Merge branch 'develop'

This reverts commit f4cf7e623e.

README.md

@@ -11,6 +11,7 @@ The following products must be installed:
 
     * OpenJDK 11 or higher
     * Maven 3.x or higher ([http://maven.apache.org/])
+    * npm 6 or higher ([https://www.npmjs.com/package/npm?activeTab=versions])
 
 ### Compiling
 
@@ -45,7 +46,7 @@ In order to reduce the life-cycle to develop UI backend testing, you can do the
 
 A quick and dirty solution to share changes in the UI is to manually compile the dist. This will make the loader file available without the need to publish:
 
-`cp -r wisemapping-frontend/packages/mindplot/dist/* wisemapping-open-source/wise-ui/target/wisemapping-mindplot/package/dist`
+`yarn --cwd wisemapping-frontend build;cp -r wisemapping-frontend/packages/mindplot/dist/* wisemapping-open-source/wise-ui/target/wisemapping-mindplot/package/dist;cp -r wisemapping-frontend/packages/mindplot/dist/* wisemapping-open-source/wise-ui/target/wisemapping-mindplot/package/dist`
 
 
 ### Compiling and running with docker-compose

distribution/Dockerfile

@@ -9,7 +9,7 @@ LABEL maintainer="Paulo Gustavo Veiga <pveiga@wisemapping.com>"
 ARG WEBAPP_TARGET_DIR="/usr/local/tomcat/webapps/ROOT"
 ARG DB_BASE_DIR="/var/lib/wisemapping"
 
-# Defautl ENV configurations ...
+# Default ENV configurations ...
 ENV JAVA_OPTS="-XX:+PrintFlagsFinal -XX:InitialRAMPercentage=30 -XX:MaxRAMPercentage=80"
 ENV database.base.url=${DB_BASE_DIR}
 
@@ -22,6 +22,15 @@ RUN rm /tmp/wisemapping.war
 # Change logger to
 RUN cp ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j-stdout.properties ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j.properties
 
+# Add support for proxy
+RUN sed -i 's|\
+  </Host>|\
+    <Valve className="org.apache.catalina.valves.RemoteIpValve" \
+      remoteIpHeader="X-Forwarded-For" \
+      protocolHeader="X-Forwarded-Proto"/>\
+  </Host>|' \
+  /usr/local/tomcat/conf/server.xml
+
 # Copy default HSQL DB for testing ...
 RUN mkdir -p ${DB_BASE_DIR}/db
 COPY db/ ${DB_BASE_DIR}/db

pom.xml

@@ -4,7 +4,7 @@
                       http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
     <properties>
-        <com.wisemapping.version>5.0.4</com.wisemapping.version>
+        <com.wisemapping.version>5.0.10</com.wisemapping.version>
         <superpom.dir>${project.basedir}/wise-webapps</superpom.dir>
     </properties>
 
@@ -16,7 +16,7 @@
     <groupId>org.wisemapping</groupId>
     <artifactId>wisemapping</artifactId>
     <name>WiseMapping Project</name>
-    <version>5.0.4</version>
+    <version>5.0.10</version>
     <packaging>pom</packaging>
 
     <licenses>

wise-ui/pom.xml

@@ -12,7 +12,7 @@
         <groupId>org.wisemapping</groupId>
         <artifactId>wisemapping</artifactId>
         <relativePath>../pom.xml</relativePath>
-        <version>5.0.4</version>
+        <version>5.0.10</version>
     </parent>
 
     <build>
@@ -27,26 +27,26 @@
                             <tasks>
                                 <!-- Download and unzip mindplot npm package -->
                                 <mkdir dir="target/wisemapping-mindplot"/>
-                                <exec executable="npm" dir="target">
+                                <exec executable="npm" dir="target" failonerror="true">
                                     <arg value="pack"/>
-                                    <arg value="@wisemapping/mindplot@5.0.3"/>
+                                    <arg value="@wisemapping/mindplot@5.0.10"/>
                                 </exec>
-                                <exec executable="tar" dir="target">
+                                <exec executable="tar" dir="target" failonerror="true">
                                     <arg value="-xvzf"/>
-                                    <arg value="wisemapping-mindplot-5.0.4.tgz"/>
+                                    <arg value="wisemapping-mindplot-5.0.10.tgz"/>
                                     <arg value="-C"/>
                                     <arg value="wisemapping-mindplot"/>
                                 </exec>
 
                                 <!-- Download and unzip webapp npm package -->
                                 <mkdir dir="target/wisemapping-webapp"/>
-                                <exec executable="npm" dir="target">
+                                <exec executable="npm" dir="target" failonerror="true">
                                     <arg value="pack"/>
-                                    <arg value="@wisemapping/webapp@5.0.3"/>
+                                    <arg value="@wisemapping/webapp@5.0.11"/>
                                 </exec>
-                                <exec executable="tar" dir="target">
+                                <exec executable="tar" dir="target" failonerror="true">
                                     <arg value="-xvzf"/>
-                                    <arg value="wisemapping-webapp-5.0.4.tgz"/>
+                                    <arg value="wisemapping-webapp-5.0.11.tgz"/>
                                     <arg value="-C"/>
                                     <arg value="wisemapping-webapp"/>
                                 </exec>

wise-webapp/pom.xml

@@ -9,29 +9,15 @@
         <groupId>org.wisemapping</groupId>
         <artifactId>wisemapping</artifactId>
         <relativePath>../pom.xml</relativePath>
-        <version>5.0.4</version>
+        <version>5.0.10</version>
     </parent>
 
-    <repositories>
-        <repository>
-            <id>maven2-repository.dev.java.net</id>
-            <name>Java.net Repository for Maven</name>
-            <url>http://download.java.net/maven/2/</url>
-            <layout>default</layout>
-        </repository>
-        <repository>
-            <id>maven2-repository.jahia.org</id>
-            <name>Jahia Repository for Maven</name>
-            <url>http://maven.jahia.org/maven2/</url>
-            <layout>default</layout>
-        </repository>
-    </repositories>
-
     <properties>
         <org.springframework.version>5.3.14</org.springframework.version>
         <org.springframework.addons>5.3.5.RELEASE</org.springframework.addons>
-        <hibernate.version>5.6.3.Final</hibernate.version>
+        <hibernate.version>5.6.5.Final</hibernate.version>
         <hibernate-validator.version>6.0.21.Final</hibernate-validator.version>
+        <spring-security-taglibs.version>5.6.1</spring-security-taglibs.version>
     </properties>
 
     <dependencies>
@@ -83,6 +69,11 @@
             <version>${org.springframework.version}</version>
             <scope>compile</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-taglibs</artifactId>
+            <version>${spring-security-taglibs.version}</version>
+        </dependency>
         <!-- Hibernate -->
         <dependency>
             <groupId>org.hibernate</groupId>
@@ -205,7 +196,7 @@
         <dependency>
             <groupId>mysql</groupId>
             <artifactId>mysql-connector-java</artifactId>
-            <version>8.0.27</version>
+            <version>8.0.28</version>
             <scope>runtime</scope>
         </dependency>
         <dependency>
@@ -213,12 +204,6 @@
             <artifactId>commons-dbcp2</artifactId>
             <version>2.9.0</version>
         </dependency>
-        <dependency>
-            <groupId>commons-fileupload</groupId>
-            <artifactId>commons-fileupload</artifactId>
-            <version>1.2.1</version>
-            <scope>runtime</scope>
-        </dependency>
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-ehcache</artifactId>
@@ -240,6 +225,12 @@
             <version>1.2.17</version>
             <scope>compile</scope>
         </dependency>
+        <!-- https://mvnrepository.com/artifact/commons-validator/commons-validator -->
+        <dependency>
+            <groupId>commons-validator</groupId>
+            <artifactId>commons-validator</artifactId>
+            <version>1.7</version>
+        </dependency>
         <!-- Only for test purposes -->
         <dependency>
             <groupId>org.hsqldb</groupId>
@@ -250,7 +241,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.11.3</version>
+            <version>2.13.1</version>
         </dependency>
         <dependency>
             <groupId>javax.servlet</groupId>
@@ -277,7 +268,7 @@
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>fluent-hc</artifactId>
-            <version>4.5.5</version>
+            <version>4.5.13</version>
         </dependency>
         <dependency>
             <groupId>junit</groupId>

wise-webapp/src/main/java/com/wisemapping/dao/LabelManagerImpl.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/dao/MindmapManager.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/dao/UserManager.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/dao/UserManagerImpl.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -27,9 +27,11 @@ import com.wisemapping.security.LegacyPasswordEncoder;
 import org.hibernate.ObjectNotFoundException;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
+import org.springframework.orm.hibernate5.HibernateTemplate;
 import org.springframework.orm.hibernate5.support.HibernateDaoSupport;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
 
@@ -102,22 +104,31 @@ public class UserManagerImpl
     }
 
     @Override
-    public User createUser(@NotNull User user, @NotNull Collaborator col) {
-        user.setPassword(passwordEncoder.encode(user.getPassword()));
+    public User createUser(@NotNull User user, @NotNull Collaborator collaborator) {
         assert user != null : "Trying to store a null user";
 
-        final Set<Collaboration> set = col.getCollaborations();
-        for (Collaboration collaboration : set) {
-            Collaboration newMapUser = new Collaboration();
-            newMapUser.setRoleId(collaboration.getRole().ordinal());
-            newMapUser.setMindMap(collaboration.getMindMap());
-            newMapUser.setCollaborator(user);
-            user.addCollaboration(newMapUser);
+        // Migrate from previous temporal collab to new user ...
+        List<Collaboration> newCollabs = new ArrayList<>();
+        final Set<Collaboration> collaborations = collaborator.getCollaborations();
+        for (Collaboration oldCollab : collaborations) {
+            Collaboration newCollab = new Collaboration();
+            newCollab.setRoleId(oldCollab.getRole().ordinal());
+            newCollab.setMindMap(oldCollab.getMindMap());
+            newCollab.setCollaborator(user);
+            user.addCollaboration(newCollab);
+            newCollabs.add(newCollab);
         }
 
-        getHibernateTemplate().delete(col);
-        getHibernateTemplate().flush();
-        getHibernateTemplate().saveOrUpdate(user);
+        // Delete old collaboration
+        final HibernateTemplate template = getHibernateTemplate();
+        collaborations.forEach(c -> template.delete(c));
+        template.delete(collaborator);
+        template.flush();
+
+        // Save all new...
+        this.createUser(user);
+        newCollabs.forEach(c -> template.saveOrUpdate(c));
+
         return user;
     }
 
@@ -136,8 +147,7 @@ public class UserManagerImpl
 
         // Does the password need to be encrypted ?
         final String password = user.getPassword();
-        if(password!=null && (!password.startsWith(LegacyPasswordEncoder.ENC_PREFIX) && !password.startsWith( "{"+ DefaultPasswordEncoderFactories.ENCODING_ID)))
-        {
+        if (password != null && (!password.startsWith(LegacyPasswordEncoder.ENC_PREFIX) && !password.startsWith("{" + DefaultPasswordEncoderFactories.ENCODING_ID))) {
             user.setPassword(passwordEncoder.encode(user.getPassword()));
         }
 
@@ -152,7 +162,7 @@ public class UserManagerImpl
         query.setParameter("activationCode", code);
         final List users = query.list();
 
