Category Archives: Programming

SpringBoot creating UserDetailsService authentication

There are plenty of online tutorials showing how to create database-based authentication for Spring. Some of them use SQL query to authenticate user and retrieve its roles, some use DAO… but none of them worked well for me and all of them had some major problems, even like SQL Injection. So, in this post I will explain my approach and present final solution with a database (MySQL), User and Role class and UserDetailsService implementation.

The goal is to create basic webpage with login form and signup form (which includes fields validation) that handles different roles. Then, you and me can use it as a template project.

This tutorial doesn’t include steps how to setup your IDE and build environment. We’re going straight to code, and I will try to avoid as much boilterplate as possible, so the code won’t include getters and setters. If you still write them by hand, time to learn about Lombok project (which I use here) or any other code generator.

Continue reading

Gradle – up-to-date and secure dependencies

Everyone knows it’s important to keep dependencies up to date. The risks of not updating them are very often high: you risk losing your data or data of your customers, being part of a botnet or simply getting hacked by script kiddies replacing your frontpage with something shameful.
Not everyone knows how easy it is to keep your dependencies up to date with gradle. Both gradle and maven have plugins to check for updates in your list of dependencies.

This post quickly shows how to use one of them in gradle and check if your dependencies have reported vulnerabilities.

First gradle plugin you want to check out is gradle-versions-plugin. It’s used only to find updates. Installation and usage is very simple. Just add this block to your build.gradle file

plugins {
    id 'com.github.ben-manes.versions' version '0.14.0'
}

Now, when you run:

./gradlew dependencyUpdates

You will get a list of available updates:

The second plugin you should use is dependency-check. It checks if current versions of dependencies you use were reported with a vulnerability to NVD.
Installation is again, really simple, just modify your build.gradle to include the following:

buildscript {
  repositories {
     mavenCentral()
  }
  dependencies {
     classpath 'org.owasp:dependency-check-gradle:1.4.5'
  }
}
 
apply plugin: 'org.owasp.dependencycheck'

and when ready, run:

./gradlew dependencyCheck

Unfortunately, this process is time consuming, the more dependencies you have, the longer break you can take now.

Be safe out there!

Spring Boot – multi-database setup

To be able to access two databases in SpringBoot you must define two data sources. In my case I had one database for identity details of users, like username, name, email, address etc. and second database for everything else.

You have to define one @Configuration class for each database and each class will wired its own datasource to services (like JpaRepository or CrudRepository) to defined packages.

Continue reading

Test coverage on GitLab CI in a rust-cargo project

This topic presents who to setup kcov with cargo to get a test coverage for a cargo project, so I just assume you got kcov working in your Linux distribution and you have a project with source code and tests that you can run. I also assume you have gitlab-ci-multi-runner installed. So I will just quickly present who to configure it to use with GitLab CI to get test coverage badge in your new project.

I use my own CI runner, I’m not using shared runners or docker for it. So it’s pretty straightforward, your configuration will differ a bit.

Continue reading

Rust – get user’s home directory

fn main() {
  let mut path: PathBuf = get_app_dir();
  path.push(".config");
  path.set_file_name("properties");
  path.set_extension("ini");
  let str_path = path.to_str().unwrap();
  if str_path.len() != 0 && path_exists(&path) {
    println!("Path {} exists", str_path);
  }
}
 
fn get_app_dir() -> PathBuf {
    let dir: PathBuf = match env::home_dir() {
        Some(path) => PathBuf::from(path),
        None => PathBuf::from(""),
    };
    dir
}
 
pub fn path_exists(path: &PathBuf) -> bool {
    return Path::new(&path).exists();
}

XXX loves opensource…

…that’s why we published our product on OSI-compatible license! We <3 open-source!

Well, does Microsoft/Google/Apple/Netflix/XXX really love open-source?

No, they don’t. In fact they do more to extinguish open source by fighting them with patent wars, you don’t hear about, developing DRM, you hear about when it’s too late and dropping support for some key-products on open source platforms. Skype on Linux, anyone? Google Drive client on Linux? DRM enabled by default in browsers, anyone?

