Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 22 15:56
    albogdano closed #280
  • Jan 22 15:56

    albogdano on master

    added delete protection for val… (compare)

  • Jan 22 14:19

    albogdano on master

    added support for uploading ava… (compare)

  • Jan 22 14:18

    albogdano on master

    added support for uploading ava… (compare)

  • Jan 21 17:32

    albogdano on master

    minor fixes around avatar uploa… (compare)

  • Jan 19 16:41

    albogdano on master

    added ImgurAvatarRepository, re… (compare)

  • Jan 19 13:37

    albogdano on master

    fixed space selection menu not … (compare)

  • Jan 18 21:11

    albogdano on master

    changed order of all spaces in … (compare)

  • Jan 18 21:06

    albogdano on master

    fixed all spaces label (compare)

  • Jan 18 20:55

    albogdano on master

    changed all spaces to be the de… (compare)

  • Jan 18 20:26
    albogdano commented #279
  • Jan 18 20:22

    albogdano on master

    fixed avatar-related tests (compare)

  • Jan 18 20:15
    albogdano commented #278
  • Jan 18 20:13
    albogdano closed #278
  • Jan 18 20:13

    albogdano on master

    Add enum for each size already … Move macro profilepic to Scoold… Fix endline and 26 more (compare)

  • Jan 18 20:12
    albogdano synchronize #278
  • Jan 18 06:50
  • Jan 18 06:50
    okanchou9 starred Erudika/scoold
  • Jan 17 16:25
    Orgise starred Erudika/scoold
  • Jan 16 08:17
    vasvl123 starred Erudika/scoold
Alex Bogdanovski
@albogdano

@pikrakpzu Hey, thanks for this! I will work on the code to address these points.

  • On the first topic: I don't think that's even possible because Scoold has a pretty strict CSP - https://cspvalidator.org/#url=https://live.scoold.com
    Security headers are also in place - https://securityheaders.com/?q=https%3A%2F%2Flive.scoold.com&followRedirects=on
    There's always room for improvement here and I will soon add filtering of the actual URLs for avatars

  • On the second topic: Scoold does not use sessions at all - it uses JWTs instead. It's a similar concept and JWTs can be made to expire after a configurable time period.
    para.session_timeout is the validity period in seconds for the auth cookie itself, para.jwt_expires_after is the validity period in seconds for the JWT token inside the auth cookie.
    Again, here we can tighten security by only allowing one valid JWT per user/browser. It should be pretty straightforward to implement this.

se-alexnsa
@se-alexnsa

yes, you need to add the plugin image as a layer on top of the Para Docker image

If I do that, do I still need to download this jar file as well:
https://github.com/Erudika/para-search-elasticsearch/releases

Alex Bogdanovski
@albogdano
@se-alexnsa no need - the dockerfile for the ES plugin will download the JAR into the lib folder next to para.jar
se-alexnsa
@se-alexnsa

great
also since mounting the volume, we no longer get indexing errors, but now instead have this error

Application run failed org.springframework.context.ApplicationContextException: Failed to start bean 'webServerStartStop'; nested exception is org.springframework.boot.web.server.WebServerException:

could this be because something has changed location now?

Perhaps something else needs to be mounted manually now as well?
Alex Bogdanovski
@albogdano
@se-alexnsa I will need to see the full stack trace to tell you what caused that exception.
se-alexnsa
@se-alexnsa
      ____  ___ _ ____ ___ _ 
     / __ \/ __` / ___/ __` /
    / /_/ / /_/ / /  / /_/ / 
   / .___/\__,_/_/   \__,_/  v1.40.1-SNAPSHOT
  /_/                        

