Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

ci: Back merge v1.9.1 (#19517)

Browse Source 
Should be what already exists in master at v1.9.1
This commit is contained in:
Nidhi 2023-01-05 21:02:04 +05:30 committed by GitHub
parent e93173653c
commit fdf9ea8334
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 158 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

304
app/server/appsmith-server/src/main/java/com/appsmith/server/migrations/DatabaseChangelog2.java
View File

@ -20,6 +20,7 @@ import com.appsmith.server.domains.ApplicationPage;
import com.appsmith.server.domains.Comment; import com.appsmith.server.domains.Comment;
import com.appsmith.server.domains.CommentThread; import com.appsmith.server.domains.CommentThread;
import com.appsmith.server.domains.Config; import com.appsmith.server.domains.Config;
import com.appsmith.server.domains.CustomJSLib;
import com.appsmith.server.domains.NewAction; import com.appsmith.server.domains.NewAction;
import com.appsmith.server.domains.NewPage; import com.appsmith.server.domains.NewPage;
import com.appsmith.server.domains.Organization; import com.appsmith.server.domains.Organization;
@ -2766,150 +2767,161 @@ public class DatabaseChangelog2 {
ensureIndexes(mongoTemplate, Workspace.class, makeIndex("tenantId", "deleted").named("tenantId_deleted")); ensureIndexes(mongoTemplate, Workspace.class, makeIndex("tenantId", "deleted").named("tenantId_deleted"));
} }
// This migration was performed to convert schema version from v1 to v2 @ChangeSet(order = "038", id = "add-unique-index-for-uidstring", author = "")
// @ChangeSet(order = "039", id = "deprecate-queryabletext-encryption", author = "") public void addUniqueIndexOnUidString(MongoTemplate mongoTemplate) {
// public void deprecateQueryableTextEncryption(MongoTemplate mongoTemplate, Index uidStringUniqueness = makeIndex("uidString").unique()
// @NonLockGuarded EncryptionConfig encryptionConfig, .named("customjslibs_uidstring_index");
// EncryptionService encryptionService) { ensureIndexes(mongoTemplate, CustomJSLib.class, uidStringUniqueness);
// Stopwatch stopwatch = new Stopwatch("Instance Schema migration to v2"); }
//
// Config encryptionVersion = mongoTemplate.findOne( // @ChangeSet(order = "039", id = "deprecate-queryabletext-encryption", author = "")
// query(where(fieldName(QConfig.config1.name)).is(Appsmith.INSTANCE_SCHEMA_VERSION)), // public void deprecateQueryableTextEncryption(MongockTemplate mongockTemplate,
// Config.class); // @NonLockGuarded EncryptionConfig encryptionConfig,
// // EncryptionService encryptionService) {
// if (encryptionVersion != null && (Integer) encryptionVersion.getConfig().get("value") < 2) { // Stopwatch stopwatch = new Stopwatch("Instance Schema migration to v2");
// String saltInHex = Hex.encodeHexString(encryptionConfig.getSalt().getBytes());
// TextEncryptor textEncryptor = Encryptors.queryableText(encryptionConfig.getPassword(), saltInHex); // Config encryptionVersion = mongockTemplate.findOne(
// // query(where(fieldName(QConfig.config1.name)).is(Appsmith.INSTANCE_SCHEMA_VERSION)),
// /** // Config.class);
// * - List of attributes in datasources that need to be encoded.
// * - Each path represents where the attribute exists in mongo db document. // if (encryptionVersion != null && (Integer) encryptionVersion.getConfig().get("value") < 2) {
// */ // String saltInHex = Hex.encodeHexString(encryptionConfig.getSalt().getBytes());
// List<String> datasourcePathList = new ArrayList<>(); // TextEncryptor textEncryptor = Encryptors.queryableText(encryptionConfig.getPassword(), saltInHex);
// datasourcePathList.add("datasourceConfiguration.connection.ssl.keyFile.base64Content");
// datasourcePathList.add("datasourceConfiguration.connection.ssl.certificateFile.base64Content"); // /**
// datasourcePathList.add("datasourceConfiguration.connection.ssl.caCertificateFile.base64Content"); // * - List of attributes in datasources that need to be encoded.
// datasourcePathList.add("datasourceConfiguration.connection.ssl.pemCertificate.file.base64Content"); // * - Each path represents where the attribute exists in mongo db document.
