diff --git a/app/common/src/main/java/stirling/software/common/configuration/AppConfig.java b/app/common/src/main/java/stirling/software/common/configuration/AppConfig.java index 4c638c7cc..21b0668c3 100644 --- a/app/common/src/main/java/stirling/software/common/configuration/AppConfig.java +++ b/app/common/src/main/java/stirling/software/common/configuration/AppConfig.java @@ -70,7 +70,7 @@ public class AppConfig { @Bean(name = "loginEnabled") public boolean loginEnabled() { - return applicationProperties.getSecurity().getEnableLogin(); + return applicationProperties.getSecurity().isEnableLogin(); } @Bean(name = "appName") @@ -120,9 +120,7 @@ public class AppConfig { @Bean(name = "enableAlphaFunctionality") public boolean enableAlphaFunctionality() { - return applicationProperties.getSystem().getEnableAlphaFunctionality() != null - ? applicationProperties.getSystem().getEnableAlphaFunctionality() - : false; + return applicationProperties.getSystem().isEnableAlphaFunctionality(); } @Bean(name = "rateLimit") diff --git a/app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java b/app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java index 91d39a1ff..2aba77b25 100644 --- a/app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java +++ b/app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java @@ -112,8 +112,8 @@ public class ApplicationProperties { @Data public static class Security { - private Boolean enableLogin; - private Boolean csrfDisabled; + private boolean enableLogin; + private boolean csrfDisabled; private InitialLogin initialLogin = new InitialLogin(); private OAUTH2 oauth2 = new OAUTH2(); private SAML2 saml2 = new SAML2(); @@ -295,8 +295,8 @@ public class ApplicationProperties { throw new UnsupportedProviderException( "Logout from the provider " + registrationId - + " is not supported. " - + "Report it at https://github.com/Stirling-Tools/Stirling-PDF/issues"); + + " is not supported. Report it at" + + " https://github.com/Stirling-Tools/Stirling-PDF/issues"); }; } } @@ -314,19 +314,19 @@ public class ApplicationProperties { @Data public static class System { private String defaultLocale; - private Boolean googlevisibility; + private boolean googlevisibility; private boolean showUpdate; - private Boolean showUpdateOnlyAdmin; + private boolean showUpdateOnlyAdmin; private boolean customHTMLFiles; private String tessdataDir; - private Boolean enableAlphaFunctionality; + private boolean enableAlphaFunctionality; private Boolean enableAnalytics; private Boolean enablePosthog; private Boolean enableScarf; private Datasource datasource; - private Boolean disableSanitize; + private boolean disableSanitize; private int maxDPI; - private Boolean enableUrlToPDF; + private boolean enableUrlToPDF; private Html html = new Html(); private CustomPaths customPaths = new CustomPaths(); private String fileUploadLimit; @@ -453,10 +453,10 @@ public class ApplicationProperties { @Override public String toString() { return """ - Driver { - driverName='%s' - } - """ + Driver { + driverName='%s' + } + """ .formatted(driverName); } } @@ -491,7 +491,7 @@ public class ApplicationProperties { @Data public static class Metrics { - private Boolean enabled; + private boolean enabled; } @Data diff --git a/app/common/src/main/java/stirling/software/common/service/PostHogService.java b/app/common/src/main/java/stirling/software/common/service/PostHogService.java index e788af9fb..6c42e093f 100644 --- a/app/common/src/main/java/stirling/software/common/service/PostHogService.java +++ b/app/common/src/main/java/stirling/software/common/service/PostHogService.java @@ -253,11 +253,11 @@ public class PostHogService { addIfNotEmpty( properties, "security_enableLogin", - applicationProperties.getSecurity().getEnableLogin()); + applicationProperties.getSecurity().isEnableLogin()); addIfNotEmpty( properties, "security_csrfDisabled", - applicationProperties.getSecurity().getCsrfDisabled()); + applicationProperties.getSecurity().isCsrfDisabled()); addIfNotEmpty( properties, "security_loginAttemptCount", @@ -302,13 +302,13 @@ public class PostHogService { addIfNotEmpty( properties, "system_googlevisibility", - applicationProperties.getSystem().getGooglevisibility()); + applicationProperties.getSystem().isGooglevisibility()); addIfNotEmpty( properties, "system_showUpdate", applicationProperties.getSystem().isShowUpdate()); addIfNotEmpty( properties, "system_showUpdateOnlyAdmin", - applicationProperties.getSystem().getShowUpdateOnlyAdmin()); + applicationProperties.getSystem().isShowUpdateOnlyAdmin()); addIfNotEmpty( properties, "system_customHTMLFiles", @@ -320,7 +320,7 @@ public class PostHogService { addIfNotEmpty( properties, "system_enableAlphaFunctionality", - applicationProperties.getSystem().getEnableAlphaFunctionality()); + applicationProperties.getSystem().isEnableAlphaFunctionality()); addIfNotEmpty( properties, "system_enableAnalytics", @@ -337,7 +337,7 @@ public class PostHogService { // Capture Metrics properties addIfNotEmpty( - properties, "metrics_enabled", applicationProperties.getMetrics().getEnabled()); + properties, "metrics_enabled", applicationProperties.getMetrics().isEnabled()); // Capture EnterpriseEdition properties addIfNotEmpty( diff --git a/app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java b/app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java index c5fb07645..05bb6e546 100644 --- a/app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java +++ b/app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java @@ -62,8 +62,7 @@ public class CustomHtmlSanitizer { .and(new HtmlPolicyBuilder().disallowElements("noscript").toFactory()); public String sanitize(String html) { - boolean disableSanitize = - Boolean.TRUE.equals(applicationProperties.getSystem().getDisableSanitize()); + boolean disableSanitize = applicationProperties.getSystem().isDisableSanitize(); return disableSanitize ? html : POLICY.sanitize(html); } } diff --git a/app/common/src/test/java/stirling/software/common/util/CustomHtmlSanitizerTest.java b/app/common/src/test/java/stirling/software/common/util/CustomHtmlSanitizerTest.java index baef37251..aa2c64a84 100644 --- a/app/common/src/test/java/stirling/software/common/util/CustomHtmlSanitizerTest.java +++ b/app/common/src/test/java/stirling/software/common/util/CustomHtmlSanitizerTest.java @@ -36,7 +36,7 @@ class CustomHtmlSanitizerTest { // strict-stubbing failures when individual tests bypass certain branches. lenient().when(ssrfProtectionService.isUrlAllowed(anyString())).thenReturn(true); lenient().when(applicationProperties.getSystem()).thenReturn(systemProperties); - lenient().when(systemProperties.getDisableSanitize()).thenReturn(false); + lenient().when(systemProperties.isDisableSanitize()).thenReturn(false); customHtmlSanitizer = new CustomHtmlSanitizer(ssrfProtectionService, applicationProperties); } @@ -374,7 +374,7 @@ class CustomHtmlSanitizerTest { "

ok

"; // For this test, disable sanitize - when(systemProperties.getDisableSanitize()).thenReturn(true); + when(systemProperties.isDisableSanitize()).thenReturn(true); // Also ensure SSRF would block it if sanitization were enabled (to prove bypass) lenient().when(ssrfProtectionService.isUrlAllowed(anyString())).thenReturn(false); diff --git a/app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java b/app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java index e39adb78e..7d0d9b4f0 100644 --- a/app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java +++ b/app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java @@ -48,7 +48,7 @@ class EmlToPdfTest { when(mockSsrfProtectionService.isUrlAllowed(org.mockito.ArgumentMatchers.anyString())) .thenReturn(true); when(mockApplicationProperties.getSystem()).thenReturn(mockSystem); - when(mockSystem.getDisableSanitize()).thenReturn(false); + when(mockSystem.isDisableSanitize()).thenReturn(false); customHtmlSanitizer = new CustomHtmlSanitizer(mockSsrfProtectionService, mockApplicationProperties); diff --git a/app/common/src/test/java/stirling/software/common/util/FileToPdfTest.java b/app/common/src/test/java/stirling/software/common/util/FileToPdfTest.java index 9fd09ab5e..5a98bdbb7 100644 --- a/app/common/src/test/java/stirling/software/common/util/FileToPdfTest.java +++ b/app/common/src/test/java/stirling/software/common/util/FileToPdfTest.java @@ -29,7 +29,7 @@ public class FileToPdfTest { when(mockSsrfProtectionService.isUrlAllowed(org.mockito.ArgumentMatchers.anyString())) .thenReturn(true); when(mockApplicationProperties.getSystem()).thenReturn(mockSystem); - when(mockSystem.getDisableSanitize()).thenReturn(false); + when(mockSystem.isDisableSanitize()).thenReturn(false); customHtmlSanitizer = new CustomHtmlSanitizer(mockSsrfProtectionService, mockApplicationProperties); diff --git a/app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java b/app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java index 65bcd420d..d8b00b0e7 100644 --- a/app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java +++ b/app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java @@ -475,7 +475,7 @@ public class EndpointConfiguration { disableGroup("enterprise"); } - if (!applicationProperties.getSystem().getEnableUrlToPDF()) { + if (!applicationProperties.getSystem().isEnableUrlToPDF()) { disableEndpoint("url-to-pdf"); } } diff --git a/app/core/src/main/java/stirling/software/SPDF/config/InitialSetup.java b/app/core/src/main/java/stirling/software/SPDF/config/InitialSetup.java index 2d261c660..f8dbeea48 100644 --- a/app/core/src/main/java/stirling/software/SPDF/config/InitialSetup.java +++ b/app/core/src/main/java/stirling/software/SPDF/config/InitialSetup.java @@ -61,11 +61,9 @@ public class InitialSetup { public void initEnableCSRFSecurity() throws IOException { if (GeneralUtils.isVersionHigher( "0.46.0", applicationProperties.getAutomaticallyGenerated().getAppVersion())) { - Boolean csrf = applicationProperties.getSecurity().getCsrfDisabled(); + boolean csrf = applicationProperties.getSecurity().isCsrfDisabled(); if (!csrf) { - GeneralUtils.saveKeyToSettings("security.csrfDisabled", false); GeneralUtils.saveKeyToSettings("system.enableAnalytics", true); - applicationProperties.getSecurity().setCsrfDisabled(false); } } } diff --git a/app/core/src/main/java/stirling/software/SPDF/config/OpenApiConfig.java b/app/core/src/main/java/stirling/software/SPDF/config/OpenApiConfig.java index 78d2a3d2b..a00d40e7e 100644 --- a/app/core/src/main/java/stirling/software/SPDF/config/OpenApiConfig.java +++ b/app/core/src/main/java/stirling/software/SPDF/config/OpenApiConfig.java @@ -50,7 +50,7 @@ public class OpenApiConfig { .url("https://www.stirlingpdf.com") .email("contact@stirlingpdf.com")) .description(DEFAULT_DESCRIPTION); - if (!applicationProperties.getSecurity().getEnableLogin()) { + if (!applicationProperties.getSecurity().isEnableLogin()) { return new OpenAPI().components(new Components()).info(info); } else { SecurityScheme apiKeyScheme = diff --git a/app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertWebsiteToPDF.java b/app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertWebsiteToPDF.java index c35aa0282..7e471adc4 100644 --- a/app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertWebsiteToPDF.java +++ b/app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertWebsiteToPDF.java @@ -71,7 +71,7 @@ public class ConvertWebsiteToPDF { URI location = null; HttpStatus status = HttpStatus.SEE_OTHER; - if (!applicationProperties.getSystem().getEnableUrlToPDF()) { + if (!applicationProperties.getSystem().isEnableUrlToPDF()) { location = uriComponentsBuilder .queryParam("error", "error.endpointDisabled") diff --git a/app/core/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java b/app/core/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java index 2b36f95af..c031e3baf 100644 --- a/app/core/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java +++ b/app/core/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java @@ -84,8 +84,8 @@ public class HomeWebController { @ResponseBody @Hidden public String getRobotsTxt() { - Boolean allowGoogle = applicationProperties.getSystem().getGooglevisibility(); - if (Boolean.TRUE.equals(allowGoogle)) { + boolean allowGoogle = applicationProperties.getSystem().isGooglevisibility(); + if (allowGoogle) { return "User-agent: Googlebot\nAllow: /\n\nUser-agent: *\nAllow: /"; } else { return "User-agent: Googlebot\nDisallow: /\n\nUser-agent: *\nDisallow: /"; diff --git a/app/core/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java b/app/core/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java