diff --git a/src/main/java/com/upc/gessi/qrapids/app/config/security/ApiKeyAuthFilter.java b/src/main/java/com/upc/gessi/qrapids/app/config/security/ApiKeyAuthFilter.java new file mode 100644 index 00000000..49753d0e --- /dev/null +++ b/src/main/java/com/upc/gessi/qrapids/app/config/security/ApiKeyAuthFilter.java @@ -0,0 +1,61 @@ +package com.upc.gessi.qrapids.app.config.security; + +import com.upc.gessi.qrapids.app.domain.models.AppUser; +import com.upc.gessi.qrapids.app.domain.repositories.AppUser.UserRepository; +import org.springframework.http.HttpStatus; +import org.springframework.web.filter.OncePerRequestFilter; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +public class ApiKeyAuthFilter extends OncePerRequestFilter { + + private final UserRepository m_userRepository; + private final boolean m_enable; + + public ApiKeyAuthFilter(UserRepository userRepository, boolean enable) { + this.m_userRepository = userRepository; + this.m_enable = enable; + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + + String requestUri = request.getRequestURI(); + + // Check if the URI contains "/api" + if (requestUri.contains("/api") && this.m_enable) { + + // Get the API key and secret from request headers + String requestApiKey = request.getHeader("X-API-KEY"); + + if (requestApiKey != null) { + + //Get the username from the request api key + String username = requestApiKey.substring("apiKey_".length()); + + //Get the user with the username to check if exists + AppUser appUser = this.m_userRepository.findByUsername(username); + + if (appUser == null) { + response.setStatus(HttpStatus.UNAUTHORIZED.value()); + response.getWriter().write("Unauthorized"); + } else { + filterChain.doFilter(request, response); + } + } + else { + response.setStatus(HttpStatus.UNAUTHORIZED.value()); + response.getWriter().write("Unauthorized"); + } + } + else { + // If the URI does not contain "/api", proceed without filtering + filterChain.doFilter(request, response); + } + } +} diff --git a/src/main/java/com/upc/gessi/qrapids/app/config/security/WebSecurity.java b/src/main/java/com/upc/gessi/qrapids/app/config/security/WebSecurity.java index e444b6a8..55dbbed4 100644 --- a/src/main/java/com/upc/gessi/qrapids/app/config/security/WebSecurity.java +++ b/src/main/java/com/upc/gessi/qrapids/app/config/security/WebSecurity.java @@ -13,6 +13,7 @@ import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; @@ -43,17 +44,19 @@ public class WebSecurity extends WebSecurityConfigurerAdapter { @Value("${security.api.enable}") private boolean apiEnable; + @Value("${security.apiKey}") + private boolean apiKeyEnable; + public WebSecurity(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) { this.userDetailsService = userDetailsService; this.bCryptPasswordEncoder = bCryptPasswordEncoder; } @Override - protected void configure( HttpSecurity http ) throws Exception { - - String public_and_secure = ( this.securityEnable )? "/resources/**" : "/**"; - String public_api = ( this.apiEnable )? "/api/**" : "/fonts/**"; + protected void configure(HttpSecurity http) throws Exception { + String publicAndSecure = (this.securityEnable) ? "/resources/**" : "/**"; + String publicApi = (this.apiEnable) ? "/api/**" : "/fonts/**"; http.cors().and().csrf().disable().authorizeRequests() @@ -62,20 +65,21 @@ protected void configure( HttpSecurity http ) throws Exception { .antMatchers(HttpMethod.GET, LOGIN_VIEW_URL).permitAll() .antMatchers(PUBLIC_MATCHERS).permitAll() - .antMatchers(public_api).permitAll() - .antMatchers(public_and_secure).permitAll() + .antMatchers(publicAndSecure).permitAll() + + .antMatchers(publicApi).hasAuthority("X-API-KEY") // Require API key for /api/** .anyRequest().authenticated() .and() - .addFilter(new JWTAuthenticationFilter(authenticationManager(),usersController)) - .addFilter(new JWTAuthorizationFilter(authenticationManager(), userRepository, routeRepository )) + .addFilterBefore(new ApiKeyAuthFilter(userRepository, this.apiKeyEnable), UsernamePasswordAuthenticationFilter.class) // Add API key filter before other filters + .addFilter(new JWTAuthenticationFilter(authenticationManager(), usersController)) + .addFilter(new JWTAuthorizationFilter(authenticationManager(), userRepository, routeRepository)) // this disables session creation on Spring Security .sessionManagement().enableSessionUrlRewriting(false) .and() .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); - } @Override diff --git a/src/main/resources/static/js/categoriesScripts.js b/src/main/resources/static/js/categoriesScripts.js index 2cbaa3a0..357c0600 100644 --- a/src/main/resources/static/js/categoriesScripts.js +++ b/src/main/resources/static/js/categoriesScripts.js @@ -101,6 +101,9 @@ $('#accept').click(function () { else { $.ajax({ url: '../api/categories', + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: "POST", contentType: false, diff --git a/src/main/resources/static/js/configMet.js b/src/main/resources/static/js/configMet.js index 8f860c71..e45d6afb 100644 --- a/src/main/resources/static/js/configMet.js +++ b/src/main/resources/static/js/configMet.js @@ -6,9 +6,13 @@ app.controller('TablesCtrl', function($scope, $http) { this.