* Display raw item state when formatting fails
With the addition of Profiles, there are situations where a Channel sends format information that
does not match the type. For example, "Timestamp on update" always sends a DateTime, but the channel
may specify a different format (e.g., if it is a battery level, "%.0f %%"). In such a case, we
attempt to format the DateTime according to the pattern, it (predictably and correctly) fails, and
this results in an error in the UI and a warning in the log.
While this is an expected error if a user uses an incorrect format code in an Item's metadata (user
error), it is somewhat unexpected if a user is choosing an option as presented in the UI. Because
this is purely a formatting issue, one solution is to direct users to add a formatting code if they
see an error. However, the disadvantage of this approach is that it doesn't work "out of the box."
This patch attempts to address the issue by displaying the raw Item state when formatting fails
instead of displaying "Err". This should provide a more balanced approach with a predictable
outcome. In addition, when a user is intentionally changing the pattern via metadata and gets it
wrong, they should still see info in the log that helps them get to the root of the problem, but
I've changed it from warn to info so it will be a little less noisy for those who choose to ignore
it.
This solution was discussed in https://github.com/openhab/openhab-core/issues/2037 and
https://community.openhab.org/t/timestamps-not-rendering-consistently-in-ui-3-0-2/121891/2
Thank you to @Rossko57 and @cweitkamp for their help in figuring it out, and in suggesting the
solution.
Signed-off-by: Brian Warner <brian@bdwarner.com>
Upgrades UoM dependencies to:
* javax.measure 2.1.2
* si-units 2.0.1
* indriya 2.1.2
An openHAB OSGi-ified si-units bundle is used as runtime dependency, because the latest si-units release is still missing proper OSGi manifest headers.
Notable changes:
* Quantity not longer implements an `equals` method, so the unit tests had to be adjusted. This should have any impact outside of the unit tests though since the rest of openHAB should be using QuantityType instead.
* RationalConverter is not package private, so instances of it much be created through the MultiplyConverter static functions.
* Quantities.getQuantity can no longer parse values without units like `100`. A workaround has been implemented.
* The unicode greek `mu` letter is now returned for unit prefixes instead of the unicode `micro` character. These characters are visually identical but the unit tests had to be adjusted. The new library seems to parse both types just fine.
Also-by: Connor Petty <mistercpp2000+gitsignoff@gmail.com>
Signed-off-by: Wouter Born <github@maindrain.net>
* New translations restauth.properties (Hebrew)
* New translations addons.properties (Hebrew)
* New translations jsonStorage.properties (Hebrew)
* New translations chart.properties (Hebrew)
* New translations DefaultSystemChannels.properties (Polish)
* New translations LanguageSupport.properties (Polish)
* New translations audio.properties (Polish)
* New translations voice.properties (Polish)
* New translations SystemProfiles.properties (Polish)
* New translations units.properties (Polish)
* New translations validation.properties (Polish)
* New translations validation.properties (Finnish)
* New translations messages.properties (Polish)
* New translations tags.properties (Polish)
* New translations firmware.properties (Polish)
* New translations chart.properties (Polish)
* New translations inbox.properties (Polish)
* New translations ephemeris.properties (Polish)
* New translations restauth.properties (Polish)
* New translations addons.properties (Polish)
* New translations persistence.properties (Polish)
* New translations jsonStorage.properties (Polish)
* New translations network.properties (Polish)
* New translations i18n.properties (Polish)
* New translations jsonStorage.properties (Finnish)
* New translations i18n.properties (Finnish)
* New translations network.properties (Finnish)
* New translations voice.properties (Dutch)
* New translations persistence.properties (Dutch)
* New translations addons.properties (Dutch)
* New translations restauth.properties (Dutch)