2021-11-24 14:08:45 [INFO ] --- Para.initialize() [production] ---
2021-11-24 14:08:45 [INFO ] Loaded new DAO, Search and Cache implementations - SqlDAO, LuceneSearch and CaffeineCache.
2021-11-24 14:08:46 [INFO ] HikariPool-1 - Starting...
2021-11-24 14:08:46 [INFO ] HikariPool-1 - Start completed.
2021-11-24 14:08:51 [INFO ] Server is healthy.
2021-11-24 14:08:51 [INFO ] Found root app 'para' and 0 existing child app(s).
2021-11-24 14:08:55 [INFO ] Queue 'para-default' could not be found: software.amazon.awssdk.services.sqs.model.QueueDoesNotExistException: The specified queue does not exist for this wsdl version. (Service: Sqs, Status Code: 400, Request ID: e7c38864-0824-594a-91fd-d27c419227a6, Extended Request ID: null)
2021-11-24 14:08:55 [ERROR] null
java.util.concurrent.ExecutionException: software.amazon.awssdk.services.sqs.model.SqsException: Access to the resource https://sqs.eu-west-1.amazonaws.com/ is denied. (Service: Sqs, Status Code: 403, Request ID: 08a4be23-07df-519e-9d7e-e43b4e68cf72, Extended Request ID: null)
    at java.base/java.util.concurrent.CompletableFuture.reportGet(Unknown Source)
    at java.base/java.util.concurrent.CompletableFuture.get(Unknown Source)
    at com.erudika.para.queue.AWSQueueUtils.createQueue(AWSQueueUtils.java:95)
    at com.erudika.para.queue.AWSQueue.getUrl(AWSQueue.java:89)
    at com.erudika.para.queue.AWSQueue.startPolling(AWSQueue.java:65)
    at com.erudika.para.ParaServer.initialize(ParaServer.java:157)
    at com.erudika.para.ParaServer.runAsJAR(ParaServer.java:423)
    at com.erudika.para.ParaServer.main(ParaServer.java:432)
    at com.erudika.para.Run.main(Run.java:26)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.base/java.lang.reflect.Method.invoke(Unknown Source)
    at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
    at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
    at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
    at org.springframework.boot.loader.PropertiesLauncher.main(PropertiesLauncher.java:467)
Caused by: software.amazon.awssdk.services.sqs.model.SqsException: Access to the resource https://sqs.eu-west-1.amazonaws.com/ is denied. (Service: Sqs, Status Code: 403, Request ID: 08a4be23-07df-519e-9d7e-e43b4e68cf72, Extended Request ID: null)
    at software.amazon.awssdk.services.sqs.model.SqsException$BuilderImpl.build(SqsException.java:95)
    at software.amazon.awssdk.services.sqs.model.SqsException$BuilderImpl.build(SqsException.java:55)
    at software.amazon.awssdk.protocols.query.internal.unmarshall.AwsXmlErrorUnmarshaller.unmarshall(AwsXmlErrorUnmarshaller.java:99)
    at software.amazon.awssdk.protocols.query.unmarshall.AwsXmlErrorProtocolUnmarshaller.handle(AwsXmlErrorProtocolUnmarshaller.java:102)
    at software.amazon.awssdk.protocols.query.unmarshall.AwsXmlErrorProtocolUnmarshaller.handle(AwsXmlErrorProtocolUnmarshaller.java:82)
    at software.amazon.awssdk.core.http.MetricCollectingHttpResponseHandler.lambda$handle$0(MetricCollectingHttpResponseHandler.java:52)
    at software.amazon.awssdk.core.internal.util.MetricUtils.measureDurationUnsafe(MetricUtils.java:64)
    at software.amazon.awssdk.core.http.MetricCollectingHttpResponseHandler.handle(MetricCollectingHttpResponseHandler.java:52)
    at software.amazon.awssdk.core.internal.http.async.AsyncResponseHandler.lambda$prepare$0(AsyncResponseHandler.java:89)
    at java.base/java.util.concurrent.CompletableFuture$UniCompose.tryFire(Unknown Source)
    at java.base/java.util.concurrent.CompletableFuture.postComplete(Unknown Source)
    at java.base/java.util.concurrent.CompletableFuture.complete(Unknown Source)
    at software.amazon.awssdk.core.internal.http.async.AsyncResponseHandler$BaosSubscriber.onC
at the top, it says a sqs queue is missing (para-default?), but we've never needed to make a queue before in order to get it working
Alex Bogdanovski
@albogdano
@se-alexnsa do you set para.webhooks_enabled = true or para.q = "sqs" anywhere in your configuration?
se-alexnsa
@se-alexnsa
this only is appearing after mounting the volume, so I wondered if I have to now manually mount other things as well
I'll check...
Yes, para.webhooks_enabled = true is set in para application.conf
Alex Bogdanovski
@albogdano
ok, please set para.q = "LocalQueue"
then restart Para
se-alexnsa
@se-alexnsa
ok
and this will still work ok in AWS Fargate?
Alex Bogdanovski
@albogdano
yes, most certainly
se-alexnsa
@se-alexnsa
should i also remove para.webhooks_enabled = true , or set it to false instead?
Alex Bogdanovski
@albogdano
you can keep the webhooks enabled if you are using them but otherwise I would advise you to disable them for extra security
se-alexnsa
@se-alexnsa
I have tried it i.e. set para.q = "LocalQueue" and restarted para, but the same error about a missing queue remains
Alex Bogdanovski
@albogdano
@se-alexnsa hm, strange - how about para.q = "local"?
you may want to update Para to 1.41.3
se-alexnsa
@se-alexnsa
ok great it works now thanks
Alex Bogdanovski
@albogdano
@se-alexnsa great! I'm glad I could help.
se-alexnsa
@se-alexnsa
What do we need to do to resolve this error?
Invalid JWT found in cookie scoold-auth
Alex Bogdanovski
@albogdano
@se-alexnsa Are you using ParaIO.com?
se-alexnsa
@se-alexnsa
no
Alex Bogdanovski
@albogdano
hm, I don't exactly know what causes that.. does it happen often?
make sure you're not running the unstable :latest Scoold image
se-alexnsa
@se-alexnsa
we're using scoold-pro:latest_stable
Alex Bogdanovski
@albogdano
ok, when does the error occur and for which authentication provider?
also make sure you are not running the :latest Para image either
it is currently unstable
use tag :v1.41.3
se-alexnsa
@se-alexnsa

