added proprietary module to base packages for scanning

clean up
2025-10-25 11:17:28 +02:00 · 2025-05-27 19:55:15 +01:00 · 2025-05-27 19:55:15 +01:00 · 2b9a3924d3
commit 2b9a3924d3
parent 6d8173b021
9 changed files with 101 additions and 78 deletions
--- a/Dockerfile.fat
+++ b/Dockerfile.fat
@ -5,6 +5,8 @@ COPY build.gradle .
 COPY settings.gradle .
 COPY gradlew .
 COPY gradle gradle/
+COPY common/build.gradle common/.
+COPY proprietary/build.gradle proprietary/.
 RUN ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube || return 0

 # Set the working directory
--- a/2
+++ b/2
@ -1,6 +1,6 @@
 MIT License

-Copyright (c) 2024 Stirling Tools
+Copyright (c) 2025 Stirling PDF Inc.

 Portions of this software are licensed as follows:

--- a/build.gradle
+++ b/build.gradle
@ -270,8 +270,6 @@ tasks.register('jpackageMacX64') {
    }
 }

-//jpackage.finalizedBy(jpackageMacX64)
-
 tasks.register('downloadTempJre') {
    group = 'distribution'
    description = 'Downloads and extracts a temporary JRE'
@ -421,20 +419,16 @@ dependencies {
    implementation("io.github.pixee:java-security-toolkit:1.2.1")

    // Exclude Tomcat and include Jetty
-    implementation("org.springframework.boot:spring-boot-starter-web:$springBootVersion")
+//    implementation("org.springframework.boot:spring-boot-starter-web:$springBootVersion")
    implementation "org.springframework.boot:spring-boot-starter-jetty:$springBootVersion"
-
-    implementation "org.springframework.boot:spring-boot-starter-thymeleaf:$springBootVersion"
+//    implementation "org.springframework.boot:spring-boot-starter-thymeleaf:$springBootVersion"
    implementation 'com.posthog.java:posthog:1.2.0'
    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
-
+    implementation 'org.snakeyaml:snakeyaml-engine:2.9'

    if (System.getenv("DOCKER_ENABLE_SECURITY") != "false") {
        implementation project(':proprietary')
    }
-    implementation 'org.snakeyaml:snakeyaml-engine:2.9'
-
-    testImplementation "org.springframework.boot:spring-boot-starter-test:$springBootVersion"

    // Batik
    implementation "org.apache.xmlgraphics:batik-all:1.19"
@ -442,10 +436,12 @@ dependencies {
    // TwelveMonkeys
    runtimeOnly "com.twelvemonkeys.imageio:imageio-batik:$imageioVersion"
    runtimeOnly "com.twelvemonkeys.imageio:imageio-bmp:$imageioVersion"
+    runtimeOnly "com.twelvemonkeys.imageio:imageio-jpeg:$imageioVersion"
+    runtimeOnly "com.twelvemonkeys.imageio:imageio-tiff:$imageioVersion"
+    runtimeOnly "com.twelvemonkeys.imageio:imageio-webp:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-hdr:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-icns:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-iff:$imageioVersion"
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-jpeg:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-pcx:$imageioVersion@
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-pict:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-pnm:$imageioVersion"
@ -453,24 +449,18 @@ dependencies {
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-sgi:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-tga:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-thumbsdb:$imageioVersion"
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-tiff:$imageioVersion"
-    runtimeOnly "com.twelvemonkeys.imageio:imageio-webp:$imageioVersion"
    // runtimeOnly "com.twelvemonkeys.imageio:imageio-xwd:$imageioVersion"

    // Image metadata extractor
    implementation "com.drewnoakes:metadata-extractor:2.19.0"
-
    implementation "commons-io:commons-io:2.19.0"
-    implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"
-    //general PDF
+//    implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"