index d0a61a815..da352cf36 100644 --- a/app/core/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java +++ b/app/core/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java @@ -42,9 +42,7 @@ public class MetricsController { @PostConstruct public void init() { - Boolean metricsEnabled = applicationProperties.getMetrics().getEnabled(); - if (metricsEnabled == null) metricsEnabled = true; - this.metricsEnabled = metricsEnabled; + metricsEnabled = applicationProperties.getMetrics().isEnabled(); } @GetMapping("/status") diff --git a/app/core/src/test/java/stirling/software/SPDF/controller/web/HomeWebControllerTest.java b/app/core/src/test/java/stirling/software/SPDF/controller/web/HomeWebControllerTest.java index 89e530160..07a9ef58f 100644 --- a/app/core/src/test/java/stirling/software/SPDF/controller/web/HomeWebControllerTest.java +++ b/app/core/src/test/java/stirling/software/SPDF/controller/web/HomeWebControllerTest.java @@ -119,7 +119,7 @@ class HomeWebControllerTest { @Test @DisplayName("googlevisibility=true -> allow all agents") void robots_allow() throws Exception { - when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(Boolean.TRUE); + when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(true); mockMvc.perform(get("/robots.txt")) .andExpect(status().isOk()) @@ -136,7 +136,7 @@ class HomeWebControllerTest { @Test @DisplayName("googlevisibility=false -> disallow all agents") void robots_disallow() throws Exception { - when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(Boolean.FALSE); + when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(false); mockMvc.perform(get("/robots.txt")) .andExpect(status().isOk()) @@ -151,9 +151,9 @@ class HomeWebControllerTest { } @Test - @DisplayName("googlevisibility=null -> disallow all (default branch)") - void robots_disallowWhenNull() throws Exception { - when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(null); + @DisplayName("googlevisibility not set (default false) -> disallow all") + void robots_disallowWhenNotSet() throws Exception { + when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(false); mockMvc.perform(get("/robots.txt")) .andExpect(status().isOk()) diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java index b78556bf9..25fd2b6a5 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java @@ -126,7 +126,7 @@ public class AccountWebController { SAML2 saml2 = securityProps.getSaml2(); if (securityProps.isSaml2Active() - && applicationProperties.getSystem().getEnableAlphaFunctionality() + && applicationProperties.getSystem().isEnableAlphaFunctionality() && applicationProperties.getPremium().isEnabled()) { String samlIdp = saml2.getProvider(); String saml2AuthenticationPath = "/saml2/authenticate/" + saml2.getRegistrationId(); diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java index aceb3b712..f0794ff6d 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java @@ -125,7 +125,7 @@ public class SecurityConfiguration { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - if (securityProperties.getCsrfDisabled() || !loginEnabledValue) { + if (securityProperties.isCsrfDisabled() || !loginEnabledValue) { http.csrf(CsrfConfigurer::disable); } @@ -146,7 +146,7 @@ public class SecurityConfiguration { .addFilterAfter(rateLimitingFilter(), UserAuthenticationFilter.class) .addFilterAfter(firstLoginFilter, UsernamePasswordAuthenticationFilter.class); - if (!securityProperties.getCsrfDisabled()) { + if (!securityProperties.isCsrfDisabled()) { CookieCsrfTokenRepository cookieRepo = CookieCsrfTokenRepository.withHttpOnlyFalse(); CsrfTokenRequestAttributeHandler requestHandler = diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java index 19e300585..c60c5e2d9 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java @@ -27,7 +27,7 @@ class AppUpdateAuthService implements ShowAdminInterface { if (!showUpdate) { return showUpdate; } - boolean showUpdateOnlyAdmin = applicationProperties.getSystem().getShowUpdateOnlyAdmin(); + boolean showUpdateOnlyAdmin = applicationProperties.getSystem().isShowUpdateOnlyAdmin(); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null || !authentication.isAuthenticated()) { return !showUpdateOnlyAdmin;