Skip to main content

base-components

2025.4.0 (2025-10-13)

Fixed

  • Fixed javax import used in OpenID connection authentication implementation.

Changed

  • [VEGA-398] LoginRedirectHelper moved from ext to gen to allow for injection through feature expanders.
  • Migrated LogoutActionExpander to new import system.
  • Updated dependencies:
    • com.nimbusds:oauth2-oidc-sdk: 11.23.1 > 11.29.2

2025.3.1 (2025-09-22)

Fixed

  • The configurable email claim was not used in OIDCAccessProcessorImpl.
  • The user_groups claim was not processed in OIDCAccessProcessorImpl.

2025.3.0 (2025-08-04)

Changed

  • Several features have been split up to separate the insertions for the JAX-RS Standard API.
  • Added utils-component-standard-api-expanders to contain std-api features for utils.
  • Changed dependency on knockout-jaxrs-stdapi-expanders to be symbiotic.

2025.2.0 (2025-06-18)

Added

  • (workflow) Added validations to flowElements targeting a claimable dataElement.

Changed

  • [NSX-285][NSX-485] Updated all expanders that extend the standard API implementation to support the breaking changes in version 0.22.0 of standard-api-expanders.
  • account-component-standard-api-expanders and assets-component-standard-api-expanders are now symbiotic dependencies in base-components.

2025.1.2 (2025-04-27)

Fixed

  • Fixed incorrect escape character in EmbeddedAssetUpload.

2025.1.1 (2025-04-27)

Fixed

  • Added missing imports in EmbeddedAssetUpload feature.

2025.1.0 (2025-04-22)

Changed

  • The following classes in the assets component are now expanded:
    • net.democritus.assets.action.AssetDownloader
    • net.democritus.assets.action.AssetUploader
  • Updated Expanders dependency to 8.3.0 to migrate deprecated Struts features.
  • Migrated AssetUploader to the newer action file upload interceptor in Struts2.
  • Migrated EmbeddedAssetUpload to the newer action file upload interceptor in Struts2.
  • Marked setters that take input for requests with @StrutsParameter interface in preparation to allow the use of input filtering for additional security:
    • AssetUploader
    • LoginValidatorAction
  • The following classes in the account component are now expanded:
    • net.democritus.url.action.GetLoginInfoAction
    • net.democritus.web.action.AccessInfoRetrieverAction
    • net.democritus.web.action.RemoteSessionTerminatorAction
    • net.democritus.web.action.SessionTerminatorAction
    • net.democritus.web.common.LoginUserSessionHelper
    • net.democritus.web.common.UniqueSessionKeeper
    • net.democritus.web.common.UniqueSessionRetriever
    • net.democritus.web.common.UniqueSessionUnregistrar
    • net.democritus.web.interceptor.DefaultStyleInterceptor
    • net.democritus.web.listener.UniqueSessionListener
  • The following classes in the workflow component are now expanded:
    • net.democritus.wfe.AsyncTaskExecutionBean
    • net.democritus.wfe.AtomicInternalTaskExecutor
    • net.democritus.wfe.DefaultTimerFactoryImpl
    • net.democritus.wfe.Ejb3_1TimerFactoryImpl
    • net.democritus.wfe.EngineHealthBean
    • net.democritus.wfe.EngineStarterBean
    • net.democritus.wfe.ExecutorServiceTaskProcessor
    • net.democritus.wfe.NoTransactionTaskExecutor
    • net.democritus.wfe.TimerFactory
    • net.democritus.wfe.TimerFactoryImpl
    • net.democritus.wfe.TimerInfo
    • net.democritus.workflow.FlowOrchestratorLookup
    • net.democritus.workflow.action.RecoverWorkflowAction
    • net.democritus.workflow.action.RunWorkflowAction

Removed

  • Removed unused downloadDirectory fields from EmbeddedAssetUpload feature for EntererAction and from AssetUploader.
  • Removed AsyncTaskExecutionBean for EJB 3.0, which can no longer be use. (JEE6 is minimum with EJB 3.1)

2025.0.1 (2025-04-14)

Fixed

  • Changed technology for SessionInfo and GetSessionInfoAction expanders to STRUTS2.

2025.0.0 (2025-04-14)

Changed

  • Only synchronize engineNode retrieve method when find failed.
  • The classes net.democritus.web.SessionInfo and net.democritus.web.GetSessionInfoAction in the utils component are now expanded.
  • The HTTP method check in GetSessionInfoAction was split off into a separate expander feature that is activated by the option struts.security.enforceHttpMethod to be consistent with other action implementations.
  • Updated Expanders dependency to 8.2.0 to ensure Struts2 6.7.x and struts interface refactoring.
  • Replaced deprecated interfaces in Struts2 runtime and expanded code:
    • com.opensymphony.xwork2.Action > org.apache.struts2.action.Action
    • com.opensymphony.xwork2.ActionSupport > org.apache.struts2.ActionSupport
    • com.opensymphony.xwork2.ActionContext > org.apache.struts2.ActionContext
    • com.opensymphony.xwork2.ActionInvocation > org.apache.struts2.ActionInvocation
    • com.opensymphony.xwork2.interceptor.AbstractInterceptor > org.apache.struts2.interceptor.AbstractInterceptor
    • com.opensymphony.xwork2.interceptor.Interceptor > org.apache.struts2.interceptor.Interceptor
  • Updated dependencies:
    • com.nimbusds:oauth2-oidc-sdk: 11.20 -> 11.23.1.

2024.7.4 (2025-02-20)

Fixed

  • Updated application-data-addons dependency to 1.0.2 to fix issue with SNAPSHOT dependency.

