToXyzFeatureResponse( + rdResult, EventHandler.class, this::handlerWithMaskedSensitiveProperties); + } + } + + @NotNull + private XyzResponse transformedResponseTo(WriteXyzFeatures updateHandlerReq) { + // persist new handler in Admin DB (if doesn't exist already) + try (Result updateHandlerResult = executeWriteRequestFromSpaceStorage(updateHandlerReq)) { + return transformWriteResultToXyzFeatureResponse( + updateHandlerResult, EventHandler.class, this::handlerWithMaskedSensitiveProperties); + } + } + private EventHandler handlerWithMaskedSensitiveProperties(EventHandler handler) { - maskProperties(handler, SENSITIVE_PROPERTIES); + maskProperties(handler); return handler; } diff --git a/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/StorageApiTask.java b/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/StorageApiTask.java index 5eb7480af..aa84d7244 100644 --- a/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/StorageApiTask.java +++ b/here-naksha-app-service/src/main/java/com/here/naksha/app/service/http/tasks/StorageApiTask.java @@ -39,9 +39,7 @@ import com.here.naksha.lib.core.util.json.Json; import com.here.naksha.lib.core.util.storage.RequestHelper; import com.here.naksha.lib.core.view.ViewDeserialize; -import com.here.naksha.lib.psql.PsqlInstanceConfig; import io.vertx.ext.web.RoutingContext; -import java.util.Set; import org.jetbrains.annotations.NotNull; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -49,9 +47,6 @@ public class StorageApiTask extends AbstractApiTask { private static final Logger logger = LoggerFactory.getLogger(StorageApiTask.class); - - private static final Set SENSITIVE_PROPERTIES = - Set.of(PsqlInstanceConfig.PASSWORD, "Authorization", "authorization"); private final @NotNull StorageApiReqType reqType; public enum StorageApiReqType { @@ -164,7 +159,7 @@ private XyzResponse transformedResponseTo(WriteXyzFeatures updateStorageReq) { } private Storage storageWithMaskedSensitiveProperties(Storage storage) { - maskProperties(storage, SENSITIVE_PROPERTIES); + maskProperties(storage); return storage; } diff --git a/here-naksha-app-service/src/main/resources/swagger/openapi.yaml b/here-naksha-app-service/src/main/resources/swagger/openapi.yaml index 8a110d2fa..493450b57 100644 --- a/here-naksha-app-service/src/main/resources/swagger/openapi.yaml +++ b/here-naksha-app-service/src/main/resources/swagger/openapi.yaml @@ -12,7 +12,7 @@ servers: info: title: "Naksha Hub-API" description: "Naksha Hub-API is a REST API to provide simple access to geo data." - version: "2.2.2" + version: "2.2.3" security: - AccessToken: [ ] diff --git a/here-naksha-app-service/src/test/java/com/here/naksha/app/service/http/ops/MaskingUtilTest.java b/here-naksha-app-service/src/test/java/com/here/naksha/app/service/http/ops/MaskingUtilTest.java index de3a376b5..47cb988c2 100644 --- a/here-naksha-app-service/src/test/java/com/here/naksha/app/service/http/ops/MaskingUtilTest.java +++ b/here-naksha-app-service/src/test/java/com/here/naksha/app/service/http/ops/MaskingUtilTest.java @@ -15,7 +15,7 @@ class MaskingUtilTest { void shouldMaskProperties(){ // Given XyzFeature feature = featureWithProps(mutableMapOf( - "sensitiveObject", mutableMapOf( + "Authorization", mutableMapOf( "some_entry_1", 123, "some_entry_2", "lorem ipsum" ), @@ -30,7 +30,7 @@ void shouldMaskProperties(){ "nested", mutableMapOf( "map", mutableMapOf( "to", mutableMapOf( - "sensitiveObject", mutableMapOf( + "authorization", mutableMapOf( "foo", "bar" ) ) @@ -39,15 +39,12 @@ void shouldMaskProperties(){ ) )); - // And: - Set sensitiveProperties = Set.of("sensitiveObject", "Authorization", "password"); - // When: - MaskingUtil.maskProperties(feature, sensitiveProperties); + MaskingUtil.maskProperties(feature); // Then: assertEquals(Map.of( - "sensitiveObject", MaskingUtil.MASK, + "Authorization", MaskingUtil.MASK, "headers", Map.of( "Authorization", MaskingUtil.MASK, "Content-Type", "application/json" @@ -59,7 +56,7 @@ void shouldMaskProperties(){ "nested", Map.of( "map", Map.of( "to", Map.of( - "sensitiveObject", MaskingUtil.MASK + "authorization", MaskingUtil.MASK ) ) ) diff --git a/here-naksha-lib-core/src/main/java/com/here/naksha/lib/core/NakshaVersion.java b/here-naksha-lib-core/src/main/java/com/here/naksha/lib/core/NakshaVersion.java index 900ce433e..ff115d3e3 100644 --- a/here-naksha-lib-core/src/main/java/com/here/naksha/lib/core/NakshaVersion.java +++ b/here-naksha-lib-core/src/main/java/com/here/naksha/lib/core/NakshaVersion.java @@ -60,12 +60,13 @@ public class NakshaVersion implements Comparable { public static final String v2_2_0 = "2.2.0"; public static final String v2_2_1 = "2.2.1"; public static final String v2_2_2 = "2.2.2"; + public static final String v2_2_3 = "2.2.3"; /** * The latest version of the naksha-extension stored in the resources. */ @AvailableSince(v2_0_5) - public static final NakshaVersion latest = of(v2_2_2); + public static final NakshaVersion latest = of(v2_2_3); private final int major; private final int minor;