$onInit = function () { var url = "../api/metrics/list"; + $http({ method: "GET", - url: url + url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + } }).then(function mySuccess(response) { $scope.metricCategory = response.data; }) @@ -18,9 +22,13 @@ app.controller('TablesCtrl', function($scope, $http) { console.log("IN getMetricsConfig"); var url = "../api/metrics"; + $http({ method: "GET", - url: url + url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + } }).then(function mySuccess(response) { var data = []; response.data.forEach(function (metric) { @@ -55,6 +63,9 @@ app.controller('TablesCtrl', function($scope, $http) { $.ajax({ url: "../api/metrics/"+id, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: "PUT", contentType: false, @@ -87,8 +98,12 @@ app.controller('TablesCtrl', function($scope, $http) { formData.append("url", url); formData.append("categoryName", categoryName); ++cont; + $.ajax({ url: "../api/metrics/" + id, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: "PUT", contentType: false, diff --git a/src/main/resources/static/js/configQRPattern.js b/src/main/resources/static/js/configQRPattern.js index 99f943f0..40471764 100644 --- a/src/main/resources/static/js/configQRPattern.js +++ b/src/main/resources/static/js/configQRPattern.js @@ -18,6 +18,9 @@ function buildTree() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -121,6 +124,9 @@ function getChosenPattern(currentPatternId) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -364,6 +370,9 @@ function getChosenClassifier(currentClassifierId) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -698,6 +707,9 @@ function savePattern() { $.ajax({ url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: saveMethod, contentType: false, @@ -756,6 +768,9 @@ function deletePattern() { $.ajax({ url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "DELETE", contentType: false, processData: false, @@ -894,6 +909,9 @@ function saveClassifier() { $.ajax({ url: url, + headers: { + 'X-API-KEY': 'apiKey_' + sessionStorage.getItem("userName") + }, data: formData, type: saveMethod, contentType: false, @@ -1005,6 +1023,9 @@ function deleteClassifier() { $.ajax({ url: url, + headers: { + 'X-API-KEY': 'apiKey_' + sessionStorage.getItem("userName") + }, type: "DELETE", contentType: false, processData: false, @@ -1063,6 +1084,9 @@ function fillParameterMetricSelect(parameterMetricSelect, selectedMetricId) { jQuery.ajax({ dataType: "json", url: urlMetrics, + headers: { + 'X-API-KEY': 'apiKey_' + sessionStorage.getItem("userName") + }, cache: false, type: "GET", async: true, @@ -1127,6 +1151,9 @@ function buildTreeMetrics() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_' + sessionStorage.getItem("userName") + }, cache: false, type: "GET", async: false, @@ -1171,6 +1198,9 @@ function getChosenMetric(currentMetricId) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_' + sessionStorage.getItem("userName") + }, cache: false, type: "GET", async: true, @@ -1295,6 +1325,9 @@ function saveMetric() { $.ajax({ url: url, + headers: { + 'X-API-KEY': 'apiKey_' + sessionStorage.getItem("userName") + }, data: formData, type: saveMethod_metric, contentType: false, @@ -1344,6 +1377,9 @@ function deleteMetric() { $.ajax({ url: url, + headers: { + 'X-API-KEY': 'apiKey_' + sessionStorage.getItem("userName") + }, type: "DELETE", contentType: false, processData: false, diff --git a/src/main/resources/static/js/configSI.js b/src/main/resources/static/js/configSI.js index a6265095..f58bb1eb 100644 --- a/src/main/resources/static/js/configSI.js +++ b/src/main/resources/static/js/configSI.js @@ -16,6 +16,9 @@ function getAssessSIUrl () { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -37,6 +40,9 @@ function buildSIList() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -76,6 +82,9 @@ function clickOnTree(e){ jQuery.ajax({ dataType: "json", url: postUrl, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -171,6 +180,9 @@ function loadFactors (show) { // get factors from DB $.ajax({ url: "../api/qualityFactors", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function(data) { @@ -405,6 +417,9 @@ $("#saveSI").click(function () { formData.append("quality_factors", qualityFactors); $.ajax({ url: postUrl, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: httpMethod, contentType: false, @@ -429,6 +444,9 @@ $("#deleteSI").click(function () { if (confirm("\t\t This operation cannot be undone. \t\n Are you sure you want to delete this strategic indicator?")) { jQuery.ajax({ url: deleteUrl, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "DELETE", async: true, diff --git a/src/main/resources/static/js/feedback.js b/src/main/resources/static/js/feedback.js