6c723aeb8c
Data REST was auto-exposing raw JPA repository endpoints (/appUsers, /documents, /persons, /userGroups, etc.) that completely bypass the @RequirePermission AOP checks — effectively making the entire database readable and writable without authentication. All API needs are covered by the custom controllers. The generated api.ts is reverted to the stub until npm run generate:api is re-run against the cleaned backend. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
173 lines
4.7 KiB
XML
173 lines
4.7 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
<modelVersion>4.0.0</modelVersion>
|
|
<parent>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-parent</artifactId>
|
|
<version>4.0.0</version>
|
|
<relativePath/> <!-- lookup parent from repository -->
|
|
</parent>
|
|
<groupId>org.raddatz</groupId>
|
|
<artifactId>familienarchiv</artifactId>
|
|
<version>0.0.1-SNAPSHOT</version>
|
|
<name>Familienarchiv</name>
|
|
<description>Backend für das Familenarchiv</description>
|
|
<url/>
|
|
<licenses>
|
|
<license/>
|
|
</licenses>
|
|
<developers>
|
|
<developer/>
|
|
</developers>
|
|
<scm>
|
|
<connection/>
|
|
<developerConnection/>
|
|
<tag/>
|
|
<url/>
|
|
</scm>
|
|
<properties>
|
|
<java.version>21</java.version>
|
|
</properties>
|
|
<dependencies>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-actuator</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-jpa</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-jdbc</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-security</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-webmvc</artifactId>
|
|
<exclusions>
|
|
<exclusion>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-tomcat</artifactId>
|
|
</exclusion>
|
|
</exclusions>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.postgresql</groupId>
|
|
<artifactId>postgresql</artifactId>
|
|
<scope>runtime</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-jetty</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-actuator-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-jpa-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-jdbc-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-security-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-webmvc-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<!-- Excel Bearbeitung (Apache POI) -->
|
|
<dependency>
|
|
<groupId>org.apache.poi</groupId>
|
|
<artifactId>poi</artifactId>
|
|
<version>5.5.0</version> <!-- Aktuellste Version -->
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.poi</groupId>
|
|
<artifactId>poi-ooxml</artifactId>
|
|
<version>5.5.0</version>
|
|
</dependency>
|
|
|
|
<!-- S3 Support für MinIO (AWS SDK v2) -->
|
|
<dependency>
|
|
<groupId>software.amazon.awssdk</groupId>
|
|
<artifactId>s3</artifactId>
|
|
<version>2.29.0</version> <!-- Oder aktuellste Stable -->
|
|
</dependency>
|
|
<!-- Nötig für AWS SDK v2 Authentifizierung -->
|
|
<dependency>
|
|
<groupId>software.amazon.awssdk</groupId>
|
|
<artifactId>auth</artifactId>
|
|
<version>2.29.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.projectlombok</groupId>
|
|
<artifactId>lombok</artifactId>
|
|
<optional>true</optional>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.flywaydb</groupId>
|
|
<artifactId>flyway-core</artifactId>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.flywaydb</groupId>
|
|
<artifactId>flyway-database-postgresql</artifactId>
|
|
</dependency>
|
|
|
|
<!-- OpenAPI / Swagger UI — enabled only in the dev Spring profile -->
|
|
<dependency>
|
|
<groupId>org.springdoc</groupId>
|
|
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
|
|
<version>3.0.2</version>
|
|
</dependency>
|
|
</dependencies>
|
|
|
|
|
|
<profiles>
|
|
<profile>
|
|
<id>dev</id>
|
|
<activation>
|
|
<activeByDefault>true</activeByDefault>
|
|
</activation>
|
|
<properties>
|
|
<spring.profiles.active>dev</spring.profiles.active>
|
|
</properties>
|
|
</profile>
|
|
<profile>
|
|
<id>prod</id>
|
|
<properties>
|
|
<spring.profiles.active></spring.profiles.active>
|
|
</properties>
|
|
</profile>
|
|
</profiles>
|
|
|
|
<build>
|
|
<plugins>
|
|
<plugin>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-maven-plugin</artifactId>
|
|
<configuration>
|
|
<profiles>
|
|
<profile>${spring.profiles.active}</profile>
|
|
</profiles>
|
|
</configuration>
|
|
</plugin>
|
|
</plugins>
|
|
</build>
|
|
|
|
</project>
|