2024.7.3 (2025-02-20)

Fixed

  • Updated Expanders dependency to 8.0.5 to fix issue with SNAPSHOT dependency.

2024.7.2 (2024-12-11)

  • Merged v2024.6.3 into v2024.7.1.

2024.7.1 (2024-12-05)

  • Merged v2024.3.7 into v2024.7.0.

2024.7.0 (2024-11-26)

Changed

  • Added dependency on application-data-addons: 1.0.0
  • Updated expander dependencies:
    • net.democritus:Expanders: 7.8.1 -> 8.0.0

2024.6.3 (2024-12-11)

Fixed

  • Fixed the legacy access right compatibility for the standard API so the rights are added to the new contracts.

Changed

  • Updated expander dependencies:
    • net.democritus:Expanders: 7.7.1 -> 7.8.1
    • net.democritus.api.rest:standard-api-expanders: 0.5.0 -> 0.15.1
  • [NSX-285][NSX-520] Moved authorization implementation for DataAccess in the standard API from the authorization filter to the new access right validator.

2024.6.2 (2024-11-05)

Fixed

  • Use DataRef instead of database id in feature for AssetBean.

Changed

  • Updated expander dependencies:
    • net.democritus:Expanders: 7.7.1 -> 7.7.3

2024.6.1 (2024-10-10)

Changed

  • Updated dependencies:
    • net.democritus.api.rest:standard-api-expanders: 0.4.1 -> 0.5.0

2024.6.0 (2024-10-10)

  • Merged v2024.3.6 into v2024.5.3.

Changed

  • Updated dependencies:
    • net.democritus.api.rest:standard-api-expanders: 0.1.0 -> 0.4.1
    • com.nimbusds:oauth2-oidc-sdk: 11.14 -> 11.20.

2024.5.3 (2024-09-12)

  • Merged v2024.3.5 into v2024.5.2.

2024.5.2 (2024-08-12)

Fixed

  • [VEGA-380] Changed ShutdownEnginesTask target element to Node to fix an error at shutdown.

Changed

  • [VEGA-318] Skip set name in StateTransitioner if name field does not exist on status element.

2024.5.1 (2024-08-10)

Changed

  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2024.4.3 -> 2024.4.5
  • Renamed return header for asset endpoints from X-UploadFileId to NS-File-Upload-Id.
  • Renamed expansion resources:
    • net.democritus:account-component-jaxrs-expanders > net.democritus:account-component-standard-api-expanders
    • net.democritus:assets-component-stdapi-expanders > net.democritus:assets-component-standard-api-expanders

2024.5.0 (2024-08-09)

Added

  • Added implementation for assets.embeddedUpload in combination with JAX-RS standard API.

Changed

  • Changed menu on user and account page to app-menu.

2024.4.0 (2024-08-03)

Added

  • [NSX-285][NSX-411] Add basic authentication to openapi specification.

Changed

  • Use skip count query on DataAccess retrieval.
  • Use skip count query on EngineNodeMasterStatusViewer.
  • Use skip count query on EngineNodeExpiredNodeCleaner.
  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2024.3.13 -> 2024.4.3

2024.3.7 (2024-12-05)

Fixed

  • Fixed some deprecation warnings in account

2024.3.6 (2024-10-08)

Changed

  • [VEGA-383] Fixed usage of deprecated methods in several places.

2024.3.5 (2024-09-12)

  • Merged v2023.14.7 into v2024.3.4.

2024.3.4 (2024-06-17)

Fixed

  • [NSX-285] Fixed inference of content type in file uploads.
  • Updated expander dependencies:
    • net.democritus:Expanders: 7.4.4 -> 7.4.5

2024.3.3 (2024-06-17)

Fixed

  • [NSX-285] Added content type to asset download.
  • Updated expander dependencies:
    • net.democritus:Expanders: 7.4.2 -> 7.4.4

2024.3.2 (2024-06-14)

Added

  • [NSX-285][NSX-423] Added connector with download and upload endpoints specifically for Asset element.

Changed

  • [NSX-285] Store content type for asset upload.

2024.3.1 (2024-06-11)

Changed

  • [NSX-285] Added Content-Length header for file downloads.
  • [NSX-285] Added the type of a resource to the resource not found error message.
  • Moved SimpleUriFormat class to assets compone****nt, which is the only place it is used.
  • Updated expander dependencies:
    • net.democritus:Expanders: 7.4.0 -> 7.4.2

2024.3.0 (2024-06-10)

Added

  • [NSX-285][NSX-423] Added support for file up- and downloads with assets in the standard api.
  • Updated expander dependencies:
    • net.democritus:Expanders: 7.2.0 -> 7.4.0
    • net.democritus:web-styles: 2024.3.0 -> 2024.3.2
    • net.democritus.metamodel:prime-core: 2024.2.3 -> 2024.3.10

Changed

  • Marked fileId fields as functional key for assets::Asset element.

Removed

  • Removed dependency from assets component on account component.

2024.2.0 (2024-05-13)

Added

  • Added dependency on new knockout-jaxrs-stdapi-expanders resource in web-styles to base-components-expanders.

Changed

  • Updated expander dependencies:
    • net.democritus:Expanders: 7.1.1 -> 7.2.0

2024.1.6 (2024-05-03)

Changed

  • [NSX-465] The name of the email claim is now configurable with the emailClaim property. It still defaults to email if no configuration value is supplied.
  • Updated expander dependencies:
    • net.democritus:Expanders: 7.0.7 -> 7.1.1
    • net.democritus.metamodel:prime-core: 2024.1.1 -> 2024.2.3

2024.1.5 (2024-04-26)

Fixed

  • Fixed accountPage and userPage session properties for Struts.