// datasourcePathList.add("datasourceConfiguration.connection.ssl.pemCertificate.password"); // */
// datasourcePathList.add("datasourceConfiguration.sshProxy.privateKey.keyFile.base64Content"); // List<String> datasourcePathList = new ArrayList<>();
// datasourcePathList.add("datasourceConfiguration.sshProxy.privateKey.password"); // datasourcePathList.add("datasourceConfiguration.connection.ssl.keyFile.base64Content");
// datasourcePathList.add("datasourceConfiguration.authentication.value"); // datasourcePathList.add("datasourceConfiguration.connection.ssl.certificateFile.base64Content");
// datasourcePathList.add("datasourceConfiguration.authentication.password"); // datasourcePathList.add("datasourceConfiguration.connection.ssl.caCertificateFile.base64Content");
// datasourcePathList.add("datasourceConfiguration.authentication.bearerToken"); // datasourcePathList.add("datasourceConfiguration.connection.ssl.pemCertificate.file.base64Content");
// datasourcePathList.add("datasourceConfiguration.authentication.clientSecret"); // datasourcePathList.add("datasourceConfiguration.connection.ssl.pemCertificate.password");
// datasourcePathList.add("datasourceConfiguration.authentication.authenticationResponse.token"); // datasourcePathList.add("datasourceConfiguration.sshProxy.privateKey.keyFile.base64Content");
// datasourcePathList.add("datasourceConfiguration.authentication.authenticationResponse.refreshToken"); // datasourcePathList.add("datasourceConfiguration.sshProxy.privateKey.password");
// datasourcePathList.add("datasourceConfiguration.authentication.authenticationResponse.tokenResponse"); // datasourcePathList.add("datasourceConfiguration.authentication.value");
// List<Bson> datasourcePathListExists = datasourcePathList // datasourcePathList.add("datasourceConfiguration.authentication.password");
// .stream() // datasourcePathList.add("datasourceConfiguration.authentication.bearerToken");
// .map(Filters::exists) // datasourcePathList.add("datasourceConfiguration.authentication.clientSecret");
// .collect(Collectors.toList()); // datasourcePathList.add("datasourceConfiguration.authentication.authenticationResponse.token");
// // datasourcePathList.add("datasourceConfiguration.authentication.authenticationResponse.refreshToken");
// List<Bson> gitDeployKeysPathListExists = new ArrayList<>(); // datasourcePathList.add("datasourceConfiguration.authentication.authenticationResponse.tokenResponse");
// ArrayList<String> gitDeployKeysPathList = new ArrayList<>(); // List<Bson> datasourcePathListExists = datasourcePathList
// gitDeployKeysPathList.add("gitAuth.privateKey"); // .stream()
// gitDeployKeysPathListExists.add(Filters.exists("gitAuth.privateKey")); // .map(Filters::exists)
// // .collect(Collectors.toList());
// List<Bson> applicationPathListExists = new ArrayList<>();
// ArrayList<String> applicationPathList = new ArrayList<>(); // List<Bson> gitDeployKeysPathListExists = new ArrayList<>();
// applicationPathList.add("gitApplicationMetadata.gitAuth.privateKey"); // ArrayList<String> gitDeployKeysPathList = new ArrayList<>();
// applicationPathListExists.add(Filters.exists("gitApplicationMetadata.gitAuth.privateKey")); // gitDeployKeysPathList.add("gitAuth.privateKey");
// // gitDeployKeysPathListExists.add(Filters.exists("gitAuth.privateKey"));
// mongoTemplate.execute("datasource", getNewEncryptionCallback(textEncryptor, encryptionService, datasourcePathListExists, datasourcePathList, stopwatch));
// mongoTemplate.execute("gitDeployKeys", getNewEncryptionCallback(textEncryptor, encryptionService, gitDeployKeysPathListExists, gitDeployKeysPathList, stopwatch)); // List<Bson> applicationPathListExists = new ArrayList<>();
// mongoTemplate.execute("application", getNewEncryptionCallback(textEncryptor, encryptionService, applicationPathListExists, applicationPathList, stopwatch)); // ArrayList<String> applicationPathList = new ArrayList<>();
// // applicationPathList.add("gitApplicationMetadata.gitAuth.privateKey");
// mongoTemplate.upsert( // applicationPathListExists.add(Filters.exists("gitApplicationMetadata.gitAuth.privateKey"));
// query(where(fieldName(QConfig.config1.name)).is(Appsmith.INSTANCE_SCHEMA_VERSION)),
// update("config.value", 2), // mongockTemplate.execute("datasource", getNewEncryptionCallback(textEncryptor, encryptionService, datasourcePathListExists, datasourcePathList, stopwatch));