index 043f2ed2..a6f48c13 100644 --- a/src/main/resources/static/js/feedback.js +++ b/src/main/resources/static/js/feedback.js @@ -8,6 +8,9 @@ function getStrategicIndicators() { jQuery.ajax({ dataType: "json", url: '../api/strategicIndicators/current?profile='+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -24,6 +27,9 @@ function getFactors(strategicIndicators) { jQuery.ajax({ dataType: "json", url: '../api/strategicIndicators/qualityFactors/current?profile='+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -196,6 +202,9 @@ function newFeedback(strategicIndicator, newvalue){ $.ajax({ url: '../api/strategicIndicators/' + strategicIndicator.dbId + "/feedback", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: "POST", contentType: false, diff --git a/src/main/resources/static/js/gaugeChartFactor.js b/src/main/resources/static/js/gaugeChartFactor.js index e66190ff..f2f35357 100644 --- a/src/main/resources/static/js/gaugeChartFactor.js +++ b/src/main/resources/static/js/gaugeChartFactor.js @@ -23,6 +23,9 @@ function getDataFactors(width, height, chartHyperlinked, color) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -42,6 +45,9 @@ function getDataFactors(width, height, chartHyperlinked, color) { function getFactorList(data, width, height, chartHyperlinked, color) { jQuery.ajax({ url: "../api/qualityFactors", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (dataF) { @@ -54,6 +60,9 @@ function getFactorList(data, width, height, chartHyperlinked, color) { function getFactorsCat (data, width, height, chartHyperlinked, color) { jQuery.ajax({ url: "../api/factors/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (categories) { diff --git a/src/main/resources/static/js/gaugeChartMet.js b/src/main/resources/static/js/gaugeChartMet.js index 09021fc9..23816cc8 100644 --- a/src/main/resources/static/js/gaugeChartMet.js +++ b/src/main/resources/static/js/gaugeChartMet.js @@ -95,6 +95,9 @@ function getData(width, height) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -103,6 +106,9 @@ function getData(width, height) { jQuery.ajax({ dataType: "json", url: "../api/metrics", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -133,6 +139,9 @@ function getStudents(data, width, height) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -152,6 +161,9 @@ function getFactors(data, width, height) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -208,6 +220,9 @@ function sortFactors (factors) { function getMetricsCategories (data, width, height) { jQuery.ajax({ url: "../api/metrics/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: false, success: function (categories) { @@ -241,6 +256,9 @@ function getCurrentProject() { jQuery.ajax({ dataType: "json", url: urlp, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, diff --git a/src/main/resources/static/js/getDecisions.js b/src/main/resources/static/js/getDecisions.js index 73b579b2..81de056c 100644 --- a/src/main/resources/static/js/getDecisions.js +++ b/src/main/resources/static/js/getDecisions.js @@ -4,6 +4,9 @@ function getDecisions () { jQuery.ajax({ dataType: "json", url: "../api/decisions?qrs=true", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": $('#datepickerFrom').val(), "to": $('#datepickerTo').val() diff --git a/src/main/resources/static/js/loadQualityModel.js b/src/main/resources/static/js/loadQualityModel.js index 0f623fa1..23018044 100644 --- a/src/main/resources/static/js/loadQualityModel.js +++ b/src/main/resources/static/js/loadQualityModel.js @@ -19,6 +19,9 @@ function loadData() { dataType: "json", type: "GET", url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, async: true, success: function (data) { buildTree(data); @@ -178,6 +181,9 @@ function getAndShowElement (url) { dataType: "json", type: "GET", url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, async: true, success: function (element) { $("#qualityModelElementModalTitle").text(element.name); diff --git a/src/main/resources/static/js/navScript.js b/src/main/resources/static/js/navScript.js index b6ccae4c..177d8568 100644 --- a/src/main/resources/static/js/navScript.js +++ b/src/main/resources/static/js/navScript.js @@ -31,6 +31,9 @@ if (!(serverUrl = sessionStorage.getItem("serverUrl"))) { jQuery.ajax({ dataType: "json", url: "../api/serverUrl", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -71,6 +74,9 @@ function getIfUserIsAdmin() { jQuery.ajax({ dataType: "json", url: "../api/isAdmin?token="+token, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -90,6 +96,9 @@ function getUserName () { jQuery.ajax({ dataType: "json", url: serverUrl + "/api/me", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -111,6 +120,9 @@ function checkProducts () { jQuery.ajax({ dataType: "json", url: serverUrl + "/api/products", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -127,6 +139,9 @@ function checkPhases () { jQuery.ajax({ dataType: "json", url: serverUrl + "/api/phases", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -731,6 +746,9 @@ function profileQualityLevelFilter() { jQuery.ajax({ dataType: "json", url: "../api/profiles/"+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -777,6 +795,9 @@ function fillupdateModal() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, diff --git a/src/main/resources/static/js/newSIScripts.js b/src/main/resources/static/js/newSIScripts.js index 068600db..4c8ae752 100644 --- a/src/main/resources/static/js/newSIScripts.js +++ b/src/main/resources/static/js/newSIScripts.js @@ -14,6 +14,9 @@ function moveFactors() { var profileId = sessionStorage.getItem("profile_id"); $.ajax({ url: "../api/qualityFactors/metrics/current?