-        if(users != null && !users.isEmpty()) {
+        if (users != null && !users.isEmpty()) {
 
             assert users.size() == 1 : "More than one user with the same username!";
             user = (User) users.get(0);

wise-webapp/src/main/java/com/wisemapping/exceptions/AccessDeniedSecurityException.java

@@ -1,33 +1,37 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.exceptions;
 
+import com.wisemapping.model.Collaborator;
+import com.wisemapping.model.User;
 import org.jetbrains.annotations.NotNull;
 
 public class AccessDeniedSecurityException
-    extends ClientException
-{
+        extends ClientException {
     public static final String MSG_KEY = "ACCESS_HAS_BEEN_REVOKED";
 
-    public AccessDeniedSecurityException(@NotNull String msg)
-    {
-        super(msg,Severity.FATAL);
+    public AccessDeniedSecurityException(@NotNull String msg) {
+        super(msg, Severity.FATAL);
+    }
+
+    public AccessDeniedSecurityException(@NotNull long mapId, Collaborator user) {
+        super("No enough permissions to access map. Id: " + mapId + ", User: " + user, Severity.FATAL);
     }
 
     @NotNull

wise-webapp/src/main/java/com/wisemapping/exceptions/ClientException.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.exceptions;
 
 import org.jetbrains.annotations.NotNull;

wise-webapp/src/main/java/com/wisemapping/exceptions/EditionSessionExpiredException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/exceptions/EmailNotExistsException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java

@@ -0,0 +1,39 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+
+package com.wisemapping.exceptions;
+
+
+import org.springframework.lang.Nullable;
+
+import javax.validation.constraints.NotNull;
+
+public class InvalidEmailException
+        extends ClientException {
+    private static final String EMAIL_IS_INVALID = "INVALID_EMAIL_ADDRESS";
+
+    public InvalidEmailException(@NotNull String emails) {
+        super("Invalid email exception:" + emails, Severity.WARNING);
+    }
+
+    @NotNull
+    @Override
+    protected String getMsgBundleKey() {
+        return EMAIL_IS_INVALID;
+    }
+}

wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java

@@ -0,0 +1,56 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+
+package com.wisemapping.exceptions;
+
+
+import org.springframework.lang.Nullable;
+
+import javax.validation.constraints.NotNull;
+
+public class InvalidMindmapException
+        extends ClientException {
+    private static final String EMPTY_MINDMAP = "MINDMAP_EMPTY_ERROR";
+    private static final String INVALID_MINDMAP_FORMAT = "INVALID_MINDMAP_FORMAT";
+    private static final String TOO_BIG_MINDMAP = "TOO_BIG_MINDMAP";
+
+    private final String bundleKey;
+
+    private InvalidMindmapException(@NotNull String bundleKey, @Nullable String xmlDoc) {
+        super("Invalid mindmap format:" + xmlDoc, Severity.SEVERE);
+        this.bundleKey = bundleKey;
+    }
+
+    static public InvalidMindmapException emptyMindmap() {
+        return new InvalidMindmapException(EMPTY_MINDMAP, "<empty string>");
+    }
+
+    static public InvalidMindmapException invalidFormat(@Nullable String xmlDoc) {
+        return new InvalidMindmapException(INVALID_MINDMAP_FORMAT, xmlDoc);
+    }
+
+    static public InvalidMindmapException tooBigMindnap(int numberOfTopics) {
+        return new InvalidMindmapException(TOO_BIG_MINDMAP, "<too-big " + numberOfTopics + ">");
+    }
+
+    @NotNull
+    @Override
+    protected String getMsgBundleKey() {
+        return bundleKey;
+    }
+}

wise-webapp/src/main/java/com/wisemapping/exceptions/LabelCouldNotFoundException.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.exceptions;
 
 import org.jetbrains.annotations.NotNull;

wise-webapp/src/main/java/com/wisemapping/exceptions/LockException.java

@@ -1,32 +1,39 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.exceptions;
 
+import com.wisemapping.model.Mindmap;
+import com.wisemapping.model.User;
+import com.wisemapping.service.LockManager;
 import org.jetbrains.annotations.NotNull;
 
 
 public class LockException
-    extends ClientException
-{
+        extends ClientException {
     private static final String MSG_KEY = "MINDMAP_IS_LOCKED";
+
     public LockException(@NotNull String message) {
-        super(message,Severity.INFO);
+        super(message, Severity.INFO);
+    }
+
+    public static LockException createLockLost(@NotNull Mindmap mindmap, @NotNull User user, @NotNull LockManager manager) {
+        return new LockException("Lock can not be granted to " + user.getEmail() + ". The lock is assigned to " + manager.getLockInfo(mindmap));
     }
 
     @NotNull

wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/exceptions/MapNonPublicException.java

@@ -0,0 +1,37 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+
+package com.wisemapping.exceptions;
+
+import org.jetbrains.annotations.NotNull;
+
+public class MapNonPublicException
+        extends ClientException {
+    public static final String MSG_KEY = "ACCESS_HAS_BEEN_REVOKED";
+
+    public MapNonPublicException(@NotNull String msg) {
+        super(msg, Severity.FATAL);
+    }
+
+    @NotNull
+    @Override
+    protected String getMsgBundleKey() {
+        return MSG_KEY;
+    }
+
+}

wise-webapp/src/main/java/com/wisemapping/exceptions/MultipleSessionsOpenException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/exceptions/SessionExpiredException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/exceptions/Severity.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/exceptions/WiseMappingException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -48,7 +48,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
     @Value("${site.homepage}")
     private String siteHomepage;
 
-    @Value("${site.baseurl}")
+    @Value("${site.baseurl:http://localhost:8080}")
     private String siteUrl;
 
     @Value("${security.type}")

wise-webapp/src/main/java/com/wisemapping/filter/SupportedUserAgent.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.listener;
 
 
@@ -7,6 +24,7 @@ import com.wisemapping.model.User;
 import com.wisemapping.security.Utils;
 import com.wisemapping.service.LockManager;
 import com.wisemapping.service.MindmapService;
+import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.context.support.WebApplicationContextUtils;
@@ -16,6 +34,7 @@ import javax.servlet.http.HttpSessionEvent;
 import javax.servlet.http.HttpSessionListener;
 
 public class UnlockOnExpireListener implements HttpSessionListener {
+    private static final Logger logger = Logger.getLogger(UnlockOnExpireListener.class);
 
     @Override
     public void sessionCreated(@NotNull HttpSessionEvent event) {
@@ -28,16 +47,16 @@ public class UnlockOnExpireListener implements HttpSessionListener {
         final ServletContext servletContext = event.getSession().getServletContext();
         final WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
         final MindmapService mindmapService = (MindmapService) wc.getBean("mindmapService");
-        final LockManager lockManager = mindmapService.getLockManager();
 
+        final LockManager lockManager = mindmapService.getLockManager();
         final User user = Utils.getUser(false);
         if (user != null) {
-            try {
-                lockManager.unlockAll(user);
-            } catch (LockException e) {
-                e.printStackTrace();
-            } catch (AccessDeniedSecurityException e) {
-                e.printStackTrace();
+            synchronized (mindmapService.getLockManager()) {
+                try {
+                    lockManager.unlockAll(user);
+                } catch (LockException | AccessDeniedSecurityException e) {
+                    logger.error(e);
+                }
             }
         }
     }

wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -41,7 +41,7 @@ public final class Mailer {
 
     //~ Methods ..............................................................................................
 
-    public Mailer(@NotNull String siteEmail, @NotNull String supportEmail,@NotNull String errorReporterEmail) {
+    public Mailer(@NotNull String siteEmail, @NotNull String supportEmail, @NotNull String errorReporterEmail) {
         this.serverFromEmail = siteEmail;
         this.supportEmail = supportEmail;
         this.errorReporterEmail = errorReporterEmail;
@@ -51,7 +51,7 @@ public final class Mailer {
         return serverFromEmail;
     }
 
-    public void sendEmail(final String from, final String to, final String subject, final Map model,
+    public void sendEmail(final String from, final String to, final String subject, final Map<String, Object> model,
                           @NotNull final String templateMail) {
         final MimeMessagePreparator preparator =
                 new MimeMessagePreparator() {

wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -22,37 +22,36 @@ import com.wisemapping.filter.SupportedUserAgent;
 import com.wisemapping.model.Collaboration;
 import com.wisemapping.model.Mindmap;
 import com.wisemapping.model.User;
-import com.wisemapping.util.VelocityEngineUtils;
-import com.wisemapping.util.VelocityEngineWrapper;
-import org.apache.commons.io.IOUtils;
+import com.wisemapping.rest.model.RestLogItem;
 import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.context.support.ResourceBundleMessageSource;
 
 import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.io.UnsupportedEncodingException;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 final public class NotificationService {
     final private static Logger logger = Logger.getLogger(Mailer.class);
-    final private static String DEFAULT_WISE_URL = "http://localhost:8080/wisemapping";
-    private VelocityEngineWrapper velocityEngineWrapper;
+    private ResourceBundleMessageSource messageSource;
 
     @Autowired
     private Mailer mailer;
 
     private String baseUrl;
 
-    public NotificationService() {
-        NotifierFilter notificationFilter = new NotifierFilter();
-    }
-
     public void newCollaboration(@NotNull Collaboration collaboration, @NotNull Mindmap mindmap, @NotNull User user, @Nullable String message) {
+        final Locale locale = LocaleContextHolder.getLocale();
 
         try {
             // Sent collaboration email ...
@@ -62,12 +61,11 @@ final public class NotificationService {
             final String collabEmail = collaboration.getCollaborator().getEmail();
 
             // Build the subject ...
-            final String subject = "[WiseMapping] " + user.getFullName() + " has shared a mindmap with you";
+            final String subject = messageSource.getMessage("SHARE_MAP.EMAIL_SUBJECT", new Object[]{user.getFullName()}, locale);
 