// Config.class); // mongockTemplate.execute("gitDeployKeys", getNewEncryptionCallback(textEncryptor, encryptionService, gitDeployKeysPathListExists, gitDeployKeysPathList, stopwatch));
// } // mongockTemplate.execute("application", getNewEncryptionCallback(textEncryptor, encryptionService, applicationPathListExists, applicationPathList, stopwatch));
// stopwatch.stopAndLogTimeInMillis();
// } // mongockTemplate.upsert(
// // query(where(fieldName(QConfig.config1.name)).is(Appsmith.INSTANCE_SCHEMA_VERSION)),
// private CollectionCallback<String> getNewEncryptionCallback( // update("config.value", 2),
// TextEncryptor textEncryptor, // Config.class);
// EncryptionService encryptionService, // }
// Iterable<Bson> collectionFilterIterable, // stopwatch.stopAndLogTimeInMillis();
// List<String> pathList, // }
// Stopwatch stopwatch) {
// return new CollectionCallback<String>() { // private CollectionCallback<String> getNewEncryptionCallback(
// @Override // TextEncryptor textEncryptor,
// public String doInCollection(MongoCollection<Document> collection) { // EncryptionService encryptionService,
// MongoCursor<Document> cursor = collection // Iterable<Bson> collectionFilterIterable,
// .find( // List<String> pathList,
// Filters.and( // Stopwatch stopwatch) {
// Filters.or(collectionFilterIterable), // return new CollectionCallback<String>() {
// Filters.not(Filters.exists("encryptionVersion")))) // @Override
// .cursor(); // public String doInCollection(MongoCollection<Document> collection) {
// // MongoCursor<Document> cursor = collection
// log.debug("collection callback start: {}ms", stopwatch.getExecutionTime()); // .find(
// // Filters.and(
// List<List<Bson>> documentPairList = new ArrayList<>(); // Filters.or(collectionFilterIterable),
// while (cursor.hasNext()) { // Filters.not(Filters.exists("encryptionVersion"))))
// Document old = cursor.next(); // .cursor();
// BasicDBObject query = new BasicDBObject();
// query.put("_id", old.getObjectId("_id")); // log.debug("collection callback start: {}ms", stopwatch.getExecutionTime());
// // This document will have the encrypted values.
// BasicDBObject updated = new BasicDBObject(); // List<List<Bson>> documentPairList = new ArrayList<>();
// updated.put("$set", new BasicDBObject("encryptionVersion", 2)); // while (cursor.hasNext()) {
// updated.put("$unset", new BasicDBObject()); // Document old = cursor.next();
// // Encrypt attributes // BasicDBObject query = new BasicDBObject();
// pathList.stream() // query.put("_id", old.getObjectId("_id"));
// .forEach(path -> reapplyNewEncryptionToPathValueIfExists(old, updated, path, encryptionService, textEncryptor)); // // This document will have the encrypted values.
// documentPairList.add(List.of(query, updated)); // BasicDBObject updated = new BasicDBObject();
// } // updated.put("$set", new BasicDBObject("encryptionVersion", 2));
// // updated.put("$unset", new BasicDBObject());
// log.debug("collection callback processing end: {}ms", stopwatch.getExecutionTime()); // // Encrypt attributes
// log.debug("update will be run for {} documents", documentPairList.size()); // pathList.stream()
// // .forEach(path -> reapplyNewEncryptionToPathValueIfExists(old, updated, path, encryptionService, textEncryptor));
// /** // // Since empty unset values are only allowed since Mongo v5+,
// * - Replace old document with the updated document that has encrypted values. // // Remove the operation if there is nothing to unset
// * - Replacing here instead of the while loop above makes sure that we attempt replacement only if // if (((BasicDBObject) updated.get("$unset")).isEmpty()) {
// * the encryption step succeeded without error for each selected document. // updated.remove("$unset");
// */ // }
// documentPairList.stream().parallel() // documentPairList.add(List.of(query, updated));
// .forEach(docPair -> collection.updateOne(docPair.get(0), docPair.get(1))); // }
//
// log.debug("collection callback update end: {}ms", stopwatch.getExecutionTime()); // log.debug("collection callback processing end: {}ms", stopwatch.getExecutionTime());
// // log.debug("update will be run for {} documents", documentPairList.size());
// return null;
// } // /**
// }; // * - Replace old document with the updated document that has encrypted values.
