- Jun 25, 2021
-
-
Bonita CI authored
-
- Jun 18, 2021
-
-
Baptiste Mesta authored
-
Dumitru Corini authored
Add new fields on the application: * editable field * visibility field covers [RUNTIME-286](https://bonitasoft.atlassian.net/browse/RUNTIME-286)
-
Bonita CI authored
-
- Jun 17, 2021
-
-
Baptiste Mesta authored
So that there is no need to redefine the version when declaring the dependency. Relates to [RUNTIME-296](https://bonitasoft.atlassian.net/browse/RUNTIME-296)
-
- Jun 15, 2021
-
-
Emmanuel Duchastenier authored
so that there is not private BOM (that would be harder to pull in Maven) Relates to [RUNTIME-296](https://bonitasoft.atlassian.net/browse/RUNTIME-296)
-
Emmanuel Duchastenier authored
with weird / unused artifacts
-
Emmanuel Duchastenier authored
BOM = Bill of Materials * org.bonitasoft.console:bonita-web-bom * org.bonitasoft.console:bonita-web-sp-bom these boms contains all runtime dependencies used by the web modules Closes [RUNTIME-296](https://bonitasoft.atlassian.net/browse/RUNTIME-296)
-
- Jun 14, 2021
-
-
Emmanuel Duchastenier authored
Relates to [RUNTIME-296](https://bonitasoft.atlassian.net/browse/RUNTIME-296)
-
Bonita CI authored
-
- May 28, 2021
-
-
abirembaut authored
-
abirembaut authored
* avoid creating the HTTP session in case of a SAML authentication as informations stored in it by keycloak are lost This is not a big issue for most use cases as, once you get a bonita session, we don't go through keycloak filter code. However for some features like global logout, this may be an issue if you use POST response binding. Also, it appears that Keycloak already provide a mechanism to recreate the session when logging in with the option turnOffChangeSessionIdOnLogin="false" * update keycloak conf example Cover [RUNTIME-293](https://bonitasoft.atlassian.net/browse/RUNTIME-293)
-
- May 25, 2021
-
-
Dumitru Corini authored
* Return the bdm information instead of the filePath when uploading a new bdm covers [RUNTIME-70](https://bonitasoft.atlassian.net/browse/RUNTIME-70 ) Co-authored-by: Emmanuel Duchastenier <emmanuel.duchastenier@bonitasoft.com>
-
- May 21, 2021
- May 10, 2021
-
-
Emmanuel Duchastenier authored
* remove the token placeholders to disable some parts of the web.xml This is no longer needed as part of the GWT removal * remote portal is not allowed anymore so put bonita-engine(-sp) directly in bonita.war(-sp) * fix transitive deps issue
-
- Apr 15, 2021
-
-
abirembaut authored
* when the target servlet commit the response it is too late for the filter to be able to update the headers so doing it after the doFilter is a bad idea
-
Bonita CI authored
-
Dumitru Corini authored
- Fo roles, groups, process, users, case start and task data resources covers [BPO-618](https://bonitasoft.atlassian.net/browse/BPO-618)
-
- Apr 12, 2021
-
-
Dumitru Corini authored
* feat(application API): Check image file size for image upload servlet covers [RUNTIME-114](https://bonitasoft.atlassian.net/browse/RUNTIME-114)
-
- Apr 10, 2021
-
-
Emmanuel Duchastenier authored
This PR changes permissions by reloading from the Engine the permissions each time we need to read them (still requires to add some cache Engine-side for performance) Relates to [RUNTIME-175](https://bonitasoft.atlassian.net/browse/RUNTIME-175) Relates to [RUNTIME-230](https://bonitasoft.atlassian.net/browse/RUNTIME-230)
-
- Apr 09, 2021
-
-
DumitruCorini authored
covers [RUNTIME-114](https://bonitasoft.atlassian.net/browse/RUNTIME-114)
-
DumitruCorini authored
covers [RUNTIME-114](https://bonitasoft.atlassian.net/browse/RUNTIME-114)
-
abirembaut authored
* remove unused getConf method in SSO filters
-
abirembaut authored
* remove wrong and useless condition as it is already defined in NoCaheFilter pattern in web.xml * set the header after the chain.dofilter so that the firect filter in the web.xml (NoCache filter) has priority
-
- Apr 08, 2021
-
-
julienmege authored
-
Bonita CI authored
-
abirembaut authored
* fix(HTTP headers): enforce X-Content-Type and X-Frame headers - set headers only once (use setHeader instead of addHeader) Relates to [BPO-664](https://bonitasoft.atlassian.net/browse/BPO-664)
-
- Apr 07, 2021
-
-
Dumitru Corini authored
* the ApplicationAPI now returns a new parameter called `icon` that contains the url to the icon * the icon is served by the servlet `../API/applicationIcon/<id>?t=<lastUpdateDate>` example of application API response: ``` { updatedBy: "-1", displayName: "Admin app", lastUpdateDate: "1605275321167", description: "", themeId: "912", homePageId: "1001", creationDate: "1605275320903", version: "0.0.3", layoutId: "805", token: "admin", createdBy: "-1", profileId: "2", iconPath: "../API/applicationIcon/901?t=1605275321167" id: "901", state: "ACTIVATED", iconPath: "" } ``` Relates to [RUNTIME-114](https://bonitasoft.atlassian.net/browse/RUNTIME-114)
-
Emmanuel Duchastenier authored
so that `mvn clean test verify` does not have side effects when run twice
-
- Apr 05, 2021
-
-
danila_mazour authored
Remove the last references to autologin, as it has already been removed functionaly
-
- Mar 11, 2021
-
-
abirembaut authored
* Fix web.xml * restore home page, download and image servlet * restore URL rewrite filter * Remove BonitaForm.html from portal look n feel
-
Baptiste Mesta authored
-
Baptiste Mesta authored
Few classes had to be moved from the forms module: * ThemeExtractor * URLUtils
-
- Mar 08, 2021
-
-
Emmanuel Duchastenier authored
so that web can pull Engine COMPILED with Java 11 even if for now, this repo still BUILDS with target Java 8 JDK 11 is used for compilation, except for GWT compilation, as it wouldn't work. That's why we specify JDK8 path, just for GWT compilation.
-
- Mar 05, 2021
-
-
Dumitru Corini authored
* feat(application API): Add filter by userId
-
Romain Bioteau authored
* remove groovy-all dependency * only use groovy module * other modules (json, nio..etc) are provided by the engine == NOT RELATED == * Also, improve checkout by doing shallow clone
-
- Mar 01, 2021
-
-
abirembaut authored
platform - support empty config exclude pattern to override default - remove X-XSS-Protection as IE is no longer supported - separate X-Content-Type-Options and X-Frame-Options into different servlet filter - support exclusion pattern and configurable header values (in web.xml) Relates to [BPO-664](https://bonitasoft.atlassian.net/browse/BPO-664)
-
Emmanuel Duchastenier authored
Closes [RUNTIME-124](https://bonitasoft.atlassian.net/browse/RUNTIME-124)
-