             // Fill template properties ...
-            final Map<String, Object> model = new HashMap<String, Object>();
+            final Map<String, Object> model = new HashMap<>();
             model.put("mindmap", mindmap);
-            model.put("message", "message");
             model.put("ownerName", user.getFirstname());
             model.put("mapEditUrl", getBaseUrl() + "/c/maps/" + mindmap.getId() + "/edit");
             model.put("baseUrl", getBaseUrl());
@@ -83,50 +81,46 @@ final public class NotificationService {
     }
 
     public void resetPassword(@NotNull User user, @NotNull String temporalPassword) {
-        final String mailSubject = "[WiseMapping] Your new password";
-        final String messageTitle = "Your new password has been generated";
-        final String messageBody =
-                "<p>Someone, most likely you, requested a new password for your WiseMapping account. </p>\n" +
-                        "<p><strong>Here is your new password: " + temporalPassword + "</strong></p>\n" +
-                        "<p>You can login clicking <a href=\"" + getBaseUrl() + "/c/login\">here</a>. We strongly encourage you to change the password as soon as possible.</p>";
+        final Locale locale = LocaleContextHolder.getLocale();
+
+        final String mailSubject = messageSource.getMessage("CHANGE_PASSWORD.EMAIL_SUBJECT", null, locale);
+        final String messageTitle = messageSource.getMessage("CHANGE_PASSWORD.EMAIL_TITLE", null, locale);
+        final String messageBody = messageSource.getMessage("CHANGE_PASSWORD.EMAIL_BODY", new Object[]{temporalPassword, getBaseUrl()}, locale);
 
         sendTemplateMail(user, mailSubject, messageTitle, messageBody);
     }
 
-    private void logErrorMessage(final Map model,
-                                 @NotNull final String templateMail) {
-        final String messageBody = VelocityEngineUtils.mergeTemplateIntoString(velocityEngineWrapper.getVelocityEngine(), "/mail/" + templateMail, model);
-        logger.error("Unexpected editor error => " + messageBody);
-    }
-
 
     public void passwordChanged(@NotNull User user) {
-        final String mailSubject = "[WiseMapping] Your password has been changed";
-        final String messageTitle = "Your password has been changed successfully";
-        final String messageBody =
-                "<p>This is only an notification that your password has been changed. No further action is required.</p>";
+        final Locale locale = LocaleContextHolder.getLocale();
+
+        final String mailSubject = messageSource.getMessage("PASSWORD_CHANGED.EMAIL_SUBJECT", null, locale);
+        final String messageTitle = messageSource.getMessage("PASSWORD_CHANGED.EMAIL_TITLE", null, locale);
+        final String messageBody = messageSource.getMessage("PASSWORD_CHANGED.EMAIL_BODY", null, locale);
 
         sendTemplateMail(user, mailSubject, messageTitle, messageBody);
     }
 
     public void newAccountCreated(@NotNull User user) {
-        final String mailSubject = "Welcome to WiseMapping !";
-        final String messageTitle = "Your account has been created successfully";
-        final String messageBody =
-                "<p> Thank you for your interest in WiseMapping.  Click <a href='https://app.wisemapping.com/c/login'>here</a> to start creating and sharing new mind maps. If have any feedback or idea, send us an email to <a href=\"mailto:feedback@wisemapping.com\">feedback@wisemapping.com</a> .We'd love to hear from  you.</p>";
+        final Locale locale = LocaleContextHolder.getLocale();
+
+        final String mailSubject = messageSource.getMessage("REGISTRATION.EMAIL_SUBJECT", null, locale);
+        final String messageTitle = messageSource.getMessage("REGISTRATION.EMAIL_TITLE", null, locale);
+        final String messageBody = messageSource.getMessage("REGISTRATION.EMAIL_BODY", null, locale);
         sendTemplateMail(user, mailSubject, messageTitle, messageBody);
     }
 
     private void sendTemplateMail(@NotNull User user, @NotNull String mailSubject, @NotNull String messageTitle, @NotNull String messageBody) {
 
         try {
-            final Map<String, Object> model = new HashMap<String, Object>();
+            final Map<String, Object> model = new HashMap<>();
             model.put("firstName", user.getFirstname());
             model.put("messageTitle", messageTitle);
             model.put("messageBody", messageBody);
             model.put("baseUrl", getBaseUrl());
             model.put("supportEmail", mailer.getSupportEmail());
 
+            logger.debug("Email properties->" + model);
             mailer.sendEmail(mailer.getServerSenderEmail(), user.getEmail(), mailSubject, model, "baseLayout.vm");
         } catch (Exception e) {
             handleException(e);
@@ -145,7 +139,7 @@ final public class NotificationService {
 
 
     public void activateAccount(@NotNull User user) {
-        final Map<String, User> model = new HashMap<String, User>();
+        final Map<String, Object> model = new HashMap<>();
         model.put("user", user);
         mailer.sendEmail(mailer.getServerSenderEmail(), user.getEmail(), "[WiseMapping] Active account", model, "activationAccountMail.vm");
     }
@@ -164,23 +158,24 @@ final public class NotificationService {
 //        }
     }
 
-    public void setVelocityEngineWrapper(VelocityEngineWrapper engine) {
-        this.velocityEngineWrapper = engine;
-    }
+    public void reportJavascriptException(@Nullable Mindmap mindmap, @Nullable User user, @NotNull RestLogItem errorItem, @NotNull HttpServletRequest request) {
 
-    public void reportJavascriptException(@Nullable Mindmap mindmap, @Nullable User user, @Nullable String jsErrorMsg, @NotNull HttpServletRequest request) {
+        final Map<String, String> summary = new HashMap<>();
+        summary.put("JS-MSG", errorItem.getJsErrorMsg());
+        summary.put("JS-STACK", errorItem.getJsStack());
 
-        final Map<String, String> model = new HashMap<>();
-        model.put("errorMsg", jsErrorMsg);
+        String mindmapXML = "";
         try {
-            model.put("mapXML", StringEscapeUtils.escapeXml(mindmap == null ? "map not found" : mindmap.getXmlStr()));
+            mindmapXML = StringEscapeUtils.escapeXml(mindmap == null ? "map not found" : mindmap.getXmlStr());
         } catch (UnsupportedEncodingException e) {
             // Ignore ...
         }
-        model.put("mapId", Integer.toString(mindmap.getId()));
-        model.put("mapTitle", mindmap.getTitle());
+        summary.put("mapId", Integer.toString(mindmap.getId()));
+        summary.put("mapTitle", mindmap.getTitle());
 
-        logError(model, user, request);
+        logError(summary, user, request);
+        logger.error("Unexpected editor mindmap => " + mindmapXML);
+        logger.error("Unexpected editor JS Stack => " + errorItem.getJsErrorMsg() + "-" + errorItem.getJsStack());
     }
 
     private void logError(@NotNull Map<String, String> model, @Nullable User user, @NotNull HttpServletRequest request) {
@@ -194,44 +189,45 @@ final public class NotificationService {
         model.put("method", request.getMethod());
         model.put("remoteAddress", request.getRemoteAddr());
 
-        logErrorMessage(model,
-                "errorNotification.vm");
+        String errorAsString = model.keySet().stream()
+                .map(key -> key + "=" + model.get(key))
+                .collect(Collectors.joining(", ", "{", "}"));
+
+        logger.error("Unexpected editor info => " + errorAsString);
     }
 
     public void reportJavaException(@NotNull Throwable exception, @Nullable User user, @NotNull HttpServletRequest request) {
-        final Map<String, String> model = new HashMap<String, String>();
+        final Map<String, String> model = new HashMap<>();
         model.put("errorMsg", stackTraceToString(exception));
 
         logError(model, user, request);
     }
 
     public String stackTraceToString(@NotNull Throwable e) {
-        String retValue;
-        StringWriter sw = null;
-        PrintWriter pw = null;
-        try {
-            sw = new StringWriter();
-            pw = new PrintWriter(sw);
+        String retValue = "";
+        StringWriter sw = new StringWriter();
+        PrintWriter pw = new PrintWriter(sw);
+        try (sw; pw) {
             e.printStackTrace(pw);
             retValue = sw.toString();
-        } finally {
-            IOUtils.closeQuietly(pw);
-            IOUtils.closeQuietly(sw);
+        } catch (IOException ioException) {
+            ioException.printStackTrace();
         }
         return retValue;
     }
 
     public String getBaseUrl() {
-        if ("${site.baseurl}".equals(baseUrl)) {
-            baseUrl = DEFAULT_WISE_URL;
-            System.err.println("Warning: site.baseurl has not being configured. Mail site references could be not properly sent. Using :" + baseUrl);
-        }
         return baseUrl;
     }
 
     public void setBaseUrl(String baseUrl) {
         this.baseUrl = baseUrl;
     }
+
+    public void setMessageSource(ResourceBundleMessageSource messageSource) {
+        this.messageSource = messageSource;
+    }
+
 }
 
 

wise-webapp/src/main/java/com/wisemapping/mail/NotifierFilter.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.mail;
 
 import org.jetbrains.annotations.NotNull;

wise-webapp/src/main/java/com/wisemapping/mail/NotifyingExceptionResolver.java

@@ -1,43 +0,0 @@
-package com.wisemapping.mail;
-
-import com.wisemapping.model.User;
-import com.wisemapping.security.Utils;
-import org.apache.log4j.Logger;
-import org.jetbrains.annotations.NotNull;
-import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.HashSet;
-import java.util.Set;
-
-public class NotifyingExceptionResolver extends SimpleMappingExceptionResolver {
-
-    final private Logger logger = Logger.getLogger(NotifyingExceptionResolver.class);
-    private Set<String> exclude = new HashSet<String>();
-    private NotificationService notificationService;
-
-    @Override
-    protected ModelAndView doResolveException(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
-        if (!exclude.contains(ex.getClass().getName())) {
-            logger.error("An Exception has occurred in the application", ex);
-            sendNotification(ex, request);
-        }
-
-        return super.doResolveException(request, response, handler, ex);
-    }
-
-    private void sendNotification(@NotNull Exception ex, @NotNull HttpServletRequest request) {
-        final User user = Utils.getUser(false);
-        notificationService.reportJavaException(ex, user, request);
-    }
-
-    public void setExclude(final Set<String> exclude) {
-        this.exclude = exclude;
-    }
-
-    public void setNotificationService(NotificationService notificationService) {
-        this.notificationService = notificationService;
-    }
-}

wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/AuthenticationType.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.model;
 
 

wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java

@@ -1,24 +1,27 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.model;
 
 
+import org.hibernate.annotations.OnDelete;
+import org.hibernate.annotations.OnDeleteAction;
+
 import javax.persistence.*;
 import javax.validation.constraints.NotNull;
 import java.io.Serializable;
@@ -29,22 +32,23 @@ public class Collaboration implements Serializable {
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
-    private int id;;
+    private int id;
+    ;
 
-    @Column(name = "role_id",unique = true,nullable = true)
+    @Column(name = "role_id", unique = true)
     private CollaborationRole role;
 
     @ManyToOne
-    @JoinColumn(name="mindmap_id",nullable = false)
+    @JoinColumn(name = "mindmap_id", nullable = false)
     private Mindmap mindMap;
 
     @ManyToOne(fetch = FetchType.LAZY)
-    @JoinColumn(name="colaborator_id",nullable = false)
+    @JoinColumn(name = "colaborator_id", nullable = false)
     private Collaborator collaborator;
 
     @ManyToOne(cascade = CascadeType.ALL)
-    @JoinColumn(name="properties_id",nullable = false, unique = true)
-    private CollaborationProperties collaborationProperties =  new CollaborationProperties();;
+    @JoinColumn(name = "properties_id", nullable = false, unique = true)
+    private CollaborationProperties collaborationProperties = new CollaborationProperties();
 
     public Collaboration() {
     }
@@ -129,10 +133,9 @@ public class Collaboration implements Serializable {
 
     @Override
     public int hashCode() {
-        int result = (int) (id ^ (id >>> 32));
+        int result = id ^ (id >>> 32);
         result = 31 * result + (role != null ? role.hashCode() : 0);
         result = 31 * result + (mindMap != null ? mindMap.hashCode() : 0);
-        result = 31 * result + (collaborator != null ? collaborator.hashCode() : 0);
         return result;
     }
 }

wise-webapp/src/main/java/com/wisemapping/model/CollaborationEmail.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/CollaborationRole.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/Constants.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/Label.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.model;
 
 

wise-webapp/src/main/java/com/wisemapping/model/MindMapCriteria.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -19,9 +19,12 @@
 package com.wisemapping.model;
 
 import com.wisemapping.exceptions.AccessDeniedSecurityException;
+import com.wisemapping.exceptions.InvalidMindmapException;
 import com.wisemapping.exceptions.WiseMappingException;
 import com.wisemapping.util.ZipUtils;
 import org.apache.commons.lang.StringEscapeUtils;
+import org.hibernate.annotations.NotFound;
+import org.hibernate.annotations.NotFoundAction;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
@@ -34,12 +37,12 @@ import java.util.*;
 
