upstream: b=main,r=f3e06206cf50cddf6e30d3fb8e5a43c0936e8dfa,t=2024-03…

…-29-1243-27192
sonatype · Mar 29, 2024 · 8abed4b · 8abed4b
1 parent 5fa7bb2
commit 8abed4b
Show file tree

Hide file tree

Showing 81 changed files with 1,093 additions and 433 deletions.
diff --git a/buildsupport/groovy/pom.xml b/buildsupport/groovy/pom.xml
@@ -42,82 +42,88 @@
   <dependencyManagement>
     <dependencies>
 
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-ant</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-astbuilder</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-datetime</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-jmx</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-json</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-jsr223</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-macro</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-nio</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-sql</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-templates</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-xml</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-cli-commons</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-test</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.codehaus.groovy</groupId>
-      <artifactId>groovy-test-junit5</artifactId>
-      <version>${groovy.version}</version>
-    </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-ant</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-astbuilder</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-datetime</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-jmx</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-json</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-jsr223</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-macro</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-nio</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-sql</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-templates</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-xml</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-cli-commons</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-test</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-test-junit5</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
+      <!-- See breaking change https://groovy-lang.org/releasenotes/groovy-2.5.html#Groovy2.5releasenotes-Breakingchanges -->
+      <dependency>
+        <groupId>org.codehaus.groovy</groupId>
+        <artifactId>groovy-dateutil</artifactId>
+        <version>${groovy.version}</version>
+      </dependency>
 
       <dependency>
         <groupId>org.apache.ant</groupId>

diff --git a/buildsupport/testing/pom.xml b/buildsupport/testing/pom.xml
@@ -31,6 +31,8 @@
     <pax-exam.version>4.13.5</pax-exam.version>
     <testcontainers.version>1.19.1</testcontainers.version>
     <iq.version>1.168.0</iq.version>
+
+    <jupiter.version>5.10.2</jupiter.version>
   </properties>
 
   <dependencyManagement>
@@ -84,6 +86,12 @@
         <version>4.13.2</version>
       </dependency>
 
+      <dependency>
+        <groupId>org.junit.vintage</groupId>
+        <artifactId>junit-vintage-engine</artifactId>
+        <version>${jupiter.version}</version>
+      </dependency>
+
       <dependency>
         <groupId>org.assertj</groupId>
         <artifactId>assertj-core</artifactId>

diff --git a/...c/main/java/org/sonatype/nexus/internal/security/upgrade/SecurityDatabaseUpgrade_1_4.java b/...c/main/java/org/sonatype/nexus/internal/security/upgrade/SecurityDatabaseUpgrade_1_4.java
@@ -0,0 +1,61 @@
+/*
+ * Sonatype Nexus (TM) Open Source Version
+ * Copyright (c) 2008-present Sonatype, Inc.
+ * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
+ *
+ * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
+ * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
+ *
+ * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
+ * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
+ * Eclipse Foundation. All other trademarks are the property of their respective owners.
+ */
+package org.sonatype.nexus.internal.security.upgrade;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.inject.Provider;
+import javax.inject.Singleton;
+
+import org.sonatype.nexus.common.upgrade.Upgrades;
+import org.sonatype.nexus.orient.DatabaseInstance;
+import org.sonatype.nexus.orient.DatabaseInstanceNames;
+import org.sonatype.nexus.orient.DatabaseUpgradeSupport;
+import org.sonatype.nexus.orient.OClassNameBuilder;
+
+import com.orientechnologies.orient.core.sql.OCommandSQL;
+
+import static com.google.common.base.Preconditions.checkNotNull;
+
+/**
+ * Upgrade step to delete saml_users with empty id
+ *
+ */
+@Named
+@Singleton
+@Upgrades(model = DatabaseInstanceNames.SECURITY, from = "1.3", to = "1.4")
+public class SecurityDatabaseUpgrade_1_4 // NOSONAR
+    extends DatabaseUpgradeSupport
+{
+  static final String DB_CLASS = new OClassNameBuilder().type("saml_user").build();
+
+  private static final String QUERY = String
+      .format("DELETE FROM %s WHERE id = ''", DB_CLASS);
+
+  private final Provider<DatabaseInstance> securityDatabaseInstance;
+
+  @Inject
+  public SecurityDatabaseUpgrade_1_4(@Named(DatabaseInstanceNames.SECURITY) final Provider<DatabaseInstance> securityDatabaseInstance) {
+    this.securityDatabaseInstance = checkNotNull(securityDatabaseInstance);
+  }
+
+  @Override
+  public void apply() {
+    withDatabaseAndClass(securityDatabaseInstance, DB_CLASS, (db, type) -> {
+      int updates = db.command(new OCommandSQL(QUERY)).execute();
+      if (updates > 0) {
+        log.debug("Deleted {} saml users with empty id.", updates);
+      }
+    });
+  }
+}
diff --git a/components/nexus-common/pom.xml b/components/nexus-common/pom.xml
@@ -157,6 +157,10 @@
       <groupId>org.codehaus.groovy</groupId>
       <artifactId>groovy-cli-commons</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.codehaus.groovy</groupId>
+      <artifactId>groovy-dateutil</artifactId>
+    </dependency>
 
