Commits on Jun 24, 2024

1. RBAC integration …

   PR includes:
   - RBAC integretion in 'rest' module
   - updated tests
   - added dependencies in build.gradle files
   - V3 schema in archive module for storing roles and groups from json_data into rbac_labels
   - javadoc
   
   Added new package 'rbac' to rest sub-module with sub-package 'annotations' for spring AOP.
   
   Added new classes:
   
   RbacHttpFilter
   First step of validation.
   Handles:
   - no validation healthcheck
   - stores all groups and roles values from request
   - creates object of type UserType for further processing
   - prevents triggering endpoints when request is not validated
   
   RbacAccessAspect
   Aspect class for handling annotated rest controller methods.
   Handles:
   - triggering methods only accessible by admin
   - triggering BulkResponse methods and modifing returned object
   - triggering methods that require certain parameters in path or in body of request
   - when user has not access, 403 is thrown
   
   RbacDbHandler
   Validation of certain parameteres before reaching endpoints and returning of certain object (omitting direct endpoints).
   Handles:
   - checks if certain parameters are present in db and if user has access due to provided values in groups and roles of header
   - returns all Task/Workflow definitions and SeachResult object with param Workflow/WorkflowSummary directly
   
   RbacProperties
   Properties class to return admin roles and groups specified in properties file.
   
   UserType
   POJO for creating user object.
   
   TYPE: Improvement
   JIRA: DEP-686
   Signed-off-by: jmasar <[email protected]>

   jmasar committed Jun 24, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for f2010ed
   • Browse repository at this point

   Copy the full SHA

   f2010ed View commit details

   Browse the repository at this point in the history