 @Entity
 @Table(name = "MINDMAP")
-public class Mindmap implements Serializable  {
+public class Mindmap implements Serializable {
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private int id;
-    
+
     @Column(name = "creation_date")
     private Calendar creationTime;
 
@@ -52,6 +55,7 @@ public class Mindmap implements Serializable  {
 
     @ManyToOne(fetch = FetchType.LAZY)
     @JoinColumn(name = "last_editor_id", nullable = false)
+    @NotFound(action = NotFoundAction.IGNORE)
     private User lastEditor;
 
     private String description;
@@ -59,7 +63,7 @@ public class Mindmap implements Serializable  {
     @Column(name = "public")
     private boolean isPublic;
 
-    @OneToMany(mappedBy="mindMap",orphanRemoval = true, cascade = {CascadeType.ALL})
+    @OneToMany(mappedBy = "mindMap", orphanRemoval = true, cascade = {CascadeType.ALL})
     private Set<Collaboration> collaborations = new HashSet<>();
 
     @ManyToMany(cascade = CascadeType.ALL)
@@ -91,7 +95,9 @@ public class Mindmap implements Serializable  {
         }
     }
 
-    public void setXmlStr(@NotNull String xml) {
+    public void setXmlStr(@NotNull String xml) throws InvalidMindmapException {
+        // Is a valid mindmap ... ?
+        MindmapUtils.verifyMindmap(xml);
         this.setUnzipXml(xml.getBytes(StandardCharsets.UTF_8));
     }
 
@@ -155,7 +161,7 @@ public class Mindmap implements Serializable  {
     public Optional<Collaboration> findCollaboration(@NotNull Collaborator collaborator) {
         return this.collaborations
                 .stream()
-                .filter(c->c.getCollaborator().identityEquality(collaborator))
+                .filter(c -> c.getCollaborator().identityEquality(collaborator))
                 .findAny();
     }
 

wise-webapp/src/main/java/com/wisemapping/model/MindmapUtils.java

@@ -0,0 +1,51 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+package com.wisemapping.model;
+
+
+import com.wisemapping.exceptions.InvalidMindmapException;
+import org.jetbrains.annotations.Nullable;
+
+abstract public class MindmapUtils {
+
+    private static final int MAX_SUPPORTED_NODES = 4000;
+
+    public static void verifyMindmap(@Nullable String xmlDoc) throws InvalidMindmapException {
+        if (xmlDoc == null || xmlDoc.trim().isEmpty()) {
+            // Perform basic structure validation. Must have a map node and
+            throw InvalidMindmapException.emptyMindmap();
+        }
+
+        // Perform basic structure validation without parsing the XML.
+        if (!xmlDoc.trim().endsWith("</map>") || !xmlDoc.trim().startsWith("<map")) {
+            throw InvalidMindmapException.invalidFormat(xmlDoc);
+        }
+
+        int numberOfTopics = xmlDoc.split("<topic").length;
+        // Any valid map must contain at least a central topic ...
+        if (numberOfTopics == 0) {
+            throw InvalidMindmapException.invalidFormat(xmlDoc);
+        }
+
+        // Validate that the number of nodes is not bigger 5000 nodes.
+        if (numberOfTopics > MAX_SUPPORTED_NODES) {
+            throw InvalidMindmapException.tooBigMindnap(numberOfTopics);
+        }
+
+    }
+}

wise-webapp/src/main/java/com/wisemapping/model/User.java

@@ -1,20 +1,20 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.model;
 
@@ -29,7 +29,7 @@ import java.util.Set;
 
 @Entity
 @Table(name = "USER")
-@PrimaryKeyJoinColumn(name="colaborator_id")
+@PrimaryKeyJoinColumn(name = "colaborator_id")
 public class User
         extends Collaborator
         implements Serializable {
@@ -48,10 +48,10 @@ public class User
     @Column(name = "allow_send_email")
     private boolean allowSendEmail = false;
 
-    @Column(name="authentication_type")
+    @Column(name = "authentication_type")
     private Character authenticationTypeCode = AuthenticationType.DATABASE.getCode();
 
-    @Column(name="authenticator_uri")
+    @Column(name = "authenticator_uri")
     private String authenticatorUri;
 
     @ElementCollection
@@ -93,6 +93,7 @@ public class User
     public String getPassword() {
         return password;
     }
+
     public void setPassword(String password) {
         this.password = password;
     }
@@ -143,14 +144,14 @@ public class User
     }
 
     public AuthenticationType getAuthenticationType() {
-        return authenticationTypeCode!=null ? AuthenticationType.valueOf(authenticationTypeCode):AuthenticationType.DATABASE;
+        return authenticationTypeCode != null ? AuthenticationType.valueOf(authenticationTypeCode) : AuthenticationType.DATABASE;
     }
 
     public void setAuthenticationType(@NotNull AuthenticationType authenticationType) {
         this.authenticationTypeCode = authenticationType.getCode();
     }
 
-    public boolean isDatabaseSchema(){
+    public boolean isDatabaseSchema() {
         return this.getAuthenticationType() == AuthenticationType.DATABASE;
     }
 
@@ -162,5 +163,11 @@ public class User
         this.authenticatorUri = authenticatorUri;
     }
 
-
+    @Override
+    public String toString() {
+        return "User{" +
+                "firstname='" + firstname + '\'' +
+                ", lastname='" + lastname + '\'' +
+                "', email = '" + this.getEmail() + "}";
+    }
 }

wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -55,8 +55,6 @@ public class AccountController extends BaseController {
     @Autowired
     private NotificationService notificationService;
 
-    final Logger logger = Logger.getLogger(AccountController.class);
-
 
     @RequestMapping(method = RequestMethod.PUT, value = "account/password", consumes = {"text/plain"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
@@ -126,15 +124,4 @@ public class AccountController extends BaseController {
         }
         userService.removeUser(user);
     }
-
-
-    @RequestMapping(method = RequestMethod.POST, value = "/logger/editor", consumes = {"application/xml", "application/json"}, produces = {"application/json", "text/html", "application/xml"})
-    @ResponseStatus(value = HttpStatus.NO_CONTENT)
-    public void logError(@RequestBody RestLogItem item, @NotNull HttpServletRequest request) {
-        final Mindmap mindmap = mindmapService.findMindmapById(item.getMapId());
-        final User user = Utils.getUser();
-        logger.error("Unexpected editor error - " + item.getJsErrorMsg());
-        notificationService.reportJavascriptException(mindmap, user, item.getJsErrorMsg() + "\n" + item.getJsStack(), request);
-    }
-
 }

wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -138,77 +138,4 @@ public class AdminController extends BaseController {
 
         userService.removeUser(user);
     }
-
-    @ResponseStatus(value = HttpStatus.NO_CONTENT)
-    @RequestMapping(method = RequestMethod.GET, value = "admin/database/purge")
-    public void purgeDB(@RequestParam(required = true) Integer minUid, @RequestParam(required = true) Integer maxUid, @RequestParam(required = true) Boolean apply) throws WiseMappingException, UnsupportedEncodingException {
-
-        for (int i = minUid; i < maxUid; i++) {
-
-            try {
-                System.out.println("Looking for user:" + i);
-                final User user = userService.getUserBy(i);
-                if (user != null) {
-                    // Do not process admin accounts ...
-                    if (user.getEmail().contains("wisemapping")) {
-                        continue;
-                    }
-                    // Iterate over the list of maps ...
-                    final List<Collaboration> collaborations = mindmapService.findCollaborations(user);
-                    for (Collaboration collaboration : collaborations) {
-                        final Mindmap mindmap = collaboration.getMindMap();
-                        if (MindmapFilter.MY_MAPS.accept(mindmap, user)) {
-
-                            final Calendar yearAgo = Calendar.getInstance();
-                            yearAgo.add(Calendar.MONTH, -4);
-
-                            // The use has only two maps... When they have been modified ..
-                            System.out.println("Checking map id:" + mindmap.getId());
-                            if (mindmap.getLastModificationTime().before(yearAgo) && !mindmap.isPublic()) {
-                                System.out.println("Old map months map:" + mindmap.getId());
-
-                                if (isWelcomeMap(mindmap) || isSimpleMap(mindmap)) {
-                                    System.out.println("Purged map id:" + mindmap.getId() + ", userId:" + user.getId());
-                                    if (apply) {
-                                        mindmapService.removeMindmap(mindmap, user);
-                                    }
-                                }
-                            }
-
-                            // Purge history ...
-                            mindmapService.purgeHistory(mindmap.getId());
-                        }
-                    }
-                }
-            } catch (UnsupportedEncodingException e) {
-                e.printStackTrace();  //To change body of catch statement use File | Settings | File Templates.
-            } catch (WiseMappingException e) {
-                e.printStackTrace();  //To change body of catch statement use File | Settings | File Templates.
-            } catch (RuntimeException e) {
-                e.printStackTrace();  //To change body of catch statement use File | Settings | File Templates.
-            } catch (IOException e) {
-                e.printStackTrace();  //To change body of catch statement use File | Settings | File Templates.
-            }
-        }
-    }
-
-    @ResponseStatus(value = HttpStatus.NO_CONTENT)
-    @RequestMapping(method = RequestMethod.GET, value = "admin/database/purge/history")
-    public void purgeHistory(@RequestParam(required = true) Integer mapId) throws WiseMappingException, IOException {
-
-        mindmapService.purgeHistory(mapId);
-    }
-
-    private boolean isWelcomeMap(@NotNull Mindmap mindmap) throws UnsupportedEncodingException {
-        // Is welcome map ?
-        final String xmlStr = mindmap.getXmlStr();
-        boolean oldWelcomeMap = xmlStr.contains("Welcome to WiseMapping") && xmlStr.contains("My Wisemaps");
-        return oldWelcomeMap;
-    }
-
-    public boolean isSimpleMap(@NotNull Mindmap mindmap) throws UnsupportedEncodingException {
-        String xmlStr = mindmap.getXmlStr();
-        String[] topics = xmlStr.split(Pattern.quote("<topic"));
-        return topics.length <= 3;
-    }
 }

wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2011] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -15,7 +15,6 @@
  *   See the License for the specific language governing permissions and
  *   limitations under the License.
  */
-
 package com.wisemapping.rest;
 
 import com.wisemapping.exceptions.ClientException;

wise-webapp/src/main/java/com/wisemapping/rest/DebugMappingJacksonHttpMessageConverter.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/JsonHttpMessageNotReadableException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.rest;
 
 import com.wisemapping.exceptions.LabelCouldNotFoundException;

wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -18,20 +18,19 @@
 
 package com.wisemapping.rest;
 
-import com.wisemapping.exceptions.LabelCouldNotFoundException;
-import com.wisemapping.exceptions.MapCouldNotFoundException;
-import com.wisemapping.exceptions.SessionExpiredException;
-import com.wisemapping.exceptions.WiseMappingException;
+import com.wisemapping.exceptions.*;
 import com.wisemapping.model.*;
 import com.wisemapping.rest.model.*;
 import com.wisemapping.security.Utils;
 import com.wisemapping.service.*;
 import com.wisemapping.validator.MapInfoValidator;
+import org.apache.commons.validator.routines.EmailValidator;
 import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Controller;
 import org.springframework.validation.BeanPropertyBindingResult;
 import org.springframework.validation.BindingResult;
@@ -42,6 +41,7 @@ import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.util.*;
 import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 
 @Controller
@@ -110,8 +110,8 @@ public class MindmapController extends BaseController {
     }
 