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function(data) { for(i = 0; i < data.length; ++i) { @@ -41,6 +44,9 @@ if (window.location.href.includes("/EditStrategicIndicators/")) { $.ajax({ url: "../api/strategicIndicators/" + id, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function(data) { console.log(data); @@ -84,6 +90,9 @@ $(function () { $('#resetCategories').click(function () { $.ajax({ url: '../api/categories', + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "DELETE", success: function() { location.reload(); @@ -110,6 +119,9 @@ $('#newSI').click(function () { $.ajax({ url: postUrl, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: httpMethod, contentType: false, diff --git a/src/main/resources/static/js/notificationsHandler.js b/src/main/resources/static/js/notificationsHandler.js index 7013d328..bbc2495f 100644 --- a/src/main/resources/static/js/notificationsHandler.js +++ b/src/main/resources/static/js/notificationsHandler.js @@ -19,6 +19,9 @@ function checkAlertsPending(){ jQuery.ajax({ dataType: "json", url: serverUrl+'/api/alerts/countNew?profile=' + sessionStorage.getItem('profile_id'), + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, diff --git a/src/main/resources/static/js/parseDataDetailedQFCurrent.js b/src/main/resources/static/js/parseDataDetailedQFCurrent.js index f67ad79d..f65038ed 100644 --- a/src/main/resources/static/js/parseDataDetailedQFCurrent.js +++ b/src/main/resources/static/js/parseDataDetailedQFCurrent.js @@ -33,6 +33,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -110,6 +113,9 @@ function sortDataAlphabetically (data) { function getMetricsCategories() { jQuery.ajax({ url: "../api/metrics/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { @@ -123,6 +129,9 @@ function getMetricsWithCategory(){ $.ajax({ dataType: "json", url: "../api/metrics", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, diff --git a/src/main/resources/static/js/parseDataDetailedQFStacked.js b/src/main/resources/static/js/parseDataDetailedQFStacked.js index 236f750e..a06a9e56 100644 --- a/src/main/resources/static/js/parseDataDetailedQFStacked.js +++ b/src/main/resources/static/js/parseDataDetailedQFStacked.js @@ -44,6 +44,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -141,6 +144,9 @@ function sortDataAlphabetically (data) { function getMetricsCategories() { jQuery.ajax({ url: "../api/metrics/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { @@ -155,15 +161,27 @@ function getCategories() { if (serverUrl) { url = serverUrl + url; } - $.getJSON(url).then (function(cat) { - categories.push({ - color: cat[0].color, // high category - pos: cat[1].upperThreshold, - }); - categories.push({ - color: cat[cat.length-1].color, // low category - pos: cat[cat.length-1].upperThreshold, - }); + $.ajax({ + url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, + method: "GET", + dataType: "json", + success: function(cat) { + categories.push({ + color: cat[0].color, // high category + pos: cat[1].upperThreshold, + }); + categories.push({ + color: cat[cat.length-1].color, // low category + pos: cat[cat.length-1].upperThreshold, + }); + }, + error: function(xhr, textStatus, errorThrown) { + // Handle error + console.error("Error fetching phases:", errorThrown); + } }); } @@ -171,6 +189,9 @@ function getMetricsWithCategory(){ $.ajax({ dataType: "json", url: "../api/metrics", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, diff --git a/src/main/resources/static/js/parseDataDetailedSICurrent.js b/src/main/resources/static/js/parseDataDetailedSICurrent.js index 52544648..38f4d68e 100644 --- a/src/main/resources/static/js/parseDataDetailedSICurrent.js +++ b/src/main/resources/static/js/parseDataDetailedSICurrent.js @@ -34,6 +34,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -115,6 +118,9 @@ function sortDataAlphabetically (data) { function getFactorsCategories() { jQuery.ajax({ url: "../api/factors/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { @@ -127,6 +133,9 @@ function getFactorsCategories() { function getFactorList() { jQuery.ajax({ url: "../api/qualityFactors", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (dataF) { diff --git a/src/main/resources/static/js/parseDataDetailedSIHistorical.js b/src/main/resources/static/js/parseDataDetailedSIHistorical.js index b5c62c3c..3bb6062b 100644 --- a/src/main/resources/static/js/parseDataDetailedSIHistorical.js +++ b/src/main/resources/static/js/parseDataDetailedSIHistorical.js @@ -28,6 +28,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": $('#datepickerFrom').val(), "to": $('#datepickerTo').val() @@ -97,6 +100,9 @@ function getQualityModel () { dataType: "json", type: "GET", url : "../api/strategicIndicators/qualityModel?