main v8.2.1 minor updates & fixes

.github/workflows/test-install.yml

@@ -21,29 +21,30 @@ on:
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel
 jobs:
-  # ubuntu18 was unstable at github (2022-07-06 - 2022-07-11)
-  # test_ubuntu_18:
-  #   name: test build on ubuntu_18
-  #   runs-on: ubuntu-18.04
+  # # ubuntu18 was unstable at github (2022-07-06 - 2022-07-11)
+  # # does not seem to be supported by hithub anymore (2024-05-01)
+
+  # test_ubuntu_20:
+  #   name: test build on ubuntu_20
+  #   runs-on: ubuntu-20.04
   #   steps:
   #   - uses: actions/checkout@v3
   #   - name: do test install in case of merged pull request
-  #     run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e run_on_github=yes --skip-tags test site.yml -K
-
-  test_ubuntu_20:
-    name: test build on ubuntu_20
-    runs-on: ubuntu-20.04
-    steps:
-    - uses: actions/checkout@v3
-    - name: do test install in case of merged pull request
-      run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e run_on_github=yes site.yml -K
-#      run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e run_on_github=yes --skip-tags test site.yml -K
+  #     run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e force_install=true site.yml -K
 
   # test_ubuntu_22:
   #   name: test build on  ubuntu_22
   #   runs-on: ubuntu-22.04
   #   steps:
   #   - uses: actions/checkout@v3
   #   - name: do test install in case of merged pull request
-  #     run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e run_on_github=yes site.yml -K
-      # run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e run_on_github=yes --skip-tags test site.yml -K
+  #     run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e force_install=true site.yml -K
+
+  test_ubuntu_latest:
+    name: test build on ubuntu latest
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: do test install in case of merged pull request
+      run: cd /home/runner/work/firewall-orchestrator/firewall-orchestrator && ansible-playbook -e force_install=true site.yml -K
+

documentation/revision-history-develop.md

@@ -202,3 +202,6 @@ bugfix release:
 - fix demo managements (change import from deactivated to activated - does not affect test managements)
 - upgrade to dotnet 8.0
 - adding all imported modelling users to uiuser
+
+# 8.2.1 - xx.05.2024 DEVELOP
+- fix misleading login error message when authorisation is missing

inventory/group_vars/all.yml

@@ -1,5 +1,5 @@
 ### general settings
-product_version: "8.2"
+product_version: "8.2.1"
 ansible_user: "{{ lookup('env', 'USER') }}"
 ansible_become_method: sudo
 ansible_python_interpreter: /usr/bin/python3
@@ -22,7 +22,6 @@ sample_hostname: "{{ groups['sampleserver'].0 }}"
 #   upgrade       - installs on top of an existing system preserving any existing data in ldap, database, api
 installation_mode: new
 install_syslog: true
-run_on_github: false
 add_demo_data: true
 api_docu: false
 force_install: false

roles/common/tasks/main.yml

@@ -1,11 +1,10 @@
   - block: 
 
-    - name: assert ansible version gt 2.13
+    - name: assert ansible version gt 2.12
       fail:
         msg: Ansible 2.13 or above is required
       when: ansible_version.full is version('2.13', '<')
 
-
     - name: check for existing main config file {{ fworch_conf_file }}
       stat:
         path: "{{ fworch_conf_file }}"
@@ -93,23 +92,10 @@
             - There are upgradable OS packages available, please run OS upgrade before running FWORCH installer. 
             - Use "-e force_install=true" to overwrite this check and install anyway at your own risk.
       when: |
-        not force_install|bool and not run_on_github|bool and
+        not force_install|bool and
         (ansible_facts['distribution'] == "Ubuntu" or ansible_facts['distribution'] == "Debian") and
         upgradable_packages.stdout_lines|length > 1
 
-
-    # - name: fix grub-efi (for github actions)
-    #   apt:
-    #     upgrade: dist
-    #     update_cache: true
-    #   when: ansible_facts['distribution'] == "Ubuntu" or ansible_facts['distribution'] == "Debian" and run_on_github|bool
-
-    # - name: update operating system packages .deb based (for github actions)
-    #   apt:
-    #     upgrade: dist
-    #     update_cache: true
-    #   when: ansible_facts['distribution'] == "Ubuntu" or ansible_facts['distribution'] == "Debian" and run_on_github|bool
-
     - name: update operating system packages .rpm based (untested)
       yum:
         upgrade: dist