     <dependency>
       <groupId>commons-cli</groupId>

diff --git a/.../nexus/common/analytics/ContentUsage.java → ...mmon/analytics/AggregatedEventMetric.java b/.../nexus/common/analytics/ContentUsage.java → ...mmon/analytics/AggregatedEventMetric.java
@@ -12,19 +12,9 @@
  */
 package org.sonatype.nexus.common.analytics;
 
-import java.util.Map;
-
-public interface ContentUsage
+public interface AggregatedEventMetric
 {
-  Map<String, Long> getMetrics();
-
-  boolean shouldBlock();
-
-  void recalculate();
-
-  void recalculate(boolean blockingStateEventCounterEnable);
-
-  int getBlockingStateEventCounter();
+  int get();
 
-  void clearBlockingStateEventCounter();
+  void reset();
 }
diff --git a/...onents/nexus-common/src/main/java/org/sonatype/nexus/common/analytics/RequestsMetric.java b/...onents/nexus-common/src/main/java/org/sonatype/nexus/common/analytics/RequestsMetric.java
@@ -0,0 +1,20 @@
+/*
+ * Sonatype Nexus (TM) Open Source Version
+ * Copyright (c) 2008-present Sonatype, Inc.
+ * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
+ *
+ * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
+ * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
+ *
+ * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
+ * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
+ * Eclipse Foundation. All other trademarks are the property of their respective owners.
+ */
+package org.sonatype.nexus.common.analytics;
+
+public interface RequestsMetric
+{
+  long get();
+
+  void reset();
+}
diff --git a/components/nexus-common/src/main/java/org/sonatype/nexus/common/app/FeatureFlags.java b/components/nexus-common/src/main/java/org/sonatype/nexus/common/app/FeatureFlags.java
@@ -144,5 +144,4 @@ public interface FeatureFlags
   String REACT_ROLES_MODAL_NAMED = "${nexus.react.roles.modal.enabled:-true}";
 
   String BLOBSTORE_OWNERSHIP_CHECK_DISABLED_NAMED = "${nexus.blobstore.s3.ownership.check.disabled:-false}";
-
 }
diff --git a/...ore/src/test/java/org/sonatype/nexus/internal/capability/CapabilityStorageExportTest.java b/...ore/src/test/java/org/sonatype/nexus/internal/capability/CapabilityStorageExportTest.java
@@ -32,7 +32,6 @@
 import org.junit.Test;
 
 import static java.util.stream.Collectors.toList;
-import static org.hamcrest.Matchers.allOf;
 import static org.hamcrest.Matchers.containsInAnyOrder;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.not;
@@ -83,7 +82,8 @@ public void testExportImportToJson() throws Exception {
         containsInAnyOrder("notes 1", "notes 2"));
     List<Map<String, String>> attributes =
         importedItems.stream().map(CapabilityStorageItem::getProperties).collect(toList());
-    assertThat(attributes.toString(), allOf(containsString("Capability"), containsString("Testing")));
+    assertThat(attributes.toString(), containsString("Capability"));
+    assertThat(attributes.toString(), containsString("Testing"));
     // make sure sensitive data is not serialized
     assertThat(attributes.toString(), not(containsString("admin123")));
   }