Release 0.5.0

Changes from release 0.4.1

MetaQR code #275

• Adds a new entity to store refresh-token for subjects and relevant meta-data.
• Send tokenUrl in oauth-pair response
• Add new resource to fetch meta-token
• Add privacy-policy-url and baseUrl to metaToken #297

Exception Harmonization #294

• We have new exceptions based on HTTP Status code conventions and a ExceptionTranslator to implement body and headers.

Other fixes

• Ignore exceptions during SourceTypeLoading #291
• Add support for CONNECTOR types in SourceTypeLoader #299
• Configurable admin password #289
• Upgrade lodash dependencies.
• Fix NullPointerException during configLoading. #304
• Update logos and icons of radar-base.org. #292
• Add hasPermissionOnSource #308
• Dockerfile build staging #301
• Update to the JWT signing code #315
• Fix OAuth environment variable documentation
• Allow public OAuth clients to use authorization_code and refresh_token flows without the use of a client secret #317.

Release 0.4.1

Release Notes for Release 0.4.1

Changes since Release 0.4.0

• Fixes grant_type null check issue.

Read more #300

Release 0.4.0

RELEASE NOTES FOR ManagementPortal 0.4.0 : Note This version is backward incompatible.

Token validation and keystore changes

• Enables using ECDSA signatures in ManagementPortal
• Now configuration options exist to define the keystore password, the signing key alias and the checking key aliases
• Enables using multiple public keys to check signatures in radar-auth and ManagementPortal
• Radar-auth can now be configured with multiple public key endpoints and multiple public keys in the configuration file. When we deploy the new MP with an EC keypair, we need to make sure to configure the old public key for radar-auth this way, so it is still accepted.
• You can issue the following commands against an existing keystore to rename the existing RSA keypair to a more descriptive name then 'selfsigned', and generate a new EC keypair that will be used for signing:

keytool -changealias -keystore keystore.jks -alias selfsigned -destalias radarbase-managementportal-rsa
keytool -genkeypair -alias radarbase-managementportal-ec -keyalg EC -keysize 256 -sigalg SHA256withECDSA -storetype JKS -keystore keystore.jks -storepass radarbase

Auditing/Revisions using spring-envers

• Add /revisions API for querying general information about revisions
• Add /subjects/revisions API for querying subject revisions

Database schema changes

• Change Subject-Source from many-to-many to one-to-many relationship
• Remove projectAdmin field from Project (#193)

Validations

• Source update and source transfer is validated. See #286
• Cannot delete a "used" source.

REST API

• Adds a POST api/subjects/{login}/sources/{sourceName} request to update source attributes

Other fixes

• Fixes using authorize token in swagger-ui

Fixes #219 #193 #221 #239 #196 #259

Release 0.3.8

Release notes for v0.3.8

• Adds ability to resent activation link
• Fixes issues with using authorization-code with postgres
• Upgrades postgres to latest version
• Adds human readable project name as an attribute to the project

Fixed #273 #274 #279

Release 0.3.7

Release notes for v0.3.7

• Fixes issues with oauth code grant flow
• Adds filtering capability in user management view
• Adds applicable projects in home page
• Fixes issues in creating source-name

Release 0.3.6

Release notes for v0.3.6

• Fixes a critical bug in OAuth refresh token flow
• Creates inactive roles for subjects that are removed from a particular project
• Fixes some other minor bugs

Release 0.3.5

Release notes for v0.3.5

Bug fixes

• Fixes project-subject sorting issues #231 #230
• Displays source-attributes in source-view #232
• Fixes issues when removing inactivated users. #233

Release 0.3.4

Release notes for v0.3.4

UI

• Tweak to the subjects table so that it takes up less horizontal space. The external ID is now a link with as target the external Link. The external link itself is not visible anymore. Also the database id column has been removed.

Codebase

• The OAuth2Client class now implements a proper builder pattern.
• The Permission class now has a public constructor to allow a Permission to be created anywhere based on the Entity and Operation enums.
• The repository classes have been refactored so that all queries that look up single entities now return Optionals.
• Some fixes in end to end tests.

CI

• Tweaks to the Travis script so build times are reduced to around 15 minutes. The second pass of e2e tests that are run against the production profile now only runs on release and master branches. On tag builds the e2e tests are skipped altogether since by that point they will have run already.

Release 0.3.3

Changelog for v0.3.3

Improvements

• Fixes to oauth-client-utils to create client specific instances of HttpClient
• TokenException and other security related exceptions to become explicitly catchable exceptions
• Check-style fixes
• Additional methods to validate radar tokens
• Add additional source, source-type data to be loaded on dev profile.
• Enables snapshot releases to artifactory from dev branch

Release 0.3.2

Changelog for v0.3.2

Bug fixes and improvements

• Fixes user-list pagination issue.
• Source-type is checked whether used by projects before deletion.
• Prettifies Oauth2-clients view.
• Fixes issue with notification alert on creation, deletion, and error.
• Removes unused radar-user-authority entity and uses Roles according to the schema design.
• Provides instance specific HttpClient and fixes issues adding Authorization header.
• Code clean-up and code style fixes

API

• Enables pageable query request for entities except oauth2-client and pageable user interfaces.

Management Portal Client
Allows to automatically create java based rest-client for management-portal following open-spec.

Documentation
Introduces documentation using github-pages on gh-pages branch. Currently, it hosts all the javadoc of management-portal classes and additional documentations on selected topics.