     @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/document", consumes = {"application/xml", "application/json"}, produces = {"application/json", "application/xml"})
-    @ResponseBody
-    public Long updateDocument(@RequestBody RestMindmap restMindmap, @PathVariable int id, @RequestParam(required = false) boolean minor, @RequestParam(required = false) Long timestamp, @RequestParam(required = false) Long session) throws WiseMappingException, IOException {
+    @ResponseStatus(value = HttpStatus.NO_CONTENT)
+    public void updateDocument(@RequestBody RestMindmap restMindmap, @PathVariable int id, @RequestParam(required = false) boolean minor) throws WiseMappingException, IOException {
 
         final Mindmap mindmap = findMindmapById(id);
         final User user = Utils.getUser();
@@ -122,33 +122,20 @@ public class MindmapController extends BaseController {
             throw new IllegalArgumentException("Map properties can not be null");
         }
 
-        // Could the map be updated ?
-        if (session != null) {
-            verifyLock(mindmap, user, session, timestamp);
-        }
+        // Have permissions ?
+        final LockManager lockManager = mindmapService.getLockManager();
+        lockManager.lock(mindmap, user);
 
         // Update collaboration properties ...
         final CollaborationProperties collaborationProperties = mindmap.findCollaborationProperties(user);
         collaborationProperties.setMindmapProperties(properties);
 
         // Validate content ...
-        String xml = restMindmap.getXml();
-        if (xml == null) {
-            throw new IllegalArgumentException("Map xml can not be null");
-        }
+        final String xml = restMindmap.getXml();
         mindmap.setXmlStr(xml);
 
         // Update map ...
         saveMindmapDocument(minor, mindmap, user);
-
-        // Update edition timeout ...
-        final LockManager lockManager = mindmapService.getLockManager();
-        long result = -1;
-        if (session != null) {
-            final LockInfo lockInfo = lockManager.updateExpirationTimeout(mindmap, user);
-            result = lockInfo.getTimestamp();
-        }
-        return result;
     }
 
     @RequestMapping(method = RequestMethod.GET, value = {"/maps/{id}/document/xml", "/maps/{id}/document/xml-pub"}, consumes = {"text/plain"}, produces = {"application/xml; charset=UTF-8"})
@@ -163,14 +150,10 @@ public class MindmapController extends BaseController {
     @RequestMapping(method = RequestMethod.PUT, value = {"/maps/{id}/document/xml"}, consumes = {"text/plain"})
     @ResponseBody
     public void updateDocument(@PathVariable int id, @RequestBody String xmlDoc) throws WiseMappingException, IOException {
-
         final Mindmap mindmap = findMindmapById(id);
         final User user = Utils.getUser();
-        if (xmlDoc != null && !xmlDoc.isEmpty()) {
-            mindmap.setXmlStr(xmlDoc);
-        }
-
         mindmap.setXmlStr(xmlDoc);
+
         saveMindmapDocument(false, mindmap, user);
     }
 
@@ -182,36 +165,6 @@ public class MindmapController extends BaseController {
         return mindmapHistory.getUnzipXml();
     }
 
-    private void verifyLock(@NotNull Mindmap mindmap, @NotNull User user, long session, long timestamp) throws WiseMappingException {
-
-        // The lock was lost, reclaim as the ownership of it.
-        final LockManager lockManager = mindmapService.getLockManager();
-        final boolean lockLost = lockManager.isLocked(mindmap);
-        if (!lockLost) {
-            lockManager.lock(mindmap, user, session);
-        }
-
-        final LockInfo lockInfo = lockManager.getLockInfo(mindmap);
-        if (lockInfo.getUser().identityEquality(user)) {
-            long savedTimestamp = mindmap.getLastModificationTime().getTimeInMillis();
-            final boolean outdated = savedTimestamp > timestamp;
-
-            if (lockInfo.getSession() == session) {
-                // Timestamp might not be returned to the client. This try to cover this case, ignoring the client timestamp check.
-                final User lastEditor = mindmap.getLastEditor();
-                boolean editedBySameUser = lastEditor == null || user.identityEquality(lastEditor);
-                if (outdated && !editedBySameUser) {
-                    throw new SessionExpiredException("Map has been updated by " + (lastEditor.getEmail()) + ",Timestamp:" + timestamp + "," + savedTimestamp + ", User:" + lastEditor.getId() + ":" + user.getId() + ",Mail:'" + lastEditor.getEmail() + "':'" + user.getEmail(), lastEditor);
-                }
-            } else if (outdated) {
-                logger.warn("Sessions:" + session + ":" + lockInfo.getSession() + ",Timestamp: " + timestamp + ": " + savedTimestamp);
-                // @Todo: Temporally disabled to unblock save action. More research needed.
-//                throw new MultipleSessionsOpenException("Sessions:" + session + ":" + lockInfo.getSession() + ",Timestamp: " + timestamp + ": " + savedTimestamp);
-            }
-        } else {
-            throw new SessionExpiredException("Different Users.", lockInfo.getUser());
-        }
-    }
 
     /**
      * The intention of this method is the update of several properties at once ...
@@ -255,8 +208,15 @@ public class MindmapController extends BaseController {
     }
 
     @NotNull
-    private Mindmap findMindmapById(int id) throws MapCouldNotFoundException {
-        Mindmap result = mindmapService.findMindmapById(id);
+    private Mindmap findMindmapById(int id) throws MapCouldNotFoundException, AccessDeniedSecurityException {
+        // Has enough permissions ?
+        final User user = Utils.getUser();
+        if (!mindmapService.hasPermissions(user, id, CollaborationRole.VIEWER)) {
+            throw new AccessDeniedSecurityException(id, user);
+        }
+
+        // Does the map exists ?
+        final Mindmap result = mindmapService.findMindmapById(id);
         if (result == null) {
             throw new MapCouldNotFoundException("Map could not be found. Id:" + id);
         }
@@ -272,7 +232,6 @@ public class MindmapController extends BaseController {
 
         // Is there a map with the same name ?
         if (mindmapService.getMindmapByTitle(title, user) != null) {
-
             throw buildValidationException("title", "You already have a mindmap with this title");
         }
 
@@ -284,7 +243,7 @@ public class MindmapController extends BaseController {
 
     @RequestMapping(method = RequestMethod.POST, value = "/maps/{id}/collabs/", consumes = {"application/json", "application/xml"}, produces = {"application/json", "application/xml"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
-    public void updateCollabs(@PathVariable int id, @NotNull @RequestBody RestCollaborationList restCollabs) throws CollaborationException, MapCouldNotFoundException {
+    public void updateCollabs(@PathVariable int id, @NotNull @RequestBody RestCollaborationList restCollabs) throws CollaborationException, MapCouldNotFoundException, AccessDeniedSecurityException, InvalidEmailException {
         final Mindmap mindMap = findMindmapById(id);
 
         // Only owner can change collaborators...
@@ -296,14 +255,21 @@ public class MindmapController extends BaseController {
         // Compare one by one if some of the elements has been changed ....
         final Set<Collaboration> collabsToRemove = new HashSet<>(mindMap.getCollaborations());
         for (RestCollaboration restCollab : restCollabs.getCollaborations()) {
-            final Collaboration collaboration = mindMap.findCollaboration(restCollab.getEmail());
+            final String email = restCollab.getEmail();
+
+            // Is a valid email address ?
+            if (!EmailValidator.getInstance().isValid(email)) {
+                throw new InvalidEmailException(email);
+            }
+
+            final Collaboration collaboration = mindMap.findCollaboration(email);
             // Validate role format ...
             String roleStr = restCollab.getRole();
             if (roleStr == null) {
                 throw new IllegalArgumentException(roleStr + " is not a valid role");
             }
 
-            // Remove from the list of pendings to remove ...
+            // Remove from the list of pending to remove ...
             if (collaboration != null) {
                 collabsToRemove.remove(collaboration);
             }
@@ -324,13 +290,25 @@ public class MindmapController extends BaseController {
 
     @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/collabs/", consumes = {"application/json", "application/xml"}, produces = {"application/json", "application/xml"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
-    public void addCollab(@PathVariable int id, @NotNull @RequestBody RestCollaborationList restCollabs) throws CollaborationException, MapCouldNotFoundException {
+    public void addCollab(@PathVariable int id, @NotNull @RequestBody RestCollaborationList restCollabs) throws CollaborationException, MapCouldNotFoundException, AccessDeniedSecurityException, InvalidEmailException {
         final Mindmap mindMap = findMindmapById(id);
 
         // Only owner can change collaborators...
         final User user = Utils.getUser();
         if (!mindMap.hasPermissions(user, CollaborationRole.OWNER)) {
-            throw new IllegalArgumentException("No enough permissions");
+            throw new AccessDeniedSecurityException("User must be owner to share mindmap");
+        }
+
+        // Is valid email address ?
+        final EmailValidator emailValidator = EmailValidator.getInstance();
+        final Set<String> invalidEmails = restCollabs
+                .getCollaborations()
+                .stream()
+                .map(RestCollaboration::getEmail)
+                .filter(e -> !emailValidator.isValid(e)).collect(Collectors.toSet());
+
+        if (!invalidEmails.isEmpty()) {
+            throw new InvalidEmailException(String.join(", ", invalidEmails));
         }
 
         // Has any role changed ?. Just removed it.
@@ -374,7 +352,7 @@ public class MindmapController extends BaseController {
 
 
     @RequestMapping(method = RequestMethod.GET, value = "/maps/{id}/collabs", produces = {"application/json", "application/xml"})
-    public RestCollaborationList retrieveList(@PathVariable int id) throws MapCouldNotFoundException {
+    public RestCollaborationList retrieveList(@PathVariable int id) throws MapCouldNotFoundException, AccessDeniedSecurityException {
         final Mindmap mindMap = findMindmapById(id);
 
         final Set<Collaboration> collaborations = mindMap.getCollaborations();
@@ -392,14 +370,9 @@ public class MindmapController extends BaseController {
     @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/description", consumes = {"text/plain"}, produces = {"application/json", "application/xml"})
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void updateDescription(@RequestBody String description, @PathVariable int id) throws WiseMappingException {
-
-        final Mindmap mindMap = findMindmapById(id);
-        final User user = Utils.getUser();
-
-        // Update map ...
         final Mindmap mindmap = findMindmapById(id);
         mindmap.setDescription(description);
-        mindmapService.updateMindmap(mindMap, false);
+        mindmapService.updateMindmap(mindmap, false);
     }
 
     @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/publish", consumes = {"text/plain"}, produces = {"application/json", "application/xml"})
@@ -432,6 +405,12 @@ public class MindmapController extends BaseController {
     public void deleteCollabByEmail(@PathVariable int id, @RequestParam(required = false) String email) throws IOException, WiseMappingException {
         logger.debug("Deleting permission for email:" + email);
 
+        // Is a valid email address ?
+        final EmailValidator emailValidator = EmailValidator.getInstance();
+        if (!emailValidator.isValid(email)) {
+            throw new InvalidEmailException(email);
+        }
+
         final Mindmap mindmap = findMindmapById(id);
         final User user = Utils.getUser();
 