* New translations ephemeris.properties (Dutch)
* New translations inbox.properties (Dutch)
* New translations audio.properties (Dutch)
* New translations hli.properties (Dutch)
* New translations brokerConnectionInstance.properties (Dutch)
* New translations lsp.properties (Dutch)
* New translations jsonStorage.properties (Dutch)
* New translations chart.properties (Dutch)
* New translations i18n.properties (Dutch)
* New translations network.properties (Dutch)
* New translations DefaultSystemChannels.properties (Italian)
* New translations audio.properties (Ukrainian)
* New translations inbox.properties (Ukrainian)
* New translations restauth.properties (Ukrainian)
* New translations addons.properties (Ukrainian)
* New translations i18n.properties (Ukrainian)
* New translations network.properties (Ukrainian)
* New translations lsp.properties (Italian)
* New translations lsp.properties (German)
* New translations lsp.properties (Finnish)
* New translations lsp.properties (Hebrew)
* New translations hli.properties (German)
* New translations hli.properties (Finnish)
* New translations hli.properties (Hebrew)
* New translations hli.properties (Italian)
* New translations brokerConnectionInstance.properties (Italian)
* New translations brokerConnectionInstance.properties (Hebrew)
* New translations brokerConnectionInstance.properties (Finnish)
* New translations jsonStorage.properties (German)
* New translations jsonStorage.properties (Spanish)
* New translations network.properties (Spanish)
* New translations tags.properties (Italian)
* New translations voice.properties (Hebrew)
* New translations i18n.properties (Hebrew)
* New translations network.properties (Hebrew)
* New translations jsonStorage.properties (Hebrew)
* New translations chart.properties (Hebrew)
* New translations persistence.properties (Hebrew)
* New translations inbox.properties (Italian)
* New translations jsonStorage.properties (Finnish)
* New translations audio.properties (Finnish)
* New translations inbox.properties (Finnish)
* New translations ephemeris.properties (Finnish)
* New translations restauth.properties (Finnish)
* New translations addons.properties (Finnish)
* New translations persistence.properties (Finnish)
* New translations chart.properties (Finnish)
* New translations addons.properties (Hebrew)
* New translations voice.properties (Finnish)
* New translations i18n.properties (Finnish)
* New translations network.properties (Finnish)
* New translations audio.properties (Hebrew)
* New translations inbox.properties (Hebrew)
* New translations ephemeris.properties (Hebrew)
* New translations restauth.properties (Hebrew)
* New translations audio.properties (Italian)
* New translations ephemeris.properties (Italian)
* New translations restauth.properties (Italian)
* New translations network.properties (Italian)
* New translations addons.properties (Italian)
* New translations persistence.properties (Italian)
* New translations jsonStorage.properties (Italian)
* New translations chart.properties (Italian)
* New translations voice.properties (Italian)
* New translations i18n.properties (Italian)
* New translations i18n.properties (German)
* New translations restauth.properties (German)
* New translations addons.properties (German)
* New translations persistence.properties (German)
* New translations chart.properties (German)
* New translations voice.properties (German)
* New translations network.properties (German)
* New translations inbox.properties (German)
* New translations ephemeris.properties (German)
* New translations audio.properties (German)
* New translations voice.properties (Ukrainian)
* New translations ephemeris.properties (Ukrainian)
* New translations chart.properties (Ukrainian)
* New translations jsonStorage.properties (Ukrainian)
* New translations persistence.properties (Ukrainian)
* New translations voice.properties (German)
* [inbox] Approval with newThingId: only one segment allowed
Build of the new thing UID corrected in case newThingId is provided
Fix#2331
Signed-off-by: Laurent Garnier <lg.hc@free.fr>
Matching only on "topic.contains(channelUID)" will lead to false
positivies.
This was reported for the linuxinput binding, where pressing the "left"
key would also trigger rules for the "l" key.