+    // General PDF
    // https://mvnrepository.com/artifact/com.opencsv/opencsv
    implementation ("com.opencsv:opencsv:5.11")
-
-    implementation ("org.apache.pdfbox:pdfbox:$pdfboxVersion")
+//    implementation ("org.apache.pdfbox:pdfbox:$pdfboxVersion")
    implementation "org.apache.pdfbox:preflight:$pdfboxVersion"
-
-
    implementation ("org.apache.pdfbox:xmpbox:$pdfboxVersion")

    // https://mvnrepository.com/artifact/technology.tabula/tabula
@ -494,7 +484,6 @@ dependencies {
    // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17
    implementation "com.bucket4j:bucket4j_jdk17-core:8.14.0"
    implementation "com.fathzer:javaluator:3.0.6"
-
    implementation 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8'

    developmentOnly("org.springframework.boot:spring-boot-devtools:$springBootVersion")
@ -504,6 +493,7 @@ dependencies {
    // Mockito (core)
    testImplementation 'org.mockito:mockito-core:5.18.0'
    testRuntimeOnly 'org.mockito:mockito-inline:5.2.0'
+    testImplementation "org.springframework.boot:spring-boot-starter-test:$springBootVersion"
 }

 tasks.withType(JavaCompile).configureEach {
--- a/common/build.gradle
+++ b/common/build.gradle
@ -30,19 +30,19 @@ dependencyManagement {
 }

 dependencies {
-    implementation 'org.springframework.boot:spring-boot-starter-web'
-    implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
-    implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
-    implementation 'com.fathzer:javaluator:3.0.6'
-    implementation 'com.posthog.java:posthog:1.2.0'
-    implementation 'io.github.pixee:java-security-toolkit:1.2.1'
-    implementation 'org.apache.commons:commons-lang3:3.17.0'
-    implementation 'com.drewnoakes:metadata-extractor:2.19.0' // Image metadata extractor
-    implementation 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8'
-    implementation "org.apache.pdfbox:pdfbox:$pdfboxVersion"
-    implementation 'jakarta.servlet:jakarta.servlet-api:6.1.0'
-    implementation 'org.snakeyaml:snakeyaml-engine:2.9'
-    implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"
+    api 'org.springframework.boot:spring-boot-starter-web'
+    api 'org.springframework.boot:spring-boot-starter-thymeleaf'
+    api 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
+    api 'com.fathzer:javaluator:3.0.6'
+    api 'com.posthog.java:posthog:1.2.0'
+    api 'io.github.pixee:java-security-toolkit:1.2.1'
+    api 'org.apache.commons:commons-lang3:3.17.0'
+    api 'com.drewnoakes:metadata-extractor:2.19.0' // Image metadata extractor
+    api 'com.vladsch.flexmark:flexmark-html2md-converter:0.64.8'
+    api "org.apache.pdfbox:pdfbox:$pdfboxVersion"
+    api 'jakarta.servlet:jakarta.servlet-api:6.1.0'
+    api 'org.snakeyaml:snakeyaml-engine:2.9'
+    api "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.8"

    compileOnly "org.projectlombok:lombok:$lombokVersion"
    annotationProcessor "org.projectlombok:lombok:$lombokVersion"
--- a/proprietary/LICENSE-proprietary
+++ b/proprietary/LICENSE-proprietary
@ -1,26 +1,54 @@
-Stirling PDF Enterprise Edition (EE) license (the “EE License”)
+Stirling PDF User License

-Copyright (c) 2025-present Stirling Tools
+Copyright (c) 2025 Stirling PDF Inc.

-With regard to the Stirling PDF Software:
+License Scope & Usage Rights
+
+Production use of the Stirling PDF Software is only permitted with a valid Stirling PDF User License.
+
+For purposes of this license, “the Software” refers to the Stirling PDF application and any associated documentation files
+provided by Stirling PDF Inc. You or your organization may not use the Software in production, at scale, or for business-critical
+processes unless you have agreed to, and remain in compliance with, the Stirling PDF Subscription Terms of Service
+(https://www.stirlingpdf.com/terms) or another valid agreement with Stirling PDF, and hold an active User License subscription
+covering the appropriate number of licensed users.