2024.1.4 (2024-04-09)

Fixed

  • [NSX-285][NSX-433] Return unauthorized error when authentication fails in JAX-RS API.

2024.1.3 (2024-03-27)

Fixed

  • Added some missing expanders.

2024.1.2 (2024-03-24)

Fixed

  • Fixed baseComponents.authentication.enableOIDC option to work correctly when applied to Application instead of ApplicationInstance.

Added

  • [NSX-285][NSX-433] Added feature to provision rights in JAX-RS API for backwards compatibility with the old rights used in the Struts2 API.
  • [NSX-285][NSX-433] Implemented authentication with OpenID Connect for JAX-RS API. (Currently limited to one IDP.)

2024.1.1 (2024-03-19)

Fixed

  • Applied some refactoring following package name changes in runtime library for new jaxrs-based API.

2024.1.0 (2024-03-15)

Added

  • [NSX-285][NSX-433] Added new account-component-jaxrs-expanders expansion resource, which integrates the account component with the new experimental JAX-RS standard API.

Changed

  • Updated com.nimbusds:oauth2-oidc-sdk: 11.9.1 -> 11.10.1.
  • base-components has been renamed to base-component-expanders and a new stack resource with the name base-components was added to take its place.

2024.0.0 (2024-01-16)

Changed

  • Updated com.nimbusds:oauth2-oidc-sdk: 11.8 -> 11.9.
  • Several Expanders now use tags
  • Removed redundant method from EmailSender interface, which was never used and could cause issues for other implementations.

2023.14.7 (2024-08-12)

  • Re-release 2023.14.7

2023.14.6 (2024-08-12)

Fixed

  • [VEGA-380] Changed ShutdownEnginesTask target element to Node to fix an error at shutdown. (cherry-picked from 2024.5.2)

Changed

  • [VEGA-318] Skip set name in StateTransitioner if name field does not exist on status element. (cherry-picked from 2024.5.2)

  • [VEGA-318] Skip set name in StateTransitioner if name field does not exist on status element.

2023.14.5 (2023-12-19)

Merged 2023.3.3 into main branch.

Fixed

  • Parsing of email addresses in notification component threw an exception for an empty string.

Changed

  • Updated com.nimbusds:oauth2-oidc-sdk: 11.5 -> 11.8.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.38.0 -> 6.2.2
    • net.democritus.metamodel:prime-core: 2023.9.2 -> 2023.12.0

2023.14.4 (2023-11-08)

Fixed

  • Removed @Override from methods in UserAgent because Agents no longer implements AgentIf.
  • Rewrote AssetChunkInputStream to use a function instead of a reference to an AssetAgent

2023.14.3 (2023-10-28)

Fixed

  • Removed unique constraint from User.name for now, to restore old behavior, because the constraint collides with the disabled field.

Changed

  • Updated com.nimbusds:oauth2-oidc-sdk: 11.3 -> 11.5.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.37.4 -> 5.38.0
    • net.democritus.metamodel:prime-core: 2023.9.1 -> 2023.9.2

2023.14.2 (2023-10-20)

Fixed

  • Added some imports to custom code that will no longer be provided by expanded code.

Changed

  • Updated com.nimbusds:oauth2-oidc-sdk: 11.2 -> 11.3.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.37.3 -> 5.37.4

2023.14.1 (2023-10-18)

Fixed

  • Fixed issue in 2023.14.0 that caused the notification Component to be harvestable.

Changed

  • Updated expander dependencies:
    • net.democritus:Expanders: 5.37.0 -> 5.37.3

2023.14.0 (2023-10-12)

Changed

  • Updated some harvest and feature expanders for claims, to support the changes to Expanders in migrating to the new imports system.

2023.13.0 (2023-10-11)

Fixed

  • [NSX-324] Implemented fix to properly UTF-8 encode the subject of an email in the notification component.

Changed

  • Migrated GetAccessRightsAction and GetTaskAccessRightsAction to expanders in preparation for JEE9 support.
  • Changed types of sender/receiver fields for emails in notification component to new InternetMessageAddress and InternetMessageAddresses value types to enforce correct formatting.
  • Updated com.nimbusds:oauth2-oidc-sdk: 11.0 -> 11.2.

Removed

  • Removed dependency of notification component on account, utils and validation components.

2023.12.0 (2023-09-26)

Fixed

  • Updated expanders for options, so they correctly works on Application and not just ApplicationInstance:
    • baseComponents.authentication.enableOIDC
    • baseComponents.authentication.disableInternalAuth

Changed

  • Updated model to replace deprecated options hasDataBaseSchema and uniqueKey.
  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2023.6.1 -> 2023.8.0
    • net.democritus:Expanders: 5.33.0 -> 5.36.1
  • Updated com.nimbusds:oauth2-oidc-sdk: 10.14.2 -> 11.0.

2023.11.0 (2023-09-11)

Fixed

  • Added missing import for UserDetails in DataAccessBean (caused by imports cleanup in Expanders).

Changed

  • Cleaned up some code in StateTaskParameterContextFactory and WorkflowParameterContextFactory.
  • Refactored various uses of deprecated methods of ParameterContext.
  • FlowElement expanders are now only applicable when the workflow component is active.
  • Updated com.nimbusds:oauth2-oidc-sdk: 10.13.2 -> 10.14.2.

2023.10.0 (2023-08-28)

Fixed

  • Replaced some uses of deprecated code in InternalAssetBean.