The channels for these are
`linuxinput:input-device:test:keypresses#KEY_L` and
`linuxinput:input-device:test:keypresses#KEY_LEFT`
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
* New translations addons.properties (French)
* New translations audio.properties (Hebrew)
* New translations audio.properties (Hungarian)
* New translations chart.properties (Finnish)
* New translations chart.properties (French)
* New translations ephemeris.properties (Hebrew)
* New translations firmware.properties (Finnish)
* New translations i18n.properties (Hebrew)
* New translations inbox.properties (Hebrew)
* New translations jsonStorage.properties (French)
* New translations LanguageSupport.properties (Finnish)
* New translations network.properties (Hebrew)
* New translations persistence.properties (French)
* New translations persistence.properties (Hebrew)
* New translations SystemProfiles.properties (Hebrew)
* New translations tags.properties (Hebrew)
* New translations voice.properties (Hebrew)
* New translations DefaultSystemChannels.properties (Hungarian)
* New translations SystemProfiles.properties (Dutch)
* New translations SystemProfiles.properties (Hungarian)
* New translations tags.properties (French)
* New translations tags.properties (French)
* New translations DefaultSystemChannels.properties (Dutch)
* New translations DefaultSystemChannels.properties (Spanish)
* New translations DefaultSystemChannels.properties (Ukrainian)
* New translations firmware.properties (Ukrainian)
* New translations LanguageSupport.properties (Dutch)
* New translations LanguageSupport.properties (French)
* New translations LanguageSupport.properties (Ukrainian)
* New translations messages.properties (Bulgarian)
* New translations messages.properties (German)
* New translations SystemProfiles.properties (Spanish)
* New translations SystemProfiles.properties (Ukrainian)
* New translations tags.properties (German)
* New translations tags.properties (Japanese)
* New translations tags.properties (Ukrainian)
* New translations units.properties (Bulgarian)
* New translations units.properties (Czech)
* New translations units.properties (French)
* New translations units.properties (Ukrainian)
* New translations validation.properties (French)
* New translations validation.properties (Ukrainian)
* Ignore illegal thing status updates from REMOVING
Ignore illegal thing status transitions from REMOVING instead of throwing IllegalArgumentException
Signed-off-by: Björn Lange <blange@itemis.com>
Modbus TCP client to read the full modbus message, even if
fragmented/segmented.
Serial/RTU to error more clearly if all bytes are not received as
expected.
Signed-off-by: Sami Salonen <ssalonen@gmail.com>
* Added marker interface for TriggerHandler to indicate if they are time based and thus can be used to simulate execution times.
* Added marker interface for ConditionHandler to indicate, if they are time based and thus can be checked during rule execution for a certain time.
* Moved CronAdjuster to common, so it can be used for the rule simulation
* Created RuleExecutionSimulator that allows simulation of rules
* Added method in RuleManger to create simulation
* Added rest endpoint for rule simulation.
* Changed marker interface to return TemporalAdjuster instead of cron expression. This better hides the internals of the TriggerHandler (i.e. the cron expression) and is more clear and flexible for other handlers to implement
Fixes#2044Fixes#2266
Signed-off-by: Sönke Küper <soenkekueper@gmx.de>
Workaround for https://github.com/openhab/openhab-core/issues/1842.
Typically serial connections are disconnected and reconnected on IO
errors. This has turned out to be problematic with the recent
nrjavaserial updates brought by OH3 (locking behaviour of nrjavaserial
seems to be prone to deadlocks).
We workaround the issues by trying to keep the serial connection open
as long as possible.
Signed-off-by: Sami Salonen <ssalonen@gmail.com>
* Aligns compile dependencies with OSGi R7
* Aligns runtime dependencies with Karaf 4.3.1
* Fixes issues due to dependency changes:
* AudioServletTest never ending due to Jetty upgrade
* Feature resolution failing due to Karaf activation-api no longer visible
* Uses Pax Logging as runtime dependency instead of Felix Log
This dependency change makes itests and Demo App behave more like the actual distro
To change the log level in itests, change the value of org.ops4j.pax.logging.DefaultServiceLog.level in itest-include.bndrun
* Adds --add-opens and nashorn.args in itest-include.bndrun to prevent some warnings being logged in itests
Related to openhab/openhab-distro#1167
Signed-off-by: Wouter Born <github@maindrain.net>
Allows scripts to specify per-script start levels which differ from the start level for the ScriptFileWatcher itself. Also extracted some functionality from ScriptFileWatcher into distinct components & added unit tests to cover all script loading functionality.
Signed-off-by: Jonathan Gilbert <jpg@trillica.com>
Some users reported the scheduler to be run to earlier.
It actual is known the Java scheduler can drift.
To handle this problem 2 changes have been made:
1. If the scheduler triggers > 2 sec before expected end time it will
reschedule.
2. The scheduler keeps track of the timestamp the job should run. For
recurring schedulers, like cron, when the next job is run it offsets of
the calculated time, and not the actual time. This guaranties that the
next scheduled time is actual the next scheduled time and not the same
end time in case the scheduler would trigger to early.
