What's new in EzyPlatform 1.0.8?

This release focuses on server-side JavaScript extensibility, improved user-role management, and more stable web/admin runtime behavior.
  1. JavascriptService – server-side JavaScript execution with flexible configuration
    Introduced JavascriptService in the common SDK, along with AdminJavascriptService and WebJavascriptServicefor their respective runtimes. The service provides execute(...)to run scripts with input parameters and expose beans into the JavaScript scope. Allowed beans can be configured via SETTING_NAME_JAVASCRIPT_SERVICE_BEAN_NAMES, with defaults defined in AdminSettingConfig. This release also integrates Rhino for server-side JavaScript execution.
  2. Extended UserRoleService for clearer role management
    UserRoleService now includes methods such as saveUserRoleByUserIdAndRoleId(...), deleteUserRoleByUserIdAndRoleId(...), and multiple containsUserRole(...) checks by userId, roleId, roleName, or username. DefaultUserRoleService fully implements these methods, making role assignment, removal, and validation more explicit and consistent across authorization flows.
  3. Improved global error handling for web/admin runtime
    WebGlobalErrorHandler has been refined to better distinguish between API requests and UI requests. The processError(...) method now uses RequestURIManager and matchedUri to determine the request type. API requests return a ResponseEntity, while page requests are routed through error endpoints such as /bad-request, /not-found, and /server-error.
  4. SettingService improvements for absolute URL handling
    The methods resolveAdminUri(...) and resolveWebUri(...)now preserve absolute URLs instead of always prefixing them with a base URL. This allows more flexible configuration when working with full domains or multi-environment setups.
  5. Stricter external URL validation for enhanced security
    DefaultValidator.isValidExternalUrl(...) has been significantly tightened. The new logic strictly validates localhost, direct IPs, private/internal ranges, multicast ranges, documentation/test ranges, and certain IPv6 cases. This is an important update for systems accepting external URLs from user input or configuration.
  6. New endpoint to check media existence
    WebApiMediaController adds the endpoint GET /api/v1/media/{name}/contains via mediaNameContainsGet(...), returning a ContainsResponse. This is useful for flows that need to verify media existence before upload, linking, or referencing.
  7. Standardized link status with LinkStatus enum
    Introduced the LinkStatus enum and the getAllLinkStatuses() method in LinkService. This provides a consistent reference for link states instead of relying on loosely defined string values.
  8. Extended DataMeta filtering with exclusion support
    DefaultDataMetaFilter now includes exclusiveMetaKey and exclusiveMetaKeys, enabling metadata exclusion directly at the query builder level for more precise and flexible data retrieval.
  9. Improved admin dashboard setting update flow
    AdminDashboardController now includes SSL/domain status via isSslDomain(...). UI functions such as updateAdminSettings(), updateWebSettings(), setAdminUrl(), setWebUrls(), setTargetProperties(), and setTargetVmOptions()have been refactored into a more sequential async flow, followed by a page reload upon completion. The UI also provides guidance for configuring domain and SSL when current URLs do not meet required conditions.