Changed

  • Updated expander dependencies:
    • net.democritus:Expanders: 5.31.0 -> 5.32.0

Removed

  • Removed deprecated method TagValuePairAgent.getTagValueList(). (Deprecated since 2021-06-21)
  • Removed unused deprecated class net.democritus.io.ReporterAgent.
  • Removed deprecated constructor WorkflowInterruptRecoverer(UserContext) (Deprecated since 2022-04-14)

2023.9.0 (2023-08-17)

Fixed

  • [NSX-325] Added workaround to synchronize user creation in OIDC implementation in the application with minimal performance impact during authentication. (A database-level safeguard will be added later.)
  • Removed one more use of Options.Option that was left behind in OIDCUserTransformer.

Changed

  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2023.5.3 -> 2023.5.4
    • net.democritus:Expanders: 5.30.0 -> 5.31.0
  • Updated com.nimbusds:oauth2-oidc-sdk: 10.11 -> 10.13.2.

2023.8.2 (2023-07-13)

Fixed

  • Refactoring to Optional had resulted in a few lines of code that were not backwards compatible with Java 8.

2023.8.1 (2023-07-12)

Fixed

  • Fixed one remaining instance where an Options.Option.asOptional() was still used in the OIDC implementation.
  • A SNAPSHOT dependency for Expanders was left behind.

2023.8.0 (2023-07-12)

Changed

  • Refactored code related to breaking changes in Expanders 5.30.0.
  • All Struts actions that used Options.Option as type for fields have been refactored to nullable fields:
    • GetAccessRightsAction
    • GetTaskAccessRightsAction
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.29.0 -> 5.30.0

2023.7.0 (2023-07-11)

Changed

  • Updated com.nimbusds:oauth2-oidc-sdk: 10.9.2 -> 10.11.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.28.0 -> 5.29.0
  • Refactored code related to breaking changes in Struts 6.2.0.
  • All Struts interceptors now use the Context object stored in the session, rather than the UserContext object directly.
  • AccessInfoRetrieverAction will now log an error and return a logout when retrieving rights for a task if the name of the task is not found in the session, rather than just throwing an exception.
  • LoginUserSessionHelper.createUserSession(UserContext) is now marked as deprecated.

Removed

  • The struts action net.democritus.web.action.EnvRetrieverAction has been removed. It has been marked as deprecated for a long time and no longer had any functionality.

2023.6.0 (2023-06-30)

Changed

  • Updated taskElement options to align with Expanders update
  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2023.4.1 -> 2023.5.2
    • net.democritus:Expanders: 5.27.0 -> 5.28.0

2023.5.0 (2023-06-26)

Changed

  • Some general code cleanup.
  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2023.4.0 -> 2023.4.1
    • net.democritus:Expanders: 5.25.0 -> 5.27.0
  • Updated nsx-runtime: 2023.2.1 -> 2023.4.0
  • Replaced most uses of Context.getContext() by Context.find().
  • Replaced most uses of SearchResult.getFirst() by SearchResult.getFirstResult().
  • Replaced most uses of Options.Option by Optional.
  • Updated com.nimbusds:oauth2-oidc-sdk: 10.7.2 -> 10.9.2.

2023.4.0 (2023-06-14)

Added

  • Added SimpleValueTypes dataResources for Password and FileLink to base-components-model. This makes it possible to use when there is no dependency on net.democritus:Expanders.

Changed

  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2023.2.1 -> 2023.4.0
    • net.democritus:Expanders: 5.22.0 -> 5.25.0
  • Updated nsx-runtime: 2023.1.0 -> 2023.2.1
  • Updated NSX Maven plugin in expanders project (not in expanded code):
    • net.democritus.maven.plugins:expanders-maven-plugin: 2023.1.1 -> 2023.4.5
  • Updated to new dataResource setup.

2023.3.3 (2023-12-18)

Changed

  • (Backport 2023.7.0) Refactored code related to breaking changes in Struts 6.2.0.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.22.0 -> 5.24.0.5

2023.3.2 (2023-05-31)

Added

  • Added SCM information to deployed pom.xml artifacts

2023.3.1 (2023-04-21)

Fixed

  • Fixed issue that caused the workflow caches to not be correctly expired after edit.

2023.3.0 (2023-04-20)

Changed

  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2023.0.3 -> 2023.2.1
    • net.democritus:Expanders: 5.17.0 -> 5.22.0
  • Updated nsx-runtime: 2023.0.0 > 2023.1.0
  • Changed EngineService::lastRunAt from DateTime to Timestamp
  • Removed workflow -> validation dependency

Fixed

  • Improved translations for username and password errors

Updated

  • Updated model to use Password and FileLink ValueTypes instead of ValueFieldTypes

2023.2.6 (2023-04-19)

Changed

  • Moved com.nimbusds:oauth2-oidc-sdk dependency for OpenID Connect to data resources.
  • Updated com.nimbusds:oauth2-oidc-sdk: 9.18 -> 10.7.2. (CVE-2023-1370)

2023.2.5 (2023-04-14)

Fixed

  • Changed Notifier#content to Text, so that it has no limit

2023.2.4 (2023-04-13)

Fixed

  • Add missing isStatusField options to EngineNode and EngineNodeStatus

2023.2.3 (2023-04-13)

Fixed

  • Updated ValueFields to ValueTypes
  • Changed Notifier#content to BigString

2023.2.2 (2023-04-11)

Fixed

  • Removed showLinkDetails options from User
  • Removed support for expired legacy.vectorCollectionType.reenable option

2023.2.1 (2023-03-31)

Fixed

  • User language was not updated from OIDC token for existing users.
  • Fixed conditions of EngineRemoteExpanders, which were always expanded, even with ejb.interfaces.localOnly

2023.2.0 (2023-02-20)

Fixed

  • Fix EngineBeanExpanders to use ejb.interfaces.localOnly.
  • Add id_token_hint parameter to OIDC logoutUrl to fix the session logout for recent keycloak releases.