@@ -470,21 +449,6 @@ public class MindmapController extends BaseController {
         mindmapService.updateCollaboration(user, collaboration.get());
     }
 
-    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/lock", consumes = {"text/plain"}, produces = {"application/json", "application/xml"})
-    @ResponseStatus(value = HttpStatus.NO_CONTENT)
-    public void updateMapLock(@RequestBody String value, @PathVariable int id) throws IOException, WiseMappingException {
-        final User user = Utils.getUser();
-        final LockManager lockManager = mindmapService.getLockManager();
-        final Mindmap mindmap = findMindmapById(id);
-
-        final boolean lock = Boolean.parseBoolean(value);
-        if (!lock) {
-            lockManager.unlock(mindmap, user);
-        } else {
-            throw new UnsupportedOperationException("REST lock must be implemented.");
-        }
-    }
-
     @RequestMapping(method = RequestMethod.DELETE, value = "/maps/batch")
     @ResponseStatus(value = HttpStatus.NO_CONTENT)
     public void batchDelete(@RequestParam() String ids) throws IOException, WiseMappingException {
@@ -495,6 +459,7 @@ public class MindmapController extends BaseController {
             mindmapService.removeMindmap(mindmap, user);
         }
     }
+
     @RequestMapping(method = RequestMethod.POST, value = "/maps", consumes = {"application/xml", "application/json"})
     @ResponseStatus(value = HttpStatus.CREATED)
     public void createMap(@RequestBody(required = false) String mapXml, @NotNull HttpServletResponse response, @RequestParam(required = false) String title, @RequestParam(required = false) String description) throws IOException, WiseMappingException {
@@ -506,7 +471,7 @@ public class MindmapController extends BaseController {
 
         if (description != null && !description.isEmpty()) {
             mindmap.setDescription(description);
-        }else {
+        } else {
             mindmap.setDescription("description");
         }
 
@@ -524,7 +489,7 @@ public class MindmapController extends BaseController {
         mindmap.setXmlStr(mapXml);
 
         // Add new mindmap ...
-        final User user = Utils.getUser();
+        final User user = Utils.getUser(true);
         mindmapService.addMindmap(mindmap, user);
 
         // Return the new created map ...
@@ -600,4 +565,21 @@ public class MindmapController extends BaseController {
         mindmap.addLabel(label);
         mindmapService.updateMindmap(mindmap, false);
     }
+
+    @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/lock", consumes = {"text/plain"}, produces = {"application/json", "application/xml"})
+    public ResponseEntity<RestLockInfo> lockMindmap(@RequestBody String value, @PathVariable int id) throws WiseMappingException {
+        final User user = Utils.getUser();
+        final LockManager lockManager = mindmapService.getLockManager();
+        final Mindmap mindmap = findMindmapById(id);
+
+        ResponseEntity<RestLockInfo> result = new ResponseEntity<>(null, HttpStatus.NO_CONTENT);
+        if (Boolean.parseBoolean(value)) {
+            final LockInfo lockInfo = lockManager.lock(mindmap, user);
+            final RestLockInfo restLockInfo = new RestLockInfo(lockInfo, user);
+            result = new ResponseEntity<>(restLockInfo, HttpStatus.OK);
+        } else {
+            lockManager.unlock(mindmap, user);
+        }
+        return result;
+    }
 }

wise-webapp/src/main/java/com/wisemapping/rest/MindmapFilter.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/TransformerController.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/UserController.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -58,7 +58,7 @@ public class UserController extends BaseController {
     @RequestMapping(method = RequestMethod.POST, value = "/users", produces = {"application/json", "application/xml"})
     @ResponseStatus(value = HttpStatus.CREATED)
     public void registerUser(@RequestBody RestUserRegistration registration, @NotNull HttpServletRequest request, @NotNull HttpServletResponse response) throws WiseMappingException, BindException {
-        logger.info("Register new user:" + registration.getEmail());
+        logger.debug("Register new user:" + registration.getEmail());
 
         // If tomcat is behind a reverse proxy, ip needs to be found in other header.
         String remoteIp = request.getHeader(REAL_IP_ADDRESS_HEADER);

wise-webapp/src/main/java/com/wisemapping/rest/ValidationException.java

@@ -1,20 +1,20 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.rest;
 
@@ -23,11 +23,11 @@ import com.wisemapping.exceptions.WiseMappingException;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.validation.Errors;
 
-public class ValidationException extends WiseMappingException{
+public class ValidationException extends WiseMappingException {
     private final Errors errors;
 
     public ValidationException(@NotNull Errors errors) {
-        super("Validation Exceptions:"+errors);
+        super("Validation Exceptions:" + errors);
         this.errors = errors;
     }
 

wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaboration.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborationList.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestLockInfo.java

@@ -1,20 +1,20 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.rest.model;
 
@@ -22,6 +22,7 @@ package com.wisemapping.rest.model;
 import com.fasterxml.jackson.annotation.JsonAutoDetect;
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.wisemapping.model.Collaborator;
+import com.wisemapping.model.User;
 import com.wisemapping.service.LockInfo;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
@@ -39,48 +40,24 @@ import javax.xml.bind.annotation.XmlRootElement;
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class RestLockInfo {
 
-    @NotNull
-    final private Collaborator user;
-
-    @Nullable
-    final private LockInfo lockInfo;
+    private String email;
 
     // This is required only for compliance with the JAXB serializer.
-    public RestLockInfo(){
+    public RestLockInfo() {
 
-        this.lockInfo = null;
-        //noinspection ConstantConditions
-        this.user = null;
     }
 
-    public RestLockInfo(@Nullable LockInfo lockInfo, @NotNull Collaborator collaborator) {
-
-        this.lockInfo = lockInfo;
-        this.user = collaborator;
+    public RestLockInfo(@Nullable LockInfo lockInfo, @NotNull User user) {
+        this.email = user.getEmail();
     }
 
-    public boolean isLocked() {
-        return lockInfo != null;
+
+    public String getEmail() {
+        return email;
     }
 
-    public void setLocked(boolean locked) {
-        // Ignore ...
+    public void setEmail(String email) {
+        this.email = email;
     }
-
-    public boolean isLockedByMe() {
-        return isLocked() && lockInfo != null && lockInfo.getUser().identityEquality(user);
-    }
-
-    public void setLockedByMe(boolean lockedForMe) {
-        // Ignore ...
-    }
-
-    public long getTimestamp() {
-        return lockInfo != null ? lockInfo.getTimestamp() : -1;
-    }
-
-    public void setTimestamp(long value) {
-        //
-    }
-
 }
+

wise-webapp/src/main/java/com/wisemapping/rest/model/RestLogItem.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java

@@ -1,20 +1,20 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.rest.model;
 
@@ -22,9 +22,9 @@ package com.wisemapping.rest.model;
 import com.fasterxml.jackson.annotation.JsonAutoDetect;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.wisemapping.exceptions.InvalidMindmapException;
 import com.wisemapping.exceptions.WiseMappingException;
 import com.wisemapping.model.*;
-import com.wisemapping.security.Utils;
 import com.wisemapping.util.TimeUtils;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
@@ -34,10 +34,6 @@ import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlRootElement;
 import java.io.IOException;
 import java.util.Calendar;
-import java.util.LinkedHashSet;
-import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
 
 @XmlRootElement(name = "map")
 @XmlAccessorType(XmlAccessType.PROPERTY)
@@ -71,7 +67,7 @@ public class RestMindmap {
         }
     }
 
-    public void setCreationTime(final String creationTime){
+    public void setCreationTime(final String creationTime) {
         // Ignore
     }
 
@@ -154,10 +150,10 @@ public class RestMindmap {
         return mindmap.getXmlStr();
     }
 
-    public void setXml(@Nullable String xml) throws IOException {
-
-        if (xml != null)
+    public void setXml(@Nullable String xml) throws IOException, InvalidMindmapException {
+        if (xml != null) {
             mindmap.setXmlStr(xml);
+        }
     }
 
     public String getOwner() {

wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapHistory.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapHistoryList.java

@@ -1,5 +1,5 @@
 /**
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapInfo.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestUser.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/rest/model/RestUserRegistration.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/AuthenticationProvider.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.security;
 
 import org.springframework.security.core.Authentication;

wise-webapp/src/main/java/com/wisemapping/security/CSFRRequestMatcher.java

@@ -0,0 +1,44 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+package com.wisemapping.security;
+
+import org.springframework.security.web.util.matcher.RequestMatcher;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+
+public class CSFRRequestMatcher implements RequestMatcher {
+
+    private String prefix;
+    static String[] supportedMethods = {"POST", "PUT", "GET", "DELETE", "PATCH"};
+
+    @Override
+    public boolean matches(HttpServletRequest request) {
+        final String requestURI = request.getRequestURI();
+        return Arrays.stream(supportedMethods).anyMatch(p -> request.getMethod().toUpperCase().equals(p))
+                && requestURI.startsWith(prefix);
+    }
+
+    public String getPrefix() {
+        return prefix;
+    }
+
+    public void setPrefix(String prefix) {
+        this.prefix = prefix;
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/DefaultPasswordEncoderFactories.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.security;
 
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

wise-webapp/src/main/java/com/wisemapping/security/LegacyPasswordEncoder.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/UserDetails.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/Utils.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/aop/BaseSecurityAdvice.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/aop/UpdateSecurityAdvise.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/security/aop/ViewBaseSecurityAdvise.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/service/CollaborationException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -23,7 +23,6 @@ import javax.servlet.ServletContextListener;
 
 public class HibernateAppListener implements ServletContextListener {
 
-    /* Application Startup Event */
     public void	contextInitialized(ServletContextEvent ce) {
 
         try  {

wise-webapp/src/main/java/com/wisemapping/service/HibernateUtil.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/service/InvalidActivationCodeException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/service/InvalidAuthSchemaException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/service/InvalidUserEmailException.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/service/LabelService.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.service;
 
 import com.wisemapping.exceptions.WiseMappingException;

wise-webapp/src/main/java/com/wisemapping/service/LabelServiceImpl.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.service;
 
 import com.wisemapping.dao.LabelManager;

wise-webapp/src/main/java/com/wisemapping/service/LockInfo.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -27,16 +27,22 @@ import java.util.Calendar;
 public class LockInfo {
     final private User user;
     private Calendar timeout;
-    private long session;
     private static final int EXPIRATION_MIN = 30;
-    private long timestamp = -1;
-    private long previousTimestamp;
 