 Trial and Minimal Use

-You may use the Software without a subscription for purposes of trial, evaluation, or minimal use, including use by individuals,
-organizations, or businesses, provided that:
-    * The usage is limited in scope (e.g. up to five (5) sessions or uses, or as otherwise defined within the Software);
-    * You do not modify, distribute, sublicense, or reverse-engineer the Software;
-    * Any continued use beyond the permitted trial or minimal use scope requires a valid Stirling PDF Enterprise Edition
-    subscription for the appropriate number of users.
+You may use the Software without a paid subscription for the sole purposes of internal trial, evaluation, or minimal use,
+provided that:

-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+* Use is limited to no more than five (5) named users or sessions;
+* Use is strictly non-production, for internal testing or evaluation only;
+* You do not copy, distribute, sublicense, reverse-engineer, or use the Software in client-facing or commercial contexts.

-For all third party components incorporated into the Stirling PDF Software, those
-components are licensed under the original license provided by the owner of the
-applicable component.
+Continued use beyond this scope requires a valid Stirling PDF User License.
+
+Modifications and Derivative Works
+
+You may modify the Software only for development or internal testing purposes. Any such modifications or derivative works:
+
+* May not be deployed in production environments without a valid User License;
+* May not be distributed or sublicensed;
+* Remain the intellectual property of Stirling PDF and/or its licensors;
+* May only be used, copied, or exploited in accordance with the terms of a valid Stirling PDF User License subscription.
+
+Prohibited Actions
+
+Unless explicitly permitted by a paid license or separate agreement, you may not:
+
+* Use the Software in production environments;
+* Copy, merge, distribute, sublicense, or sell the Software;
+* Remove or alter any licensing or copyright notices;
+* Circumvent access restrictions or licensing requirements.
+
+Third-Party Components
+
+The Stirling PDF Software may include components subject to separate open source licenses. Such components remain governed by
+their original license terms as provided by their respective owners.
+
+Disclaimer
+
+THE SOFTWARE IS PROVIDED “AS IS,” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES, OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT, OR OTHERWISE, ARISING FROM, OUT OF, OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java
+++ b/proprietary/src/main/java/stirling/software/proprietary/security/configuration/DatabaseConfig.java
@ -4,6 +4,7 @@ import javax.sql.DataSource;
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnBooleanProperty;
 import org.springframework.boot.autoconfigure.domain.EntityScan;
 import org.springframework.boot.jdbc.DataSourceBuilder;
 import org.springframework.boot.jdbc.DatabaseDriver;
@ -54,14 +55,25 @@ public class DatabaseConfig {
    public DataSource dataSource() throws UnsupportedProviderException {
        DataSourceBuilder<?> dataSourceBuilder = DataSourceBuilder.create();

-        if (!runningProOrHigher) {
+        if (!runningProOrHigher || !datasource.isEnableCustomDatabase()) {
            return useDefaultDataSource(dataSourceBuilder);
        }

-        if (!datasource.isEnableCustomDatabase()) {
-            return useDefaultDataSource(dataSourceBuilder);
-        }
+        return useCustomDataSource(dataSourceBuilder);
+    }