Changed

  • Updated expander dependencies:
    • net.democritus.metamodel:prime-core: 2023.0.2 -> 2023.0.3

2023.1.1 (2023-02-02)

Fixed

  • [VEGA-277] Removed EJBPolicy condition from UserAuthenticationLocalExpander, since EJBPolicy=REMOTE is no longer supported

2023.1.0 (2023-02-01)

Updated

  • Updated prime-core to 2023.0.2
  • Updated expanders to 5.17.0

2023.0.4 (2023-01-26)

Updated

  • Replaced includeCsvImport options with csv.import to remove warnings.

2023.0.3 (2023-01-25)

Fixed

  • Removed cache from EngineNode because it was interfering with startup mechanism

2023.0.2 (2023-01-25)

Fixed

  • [VEGA-266] Removed parentheses from claim queries, since they clash with EclipseLink
  • [VEGA-261] Catch and log Exceptions in EngineNodeConfig
  • [VEGA-237] StateTransitionerExpander: Don't set name of StateTask if name is not defined
  • [VEGA-267] Skip query in claimInstances if targetInstances parameter is empty

2023.0.1 (2023-01-17)

Merged

  • Merged v2022.7.4

2023.0.0 (2023-01-11)

Changed

  • Changed type of Asset.downloadLink, Asset.uri, ExternalAsset.uri and RemoteAsset.url from StringLink to String, as StringLink has not been supported for a while.

Removed

  • Removed deprecated DataAccess.target field.
  • Removed deprecated elements in the account component:
    • Component
    • HelpInfo
    • Menu
    • MenuItem
    • Portal
    • Screen
    • ScreenProfile
  • Removed deprecated elements in the utils component:
    • Execution
    • Executor (task element)
    • IdCounter
    • Thumbnail
  • Removed deprecated elements in the workflow component:
    • StateTimer
    • TimeTask

2022.10.9 (2022-11-14)

Fixed

  • Added some missing option types as data resources and added proper constraints and meta information for all types.

Changed

  • Updated expander dependencies:
    • net.democritus:Expanders: 5.13.3 -> 5.14.4
    • net.democritus.metamodel:prime-core: 2022.6.1 -> 2022.10.6
  • Added default values for unused fields in EngineService:
    • no for changed
    • 0 for collector

Removed

  • Removed deprecated expansion step that was used to support the previously removed option baseComponents.authentication.enableGoogleAuth.

2022.10.8 (2022-11-10)

Fixed

  • Changed name of session value keys for OIDC implementation to avoid collisions with internal keys of Struts.

2022.10.7 (2022-10-27)

Added

  • Added dataStates to Notifier model.

Changed

  • Remove unused userAgent.

Fixed

  • Fixed issue with finder import in InterruptRecovererExpander when using claims

2022.10.6 (2022-10-21)

Fixed

  • Removed deprecated option valueFieldType.disableHashCodeMethod from validation component.

2022.10.5 (2022-10-04)

Fixed

  • Reverted removal of import in WorkflowBean.

2022.10.4 (2022-10-04)

Fixed

  • Fix for the cached UserContext of the workflow responsible, which only contained the id of the user.

2022.10.3 (2022-10-04)

Fixed

  • UserGroups were not added to a User on create with OIDC authentication.

Changed

  • Updated expander dependencies:
    • net.democritus:Expanders: 5.13.0 -> 5.13.3 (several vulnerabilities in snakeyaml)

2022.10.2 (2022-09-09)

Fixed

  • Reverted migration away from SimpleUriFormat in assets component.

2022.10.1 (2022-09-08)

Fixed

  • Fixed user being resolved by name which was not always set when running workflows.

2022.10.0 (2022-09-07)

Added

  • Added option view.linkfield.displayField to several DataElements to use with new LinkField UI implementation
  • Added runWorkflowWithEngineServiceAsync and runWorkflowWithTargetsAsync to WorkflowAgent to kickstart workflow asynchronously

2022.9.0 (2022-08-30)

Fixed

  • When creating an instance of FlowJsonResult, the errors were not added to the pojo.

Changed

  • [FLOW-44] Move workflow task timeout from TaskProcessor to TaskExecutor (currently only for atomicInternal tasks).
  • Cleaned up several SonarQube violations in ext classes in the workflow component + some refactoring to clean up some of the code.
  • assets component:
    • The AssetDownloader class now logs a separate exception if more than one asset is found with the same file identifier.
    • The ExternalAssetChunkRetriever, ExternalAssetCreator and FileAssetDirectoryManager classes now use Java's built-in URLEncoder.encode() method now instead of nsx-runtime's deprecated SimpleUriFormat class, so it can now supports a far broader range of characters.
    • Added explicit assets.internalAsset.duplicateChunk error to InternalAssetChunkRetriever when more than one chunk was found for a given position in the asset.
    • Marked ByteArrayConverter class as deprecated.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.12.1 -> 5.13.0

Moved

Several Expanders and Features have been moved from Expanders to base-components:

  • Engine(Bean|Local|Remote)Expander (flowElement and serviceElement)
  • ClaimCleanerExpander
  • InterruptRecovererExpander
  • StateTransitionerExpander
  • StateViewerExpander
  • Claimable feature
  • ClaimElement feature
  • WorkflowTaskStatus feature
  • Service feature
  • EngineShutdown feature
  • TaskTimers feature

In addition, a new feature has been to extract some workflow-related logic in the FinderBeanExpander and FinderDetailsExpander:

  • FindByClaimed feature

Next, 2 new runtime libraries have been added to house runtime classes related to workflow. LayerImplementations have been defined to make sure these libraries are added as a dependency to any expanded project using the workflow.

workflow-shared-common: Most of the runtime classes in workflow.