roles/database/files/sql/idempotent/fworch-texts.sql

@@ -273,6 +273,8 @@ INSERT INTO txt VALUES ('permissions_text',		'German', 	'Ihre Berechtigungen wur
 INSERT INTO txt VALUES ('permissions_text',		'English', 	'Your permissions have been changed. Re-login to update your permissions.');
 INSERT INTO txt VALUES ('login_importer_error',	'German', 	'Nutzer mit der Rolle "Importer" dürfen sich nicht an der Benutzeroberfläche anmelden. Diese Rolle dient einzig dem Importieren von eingebundenen Geräten.');
 INSERT INTO txt VALUES ('login_importer_error',	'English', 	'Users with role "importer" are not allowed to log into the user interface. The only purpose of this role is to import included devices.');
+INSERT INTO txt VALUES ('not_authorized',	    'German', 	'Authentisierung OK, aber keine Berechtigung/Authorisierung vorhanden.');
+INSERT INTO txt VALUES ('not_authorized',	    'English', 	'Authentication succeeded, but not authorized.');
 
 -- navigation
 INSERT INTO txt VALUES ('reporting', 			'German',	'Reporting');
@@ -5747,11 +5749,11 @@ INSERT INTO txt VALUES ('H9011', 'English', 'An application is - from the perspe
 INSERT INTO txt VALUES ('H9021', 'German',  'Verbindungen sind die Hauptbestandteile des Kommunikationsprofils. Es wird zwischen verschiedenen Arten von Verbindungen unterschieden:');
 INSERT INTO txt VALUES ('H9021', 'English', 'Connections are the main components of the communication profile. There are different types of connections:');
 INSERT INTO txt VALUES ('H9022', 'German',  'Schnittstellen: Sie dienen in erster Linie der Modellierung von (aus Sicht der Applikation) externen Verbindungen oder der Bündelung interner Objekte.
-    Es müssen in der Applikation neben dem Dienst entweder Quelle oder Ziel definiert werden. Die Schnittstellen werden in den anderen Applikationen
-    zur Auswahl angeboten und können dort in der Definition von eigenen Verbindungen verwendet werden.
+    Es müssen in der Applikation neben dem Dienst entweder Quelle oder Ziel definiert werden. Die Schnittstellen können durch Setzen des entsprechendenn Häkchens veröffentlicht und dadurch in den anderen Applikationen
+    zur Auswahl angeboten werden. Sie können dann dort in der Definition von eigenen Verbindungen verwendet werden.
 ');
 INSERT INTO txt VALUES ('H9022', 'English', 'Interfaces: They serve primarily the modelling of (relative to the application) external connections or the bundling of internal objects.
-    Besides the service either source or destination have to be defined in the application. The interfaces are offered to other applications to use
+    Besides the service either source or destination have to be defined in the application. The interfaces can be published by setting the respective flag and are then offered to other applications to use
     them in the definition of own connections.
 ');
 INSERT INTO txt VALUES ('H9023', 'German',  'Standard: Zentrale Objekte zur Modellierung der Kommunikationsverbindungen. Dabei müssen Quelle, Dienst und Ziel aus den in der Bibliothek 
@@ -5810,3 +5812,31 @@ INSERT INTO txt VALUES ('H9043', 'German',  'Dienstgruppen: In Dienstgruppen k&o
 INSERT INTO txt VALUES ('H9043', 'English', 'Service Groups: Simple services can be bundled in Service Groups. A name has to be given to them, comments can be added.
     Again definition can be done by the modeller, but also Service Groups predefined by the administrator can be used.
 ');
+INSERT INTO txt VALUES ('H9051', 'German',  'Beantragung neuer Schnittstellen: Wenn externe Schnittstellen von anderen Applikationen benötigt werden, können diese über die entsprechende Schaltfläche in der Bibliothek beantragt werden.
+    <ul>
+        <li>Es erscheint ein Dialog, in dem die externe Applikation ausgew&auml;hlt und eine Begr&uuml;ndung eingetragen werden m&uuml;ssen, sowie das H&auml;kchen, ob die Schnittstelle als Quelle oder Ziel genutzt werden soll.</li>
+        <li>Beim Abschicken der Anforderung wird
+            <ul>
+                <li>bei der externen Applikation automatisch eine Dummy-Schnittstelle angelegt, die dann in der eigenen Schnittstellen-Auswahl erscheint und direkt zur Erstellung eigener Verbindungen genutzt werden kann.
+                    Sie wird in der Liste der eigenen Verbindungen mit Eintr&auml;gen "Schnittstelle angefordert" in Quelle/Ziel und Dienst als solche gekennzeichnet.</li>
+                <li>der oder die f&uuml;r die externe Applikation Verantwortlichen per Email &uuml;ber den Antrag informiert.</li>
+                <li>im Workflow-Modul ein Ticket mit dem Antrag erstellt. Je nach Konfiguration des Workflows kann hier der Auftrag abgelehnt, an andere Applikationen weitergeleitet, einzelnen Bearbeitern zugewiesen oder mit Kommentaren versehen werden.</li>
+            </ul>
+        </li>
+        <li>Wird die Schnittstelle auf der Gegenseite modelliert und ver&ouml;ffentlicht, wandelt sich auch die eigene nutzende Verbindung automatisch in eine "normale" Verbindung um, eine weiteres Eingreifen des Antragstellers ist nicht mehr notwendig.</li>
+    </ul>
+');
+INSERT INTO txt VALUES ('H9051', 'English', 'Request new interface: If external interfaces from other applications are needed, they can be requested via a button in the library.
+    <ul>
+        <li>A dialogue is displayed to select the external Application. A reason field has to be filled as well as the checkbox, if the interface should be used as source or destination.</li>
+        <li>If the request is submitted
+            <ul>
+                <li>a dummy interface is created automatically at the target application, which then appears in the own interface selection in the library and can be used for the definition of the own connection.
+                    It is marked as such by the text "Interface requested" in Source/Destination and Service in the list of own the connections.</li>
+                <li>the responsible(s) of the external Application is informed about the request by email.</li>
+                <li>a ticket in the Workflow module is created. Depending on the configuration of the workflow, the request can be rejected, forwarded to other applications, assigned to aperson in charge or commented.</li>
+            </ul>
+        </li>
+        <li>When the requested interface is modelled and published on the other side, the own using connection is changed to a "regular" connection automatically, further action is not necessary.</li>
+    </ul>
+');