Continue reading

Setting up SonarQube for Android Gradle project to improve code quality

I’m working on a new Android project which I inherited. Well, I forked it because I didn’t feel welcomed to contribute to the project and I see a lot of places where improvements are needed.

First, I need to improve the codebase. Previous developers didn’t care about any Java coding guidelines from Oracle, Google, CERT or even Android. Some of the problems I have to solve now are:

  • inconsistent style
  • catch (Exception e){}
  • catch(Throwable e){}
  • ArrayList<Object> list = new ArrayList<String>()
  • complex methods – if {switch {for {if {else {}}}}
  • new Thread().start()

To quickly start clean-up and identify those problems, different static code analysis tools can be used; one of them is SonarQube.

Continue reading

Choose GitLab for your next open source project

GitLab.com is a competitor of Github. It’s a service provider for git-based source code repositories that offers much more than it’s bigger brother. In this post I will try to convince you to try it out for your next project.

GitLab is not only a simple git hosting; its features impact the whole development process, the way of contributing to a project, executing and running tests, protecting source code from changes, more and more.

gitlab-logo-square Continue reading

JHLabs for Android

My major project in Java (Android) involved image manipulation where I used JHLabs. I found there was no easy way to add JHLabs support for Android without extracting sources and manually adding them to the project. So there it is now:
https://gitlab.com/agilob/JHLabs_android

It’s compatible with gradle build system, so you can easily add it to your gradle project.

To use it in your project:

  1. Go to the main folder of your application
  2. mkdir third_party
  3. Edit settings.gradle and add this line
    include 'third_party:jhlabs2'
  4. Add this line to your dependencies:
    compile project(':third_party:jhlabs2')
  5. It should be done now!

You can see it working in my project!

[Java] – Regular expression to match IPv4 address

I saw such question on SO. There was no solution with RegEx so… I was bored I think.

public static boolean isValid(String ip) {
    boolean isvalid;
 
    isvalid = ip.matches(
            "(([0-9]|[0-9]{0,2}|1[0-9]*{0,2}|2[0-5][0-5]|0{0,3}).){3}" +
             "([0-9]|[0-9]{0,2}|1[0-9]*{0,2}|2[0-5][0-5]|0{0,3})"
    );
 
    return isvalid;
}

Continue reading

How to work with SQL in C++ and Qt

You can work with SQL queries in Qt and SQL in many different ways, here I will show you how I came up with a working method. To keep things simple, I am not going to use any UI to print or edit queries. It will be just source code and stdout, as a database engine I will use SQLite3.

After you created your project, edit project.pro and locate line:

QT       += core

Modify this line by adding `sql`:

QT       += core sql

Since now, when you compile your project, QtSql module will be linked to the project:

g++ -Wl,-O1 -Wl,-O1,--sort-common,--as-needed,-z,relro -o QtSql main.o   -lQt5Sql -lQt5Core -lpthread

Continue reading

Copy one table from one database to another and replace values in one of the columns

This blog is also available in .onion domain. Both blogs have different databases, DB users and passwords, different WordPress configurations, and as a result, they have different data in DB column.

After publishing a new post here, I do not want to manually copy posts from here to there and I want images from b.agilob.net to be available in .onion to avoid any clearnet connections. To do so, the content of each post must be scanned for ‘/‘ and this string must be replaced with ‘http://agiloblulimjeqlq.onion/‘.

Continue reading

Use clang as default compiler for Qt projects

There are two ways to set clan as your default compiler in Qt-Creator. One way will set LLVM as default in Qt-Creator for you only and the other one will set LLVM as default for your project, so everyone cloning/forking your repo will use clang too. If you want clang as default only for you, go in Qt-Creator to Tools -> Options -> Build & Run -> Kits select your default kit, I have `Desktop` and set Compiler to CLang. Continue reading

Static code analysis in QtCreator with CppCheck

Just a simple tutorial to show you how to add static code analysis plugin in QtCreator on Liunx.
Start by downloading plugin dedicated to QtCreator from here.

Unpack .zip and you will get two directories which you have to copy to /usr/lib/qtcreator/plugins/. You can copy only libQtcCppcheck.so, if you don’t need Russian translation.

cp lib/qtcreator/plugins/libQtcCppcheck.so /usr/lib/qtcreator/plugins/

Continue reading