yes we are using para:v1.41.3 as well
the Invalid JWT found in cookie scoold-auth error occurs when I imported a database zip file, then when I try to navigate away to a different page in the app, it brings me back to login page saying authentication has failed. I click to log in, and then it just brings me back to the questions front page as normal

This doesn't happen when I am just going from page to page normally

Alex Bogdanovski
@albogdano
well, yes, when you restored the data everything gets overwritten and your login session is no longer valid so your existing access token is invalid and you are logged out
that is normal behavior
pikrakpzu
@pikrakpzu
@albogdano Hello! Docker image for Para v1.42.0(-base) is missing on hub.
Alex Bogdanovski
@albogdano
@pikrakpzu ah, dang it! thanks for letting me know - it will be there in a few minutes
pikrakpzu
@pikrakpzu
I would like to have super secure 1.47.0 Scoold Pro on my prod, but it says that Para v1.42.0 is first to go. :)
@albogdano Thanks!
Alex Bogdanovski
@albogdano
@pikrakpzu that's right, you need the latest Para for Scoold 1.47
Alex Bogdanovski
@albogdano
@pikrakpzu ok, done
se-alexnsa
@se-alexnsa
Hey there. Are there any concerns we should have regarding the log4j vulnerability issues when it comes to this application?
Alex Bogdanovski
@albogdano
@se-alexnsa not at all - Scoold relies on Logback for logging and Log4j-core is not used anywhere
se-alexnsa
@se-alexnsa
Great. Could you provide a dependency tree report so that we can add that to our records?
Alex Bogdanovski
@albogdano
@se-alexnsa you can print out the dependencies of Scoold with mvn dependency:tree
se-alexnsa
@se-alexnsa
I used this pom.xml https://github.com/Erudika/scoold/blob/master/pom.xml - is that ok?
and can we do this for para as well https://github.com/Erudika/para/blob/master/pom.xml
Alex Bogdanovski
@albogdano
@se-alexnsa yes, that's right
se-alexnsa
@se-alexnsa
running for scoold returned the tree fine, but running for the current para pom.xml above returned
[INFO] Scanning for projects...
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[ERROR] Child module /home/alex/secretescapes/questions/para/para-server of /home/alex/secretescapes/questions/para/pom.xml does not exist @ 
[ERROR] Child module /home/alex/secretescapes/questions/para/para-core of /home/alex/secretescapes/questions/para/pom.xml does not exist @ 
[ERROR] Child module /home/alex/secretescapes/questions/para/para-client of /home/alex/secretescapes/questions/para/pom.xml does not exist @ 
[ERROR] Child module /home/alex/secretescapes/questions/para/para-war of /home/alex/secretescapes/questions/para/pom.xml does not exist @ 
[ERROR] Child module /home/alex/secretescapes/questions/para/para-jar of /home/alex/secretescapes/questions/para/pom.xml does not exist @ 
 @ 
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]   
[ERROR]   The project com.erudika:para-parent:1.42.1-SNAPSHOT (/home/alex/secretescapes/questions/para/pom.xml) has 5 errors
[ERROR]     Child module /home/alex/secretescapes/questions/para/para-server of /home/alex/secretescapes/questions/para/pom.xml does not exist
[ERROR]     Child module /home/alex/secretescapes/questions/para/para-core of /home/alex/secretescapes/questions/para/pom.xml does not exist
[ERROR]     Child module /home/alex/secretescapes/questions/para/para-client of /home/alex/secretescapes/questions/para/pom.xml does not exist
[ERROR]     Child module /home/alex/secretescapes/questions/para/para-war of /home/alex/secretescapes/questions/para/pom.xml does not exist
[ERROR]     Child module /home/alex/secretescapes/questions/para/para-jar of /home/alex/secretescapes/questions/para/pom.xml does not exist
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
Alex Bogdanovski
@albogdano
@se-alexnsa Para has a parent pom.xml and 5 submodules, each with its own pom.xml