roles/lib/files/FWO.Api.Client/APIcalls/modelling/updateConnectionOwner.graphql

@@ -0,0 +1,12 @@
+mutation updateConnectionOwner(
+  $id: Int!
+  $appId: Int
+  ) {
+  update_modelling_connection_by_pk(
+    pk_columns: { id: $id }
+    _set: {
+      app_id: $appId
+  }) {
+    UpdatedId: id
+  }
+}

roles/lib/files/FWO.Api.Client/APIcalls/modelling/updateConnectionPublish.graphql

@@ -0,0 +1,14 @@
+mutation updateConnectionPublish(
+  $id: Int!
+  $isPublished: Boolean
+  $isRequested: Boolean
+  ) {
+  update_modelling_connection_by_pk(
+    pk_columns: { id: $id }
+    _set: {
+      is_requested: $isRequested
+      is_published: $isPublished
+  }) {
+    UpdatedId: id
+  }
+}

roles/lib/files/FWO.Api.Client/Data/StateMatrix.cs

@@ -1,5 +1,4 @@
 using FWO.Api.Client.Queries;
-using FWO.GlobalConstants;
 using FWO.Api.Data;
 using System.Text.Json.Serialization; 
 using Newtonsoft.Json; 
@@ -20,10 +19,10 @@ public enum WorkflowPhases
     public class StateMatrix
     {
         [JsonProperty("matrix"), JsonPropertyName("matrix")]
-        public Dictionary<int, List<int>> Matrix { get; set; } = new ();
+        public Dictionary<int, List<int>> Matrix { get; set; } = [];
 
         [JsonProperty("derived_states"), JsonPropertyName("derived_states")]
-        public Dictionary<int, int> DerivedStates { get; set; } = new ();
+        public Dictionary<int, int> DerivedStates { get; set; } = [];
 
         [JsonProperty("lowest_input_state"), JsonPropertyName("lowest_input_state")]
         public int LowestInputState { get; set; }
@@ -37,7 +36,7 @@ public class StateMatrix
         [JsonProperty("active"), JsonPropertyName("active")]
         public bool Active { get; set; }
 
-        public Dictionary<WorkflowPhases, bool> PhaseActive = new Dictionary<WorkflowPhases, bool>();
+        public Dictionary<WorkflowPhases, bool> PhaseActive = [];
         public bool IsLastActivePhase = true;
         public int MinImplTasksNeeded;
 
