Remove WebGoat session object (#1929)

* refactor: modernize code

* refactor: move to Tomcat

* chore: bump to Spring Boot 3.3.3

* refactor: use Testcontainers to run integration tests

* refactor: lesson/assignment progress

* chore: format code

* refactor: first step into removing base class for assignment

Always been a bit of an ugly construction, as none of the dependencies are clear. The constructors are hidden due to autowiring the base class. This PR removes two of the fields.

As a bonus we now wire the authentication principal directly in the controllers.

* refactor: use authentication principal directly.

* refactor: pass lesson to the endpoints

No more need to get the current lesson set in a session. The lesson is now passed to the endpoints.

* fix: Testcontainers cannot run on Windows host in Github actions.

Since we have Windows specific paths let's run it standalone for now. We need to run these tests on Docker as well (for now disabled)

src/main/resources/db/container/V1__init.sql

@@ -2,65 +2,64 @@
 -- For the normal WebGoat server there is a bean which already provided the schema (and creates it see DatabaseInitialization)
 CREATE SCHEMA IF NOT EXISTS CONTAINER;
 
-CREATE SEQUENCE CONTAINER.HIBERNATE_SEQUENCE;
-
-CREATE TABLE CONTAINER.ASSIGNMENT (
-  ID BIGINT NOT NULL PRIMARY KEY,
-  NAME VARCHAR(255),
-  PATH VARCHAR(255)
+create
+    table CONTAINER.assignment
+(
+    solved boolean not null,
+    id     bigint generated by default as identity (start with 1),
+    name   varchar(255),
+    path   varchar(255),
+    primary key (id)
+);
+create table CONTAINER.lesson_progress
+(
+    number_of_attempts integer not null,
+    version            integer,
+    id                 bigint generated by default as identity (start with 1),
+    lesson_name        varchar(255),
+    primary key (id)
+);
+create table CONTAINER.lesson_progress_assignments
+(
+    assignments_id     bigint not null unique,
+    lesson_progress_id bigint not null,
+    primary key (assignments_id, lesson_progress_id)
+);
+create table CONTAINER.user_progress
+(
+    id       bigint generated by default as identity (start with 1),
+    username varchar(255),
+    primary key (id)
+);
+create table CONTAINER.user_progress_lesson_progress
+(
+    lesson_progress_id bigint not null unique,
+    user_progress_id   bigint not null,
+    primary key (lesson_progress_id, user_progress_id)
+);
+create table CONTAINER.web_goat_user
+(
+    password varchar(255),
+    role     varchar(255),
+    username varchar(255) not null,
+    primary key (username)
 );
 
-CREATE TABLE CONTAINER.LESSON_TRACKER(
-  ID BIGINT NOT NULL PRIMARY KEY,
-  LESSON_NAME VARCHAR(255),
-  NUMBER_OF_ATTEMPTS INTEGER NOT NULL
+create table CONTAINER.email
+(
+    id        BIGINT GENERATED BY DEFAULT AS IDENTITY (START WITH 1) NOT NULL PRIMARY KEY,
+    contents  VARCHAR(1024),
+    recipient VARCHAR(255),
+    sender    VARCHAR(255),
+    time      TIMESTAMP,
+    title     VARCHAR(255)
 );
 