Signed-off-by: Hilbrand Bouwkamp <hilbrand@h72.nl>
* [modbus] More strict nullness annotations
Taking into consideration that we always have default
EndpointPoolConfiguration
* [modbus] Utilize default pool configuration consistently
* [modbus] Make (internal) ModbusCommunicationInterfaceImpl constr private
* [modbus] Handle null config of modbus comm when detecting open conns
* [modbus] default connection timeout of 10s with default pool config
Signed-off-by: Sami Salonen <ssalonen@gmail.com>
* Add profile to generate semantics classes with groovy-maven-plugin
This way you can generate the classes with Maven when adding -DgenerateTagClasses to your build command.
I.e. you no longer need to have Groovy locally installed for this.
Also properly sorts the generated imports so they match the Spotless configuration.
Signed-off-by: Wouter Born <github@maindrain.net>
* Add site provider lookup in proxy
Third attempt at this PR, but this very simply allows for the proxy to find the sitemaps for both file based as well as gui generated.
Fixes#2154Fixesopenhab/openhab-webui#763Fixesopenhab/openhab-webui#745
Also-by: Kai Kreuzer <kai@openhab.org>
Signed-off-by: Brian Homeyer <bhomeyer@gmail.com>
* Exclude commons-net from core dependencies so it is no longer automatically a transitive compile dependency
* Update nrjavaserial compile dependency to a version that no longer includes commons-net packages
* Define and use commons.net.version property
* Rework features so commons-net is only installed when required
Signed-off-by: Wouter Born <github@maindrain.net>
* Fix parsing integer & booleans parameters in UI component based sitemaps
Also catch remaining exceptions and log a warning/ignore the parameter
instead of making the whole sitemap building process fail.
Fix wrong feature ID for the video widget URL.
Fixes#2047.
Fixes#1987.
Fixes#1898.
Fixes#1875.
Fixes https://github.com/openhab/openhab-webui/issues/745.
Signed-off-by: Yannick Schaus <github@schaus.net>
In additions, command->registers tests have been once made more
readable, covering all the corner cases with integers.
Signed-off-by: Sami Salonen <ssalonen@gmail.com>
use full filename without extension as uid for rules provided by DSL files
fix bug where rule filenames with common prefix and "." resulted in same uid
Signed-off-by: Leon Kiefer <leon.k97@gmx.de>
This contains an update to the messages for the login,
change password, create API token pages from Crowdin
in ISO-8859 format.
Contains a completed German translation update, and
the following new completed languages:
- Czech
- Finnish
- Hungarian
- Portuguese (Brazil)
- Swedish
- Ukrainian
Dutch, French, Italian are unchanged from RC1.
Signed-off-by: Yannick Schaus <github@schaus.net>
The "summary" mode for `/rest/things` introduced in https://github.com/openhab/openhab-core/pull/1827
leads to these warnings in the console:
```
Field 'firmwareStatus' could not be eliminated: Can not set final org.openhab.core.thing.firmware.dto.FirmwareStatusDTO field org.openhab.core.io.rest.core.thing.EnrichedThingDTO.firmwareStatus to null value
```
The easiest solution to remove those warnings is to add it again to the list of fields included in the summaries.
Signed-off-by: Yannick Schaus <github@schaus.net>
This is the PR with the messages.properties files in
Dutch, German (partial) and Italian extracted from
#1929 and converted to the proper ISO-8859 encoding.
Signed-off-by: Yannick Schaus <github@schaus.net>
This implements localized messages for the authorize, change
password and create API token pages using a resource bundle.
Messages in English & French are included.
Signed-off-by: Yannick Schaus <github@schaus.net>
Related to #1791
Also-by: Christoph Weitkamp <github@christophweitkamp.de>
Also-by: Mark <m.stroeve@appsoftware.nl>
Signed-off-by: Laurent Garnier <lg.hc@free.fr>
I can't think of a good reason why listing things or querying their status should be allowed for users.
The things layer should only be of concern to admins IMHO.
As noted here: https://community.openhab.org/t/oh3-will-list-all-your-things-even-if-you-are-not-logged-in/108006/3
passwords and other sensible information in configuration could end up being exposed without auth required.
Signed-off-by: Yannick Schaus <github@schaus.net>
Remove the groupname from the members if the group item is removed.