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, async: false, success: function (data) { data.forEach(function (strategicIndicator) { @@ -154,6 +160,9 @@ function sortDataAlphabetically (data) { function getFactorsCategories () { jQuery.ajax({ url: "../api/factors/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { diff --git a/src/main/resources/static/js/parseDataMetricsHistorical.js b/src/main/resources/static/js/parseDataMetricsHistorical.js index 2a598715..a1d11649 100644 --- a/src/main/resources/static/js/parseDataMetricsHistorical.js +++ b/src/main/resources/static/js/parseDataMetricsHistorical.js @@ -103,6 +103,9 @@ function getCurrentProjects() { jQuery.ajax({ dataType: "json", url: urlp, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -131,6 +134,9 @@ function getDatabyFactor() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": $('#datepickerFrom').val(), "to": $('#datepickerTo').val() @@ -268,6 +274,9 @@ function getDataStudents() { jQuery.ajax({ dataType: "json", url: "../api/metrics/students/historical", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": $('#datepickerFrom').val(), "to": $('#datepickerTo').val() @@ -418,6 +427,9 @@ function sortDataByFactor(data) { function getMetricsCategories () { jQuery.ajax({ url: "../api/metrics/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { @@ -431,6 +443,9 @@ function getMetricsDB() { jQuery.ajax({ dataType: "json", url: "../api/metrics", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -449,6 +464,9 @@ function getFactors() { jQuery.ajax({ dataType: "json", url: factorUrl, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, diff --git a/src/main/resources/static/js/parseDataMetricsPrediction.js b/src/main/resources/static/js/parseDataMetricsPrediction.js index 3bdb51ba..7a3271bf 100644 --- a/src/main/resources/static/js/parseDataMetricsPrediction.js +++ b/src/main/resources/static/js/parseDataMetricsPrediction.js @@ -43,6 +43,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: urlpred, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "technique": technique, "horizon": diffDays @@ -60,6 +63,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: urlhist, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": parseDate(dateFrom), "to": parseDate(dateC) @@ -191,6 +197,9 @@ function sortDataAlphabetically (data) { function getMetricsCategories () { jQuery.ajax({ url: "../api/metrics/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { diff --git a/src/main/resources/static/js/parseDataQFHistorical.js b/src/main/resources/static/js/parseDataQFHistorical.js index 2f82d25d..e36a9dc7 100644 --- a/src/main/resources/static/js/parseDataQFHistorical.js +++ b/src/main/resources/static/js/parseDataQFHistorical.js @@ -35,6 +35,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": $('#datepickerFrom').val(), "to": $('#datepickerTo').val() @@ -119,6 +122,9 @@ function getQualityModel () { dataType: "json", type: "GET", url : "../api/strategicIndicators/qualityModel", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, async: false, success: function (data) { data.forEach(function (strategicIndicator) { @@ -175,6 +181,9 @@ function sortDataAlphabetically (data) { function getFactorsCategories () { jQuery.ajax({ url: "../api/factors/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { @@ -187,6 +196,9 @@ function getFactorsCategories () { function getFactorList() { jQuery.ajax({ url: "../api/qualityFactors", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (dataF) { diff --git a/src/main/resources/static/js/parseDataQFPrediction.js b/src/main/resources/static/js/parseDataQFPrediction.js index 90b28ccb..fa3bdc24 100644 --- a/src/main/resources/static/js/parseDataQFPrediction.js +++ b/src/main/resources/static/js/parseDataQFPrediction.js @@ -45,6 +45,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: urlpred, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "technique": technique, "horizon": diffDays @@ -62,6 +65,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: urlhist, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": parseDate(dateFrom), "to": parseDate(dateC) @@ -202,6 +208,9 @@ function sortDataAlphabetically (data) { function getFactorsCategories () { jQuery.ajax({ url: "../api/factors/categories", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: true, success: function (response) { diff --git a/src/main/resources/static/js/parseDataSIHistorical.js b/src/main/resources/static/js/parseDataSIHistorical.js index 73f8e52b..88bfe596 100644 --- a/src/main/resources/static/js/parseDataSIHistorical.js +++ b/src/main/resources/static/js/parseDataSIHistorical.js @@ -31,6 +31,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: "../api/strategicIndicators/historical?