  • net.democritus.claims.BatchRequest
  • net.democritus.claims.ReleaseRequest
  • net.democritus.claims.ClaimCleaner
  • net.democritus.claims.ClaimCleanerFactory
  • net.democritus.claims.ClaimId
  • net.democritus.state.NOPStateRecoverer
  • net.democritus.state.StateRecoverer
  • net.democritus.state.StateRecovererFactory
  • net.democritus.state.StateTransitioner
  • net.democritus.state.StateTransitionerFactory
  • net.democritus.state.StateUpdate
  • net.democritus.state.StateViewer
  • net.democritus.state.StateViewerFactory
  • net.democritus.state.TaskInterruptStateRecoverer
  • net.democritus.state.TaskUpdate
  • net.democritus.sys.workflow.FlowParameterContext
  • net.democritus.sys.workflow.FlowProcessingContext
  • net.democritus.sys.workflow.RunId
  • net.democritus.sys.workflow.TaskParameterContext
  • net.democritus.sys.workflow.TaskProcessingContext
  • net.democritus.sys.FlowOrchestrator
  • net.democritus.sys.FlowResult
  • net.democritus.sys.TaskExecutor
  • net.democritus.sys.TaskPerformer
  • net.democritus.sys.TaskPerformerByDataRef
  • net.democritus.wfe.BatchProcessingContext
  • net.democritus.wfe.EngineServiceProcessingContext

workflow-shared-jpa: Classes related to database functionality related to workflow.

  • ClaimQueryParameter (houses createClaimExistsParameter() and createClaimDoesNotExistParameter() methods)

2022.8.1 (2022-08-11)

Changed

  • Some refactoring to clean up code in OIDCUserTransformer.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.12.0 -> 5.12.1
    • net.democritus.metamodel:prime-core: 2022.6.0 -> 2022.6.1

2022.8.0 (2022-08-10)

Changed

  • Refactored use of Vector to List/ArrayList following the rest of the JEE stack expanders.
  • Removed java.util.HashSet import from UserAuthenticationBean.
  • Refactored UserAuthenticationBean.getNames() to use Java streams.
  • Updated expander dependencies:
    • net.democritus:Expanders: 5.9.3 -> 5.12.0
    • net.democritus.metamodel:prime-core: 2022.5.6 -> 2022.6.0

2022.7.3 (2022-09-23)

Fixed

  • [workflow][VEGA-249] Fixed TimerHandlerBean passing a UserContext where userName is null
  • [workflow][VEGA-233] Adding better error handling in EngineStarterBean and EngineHealthBean postConstruct methods
  • Fixed NullPointerException in preDestroy method of EngineHealthBean

2022.7.2 (2022-08-09)

Changed

  • Refactored UserAuthenticationBean to not use Vector.

Removed

  • Cleaned up deprecated code:
    • Removed net.democritus.usr.ProfileUserContext
    • Removed net.democritus.sys.ObjectValueAgent
    • Removed net.democritus.web.acting.EngineControllerAction
    • Removed net.democritus.web.acting.EngineDetailerAction

2022.7.1 (2022-06-16)

Fixed

  • Check whether OIDC logout URL is provided, as this only applied to OpenID Connect implementations that provide session management capabilities.

2022.7.0 (2022-06-09)

Added

  • Added context to user session next to userContext
  • [NSX-220] Add support for OIDC logout

Changed

  • [NSX-217] Add more OIDC error logging
  • Fix some OIDC sonarqube bugs
  • [FLOW-40] Optimize database query to update engineService.lastRunAt

Fixed

  • [FLOW-16] Fix multiple cached instances

2022.6.0 (2022-05-30)

Changed

  • Updated 3rd party dependencies in expanders project (not in expanded code):
    • Maven plugins:
      • org.apache.maven.plugins:maven-jar-plugin: 3.2.0 -> 3.2.2
      • org.apache.maven.plugins:flatten-maven-plugin: 1.2.1 -> 1.2.7
  • Updated NSX Maven plugin in expanders project (not in expanded code):
    • net.democritus.maven.plugins:expanders-maven-plugin: 2021.5.13 -> 2022.1.6
  • Updated expander dependencies (minimum version) to address security vulnerabilities:
    • net.democritus:Expanders: 5.2.4 -> 5.9.3
    • net.democritus.metamodel:prime-core: 2021.5.12 -> 2022.5.6
  • Updated model files to format supported by prime-core version 2022.5.6.