// } // * - Replacing here instead of the while loop above makes sure that we attempt replacement only if
// // * the encryption step succeeded without error for each selected document.
// private void reapplyNewEncryptionToPathValueIfExists(Document document, BasicDBObject update, String path, // */
// EncryptionService encryptionService, // documentPairList.stream().parallel()
// TextEncryptor textEncryptor) { // .forEach(docPair -> collection.updateOne(docPair.get(0), docPair.get(1)));
// String[] pathKeys = path.split("\\.");
// /** // log.debug("collection callback update end: {}ms", stopwatch.getExecutionTime());
// * - For attribute path "datasourceConfiguration.connection.ssl.keyFile.base64Content", first get the parent
// * document that contains the attribute 'base64Content' i.e. fetch the document corresponding to path // return null;
// * "datasourceConfiguration.connection.ssl.keyFile" // }
// */ // };
// String parentDocumentPath = org.apache.commons.lang.StringUtils.join(ArrayUtils.subarray(pathKeys, 0, pathKeys.length - 1), "."); // }
// Document parentDocument = DatabaseChangelog1.getDocumentFromPath(document, parentDocumentPath);
// // private void reapplyNewEncryptionToPathValueIfExists(Document document, BasicDBObject update, String path,
// if (parentDocument != null) { // EncryptionService encryptionService,
// if (parentDocument.containsKey(pathKeys[pathKeys.length - 1])) { // TextEncryptor textEncryptor) {
// String oldEncryptedValue = parentDocument.getString(pathKeys[pathKeys.length - 1]); // String[] pathKeys = path.split("\\.");
// if (StringUtils.hasLength(String.valueOf(oldEncryptedValue))) { // /**
// String decryptedValue = null; // * - For attribute path "datasourceConfiguration.connection.ssl.keyFile.base64Content", first get the parent
// try { // * document that contains the attribute 'base64Content' i.e. fetch the document corresponding to path
// decryptedValue = textEncryptor.decrypt(String.valueOf(oldEncryptedValue)); // * "datasourceConfiguration.connection.ssl.keyFile"
// } catch (IllegalArgumentException e) { // */
// // This happens on release DB for some creds that are malformed // String parentDocumentPath = org.apache.commons.lang.StringUtils.join(ArrayUtils.subarray(pathKeys, 0, pathKeys.length - 1), ".");
// if ("Hex-encoded string must have an even number of characters".equals(e.getMessage())) { // Document parentDocument = DatabaseChangelog1.getDocumentFromPath(document, parentDocumentPath);
// decryptedValue = String.valueOf(oldEncryptedValue);
// } // if (parentDocument != null) {
// } // if (parentDocument.containsKey(pathKeys[pathKeys.length - 1])) {
// String newEncryptedValue = encryptionService.encryptString(decryptedValue); // String oldEncryptedValue = parentDocument.getString(pathKeys[pathKeys.length - 1]);
// ((BasicDBObject) update.get("$set")).put(path, newEncryptedValue); // if (StringUtils.hasLength(String.valueOf(oldEncryptedValue))) {
// if (path.startsWith("datasourceConfiguration.authentication")) { // String decryptedValue = null;
// ((BasicDBObject) update.get("$unset")).put("datasourceConfiguration.authentication.isEncrypted", 1); // try {
// } // decryptedValue = textEncryptor.decrypt(String.valueOf(oldEncryptedValue));
// } // } catch (IllegalArgumentException e) {
// } // // This happens on release DB for some creds that are malformed
// } // if ("Hex-encoded string must have an even number of characters".equals(e.getMessage())) {
// } // decryptedValue = String.valueOf(oldEncryptedValue);
// }
// }
// String newEncryptedValue = encryptionService.encryptString(decryptedValue);
// ((BasicDBObject) update.get("$set")).put(path, newEncryptedValue);
// if (path.startsWith("datasourceConfiguration.authentication")) {
// ((BasicDBObject) update.get("$unset")).put("datasourceConfiguration.authentication.isEncrypted", 1);
// }
// }
// }
// }
// }
} }