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": $('#datepickerFrom').val(), "to": $('#datepickerTo').val() @@ -136,6 +139,9 @@ function getQualityModel () { dataType: "json", type: "GET", url : "../api/strategicIndicators/qualityModel?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, async: false, success: function (data) { data.forEach(function (strategicIndicator) { diff --git a/src/main/resources/static/js/parseDataSIPrediction.js b/src/main/resources/static/js/parseDataSIPrediction.js index fdd95b29..eb514e5d 100644 --- a/src/main/resources/static/js/parseDataSIPrediction.js +++ b/src/main/resources/static/js/parseDataSIPrediction.js @@ -39,6 +39,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: "../api/strategicIndicators/prediction?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "technique": technique, "horizon": diffDays @@ -55,6 +58,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: "../api/strategicIndicators/historical?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { "from": parseDate(dateFrom), "to": parseDate(dateC) diff --git a/src/main/resources/static/js/phases.js b/src/main/resources/static/js/phases.js index 1db9d868..04c714eb 100644 --- a/src/main/resources/static/js/phases.js +++ b/src/main/resources/static/js/phases.js @@ -40,15 +40,20 @@ var options = { var HeatMap = new ApexCharts(document.querySelector("#HeatMap"), options); HeatMap.render(); - function getPhasesList () { var serverUrl = sessionStorage.getItem("serverUrl"); var url = "/api/phases"; if (serverUrl) { url = serverUrl + url; } - $.getJSON(url) - .then (function(phases) { + $.ajax({ + url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, + method: "GET", + dataType: "json", + success: function(phases) { if (phases.length > 0) { phases.forEach(function (ph) { p.push({ @@ -61,7 +66,12 @@ function getPhasesList () { } else { warningUtils("Warning", "No information about phases of this project."); } - }); + }, + error: function(xhr, textStatus, errorThrown) { + // Handle error + console.error("Error fetching phases:", errorThrown); + } + }); } function checkCategories() { @@ -70,8 +80,14 @@ function checkCategories() { if (serverUrl) { url = serverUrl + url; } - $.getJSON(url) - .then (function(categories) { + $.ajax({ + url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, + method: "GET", + dataType: "json", + success: function(categories) { if (categories.length === 0) { warningUtils("Warning", "You need to define Strategic Indicator categories in order to see the heatmap correctly. " + "Please, go to the Categories section of the Configuration menu and define them."); @@ -110,11 +126,14 @@ function checkCategories() { } }); } - }); + }, + error: function(xhr, textStatus, errorThrown) { + // Handle error + console.error("Error fetching categories:", errorThrown); + } + }); } - - function getData(phases) { var today = new Date(); var todayTextDate = parseDate(today); @@ -126,8 +145,14 @@ function getData(phases) { if (serverUrl) { url = serverUrl + url; } - $.getJSON(url + "&from=" + phases[0].from + "&to=" + todayTextDate) - .then (function(data) { + $.ajax({ + url: url + "&from=" + phases[0].from + "&to=" + todayTextDate, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, + method: "GET", + dataType: "json", + success: function(data) { console.log("getData"); console.log(data); @@ -137,7 +162,8 @@ function getData(phases) { if (data.length === 0) { // when there is NO historical data for phases period var siData = []; addNoDataStrategicIndicators (phases, siData); - } else { // when there is historical data + } + else { // when there is historical data var aux = [{cat: "No data", val:-1}]; var values = []; var currentSI = data[0].name; // take first SI from hist. data @@ -226,10 +252,13 @@ function getData(phases) { addNoDataStrategicIndicators(phases, siData); drawHeatmap(phases); } + }, + error: function(xhr, textStatus, errorThrown) { + // Handle error + console.error("Error fetching phase data:", errorThrown); } - ); + }); } - function addNoDataStrategicIndicators (phases, siData) { var profileId = sessionStorage.getItem("profile_id"); var serverUrl = sessionStorage.getItem("serverUrl"); @@ -237,8 +266,14 @@ function addNoDataStrategicIndicators (phases, siData) { if (serverUrl) { url = serverUrl + url; } - $.getJSON(url) - .then (function(data) { + $.ajax({ + url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, + method: "GET", + dataType: "json", + success: function(phases) { for (var i = 0; i < data.length; i++) { if (!siData.includes(data[i].name)){ var values = []; @@ -254,8 +289,12 @@ function