2022.5.2 (2022-05-19)

Fixed

  • Fix NPE in TimeWindowValidator
  • Fix StateTaskDetailsWithoutRefs -> StateTaskDetails

2022.5.1 (2022-05-16)

  • re-release 2022.5.0

2022.5.0 (2022-05-16)

Changed

  • Optimize getParamTargetValue() with skipCount
  • Add error logging on workflow related tasks
  • [FLOW-16] Cache workflow runtime configuration to reduce database queries
  • [FLOW-16] Use detailsWithoutRefs projection in workflow orchestration to reduce database queries
  • [FLOW-16] Update EngineNodeService with projection to reduce database queries
  • [FLOW-13] Add 'refresh' button to engineService table to force a timer reset if settings are changed
  • [FLOW-26] Ignore collector from EngineService

Fixed

  • [FLOW-13] Fixed automatic timer reset on timeout when settings are changed
  • [FLOW-36] Fix incorrect timewindow validation in last minute of window

Changed

  • [FLOW-22] Add support for task timeout in ExecutorServiceTaskProcessor

2022.4.1 (2022-04-14)

Fixed

  • Fixed naming conflict in harvest code
  • Fixed missing imports

2022.4.0 (2022-04-14)

Added

  • Added workflow/workflow-recover-json endpoint to start recovering instances, mainly used for tests. Provide the workflow reference as a parameter, e.g. workflow/workflow-recover-json?workflow.name=MessageProcessorFlow

2022.3.0 (2022-02-18)

Added

  • Added run now button to engineService table

2022.2.1 (2022-02-16)

Fixed

  • [NSX-213] Verify that email is present in OIDC token as this is a required field.

Added

  • [NSX-218] Added support to the OIDC authentication for UserGroups.

Changed

  • Performance optimizations in OIDC flow.

2022.2.0 (2022-02-07)

Removed

  • [VEGA-173] Removed start/stop engine buttons from workflow page, since they are automatically managed by the EngineStarterBean

Fixed

  • OIDC implementation failed on non-standard ports on a reverse proxy in front of the application.
  • Added synchronization to EngineNodeContextRetriever#getEngineNode() to prevent the EngineNode from being created multiple times

2021.6.1 (2021-12-13)

Fixed

  • Fixed DataAccessFinderBean not using ENTITY_NAME in a custom finder harvest

Removed

  • Removed obsolete ProfileFindByUserGroups_ProfileEqDetails originally used by a long removed UserGroupScreenInfoRetrieverAction

2021.6.0 (2021-12-06)

Removed

  • Removed obsolete cocoon addScreen() and getScreenVector() harvests for Profile and ScreenProfile elements
    • This is likely to break existing overlays/copy-pastes of LoginUserSessionHelper, please sync your code
  • Removed obsolete cocoon ScreenInfoRetrieverAction behavior (it is a no-op now)

2021.5.0 (2021-12-06)

Added

  • Added delete stub for custom asset types to implementation class.

2021.4.4 (2021-10-28)

Fixed

  • OpenID Connect pipeline did not always terminate in the authentication process.

2021.4.3 (2021-10-21)

Added

  • Support for OIDC access tokens, to support OIDC for APIs.

2021.4.2 (2021-10-20)

Fixed

  • Default value for defaultLoginTimeout with OpenID Connect was not set if the property was not present (and empty) in the configuration.

2021.4.1 (2021-10-20)

Fixed

  • User profile and account should only update if externally managed through OpenID Connect provider.

2021.4.0 (2021-10-20)

Added

  • Option baseComponents.isAccount on the account component to match the component in its expanders.
  • Generic support for OpenID Connect authentication from any provider with the ApplicationInstance option baseComponents.authentication.enableOIDC.

Changed

  • AccountApplicationSettings now combines the settings of all account.ns.properties files found in the classpath. This allows some settings to be specified inside the application and some outside of it.
  • Moved AccountApplicationSettings as expander to net.democritus:Expanders.

Removed

  • Removed support for the proprietary Google authentication implementation for OpenID Connect and the related baseComponents.authentication.enableGoogleAuth option.
  • Removed includeBouncyCastle option on utils component.

2021.3.1 (2021-09-21)

Fixed

  • Fixed some files containing non-ASCII characters

2021.3.0 (2021-07-16)

Fixed

  • Translation for DataAccess.authorized field.

Added

  • [NSX-163] Added support methods to validate listFields in TagValuePairAgent
  • Added support for component name in DataAccess element. It should be inserted in the element field as componentName_dataElementName. Just defining the name of the element is still supported, but discouraged.
  • Added wildcard right for DataAccess as all, which can be used to deny all rights for an element when the default is allowing all rights, or to allow all rights for an element when the default is denying all rights.
  • Added simple wildcard support for components and elements in the DataAccess element where the element can be * to cover all elements in every component, or componentName_* to cover every element in a component.
  • Added net.democritus.acl.ConfigurableDataAuthorizationImpl and net.democritus.acl.ConfigurableTaskAuthorizationImpl classes as an alternative default implementation for the authorization tasks. They default to deny all (or whitelisting), which requires you to define all rights (made easier by the wildcard support). It can be configured to use allow all (or blacklisting) by default if the ParamTargetValue with name defaultAccessRights is set to allowAll.

Changed

  • DataAccessRights and TaskAccessRights can now take an instance of AccessRightStrategy, which determines the default authorization for access rights, as well as how access rights are combined.

Removed

  • Removed junit:junit dependency in assets-shared, which is already added by the expanders.
  • Removed net.democritus:nsx-logging dependency in assets-shared, which is already inherited from net.democritus:nsx-shared-common.
  • Removed unused org.json:json dependency in account-logic.

2021.2.1 (2021-06-08)

Fixed

  • Fixed issue where AccessInfoInterceptor would reject saveDetails actions when the user has modify rights, but not create rights.
  • Fixed ParamTargetValueBean#setParamTargetValue not updating existing values
  • Fixed ExecutorServiceTaskProcessor getting stuck when completionService.submit() throws an exception (e.g. when the executorService queue is too small)

2021.2.0 (2021-05-07)

Added

  • Added ExecutorServiceTaskProcessor, which uses an ExecutorService to perform tasks

2021.1.0 (2021-03-10)

Added

  • Added base-components-model:jar:model-components classifier containing only pure NS model (without harvest/etc.)

