Release v2.13.1

.github/workflows/php.yml

@@ -12,24 +12,13 @@ jobs:
       MYSQL_ROOT_PASSWORD: root
       MYSQL_USER: sqlmonarcuser
       MYSQL_PASSWORD: password
+      MYSQL_VERSION: 10.6.18
 
     steps:
     - uses: actions/checkout@v1
 
-    #- name: Shutdown Ubuntu MySQL (SUDO)
-      #run: sudo service mysql stop
-
-    #- name: Start MariaDB and create databases
-      #uses: getong/[email protected]
-      #with:
-        #host port: $MYSQL_HOST_PORT
-        #mysql database: $MYSQL_DATABASE # Optional, default value is "test". The specified database which will be create
-        #mysql root password: $MYSQL_ROOT_PASSWORD # Required if "mysql user" is empty, default is empty. The root superuser password
-        #mysql user: $MYSQL_USER # Required if "mysql root password" is empty, default is empty. The superuser for the specified database. Can use secrets, too
-        #mysql password: $MYSQL_PASSWORD # Required if "mysql user" exists. The password for the "mysql user"
-
-    - name: Start MySQL (SUDO)
-      run: sudo service mysql start
+    - name: Shutdown Ubuntu MySQL (SUDO)
+      run: sudo service mysql stop
 
     - name: Setup PHP
       uses: shivammathur/setup-php@v2
@@ -57,6 +46,19 @@ jobs:
     - name: Set MONARC configuration file
       run: cp ./config/autoload/local.php.dist ./config/autoload/local.php
 
+    - name: Start MariaDB and create databases
+      uses: getong/[email protected]
+      with:
+        host port: $MYSQL_HOST_PORT
+        mariadb version: $MYSQL_VERSION # Optional, default value is "latest". The version of the MariaDB
+        mysql database: $MYSQL_DATABASE # Optional, default value is "test". The specified database which will be create
+        mysql root password: $MYSQL_ROOT_PASSWORD # Required if "mysql user" is empty, default is empty. The root superuser password
+        mysql user: $MYSQL_USER # Required if "mysql root password" is empty, default is empty. The superuser for the specified database. Can use secrets, too
+        mysql password: $MYSQL_PASSWORD # Required if "mysql user" exists. The password for the "mysql user"
+
+    - name: Shutdown Ubuntu MySQL (SUDO)
+      run: sudo service mysql start
+
     - name: Creating and populating databases
       run: |
         mysql -u root -p$MYSQL_ROOT_PASSWORD -P $MYSQL_HOST_PORT -e "CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;"
@@ -67,6 +69,7 @@ jobs:
         mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_HOST_PORT $MYSQL_DATABASE < db-bootstrap/monarc_structure.sql
         mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_HOST_PORT $MYSQL_DATABASE < db-bootstrap/monarc_data.sql
 
+
     - name: Upgrading databases
       run: |
         ./vendor/robmorgan/phinx/bin/phinx migrate -c ./module/Monarc/Core/migrations/phinx.php

AUTHORS

@@ -3,7 +3,7 @@
 Cédric Bonhomme - https://www.cedricbonhomme.org
 Jérôme Lombardi - https://github.com/jerolomb
 Juan Rocha - https://github.com/jfrocha
-Ruslan Baidan - https://github.com/ruslanbaydan
+Ruslan Baidan - https://github.com/ruslanbaidan
 
 
 # Contributors
@@ -22,11 +22,11 @@ Thomas Metois
 
 # Copyright holders
 
-- Copyright (C) 2016-2023 Jérôme Lombardi - https://github.com/jerolomb
-- Copyright (C) 2016-2023 Juan Rocha - https://github.com/jfrocha
-- Copyright (C) 2016-2023 Luxembourg House of Cybersecurity
-- Copyright (C) 2017-2023 Cédric Bonhomme - https://www.cedricbonhomme.org
+- Copyright (C) 2016-2024 Luxembourg House of Cybersecurity
+- Copyright (C) 2016-2024 Jérôme Lombardi - https://github.com/jerolomb
+- Copyright (C) 2016-2024 Juan Rocha - https://github.com/jfrocha
+- Copyright (C) 2017-2024 Cédric Bonhomme - https://www.cedricbonhomme.org
+- Copyright (C) 2019-2024 Ruslan Baidan - https://github.com/ruslanbaidan
 - Copyright (C) 2016-2017 Guillaume Lesniak
 - Copyright (C) 2016-2017 Thomas Metois
 - Copyright (C) 2016-2017 Jérôme De Almeida
-- Copyright (C) 2019-2023 Ruslan Baidan - https://github.com/ruslanbaidan

