feat(JMX): adapt JMX view from 2.7 (#2220)

* feat: add jmx view

* chore: fix tests

* chore: add tests and adapt changes from 2.7

* chore: ui adoptions

* chore: ui adoptions

* fix: add cursor pointer to mbean-headers

* chore: explicitly check for null or undefined

* chore: revert update of jest

* chore: merge changes of master into package.json

* added CustomCsrfFilter in SecurityPermitAllConfig

* chore: fix checkstyle

Co-authored-by: Andreas Fritz <[email protected]>

Author: SteKoe

spring-boot-admin-samples/spring-boot-admin-sample-servlet/src/main/java/de/codecentric/boot/admin/SecurityPermitAllConfig.java

@@ -19,14 +19,18 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
-import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
 
+import static org.springframework.http.HttpMethod.DELETE;
+import static org.springframework.http.HttpMethod.POST;
+
 @Profile("insecure")
 @Configuration(proxyBeanMethods = false)
 public class SecurityPermitAllConfig {
@@ -39,13 +43,19 @@ public SecurityPermitAllConfig(AdminServerProperties adminServer) {
 
 	@Bean
 	protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-		http.authorizeHttpRequests((authorizeRequest) -> authorizeRequest.anyRequest().permitAll()).csrf((csrf) -> csrf
-				.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).ignoringRequestMatchers(
-						new AntPathRequestMatcher(this.adminServer.path("/instances"), HttpMethod.POST.toString()),
-						new AntPathRequestMatcher(this.adminServer.path("/instances/*"), HttpMethod.DELETE.toString()),
-						new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))));
+
+		http.authorizeHttpRequests((authorizeRequest) -> authorizeRequest.anyRequest().permitAll());
+
+		http.addFilterAfter(new CustomCsrfFilter(), BasicAuthenticationFilter.class)
+			.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+				.csrfTokenRequestHandler(new CsrfTokenRequestAttributeHandler()).ignoringRequestMatchers(
+					new AntPathRequestMatcher(this.adminServer.path("/instances"), POST.toString()),
+					new AntPathRequestMatcher(this.adminServer.path("/instances/*"), DELETE.toString()),
+					new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))
+				));
 
 		return http.build();
+
 	}
 
 }

spring-boot-admin-server-ui/.jest/jest.setup.js

@@ -1,5 +1,6 @@
 import '@testing-library/jest-dom';
-import {server} from '@/mocks/server';
+
+import { server } from '@/mocks/server';
 
 beforeAll(async () => {
   server.listen();
@@ -9,14 +10,16 @@ beforeAll(async () => {
   mockIntersectionObserver.mockReturnValue({
     observe: () => null,
     unobserve: () => null,
-    disconnect: () => null
+    disconnect: () => null,
   });
   window.IntersectionObserver = mockIntersectionObserver;
-})
+});
 
-afterAll(done => {
+afterAll((done) => {
   setTimeout(() => {
     server.close();
     done();
   }, 500);
-})
+});
+
+afterEach(() => server.resetHandlers());