2021.0.1 (2021-01-18)

Fixed

  • EngineNodeUpdater now automatically removes EngineNodes with duplicate names during startup.

2021.0.0 (2021-01-14)

Fixed

  • Updated custom code in base-components to use most recent finders

2020.12.2 (2020-12-04)

Fixed

  • ParamTargetValueAgent.setParamTargetValue() now correctly sets the param field instead of the name to the given paramName.

2020.12.1 (2020-11-24)

Fixed

  • Fixed EmbeddedAssetUpload feature to work with change in expanders 4.11.1

2020.12.0 (2020-11-24)

Added

  • Added PTV support to configure a default user timeout value for accounts with Google authentication.

2020.11.3 (2020-11-10)

Fixed

  • Fixed issue with Register external asset button on Assets page.
  • Reverted implementation of LoginValidatorAction to proxy the login call though the Authentication element's task, instead of calling the authentication pipeline in User directly.
  • Removed transaction from run-workflow methods

2020.11.2 (2020-10-23)

Fixed

  • Fixed an issue in the TimerHandlerBean where the timer would get stuck if the database failed when trying to retrieve the details projection of the EngineService.

2020.11.1 (2020-10-09)

Updated

  • Updated nsx-parent 2020.5 -> 2020.9.1

2020.11.0 (2020-09-24)

Added

  • A workflow can now be triggered with a POST request to /workflow/workflow-run-json.
    • to run it based on an engineService; You must define a dataRef engineService. E.g. http://localhost:9400/messageApp/workflow/workflow-run-json?engineService.name=MessageImportEngineService
    • to run it with a set of targetInstance; You must define a dataRef workflow and an array of dataRefs targetInstances. E.g. http://localhost:9400/messageApp/workflow/workflow-run-json with body: 
      {
          "workflow": {
              "name": "MessageImportService"
          },
          "targetInstances": [
              {
                  "id": 351
              }
          ]
      }
  • In addition, the WorkflowAgent has new methods runWorkflowWithEngineService(DataRef engineService) and runWorkflowWithTargets(DataRef workflow, List<DataRef> targetInstances) that will trigger a workflow.

2020.10.0 (2020-07-16)

Added

  • [account] Added support for Google authentication. This is enabled by adding the ApplicationInstance option baseComponents.authentication.enableGoogleAuth. The value of this option should be the client ID that can be obtained from the Google API console. For more information refer to https://developers.google.com/identity/one-tap/web/guides/get-google-api-clientid.
  • [account] Added an ApplicationInstance option to disable the internal password authentication baseComponents.authentication.disableInternalAuth. This will not remove the mechanism to authenticate, but rather remove the login form from the UI and disable login in the struts action that processes the login.
  • [account] Added a new expanded authentication pipeline in the User element. This pipeline passes through the entire stack and ends up in its own new UserAuthenticationBean in the logic layer. This new bean class can be used to add additional authentication methods through expander features. Similar to finders and other pipelines, the type of the POJO sent through the pipeline determines the implication called.

Changed

  • [account] The internal password authentication implementation has moved to the new UserAuthenticationBean. The previous authentication system using the authentication TaskElement is still present and behaves the same as previously, but now serves as a proxy to the authentication pipeline.

2020.9.1 (2020-07-09)

  • Fixed issue in TimerHandlerBean that would set busy flag to false after any timer tick

2020.9.0 (2020-05-29)

  • Updated dependencies

2020.8.0 (2020-05-26)

Added

  • Support for external asset types defined in other components. These are represented by DataElements marked with the assets.implementsCustomAsset option. The value of this option is used as the name of the new asset type, or the name of the DataElement is used if no value is given in the option. An implementation stub is generated in the logic layer for the DataElement, where an AssetStream has to be provided upon retrieval or persisted when uploading.
  • Struts actions now enforce their specific http methods (same as if globalOptionSettings.enforceHttpMethod was always enabled)

2020.7.0 (2020-05-07)

Added

  • Added submodule base-components-model providing just the model resource without expanders

Changed

  • Renamed standard dependency from baseComponents to base-components

Removed

  • Removed cocoon ext code

2020.6.1 (2020-04-24)

Fixed

  • Store result of EngineNode name to prevent the name changing due to a changing hostname
  • Fix customizations for option jpa.entity.name.format

2020.6.0 (2020-04-10)

Fixed

  • Wrong class was used to check for TaskParameterContext constructors, resulting in context not being passed through as intended.

2020.5.0 (2020-03-19)

Fixed

  • AccessInfoRetrieverAction is now compatible with both struts 2.3 and 2.5

2020.4.0 (2020-03-06)

Added

  • Build baseComponents as expansion resource

2020.3.0 (2020-02-27)

Fixed

  • Fix issues with threading and create engineNodeService if missing

2020.2.0 (2020-02-07)

Changed

  • Updated AccessInfoRetrieveAction for struts 2.5

Removed

  • dependency jar files are no longer packaged

2020.1.0 (2020-01-22)

Added

  • WorkflowParameterContextFactory and StateTaskParameterContextFactory now pass the context through to parameterContext. The factories first check if the correct constructor is present, in case the application is expanded with an earlier expander version and thus a nsx-runtime version < 2019.7.1
  • Modified the label of workflow::Workflow::className to 'Flow element name' to better represent how the actual value is used.
  • Added clearer error message if workflow::Workflow::className is not correctly defined