This is implemented in the ManagedItemProvider.
Fixes#1785Fixes#1392
Signed-off-by: Simon Lamon <simonlamon93@hotmail.com>
The /things, /rules, /ui/components endpoints retrieve all objects
in their entirety, which can become very big, i.e. channels, config
parameters, script rule modules or trees of UI components can
quickly add up to the size.
When the UI simply displays a list of those objects it retrieves all
this extra information but does nothing with it.
This introduces an optional ?summary=true query parameter for the
above resources to limit the output to pre-defined fields which are
deemed most relevant for displaying these lists, omitting the rest.
When the option is not set, the behavior remains unchanged so this
change is not API breaking. The API version has therefore not been
incremented. The client is responsible for adding the option to
retrieve summarized collections instead of the entire objects.
Signed-off-by: Yannick Schaus <github@schaus.net>
This should fix the issue reported here:
https://community.openhab.org/t/openhab-3-0-milestone-2-discussion/107564/8
where the Nashorn script engine would be created with the
current thread's class loader, causing JS code like this:
```
var Log = Java.type("org.openhab.core.model.script.actions.Log");
Log.logError("Experiments", "This is an OH error log");
Log.logWarn("Experiments", "This is an OH warn log");
Log.logInfo("Experiments", "This is an OH info log");
Log.logDebug("Experiments", "This is an OH debug log");
```
to run fine when the rule was triggered but fail to find the Log
class when run from the REST API's `/rest/rules/{ruleUID}/runnow`,
because in that case the generic createScriptEngine implementation
would return script engines using the JAX-RS class loader as the
"app" class loader.
Note:
We also have an opportunity to restrict which classes are exposed
to the script with a ClassFilter to a specific set:
https://docs.oracle.com/javase/8/docs/jdk/api/nashorn/jdk/nashorn/api/scripting/NashornScriptEngineFactory.html#getScriptEngine-java.lang.String:A-java.lang.ClassLoader-jdk.nashorn.api.scripting.ClassFilter-
This could prove useful to mitigate code execution vulnerabilities,
as the script code is modifiable remotely.
Signed-off-by: Yannick Schaus <github@schaus.net>
Some MQTT servers can be quirky, then do not handle Usubscribe request properly.
In this case we have to omit sending it. Introduce a boolean flag, telling
whether the request should be sent or not, and add a public function to set it.
iRobot built-in MQTT server is known to suffer from this problem.
Signed-off-by: Pavel Fedin <pavel_fedin@mail.ru>
These workarounds to prevent false positives can be removed now the EEAs allow for proper null analysis.
Signed-off-by: Wouter Born <github@maindrain.net>
* Added unit test for read-only Number- and String-Items to not return a Selection Element
* Improved usage of 'lastIndexOf'
Signed-off-by: Christoph Weitkamp <github@christophweitkamp.de>
This adds API tokens as a new credential type. Their format is:
`oh.<name>.<random chars>`
The "oh." prefix is used to tell them apart from a JWT access token,
because they're both used as a Bearer authorization scheme, but there
is no semantic value attached to any of the other parts.
They are stored hashed in the user's profile, and can be listed, added
or removed managed with the new `openhab:users` console command.
Currently the scopes are still not checked, but ultimately they could
be, for instance a scope of e.g. `user admin.items` would mean that the
API token can be used to perform user operations like retrieving info
or sending a command, _and_ managing the items, but nothing else -
even if the user has more permissions because of their role (which
will of course still be checked).
Tokens are normally passed in the Authorization header with the Bearer
scheme, or the X-OPENHAB-TOKEN header, like access tokens.
As a special exception, API tokens can also be used with the Basic
authorization scheme, **even if the allowBasicAuth** option is not
enabled in the "API Security" service, because there's no additional
security risk in allowing that. In that case, the token should be
passed as the username and the password MUST be empty.
In short, this means that all these curl commands will work:
- `curl -H 'Authorization: Bearer <token>' http://localhost:8080/rest/inbox`
- `curl -H 'X-OPENHAB-TOKEN: <token>' http://localhost:8080/rest/inbox`
- `curl -u '<token>[:]' http://localhost:8080/rest/inbox`
- `curl http://<token>@localhost:8080/rest/inbox`
2 REST API operations were adding to the AuthResource, to allow
authenticated users to list their tokens or remove (revoke) one.