-CREATE TABLE CONTAINER.LESSON_TRACKER_ALL_ASSIGNMENTS(
-  LESSON_TRACKER_ID BIGINT NOT NULL,
-  ALL_ASSIGNMENTS_ID BIGINT NOT NULL,
-  PRIMARY KEY(LESSON_TRACKER_ID,ALL_ASSIGNMENTS_ID),
-  CONSTRAINT FKNHIDKE27BCJHI8C7WJ9QW6Y3Q FOREIGN KEY(ALL_ASSIGNMENTS_ID) REFERENCES CONTAINER.ASSIGNMENT(ID),
-  CONSTRAINT FKBM51QSDJ7N17O2DNATGAMW7D FOREIGN KEY(LESSON_TRACKER_ID) REFERENCES CONTAINER.LESSON_TRACKER(ID),
-  CONSTRAINT UK_SYGJY2S8O8DDGA2K5YHBMUVEA UNIQUE(ALL_ASSIGNMENTS_ID)
-);
-
-CREATE TABLE CONTAINER.LESSON_TRACKER_SOLVED_ASSIGNMENTS(
-  LESSON_TRACKER_ID BIGINT NOT NULL,
-  SOLVED_ASSIGNMENTS_ID BIGINT NOT NULL,
-  PRIMARY KEY(LESSON_TRACKER_ID,SOLVED_ASSIGNMENTS_ID),
-  CONSTRAINT FKPP850U1MG09YKKL2EQGM0TRJK FOREIGN KEY(SOLVED_ASSIGNMENTS_ID) REFERENCES CONTAINER.ASSIGNMENT(ID),
-  CONSTRAINT FKNKRWGA1UHLOQ6732SQXHXXSCR FOREIGN KEY(LESSON_TRACKER_ID) REFERENCES CONTAINER.LESSON_TRACKER(ID),
-  CONSTRAINT UK_9WFYDUY3TVE1XD05LWOUEG0C1 UNIQUE(SOLVED_ASSIGNMENTS_ID)
-);
-
-CREATE TABLE CONTAINER.USER_TRACKER(
-  ID BIGINT NOT NULL PRIMARY KEY,
-  USERNAME VARCHAR(255)
-);
-
-CREATE TABLE CONTAINER.USER_TRACKER_LESSON_TRACKERS(
-  USER_TRACKER_ID BIGINT NOT NULL,
-  LESSON_TRACKERS_ID BIGINT NOT NULL,
-  PRIMARY KEY(USER_TRACKER_ID,LESSON_TRACKERS_ID),
-  CONSTRAINT FKQJSTCA3YND3OHP35D50PNUH3H FOREIGN KEY(LESSON_TRACKERS_ID) REFERENCES CONTAINER.LESSON_TRACKER(ID),
-  CONSTRAINT FKC9GX8INK7LRC79XC77O2MN9KE FOREIGN KEY(USER_TRACKER_ID) REFERENCES CONTAINER.USER_TRACKER(ID),
-  CONSTRAINT UK_5D8N5I3IC26CVF7DF7N95DOJB UNIQUE(LESSON_TRACKERS_ID)
-);
-
-CREATE TABLE CONTAINER.WEB_GOAT_USER(
-  USERNAME VARCHAR(255) NOT NULL PRIMARY KEY,
-  PASSWORD VARCHAR(255),
-  ROLE VARCHAR(255)
-);
-
-CREATE TABLE CONTAINER.EMAIL(
-  ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,
-  CONTENTS VARCHAR(1024),
-  RECIPIENT VARCHAR(255),
-  SENDER VARCHAR(255),
-  TIME TIMESTAMP,
-  TITLE VARCHAR(255)
-);
-
-ALTER TABLE CONTAINER.EMAIL ALTER COLUMN ID RESTART WITH 2;
+alter table CONTAINER.lesson_progress_assignments
+    add constraint FKbd9xavuwr1rxbcqhcu3jckyro foreign key (assignments_id) references CONTAINER.assignment;
+alter table CONTAINER.lesson_progress_assignments
+    add constraint FKl8vg2qfqhmsnt18qqcyydq7iu foreign key (lesson_progress_id) references CONTAINER.lesson_progress;
+alter table CONTAINER.user_progress_lesson_progress
+    add constraint FKkk5vk79v4q48xb5apeq0g5t2q foreign key (lesson_progress_id) references CONTAINER.lesson_progress;
+alter table CONTAINER.user_progress_lesson_progress
+    add constraint FKkw1rtg14shtginbfflbglbf4m foreign key (user_progress_id) references CONTAINER.user_progress;

src/main/resources/db/container/V2__version.sql

@@ -1 +0,0 @@
-ALTER TABLE CONTAINER.LESSON_TRACKER ADD VERSION INTEGER;

src/main/resources/db/container/V3__id.sql

@@ -1,3 +0,0 @@
-ALTER TABLE CONTAINER.ASSIGNMENT ALTER COLUMN ID SET GENERATED BY DEFAULT AS IDENTITY(START WITH 1);
-ALTER TABLE CONTAINER.LESSON_TRACKER ALTER COLUMN ID SET GENERATED BY DEFAULT AS IDENTITY(START WITH 1);
-ALTER TABLE CONTAINER.USER_TRACKER ALTER COLUMN ID SET GENERATED BY DEFAULT AS IDENTITY(START WITH 1);

src/main/resources/db/container/V4__rename_to_progress.sql

@@ -1,22 +0,0 @@
-ALTER TABLE container.lesson_tracker
-    RENAME TO container.lesson_progress;
-
-ALTER TABLE container.lesson_tracker_all_assignments
-    ALTER COLUMN lesson_tracker_id RENAME TO lesson_progress_id;
-ALTER TABLE container.lesson_tracker_all_assignments
-    RENAME TO container.lesson_progress_all_assignments;
-
-ALTER TABLE container.lesson_tracker_solved_assignments
-    ALTER COLUMN lesson_tracker_id RENAME TO lesson_progress_id;
-ALTER TABLE container.lesson_tracker_solved_assignments
-    RENAME TO container.lesson_progress_solved_assignments;
-
-ALTER TABLE container.user_tracker
-    RENAME TO container.user_progress;
-
-ALTER TABLE container.user_tracker_lesson_trackers
-    ALTER COLUMN user_tracker_id RENAME TO user_progress_id;
-ALTER TABLE container.user_tracker_lesson_trackers
-    ALTER COLUMN lesson_trackers_id RENAME TO lesson_progress_id;
-ALTER TABLE container.user_tracker_lesson_trackers
-    RENAME TO container.user_progress_lesson_progress;