addNoDataStrategicIndicators (phases, siData) { console.log("new serie: "); console.log(s); drawHeatmap(phases); + }, + error: function(xhr, textStatus, errorThrown) { + // Handle error + console.error("Error fetching phases:", errorThrown); } - ); + }); } function drawHeatmap(phases) { diff --git a/src/main/resources/static/js/productDetailedEvaluation.js b/src/main/resources/static/js/productDetailedEvaluation.js index cd42a48d..69824190 100644 --- a/src/main/resources/static/js/productDetailedEvaluation.js +++ b/src/main/resources/static/js/productDetailedEvaluation.js @@ -26,6 +26,9 @@ function buildSelector() { jQuery.ajax({ dataType: "json", url: urlProducts, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -65,6 +68,9 @@ function getData() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -94,20 +100,34 @@ function getCategories() { if (serverUrl) { url = serverUrl + url; } - $.getJSON(url).then (function(cat) { - categories.push({ - name: cat[0].name, // high category - color: cat[0].color, - upperThreshold: 1, - }); - for (var i = 1; i < cat.length; i++) { + + $.ajax({ + url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, + method: "GET", + dataType: "json", + success: function(cat) { categories.push({ - name: cat[i].name, // high category - color: cat[i].color, - upperThreshold: categories[i-1].upperThreshold - 1/cat.length, + name: cat[0].name, + color: cat[0].color, + upperThreshold: 1, }); + + for (var i = 1; i < cat.length; i++) { + categories.push({ + name: cat[i].name, + color: cat[i].color, + upperThreshold: categories[i-1].upperThreshold - 1/cat.length, + }); + } + drawChart(categories); // Pass categories array to drawChart function + }, + error: function(xhr, textStatus, errorThrown) { + // Handle error + console.error("Error fetching categories:", errorThrown); } - drawChart(); }); } diff --git a/src/main/resources/static/js/productEvaluation.js b/src/main/resources/static/js/productEvaluation.js index b21869af..75fc7e4e 100644 --- a/src/main/resources/static/js/productEvaluation.js +++ b/src/main/resources/static/js/productEvaluation.js @@ -28,6 +28,9 @@ function buildSelector() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -58,6 +61,9 @@ function getData(width, height, showButtons, chartHyperlinked) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, diff --git a/src/main/resources/static/js/projectsSelector.js b/src/main/resources/static/js/projectsSelector.js index 02a01cd3..2dd6989a 100644 --- a/src/main/resources/static/js/projectsSelector.js +++ b/src/main/resources/static/js/projectsSelector.js @@ -21,6 +21,9 @@ function getUserName () { jQuery.ajax({ dataType: "json", url: "../api/me", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -107,6 +110,9 @@ function getProjects(profileID) { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -132,6 +138,9 @@ function getProfiles() { jQuery.ajax({ dataType: "json", url: "../api/profiles", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -189,6 +198,9 @@ function getActiveUserProjects() { jQuery.ajax({ dataType: "json", url: "../api/allowedprojects", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -251,6 +263,9 @@ function showProjectSelector (projects) { jQuery.ajax({ dataType: "json", url: "../api/profiles/" + profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -326,6 +341,9 @@ function getUpdatesNotSeen() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, diff --git a/src/main/resources/static/js/reporting.js b/src/main/resources/static/js/reporting.js index b8e36247..111024af 100644 --- a/src/main/resources/static/js/reporting.js +++ b/src/main/resources/static/js/reporting.js @@ -13,6 +13,9 @@ function getJasperserverInfo() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -24,6 +27,9 @@ function getJasperserverInfo() { $.ajax({ type: "POST", url: jasperserverURL + "/rest/login", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: { j_username: jasperserverUser, j_password: jasperserverPassword @@ -42,6 +48,9 @@ function readDirectories(){ $.ajax({ dataType: "json", url: jasperserverURL + "/rest_v2/resources?type=reportUnit", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", contentType: "application/x-www-form-urlencoded", data: { @@ -104,6 +113,9 @@ function linkWithJasper(dirName){ $.ajax({ dataType: "json", url: jasperserverURL + "/rest_v2/resources?type=reportUnit", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", contentType: "application/x-www-form-urlencoded", data: { diff --git a/src/main/resources/static/js/simulationFactors.js b/src/main/resources/static/js/simulationFactors.js index 3a8db4aa..e5cffadb 100644 --- a/src/main/resources/static/js/simulationFactors.js +++ b/src/main/resources/static/js/simulationFactors.js @@ -14,6 +14,9 @@ function getAllQualityFactors () { var url = "../api/qualityFactors/current"; $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { qualityFactors = response; @@ -26,6 +29,9 @@ function getQualityFactorsCategories () { var url = "../api/factors/categories"; $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { categories = response; @@ -39,6 +45,9 @@ function getFactorsCategories (titles, ids, labels, values) { var url = "../api/factors/categories"; $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { categories = response; @@ -51,6 +60,9 @@ function getFactorsCategories (titles, ids, labels, values) { function getFactorsList() { jQuery.ajax({ url: "../api/qualityFactors", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: false, success: function (dataF) { @@ -171,6 +183,9 @@ function getDetailedStrategicIndicators () { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -410,6 +425,9 @@ $('#apply').click(function () { $.ajax({ url: "../api/strategicIndicators/simulate?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: formData, type: "POST", contentType: false, diff --git a/src/main/resources/static/js/simulationMetrics.js b/src/main/resources/static/js/simulationMetrics.js index 0dcfe3a6..7c56119c 100644 --- a/src/main/resources/static/js/simulationMetrics.js +++ b/src/main/resources/static/js/simulationMetrics.js @@ -18,6 +18,9 @@ function getMetricsWithCategory(){ $.ajax({ dataType: "json", url: "../api/metrics", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -32,6 +35,9 @@ function getAllMetrics(){ var url = "../api/metrics/current?profile="+profileId; $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { metrics = response; @@ -44,6 +50,9 @@ function getMetricsCategoriesAndShow () { var url = "../api/metrics/categories"; $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { metricCats = removeSpaces(response); @@ -56,6 +65,9 @@ function getMetricsCategories (titles, ids, labels, values) { var url = "../api/metrics/categories"; $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { metricCats = removeSpaces(response) @@ -68,6 +80,9 @@ function getFactorsCategories (titles, ids, labels, values) { var url = "../api/factors/categories"; $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { factorCats= removeSpaces(response) @@ -79,6 +94,9 @@ function getFactorsCategories (titles, ids, labels, values) { function getFactorsList(titles, ids, labels, values) { jQuery.ajax({ url: "../api/qualityFactors", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", async: false, success: function (dataF) { @@ -202,6 +220,9 @@ function getDetailedStrategicIndicators () { jQuery.ajax({ dataType: "json", url: "../api/strategicIndicators/qualityFactors/current?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -361,6 +382,9 @@ function getFactors () { jQuery.ajax({ dataType: "json", url: "../api/qualityFactors/metrics/current?profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -607,6 +631,9 @@ $('#apply').click(function () { $.ajax({ url: "../api/qualityFactors/simulate?date="+ date + "&profile="+profileId, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, data: JSON.stringify(newMetrics), type: "POST", contentType: 'application/json', diff --git a/src/main/resources/static/js/sliderChartMet.js b/src/main/resources/static/js/sliderChartMet.js index f6d568fd..78e5009f 100644 --- a/src/main/resources/static/js/sliderChartMet.js +++ b/src/main/resources/static/js/sliderChartMet.js @@ -24,6 +24,9 @@ if (getParameterByName('id').length !== 0) { function getAllMetrics(){ $.ajax({ url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, type: "GET", success: function (response) { if (id) // in case we show metrics for one detailed factor @@ -34,6 +37,9 @@ function getAllMetrics(){ jQuery.ajax({ dataType: "json", url: "../api/metrics", + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, @@ -53,6 +59,9 @@ function getFactors() { jQuery.ajax({ dataType: "json", url: url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: true, diff --git a/src/main/resources/static/js/sunburstChart.js b/src/main/resources/static/js/sunburstChart.js index c7a7616c..4a858480 100644 --- a/src/main/resources/static/js/sunburstChart.js +++ b/src/main/resources/static/js/sunburstChart.js @@ -19,6 +19,9 @@ function loadData() { dataType: "json", type: "GET", url : url, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, async: true, success: function (data) { makeChart(data); diff --git a/src/main/resources/static/js/user.js b/src/main/resources/static/js/user.js index 003688d3..ea3bd8da 100644 --- a/src/main/resources/static/js/user.js +++ b/src/main/resources/static/js/user.js @@ -80,6 +80,9 @@ function getActiveUserProjects() { jQuery.ajax({ dataType: "json", url: serverUrl+"/api/allowedprojects?token="+token + "&id=" + id, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "GET", async: false, @@ -112,6 +115,9 @@ function updateProjects() { jQuery.ajax({ dataType: "json", url: serverUrl+"/api/allowedprojects?id=" + id, + headers: { + 'X-API-KEY': 'apiKey_admin' + }, cache: false, type: "PUT", async: false,