Self-service for creating a token or changing the password is more
sensitive so these should be handled with a servlet and pages devoid
of any JavaScript instead of REST API calls, therefore for now they'll
have to be done with the console.
This also fixes regressions introduced with #1713 - the operations
annotated with @RolesAllowed({ Role.USER }) only were not authorized
for administrators anymore.
* Generate a unique salt for each token
Reusing the password salt is bad practice, and changing the
password changes the salt as well which makes all tokens
invalid.
Put the salt in the same field as the hash (concatenated
with a separator) to avoid modifying the JSON DB schema.
* Fix API token authentication, make scope available to security context
The X-OPENHAB-TOKEN header now has priority over the Authorization
header to credentials, if both are set.
* Add self-service pages to change password & create new API token
Signed-off-by: Yannick Schaus <github@schaus.net>
* Add rule UID to error message
* Add exception with stacktrace when debug level is enabled
Related to #1734
Signed-off-by: Wouter Born <github@maindrain.net>
(I included these fixes in #1735 but extracted them in a stanalone
PR because it's easier to review and a little more urgent.)
As a result of the refactoring in #1713, the operations annotated with
`@RolesAllowed` containing `Role.USER` are not anymore automatically
considered accessible to all users, regardless of their actual roles.
4 operations are therefore now denied to admins if they only have the
`Role.ADMIN` role, as the first admininistrator is created only with
that role the UI encounters unexpected access denied errors and breaks.
(See https://github.com/openhab/openhab-webui/issues/422).
Closes https://github.com/openhab/openhab-webui/issues/422.
Signed-off-by: Yannick Schaus <github@schaus.net>
* Allow basic authentication to authorize API access
Closes#1699.
Note, this opens a minor security issue that allows an attacker
to brute force passwords by making calls to the API - contrary to
the authorization page, the credentials parsing for the REST API
is stateless & doesn't have a lock mechanism to lock user accounts
after too many failed login attempts.
Signed-off-by: Yannick Schaus <github@schaus.net>
Xtext uses a cache for looking up classes when rules are run.
It also adds a null class value to this cache when a class is not found.
Once a value has entered the cache it will not be updated.
This causes the cache to return the wrong class (or the null value) when
calling static methods on ActionService and ThingActions classes that
were added/updated.
With the changes in this PR Xtext will be configured to use a custom cache
that updates the ActionService and ThingActions class references.
The PR also has a fix for the AnnotatedThingActionModuleTypeProvider not
properly sending ModuleType removed events when all ThingActions
registrations have been removed.
Fixes#1265Fixes#1694
Signed-off-by: Wouter Born <github@maindrain.net>
When one of the engines is unset the ScriptModuleTypeProvider clears all parameter options instead of only those that apply to that engine.
This fixes the Nashorn engine missing from the parameter options on the first openHAB startup.
Signed-off-by: Wouter Born <github@maindrain.net>
Catch specific exceptions and don't log errors but instead add an appropriate message and preserve the stacktrace.
Signed-off-by: Wouter Born <github@maindrain.net>
* Prevent IllegalStateException when closing SSE sink
* Simplify code and log exceptions on debug
There seem to be no issues anymore with the exception handling when SSE clients disconnect so simplify the exception handling.
Suppressing exceptions based on error message is also likely to break when new exceptions are added or messages change.
There are also still exceptions that get logged with "failure" but from which the code seems to recover without any issues.
Fixes#1499
Signed-off-by: Wouter Born <github@maindrain.net>
Since there are no more action add-ons in the distribution, I'd suggest to remove these from the `KarafAddonService` so they won't appear in the UI menus.
Signed-off-by: Yannick Schaus <github@schaus.net>
* Fixes bugs (vulnerabilities/performance issues)
* Supports OSGi better
* Prevents illegal reflective access warnings on newer Java versions
* Supports java.time converters
For XStream release notes see: https://x-stream.github.io/changes.html
The XmlDocumentReader which uses XStream has also been modified to configure XStream security to prevent "Security framework of XStream not initialized, XStream is probably vulnerable" warnings.
Signed-off-by: Wouter Born <github@maindrain.net>