-    public LockInfo(@NotNull User user, @NotNull Mindmap mindmap, long session) {
+    public int getMapId() {
+        return mapId;
+    }
+
+    public void setMapId(int mapId) {
+        this.mapId = mapId;
+    }
+
+    private int mapId;
+
+    public LockInfo(@NotNull User user, @NotNull Mindmap mindmap) {
         this.user = user;
+        this.mapId = mindmap.getId();
         this.updateTimeout();
-        this.updateTimestamp(mindmap);
-        this.session = session;
     }
 
     public User getUser() {
@@ -54,24 +60,12 @@ public class LockInfo {
 
     }
 
-    public long getSession() {
-        return session;
-    }
-
-    public void setSession(long session) {
-        this.session = session;
-    }
-
-    public long getTimestamp() {
-        return timestamp;
-    }
-
-    public long getPreviousTimestamp() {
-        return previousTimestamp;
-    }
-
-    public void updateTimestamp(@NotNull Mindmap mindmap) {
-        this.previousTimestamp = this.timestamp;
-        this.timestamp = mindmap.getLastModificationTime().getTimeInMillis();
+    @Override
+    public String toString() {
+        return "LockInfo{" +
+                "user=" + user +
+                ", timeout=" + timeout +
+                ", mapId=" + mapId +
+                '}';
     }
 }

wise-webapp/src/main/java/com/wisemapping/service/LockManager.java

@@ -1,26 +1,26 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.service;
 
 import com.wisemapping.exceptions.AccessDeniedSecurityException;
 import com.wisemapping.exceptions.LockException;
-import com.wisemapping.exceptions.WiseMappingException;
+import com.wisemapping.exceptions.SessionExpiredException;
 import com.wisemapping.model.Mindmap;
 import com.wisemapping.model.User;
 import org.jetbrains.annotations.NotNull;
@@ -30,16 +30,14 @@ public interface LockManager {
 
     LockInfo getLockInfo(@NotNull Mindmap mindmap);
 
-    LockInfo updateExpirationTimeout(@NotNull Mindmap mindmap, @NotNull User user);
-
     void unlock(@NotNull Mindmap mindmap, @NotNull User user) throws LockException, AccessDeniedSecurityException;
 
     void unlockAll(@NotNull User user) throws LockException, AccessDeniedSecurityException;
 
-    boolean isLockedBy(@NotNull Mindmap mindmap, @NotNull User collaborator);
-
-    @NotNull
-    LockInfo lock(@NotNull Mindmap mindmap, @NotNull User user, long session) throws WiseMappingException;
+    boolean isLockedBy(@NotNull Mindmap mindmap, @NotNull User user);
 
     long generateSession();
+
+    @NotNull
+    LockInfo lock(@NotNull Mindmap mindmap, @NotNull User user) throws LockException;
 }

wise-webapp/src/main/java/com/wisemapping/service/LockManagerImpl.java

@@ -1,55 +1,39 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.service;
 
 import com.wisemapping.exceptions.AccessDeniedSecurityException;
 import com.wisemapping.exceptions.LockException;
-import com.wisemapping.exceptions.WiseMappingException;
 import com.wisemapping.model.CollaborationRole;
 import com.wisemapping.model.Mindmap;
 import com.wisemapping.model.User;
 import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
 
 import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 
-/*
-* Refresh page should not lost the lock.
-* En caso que no sea posible grabar por que se perdio el lock, usar mensaje de error para explicar el por que...
-* Mensaje  modal explicando que el mapa esta siendo editado, por eso no es posible edilarlo....
-* Internacionalizacion de los mensaje ...
-* Logout limpiar las sessiones ...
-*
-* Casos:
-*  - Usuario pierde el lock:
-*      - Y grabo con la misma sessions y el timestap ok.
-*      - Y grabo con la misma session y el timestap esta mal
- *     - Y grabo con distinta sessions
- *     -
-*  - Usuario pierde el lock, pero intenta grabar camio
-*/
-
 class LockManagerImpl implements LockManager {
-    public static final int ONE_MINUTE_MILLISECONDS = 1000 * 60;
-    final Map<Integer, LockInfo> lockInfoByMapId;
-    final static Timer expirationTimer = new Timer();
+    private static final int ONE_MINUTE_MILLISECONDS = 1000 * 60;
+    private final Map<Integer, LockInfo> lockInfoByMapId;
+    private final static Timer expirationTimer = new Timer();
     final private static Logger logger = Logger.getLogger(LockManagerImpl.class);
 
     @Override
@@ -62,23 +46,6 @@ class LockManagerImpl implements LockManager {
         return lockInfoByMapId.get(mindmap.getId());
     }
 
-    @Override
-    public LockInfo updateExpirationTimeout(@NotNull Mindmap mindmap, @NotNull User user) {
-        if (!this.isLocked(mindmap)) {
-            throw new IllegalStateException("Lock lost for map. No update possible.");
-        }
-
-        final LockInfo result = this.getLockInfo(mindmap);
-        if (!result.getUser().identityEquality(user)) {
-            throw new IllegalStateException("Could not update map lock timeout if you are not the locking user. User:" + result.getUser() + ", " + user);
-        }
-
-        result.updateTimeout();
-        result.updateTimestamp(mindmap);
-        logger.debug("Timeout updated for:" + mindmap.getId());
-        return result;
-    }
-
     @Override
     public void unlockAll(@NotNull final User user) throws LockException, AccessDeniedSecurityException {
         final Set<Integer> mapIds = lockInfoByMapId.keySet();
@@ -92,14 +59,7 @@ class LockManagerImpl implements LockManager {
 
     @Override
     public void unlock(@NotNull Mindmap mindmap, @NotNull User user) throws LockException, AccessDeniedSecurityException {
-        if (isLocked(mindmap) && !isLockedBy(mindmap, user)) {
-            throw new LockException("Lock can be only revoked by the locker.");
-        }
-
-        if (!mindmap.hasPermissions(user, CollaborationRole.EDITOR)) {
-            throw new AccessDeniedSecurityException("Invalid lock, this should not happen");
-        }
-
+        verifyHasLock(mindmap, user);
         this.unlock(mindmap.getId());
     }
 
@@ -124,53 +84,57 @@ class LockManagerImpl implements LockManager {
         return System.nanoTime();
     }
 
-    @Override
     @NotNull
-    public LockInfo lock(@NotNull Mindmap mindmap, @NotNull User user, long session) throws WiseMappingException {
+    @Override
+    public LockInfo lock(@NotNull Mindmap mindmap, @NotNull User user) throws LockException {
         if (isLocked(mindmap) && !isLockedBy(mindmap, user)) {
-            throw new LockException("Invalid lock, this should not happen");
-        }
-
-        if (!mindmap.hasPermissions(user, CollaborationRole.EDITOR)) {
-            throw new AccessDeniedSecurityException("Invalid lock, this should not happen");
+            throw LockException.createLockLost(mindmap, user, this);
         }
 
+        // Do I need to create a new lock ?
         LockInfo result = lockInfoByMapId.get(mindmap.getId());
-        if (result != null) {
-            // Update timeout only...
-            logger.debug("Update timestamp:" + mindmap.getId());
-            updateExpirationTimeout(mindmap, user);
-            // result.setSession(session);
-        } else {
-            logger.debug("Lock map id:" + mindmap.getId());
-            result = new LockInfo(user, mindmap, session);
+        if (result == null) {
+            logger.debug("Creating new lock for map id:" + mindmap.getId());
+            result = new LockInfo(user, mindmap);
             lockInfoByMapId.put(mindmap.getId(), result);
         }
+
+        // Update timestamp ...
+        logger.debug("Updating timeout:" + result);
+        result.updateTimeout();
+
         return result;
     }
 
+    private void verifyHasLock(@NotNull Mindmap mindmap, @NotNull User user) throws LockException, AccessDeniedSecurityException {
+        // Only editor can have lock ...
+        if (!mindmap.hasPermissions(user, CollaborationRole.EDITOR)) {
+            throw new AccessDeniedSecurityException(mindmap.getId(), user);
+        }
+
+        // Is the lock assigned to the user ...
+        if (isLocked(mindmap) && !isLockedBy(mindmap, user)) {
+            throw LockException.createLockLost(mindmap, user, this);
+        }
+    }
+
     public LockManagerImpl() {
-        lockInfoByMapId = new ConcurrentHashMap<Integer, LockInfo>();
+        lockInfoByMapId = new ConcurrentHashMap<>();
         expirationTimer.schedule(new TimerTask() {
             @Override
             public void run() {
 
-                logger.debug("Lock expiration scheduler started. Current locks:" + lockInfoByMapId.keySet());
-
-                final List<Integer> toRemove = new ArrayList<Integer>();
-                final Set<Integer> mapIds = lockInfoByMapId.keySet();
-                for (Integer mapId : mapIds) {
-                    final LockInfo lockInfo = lockInfoByMapId.get(mapId);
-                    if (lockInfo.isExpired()) {
-                        toRemove.add(mapId);
-                    }
+                synchronized (this) {
+                    logger.debug("Lock expiration scheduler started. Current locks:" + lockInfoByMapId.keySet());
+                    // Search for expired sessions and remove them ....
+                    lockInfoByMapId.
+                            keySet().
+                            stream().
+                            filter(mapId -> lockInfoByMapId.get(mapId).isExpired()).
+                            forEach(mapId -> unlock(mapId));
                 }
 
-                for (Integer mapId : toRemove) {
-                    unlock(mapId);
-                }
             }
         }, ONE_MINUTE_MILLISECONDS, ONE_MINUTE_MILLISECONDS);
     }
-
 }

wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -57,6 +57,8 @@ public interface MindmapService {
 
     boolean hasPermissions(@Nullable User user, int mapId, CollaborationRole allowedRole);
 
+    boolean isMindmapPublic(int mapId);
+
     void revertChange(@NotNull Mindmap map, int historyId) throws WiseMappingException, IOException;
 
     MindMapHistory findMindmapHistory(int id, int hid) throws WiseMappingException;

wise-webapp/src/main/java/com/wisemapping/service/MindmapServiceImpl.java

@@ -1,20 +1,20 @@
 /*
-*    Copyright [2015] [wisemapping]
-*
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
-*
-*       http://www.wisemapping.org/license
-*
-*   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
-*   limitations under the License.
-*/
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 
 package com.wisemapping.service;
 
@@ -62,6 +62,12 @@ public class MindmapServiceImpl
         return hasPermissions(user, map, grantedRole);
     }
 
+    @Override
+    public boolean isMindmapPublic(int mapId) {
+        final Mindmap map = mindmapManager.getMindmapById(mapId);
+        return map != null && map.isPublic();
+    }
+
     @Override
     public boolean hasPermissions(@Nullable User user, @Nullable Mindmap map, @NotNull CollaborationRole role) {
         boolean result = false;
@@ -70,7 +76,7 @@ public class MindmapServiceImpl
                 result = true;
             } else if (user != null) {
                 final Optional<Collaboration> collaboration = map.findCollaboration(user);
-                if (collaboration .isPresent()) {
+                if (collaboration.isPresent()) {
                     result = collaboration
                             .get()
                             .hasPermissions(role);
@@ -156,7 +162,7 @@ public class MindmapServiceImpl
 
     @Override
     public void removeMindmap(@NotNull Mindmap mindmap, @NotNull User user) throws WiseMappingException {
-        if (mindmap.getCreator().identityEquality(user) || isAdmin(user)) {
+        if (mindmap.getCreator().identityEquality(user)) {
             mindmapManager.removeMindmap(mindmap);
         } else {
             final Optional<Collaboration> collaboration = mindmap.findCollaboration(user);

wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java

@@ -1,6 +1,24 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.service;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.wisemapping.validator.Messages;
 import org.apache.commons.lang.StringUtils;
 import org.apache.http.NameValuePair;
 import org.apache.http.client.fluent.Form;
@@ -22,6 +40,8 @@ public class RecaptchaService {
             "https://www.google.com/recaptcha/api/siteverify";
 
     private final static ObjectMapper objectMapper = new ObjectMapper();
+    public static final String CATCH_ERROR_CODE_TIMEOUT_OR_DUPLICATE = "timeout-or-duplicate";
+    public static final String CATCHA_ERROR_CODE_INPUT_RESPONSE = "invalid-input-response";
     private String recaptchaSecret;
 