@@ -77,7 +76,7 @@ public bool getNextActivePhase(ref WorkflowPhases phase)
 
         public List<int> getAllowedTransitions(int stateIn)
         {
-            return Matrix.ContainsKey(stateIn) ? Matrix[stateIn] : new ();
+            return Matrix.ContainsKey(stateIn) ? Matrix[stateIn] : [];
         }
 
         public int getDerivedStateFromSubStates(List<int> statesIn)
@@ -86,7 +85,7 @@ public int getDerivedStateFromSubStates(List<int> statesIn)
             {
                 return 0;
             }
-            int stateOut = 0;
+            int stateOut;
             int backAssignedState = LowestInputState;
             int initState = 0;
             int inWorkState = LowestEndState;
@@ -160,7 +159,7 @@ public int getDerivedStateFromSubStates(List<int> statesIn)
     public class GlobalStateMatrix
     {
         [JsonProperty("config_value"), JsonPropertyName("config_value")]
-        public Dictionary<WorkflowPhases, StateMatrix> GlobalMatrix { get; set; } = new ();
+        public Dictionary<WorkflowPhases, StateMatrix> GlobalMatrix { get; set; } = [];
 
 
         public async Task Init(ApiConnection apiConnection, TaskType taskType = TaskType.master, bool reset = false)
@@ -198,11 +197,11 @@ public class GlobalStateMatrixHelper
 
     public class StateMatrixDict
     {
-        public Dictionary<string, StateMatrix> Matrices { get; set; } = new Dictionary<string, StateMatrix>();
+        public Dictionary<string, StateMatrix> Matrices { get; set; } = [];
 
         public async Task Init(WorkflowPhases phase, ApiConnection apiConnection)
         {
-            Matrices = new Dictionary<string, StateMatrix>();
+            Matrices = [];
             foreach(TaskType taskType in Enum.GetValues(typeof(TaskType)))
             {
                 Matrices.Add(taskType.ToString(), new StateMatrix());

roles/lib/files/FWO.Api.Client/FWO.Api.Client.csproj

@@ -8,9 +8,9 @@
 
   <ItemGroup>
     <PackageReference Include="IPAddressRange" Version="6.0.0" />
-    <PackageReference Include="GraphQL.Client" Version="6.0.3" />
-    <PackageReference Include="GraphQL.Client.Serializer.Newtonsoft" Version="6.0.3" />
-    <PackageReference Include="GraphQL.Client.Serializer.SystemTextJson" Version="6.0.3" />
+    <PackageReference Include="GraphQL.Client" Version="6.0.5" />
+    <PackageReference Include="GraphQL.Client.Serializer.Newtonsoft" Version="6.0.5" />
+    <PackageReference Include="GraphQL.Client.Serializer.SystemTextJson" Version="6.0.5" />
     <PackageReference Include="Microsoft.AspNetCore.Components" Version="8.0.4" />
   </ItemGroup>
 

roles/lib/files/FWO.Api.Client/Queries/ModellingQueries.cs

@@ -34,6 +34,8 @@ public class ModellingQueries : Queries
         public static readonly string getCommonServices;
         public static readonly string newConnection;
         public static readonly string updateConnection;
+        public static readonly string updateConnectionOwner;
+        public static readonly string updateConnectionPublish;
         public static readonly string deleteConnection;
         public static readonly string addAppServerToConnection;
         public static readonly string removeAppServerFromConnection;
@@ -122,6 +124,8 @@ static ModellingQueries()
                 getCommonServices = connectionDetailsFragment + File.ReadAllText(QueryPath + "modelling/getCommonServices.graphql");
                 newConnection = File.ReadAllText(QueryPath + "modelling/newConnection.graphql");
                 updateConnection = File.ReadAllText(QueryPath + "modelling/updateConnection.graphql");
+                updateConnectionOwner = File.ReadAllText(QueryPath + "modelling/updateConnectionOwner.graphql");
+                updateConnectionPublish = File.ReadAllText(QueryPath + "modelling/updateConnectionPublish.graphql");
                 deleteConnection = File.ReadAllText(QueryPath + "modelling/deleteConnection.graphql");
                 addAppServerToConnection = File.ReadAllText(QueryPath + "modelling/addAppServerToConnection.graphql");
                 removeAppServerFromConnection = File.ReadAllText(QueryPath + "modelling/removeAppServerFromConnection.graphql");

roles/lib/files/FWO.Report/FWO.Report.csproj

@@ -7,7 +7,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Haukcode.WkHtmlToPdfDotNet" Version="1.5.88" />
+    <PackageReference Include="Haukcode.WkHtmlToPdfDotNet" Version="1.5.90" />
   </ItemGroup>
 
   <ItemGroup>