+    private DataSource useDefaultDataSource(DataSourceBuilder<?> dataSourceBuilder) {
+        log.info("Using default H2 database");
+
+        dataSourceBuilder.url(DATASOURCE_DEFAULT_URL)
+            .driverClassName(DatabaseDriver.H2.getDriverClassName())
+            .username(DEFAULT_USERNAME);
+
+        return dataSourceBuilder.build();
+    }
+
+    @ConditionalOnBooleanProperty(name = "premium.enabled")
+    private DataSource useCustomDataSource(DataSourceBuilder<?> dataSourceBuilder) throws UnsupportedProviderException {
        log.info("Using custom database configuration");

        if (!datasource.getCustomDatabaseUrl().isBlank()) {
@ -73,11 +85,11 @@ public class DatabaseConfig {
        } else {
            dataSourceBuilder.driverClassName(getDriverClassName(datasource.getType()));
            dataSourceBuilder.url(
-                    generateCustomDataSourceUrl(
-                            datasource.getType(),
-                            datasource.getHostName(),
-                            datasource.getPort(),
-                            datasource.getName()));
+                generateCustomDataSourceUrl(
+                    datasource.getType(),
+                    datasource.getHostName(),
+                    datasource.getPort(),
+                    datasource.getName()));
        }
        dataSourceBuilder.username(datasource.getUsername());
        dataSourceBuilder.password(datasource.getPassword());
@ -85,16 +97,6 @@ public class DatabaseConfig {
        return dataSourceBuilder.build();
    }

-    private DataSource useDefaultDataSource(DataSourceBuilder<?> dataSourceBuilder) {
-        log.info("Using default H2 database");
-
-        dataSourceBuilder.url(DATASOURCE_DEFAULT_URL)
-            .driverClassName(DatabaseDriver.H2.getDriverClassName())
-            .username(DEFAULT_USERNAME);
-
-        return dataSourceBuilder.build();
-    }
-
    /**
     * Generate the URL the <code>DataSource</code> will use to connect to the database
     *
--- a/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java
+++ b/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java
@ -6,7 +6,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.DependsOn;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
@ -26,7 +25,7 @@ import org.springframework.security.web.authentication.rememberme.PersistentToke
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
 import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.security.web.savedrequest.NullRequestCache;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
 import stirling.software.common.configuration.AppConfig;
 import stirling.software.common.model.ApplicationProperties;
 import stirling.software.proprietary.security.CustomAuthenticationFailureHandler;
@ -53,7 +52,6 @@ import stirling.software.proprietary.security.session.SessionPersistentRegistry;
@Configuration
@EnableWebSecurity
@EnableMethodSecurity
-@DependsOn("runningProOrHigher")
 public class SecurityConfiguration {

    private final CustomUserDetailsService userDetailsService;
@ -167,7 +165,7 @@ public class SecurityConfiguration {
            http.requestCache(requestCache -> requestCache.requestCache(new NullRequestCache()));
            http.logout(
                logout ->
-                    logout.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
+                    logout.logoutRequestMatcher(PathPatternRequestMatcher.withDefaults().matcher("/logout"))
                        .logoutSuccessHandler(
                            new CustomLogoutSuccessHandler(applicationProperties, appConfig))
                        .clearAuthentication(true)
--- a/src/main/java/stirling/software/SPDF/SPDFApplication.java
+++ b/src/main/java/stirling/software/SPDF/SPDFApplication.java
@ -35,7 +35,11 @@ import stirling.software.common.util.UrlUtils;
@Slf4j
@EnableScheduling
@SpringBootApplication(
-        scanBasePackages = {"stirling.software.common", "stirling.software.SPDF"},
+        scanBasePackages = {
+            "stirling.software.common",
+            "stirling.software.SPDF",
+            "stirling.software.proprietary.security"
+        },
        exclude = {
            DataSourceAutoConfiguration.class,
            DataSourceTransactionManagerAutoConfiguration.class
--- a/src/main/resources/settings.yml.template
+++ b/src/main/resources/settings.yml.template
@ -64,7 +64,6 @@ premium:
  key: 00000000-0000-0000-0000-000000000000
  enabled: true # Enable license key checks for pro/enterprise features
  proFeatures:
-    customDatabase: false # Enable database features todo: use only for custom DB
    SSOAutoLogin: false
    CustomMetadata:
      autoUpdateMetadata: false