     @Nullable
@@ -48,12 +68,21 @@ public class RecaptchaService {
                     .asBytes();
 
             final Map responseBody = objectMapper.readValue(body, HashMap.class);
-            logger.warn("Response from recaptcha after parse: " + responseBody);
+            logger.debug("Response from recaptcha after parse: " + responseBody);
 
             final Boolean success = (Boolean) responseBody.get("success");
-            if (success!=null && !success) {
+            if (success != null && !success) {
                 final List<String> errorCodes = (List<String>) responseBody.get("error-codes");
-                result = RecaptchaUtil.codeToDescription(errorCodes.get(0));
+                String errorCode = errorCodes.get(0);
+                if (errorCode.equals(CATCH_ERROR_CODE_TIMEOUT_OR_DUPLICATE)) {
+                    result = Messages.CAPTCHA_TIMEOUT_OUT_DUPLICATE;
+
+                } else if (errorCode.equals("invalid-input-response")) {
+                    result = Messages.CAPTCHA_INVALID_INPUT_RESPONSE;
+                } else {
+                    result = Messages.CAPTCHA_LOADING_ERROR;
+                    logger.error("Unexpected error during catch resolution:" + errorCodes);
+                }
             }
         } catch (IOException e) {
             logger.error(e.getMessage(), e);
@@ -68,30 +97,4 @@ public class RecaptchaService {
     public void setRecaptchaSecret(String recaptchaSecret) {
         this.recaptchaSecret = recaptchaSecret;
     }
-}
-
-class RecaptchaUtil {
-
-    private static final Map<String, String>
-            RECAPTCHA_ERROR_CODE = new HashMap<>();
-
-    static String codeToDescription(final String code)
-    {
-        return  RECAPTCHA_ERROR_CODE.getOrDefault(code,"Unexpected error validating code. Please, refresh the page and try again.");
-    }
-
-    static {
-        RECAPTCHA_ERROR_CODE.put("missing-input-secret",
-                "The secret parameter is missing");
-        RECAPTCHA_ERROR_CODE.put("invalid-input-secret",
-                "The secret parameter is invalid or malformed");
-        RECAPTCHA_ERROR_CODE.put("missing-input-response",
-                "The response parameter is missing");
-        RECAPTCHA_ERROR_CODE.put("invalid-input-response",
-                "The response parameter is invalid or malformed");
-        RECAPTCHA_ERROR_CODE.put("bad-request",
-                "The request is invalid or malformed");
-        RECAPTCHA_ERROR_CODE.put("timeout-or-duplicate",
-                "Please, refresh the page and try again.");
-    }
 }

wise-webapp/src/main/java/com/wisemapping/service/RegistrationException.java

@@ -1,3 +1,20 @@
+/*
+ *    Copyright [2022] [wisemapping]
+ *
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   "powered by wisemapping" text requirement on every single page;
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the license at
+ *
+ *       http://www.wisemapping.org/license
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
 package com.wisemapping.service;
 
 import org.springframework.validation.BindException;

wise-webapp/src/main/java/com/wisemapping/service/UserService.java

@@ -1,5 +1,5 @@
 /*
-*    Copyright [2015] [wisemapping]
+*    Copyright [2022] [wisemapping]
 *
 *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
 *   It is basically the Apache License, Version 2.0 (the "License") plus the

wise-webapp/src/main/java/com/wisemapping/service/UserServiceImpl.java

@@ -1,5 +1,5 @@
 /*
- *    Copyright [2015] [wisemapping]
+ *    Copyright [2022] [wisemapping]
  *
  *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
  *   It is basically the Apache License, Version 2.0 (the "License") plus the
@@ -19,6 +19,7 @@
 package com.wisemapping.service;
 
 import com.wisemapping.dao.UserManager;
+import com.wisemapping.exceptions.InvalidMindmapException;
 import com.wisemapping.exceptions.WiseMappingException;
 import com.wisemapping.mail.NotificationService;
 import com.wisemapping.model.*;
@@ -119,13 +120,11 @@ public class UserServiceImpl
 
         if (emailConfirmEnabled) {
             user.setActivationDate(null);
-
         } else {
             user.setActivationDate(Calendar.getInstance());
         }
 
-        Collaborator col = userManager.getCollaboratorBy(user.getEmail());
-
+        final Collaborator col = userManager.getCollaboratorBy(user.getEmail());
         if (col != null) {
             userManager.createUser(user, col);
         } else {
@@ -148,7 +147,7 @@ public class UserServiceImpl
         return user;
     }
 
-    public Mindmap buildTutorialMindmap(@NotNull String firstName) {
+    public Mindmap buildTutorialMindmap(@NotNull String firstName) throws InvalidMindmapException {
         //To change body of created methods use File | Settings | File Templates.
         final Locale locale = LocaleContextHolder.getLocale();
         Mindmap result = new Mindmap();

wise-webapp/src/main/java/com/wisemapping/util/Application.java

@@ -1,162 +0,0 @@
-/*
- * Copyright (c) 2008, Harald Walker (bitwalker.nl) 
- * All rights reserved.
- * 
- * Redistribution and use in source and binary forms, with or
- * without modification, are permitted provided that the
- * following conditions are met:
- * 
- * * Redistributions of source code must retain the above
- * copyright notice, this list of conditions and the following
- * disclaimer.
- * 
- * * Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions and the following
- * disclaimer in the documentation and/or other materials
- * provided with the distribution.
- * 
- * * Neither the name of bitwalker nor the names of its
- * contributors may be used to endorse or promote products
- * derived from this software without specific prior written
- * permission.
- * 
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-package com.wisemapping.util;
-
-/**
- * Enum constants for internet applications like web-application and rich
- * internet application.
- * 
- * @author harald
- * 
- */
-
-public enum Application {
-
-	HOTMAIL(Manufacturer.MICROSOFT, 1, "Windows Live Hotmail", 
-			new String[] { "mail.live.com", "hotmail.msn" }, ApplicationType.WEBMAIL), 
-	GMAIL( Manufacturer.GOOGLE, 5, "Gmail",
-			new String[] { "mail.google.com" }, ApplicationType.WEBMAIL), 
-	YAHOO_MAIL( Manufacturer.YAHOO, 10, "Yahoo Mail",
-			new String[] { "mail.yahoo.com" }, ApplicationType.WEBMAIL), 
-	COMPUSERVE( Manufacturer.COMPUSERVE, 20, "Compuserve",
-			new String[] { "csmail.compuserve.com" }, ApplicationType.WEBMAIL), 
-	AOL_WEBMAIL( Manufacturer.AOL, 30, "AOL webmail",
-			new String[] { "webmail.aol.com" }, ApplicationType.WEBMAIL), 
-	/**
-	* MobileMe webmail client by Apple. Previously known as .mac.
-	*/
-	MOBILEME( Manufacturer.APPLE, 40, "MobileMe",
-			new String[] { "www.me.com" }, ApplicationType.WEBMAIL),			
-	/**
-	* Mail.com
-	* Mail.com provides consumers with web-based e-mail services
-	*/
-	MAIL_COM( Manufacturer.MMC, 50, "Mail.com", 
-			new String[] { ".mail.com" }, ApplicationType.WEBMAIL), 
-	/**
-	 * Popular open source webmail client. Often installed by providers or privately.
-	 */
-	HORDE(	Manufacturer.OTHER, 50, "horde", 
-			new String[] { "horde" }, ApplicationType.WEBMAIL), 
-	OTHER_WEBMAIL(Manufacturer.OTHER, 60, "Other webmail client", 
-			new String[] { "webmail", "webemail" }, ApplicationType.WEBMAIL), 
-	UNKNOWN(Manufacturer.OTHER, 0, "Unknown", 
-			new String[0], ApplicationType.UNKNOWN);
-
-	private final short id;
-	private final String name;
-	private final String[] aliases;
-	private final ApplicationType applicationType;
-	private final Manufacturer manufacturer;
-
-	Application(Manufacturer manufacturer, int versionId, String name,
-				String[] aliases, ApplicationType applicationType) {
-		this.id = (short) ((manufacturer.getId() << 8) + (byte) versionId);
-		this.name = name;
-		this.aliases = aliases;
-		this.applicationType = applicationType;
-		this.manufacturer = manufacturer;
-	}
-
-	public short getId() {
-		return id;
-	}
-
-	public String getName() {
-		return name;
-	}
-
-	/**
-	 * @return the applicationType
-	 */
-	public ApplicationType getApplicationType() {
-		return applicationType;
-	}
-
-	/**
-	 * @return the manufacturer
-	 */
-	public Manufacturer getManufacturer() {
-		return manufacturer;
-	}
-
-	/*
-	 * Checks if the given referrer string matches to the application. Only
-	 * checks for one specific application.
-	 */
-	public boolean isInReferrerString(String referrerString) {
-		for (String alias : aliases) {
-			if (referrerString.toLowerCase().indexOf(alias.toLowerCase()) != -1)
-				return true;
-		}
-		return false;
-	}
-
-	/*
-	 * Iterates over all Application to compare the signature with the referrer
-	 * string. If no match can be found Application.UNKNOWN will be returned.
-	 */
-	public static Application parseReferrerString(String referrerString) {
-		// skip the empty and "-" referrer
-		if (referrerString != null && referrerString.length() > 1) {
-			for (Application applicationInList : Application.values()) {
-				if (applicationInList.isInReferrerString(referrerString))
-					return applicationInList;
-			}
-		}
-		return Application.UNKNOWN;
-	}
-
-	/**
-	 * Returns the enum constant of this type with the specified id. Throws
-	 * IllegalArgumentException if the value does not exist.
-	 * 
-	 * @param id
-	 * @return
-	 */
-	public static Application valueOf(short id) {
-		for (Application application : Application.values()) {
-			if (application.getId() == id)
-				return application;
-		}
-
-		// same behavior as standard valueOf(string) method
-		throw new IllegalArgumentException("No enum const for id " + id);
-	}
-
-}

wise-webapp/src/main/java/com/wisemapping/util/ApplicationType.java

@@ -1,63 +0,0 @@
-/*
-* Copyright (c) 2008, Harald Walker (bitwalker.nl) 
-* All rights reserved.
-* 
-* Redistribution and use in source and binary forms, with or
-* without modification, are permitted provided that the
-* following conditions are met:
-* 
-* * Redistributions of source code must retain the above
-* copyright notice, this list of conditions and the following
-* disclaimer.
-* 
-* * Redistributions in binary form must reproduce the above
-* copyright notice, this list of conditions and the following
-* disclaimer in the documentation and/or other materials
-* provided with the distribution.
-* 
-* * Neither the name of bitwalker nor the names of its
-* contributors may be used to endorse or promote products
-* derived from this software without specific prior written
-* permission.
-* 
-* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
-* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
-* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-package com.wisemapping.util;
-
-/**
- * Enum constants classifying the different types of applications which are common in referrer strings
- * @author harald
- *
- */
-public enum ApplicationType {
-
-	/**
-	 * Webmail service like Windows Live Hotmail and Gmail.
-	 */
-	WEBMAIL("Webmail client"),
-	UNKNOWN("unknown");
-	
-	private final String name;
-	
-	ApplicationType(String name) {
-		this.name = name;
-	}
-
-	public String getName() {
-		return name;
-	}
-
-}