CHANGELOG.md

@@ -1,6 +1,33 @@
 MONARC Changelog
 ================
 
+## 2.13.1 (2024-10-07)
+
+### Enhancement
+
+- Refactored backend code. It includes the following changes points: 
+  - Removed the relying on the abstraction and sharing the same methods execution of services.
+  - Implemented the single responsibility approach to the entities.I
+  - Added the filtering functionality to process the incoming get requests data and prepare them for the filter and sort queries.
+  - Added the data validation at first place. Before the post, put, patch and delete requests data are passed to the services, they are validated.
+  - Removed the dependency on the abstract table common methods, where the entities positions were processed, and some specific code run.
+  - Implemented the common approach, not resources/time consuming, of the entities positioning based on interfaces and traits.
+  - Optimised the export and import functionality to be clean and fast.
+  - Added a common place to validate the analysis access and endpoints permissions before the controllers’ actions are reached. The Middleware passed an anr object to the actions automatically as an attribute.
+  - Restructured the components and code parts of the application for the based on responsibilities, relations and to be more clear.
+  - Removed many deprecated code parts and cleaned up the deprecated columns in the DB tables.
+  - Improved some DB indexes and renamed tables, columns to be more clear on the names.
+  - Added some first unit tests as a starting point for the full coverage.
+  - **Not refactored parts are the following**: `Questions`, `QuestionsChoices`, `Guide`, `Interviews`, `ROPA`, `Deliverable`.
+
+### User stories
+- Added possibility to export risk analysis with Knowledge Base (KB) and/or Assets Library (AL). That allows to optionally export all the KB a AL data without having the analysis modelling started. This is needed for sharing models between FrontOffices or update AL or KB with new versions of the structures.
+- Changed the export format of JSON export file to reduce its size and be similar to the api endpoints responses and the projects structures views. An old data converter is implemented for the backward compatibility.
+- Significantly improved the import time and made it always consistent. In case of import issues the data are not inserted, there are saved in the DB only at the end of the process (transactional approach).
+- Removed extra user’s information from password reset response and removed the endpoint access by the other users (points 5.1.1, 5.1.2).
+- Restricted analysis creation based on the models that are not available for the client by manually faking the request (point 5.2.3).
+- [Fixed the password change](https://github.com/monarc-project/MonarcAppFO/discussions/523).
+
 
 ## 2.12.7 (2023-10-25)
 

README.md

@@ -75,14 +75,14 @@ License
 This software is licensed under
 [GNU Affero General Public License version 3](http://www.gnu.org/licenses/agpl-3.0.html)
 
-- Copyright (C) 2016-2023 Luxembourg House of Cybersecurity
-- Copyright (C) 2016-2023 Jérôme Lombardi - https://github.com/jerolomb
-- Copyright (C) 2016-2023 Juan Rocha - https://github.com/jfrocha
-- Copyright (C) 2017-2023 Cédric Bonhomme - https://www.cedricbonhomme.org
+- Copyright (C) 2016-2024 Luxembourg House of Cybersecurity
+- Copyright (C) 2016-2024 Jérôme Lombardi - https://github.com/jerolomb
+- Copyright (C) 2016-2024 Juan Rocha - https://github.com/jfrocha
+- Copyright (C) 2017-2024 Cédric Bonhomme - https://www.cedricbonhomme.org
+- Copyright (C) 2019-2024 Ruslan Baidan - https://github.com/ruslanbaidan
 - Copyright (C) 2016-2017 Guillaume Lesniak
 - Copyright (C) 2016-2017 Thomas Metois
 - Copyright (C) 2016-2017 Jérôme De Almeida
-- Copyright (C) 2019-2023 Ruslan Baidan - https://github.com/ruslanbaidan
 
 For more information, [the list of authors and contributors](AUTHORS) is available.
 

VERSION.json

@@ -1 +1 @@
-{"major":2, "minor":12, "hotfix":7}
+{"major":2, "minor":13, "hotfix":1}

composer.json

@@ -41,20 +41,21 @@
         }
     ],
     "require": {
-        "php": "^7.4 || ^8.0",
+        "php": "^8.0",
         "ext-json": "*",
         "ext-pdo": "*",
         "ext-bcmath": "*",
         "ext-openssl": "*",
-        "monarc/frontoffice": "^2.12.6",
-        "monarc/core": "^2.12.6",
+        "monarc/frontoffice": "^2.13.1",
+        "monarc/core": "^2.13.1",
         "laminas/laminas-mvc": "^3.1",
         "laminas/laminas-di": "^3.1",
         "laminas/laminas-permissions-rbac": "^3.0",
         "laminas/laminas-log": "^2.11",
         "laminas/laminas-i18n": "^2.9",
         "symfony/console": "^5.0",
         "laminas/laminas-dependency-plugin": "^2.0",
+        "laminas/laminas-mvc-middleware": "^2.2",
         "robthree/twofactorauth": "^1.8",
         "endroid/qr-code": "^4.4"
     },