Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added revoked notification handling concept #600

Merged
merged 50 commits into from
Jan 31, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
812c7f3
chore[534] updated createIrsPolicyIfMissing()
Jan 23, 2024
c3a6e9c
chore[534] updated CHANGELOG.md
Jan 23, 2024
11bda56
Merge branch 'main' into feature/534-get-policies-and-publish-assets
Jan 23, 2024
46c3573
feature: 534 update copyright header; use right operand as policy id
ds-lcapellino Jan 23, 2024
426801d
Merge remote-tracking branch 'origin/feature/534-get-policies-and-pub…
ds-lcapellino Jan 23, 2024
a86c477
feature: 508 update postgres and pgadmin version
ds-lcapellino Jan 24, 2024
085b895
feature: 508 update CHANGELOG.md
ds-lcapellino Jan 24, 2024
45b8318
chore[534] updated methods
Jan 24, 2024
2e17650
Merge remote-tracking branch 'origin/feature/534-get-policies-and-pub…
Jan 24, 2024
7f3cd9a
Merge branch 'main' into feature/534-get-policies-and-publish-assets
Jan 24, 2024
3dceb1e
helm: 508 update dependency check verion to 9.0.9
ds-lcapellino Jan 24, 2024
b344131
helm: 508 remove unused dependency
ds-lcapellino Jan 24, 2024
445a50c
Revert "helm: 508 remove unused dependency"
ds-lcapellino Jan 24, 2024
d8cdbb1
chore(concept): #521 create first draft
Jan 24, 2024
57b57c8
chore(concept): #521 add more information
Jan 24, 2024
3a821ae
feature(assetState): #535 implemented first working asset publish state
ds-mmaul Jan 24, 2024
6a871b6
Merge branch 'main' into feature/535-publish-assets-in-fe
ds-mmaul Jan 24, 2024
3f480c0
feature(assetState): #535 added CHANGELOG entry
ds-mmaul Jan 24, 2024
13e6226
feature(publish): #535 show Toast on success or error
ds-mmaul Jan 25, 2024
0f48476
chore(concept): #521 rework concept
Jan 25, 2024
fe04bc9
feature(publish): #535 fix tests
ds-mmaul Jan 25, 2024
d543c4d
feature(publish): #535 fix tests
ds-mmaul Jan 25, 2024
fbf871a
feature(publish): #535 fix tests
ds-mmaul Jan 25, 2024
dfbb21f
feature(publish): #535 display error message
ds-mmaul Jan 25, 2024
40c555c
feature(publish): #535 added tests
ds-mmaul Jan 25, 2024
938772d
feature(publish): #535 remove test focus
ds-mmaul Jan 25, 2024
010b587
chore(concept): #521 add more accurate information, assumptions and d…
Jan 26, 2024
e37fafe
feature(publish): #535 added test
ds-mmaul Jan 26, 2024
0afb9de
Merge pull request #954 from eclipse-tractusx/main
ds-mwesener Jan 29, 2024
11abd85
feature(publish): #535 added user manual documentation for publishing…
ds-mmaul Jan 29, 2024
2138dcb
feature(publish): #535 added user manual documentation for publishing…
ds-mmaul Jan 29, 2024
cc8aee4
chore(concept): #521 include review suggestions
Jan 29, 2024
415045d
chore(concept): #521 include more review suggestions
Jan 30, 2024
10259a1
chore(concept): #521 update CHANGELOG.md
Jan 30, 2024
b4f895a
chore[534] updated License
Jan 30, 2024
01d0a14
Merge branch 'main' into feature/534-get-policies-and-publish-assets
Jan 30, 2024
69d283d
Merge pull request #934 from catenax-ng/feature/534-get-policies-and-…
ds-ashanmugavel Jan 30, 2024
69d6909
Merge pull request #944 from catenax-ng/feature/535-publish-assets-in-fe
ds-mwesener Jan 31, 2024
d124176
Merge branch 'main' into feature/508-update-postgres-to-15.4
ds-lcapellino Jan 31, 2024
d584977
feature: 508 add postgres 15.4 to integration tests
ds-lcapellino Jan 31, 2024
e223ed6
Merge pull request #939 from catenax-ng/feature/508-update-postgres-t…
ds-ext-sceronik Jan 31, 2024
184f6e8
Update CONTRIBUTING.md add matrix chat
mkanal Jan 31, 2024
e67619a
Update README.md add contact information
mkanal Jan 31, 2024
1ac460f
Update README.md
mkanal Jan 31, 2024
b2a9e46
Update CONTRIBUTING.md
mkanal Jan 31, 2024
887df83
Merge pull request #962 from catenax-ng/chore/#000-update-contact-inf…
ds-lcapellino Jan 31, 2024
f77c9af
Update CHANGELOG.md
mkanal Jan 31, 2024
18a3b42
Merge pull request #961 from catenax-ng/chore/#000-update-contact-inf…
ds-mwesener Jan 31, 2024
db8d294
Merge branch 'main' into chore/521-revoked-notification-handling
ds-crehm Jan 31, 2024
5463f4d
Merge pull request #953 from catenax-ng/chore/521-revoked-notificatio…
ds-crehm Jan 31, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,17 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
### Added
- Added AVD-KSV-0014 to trivy ignore
- Added tooltips on functionalities that are unauthorized or unavailable
-
- Added concept #521 revoked notification handling
- Added eclipse trace-x matrix channel to README.md and CONTRIBUTING.md

### Changed
- Updated Irs Library from 1.4.1-SNAPSHOT to 1.5.1-SNAPSHOT
- Changed some java implementations according to security findings ( business logic unchanged )
- Adjusted sync logic to create jobs only for related BomLifecycles
- Spring core updated from 6.0.14 to 6.0.16
- Springboot updated from 3.1.6 to 3.1.7
- Implemented asset publisher component functionality
- Updated postgres to version 15.4

### Removed

Expand All @@ -40,7 +44,6 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
- Added GET /policies endpoint to retrieve accepted policies
- Added POST assets/publish endpoint to publish transient assets


### Changed
- Fixed security findings
- Rework GET alerts and investigations endpoint to POST to send a request body
Expand All @@ -65,6 +68,8 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
- Updated github/codeql-action from 2 to 3
- Updated actions/download-artifact from 3 to 4actions/download-artifact from 3 to 4
- Updated com.nimbusds:nimbus-jose-jwt from 9.37.1 to 9.37.3
- Changed some java implementations according to security findings ( business logic unchanged )
- Updated createIrsPolicyIfMissing() method to validate policies based on rightOperand values rather than policyIDs

### Removed
- Shell descriptor entity with underlying logic
Expand Down
10 changes: 7 additions & 3 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -178,8 +178,12 @@ Attributes in Angular template should be properly ordered by groups:

`java -jar scripts/download/org.eclipse.dash.licenses-0.0.1-SNAPSHOT.jar yarn.lock -review -token <token> -project automotive.tractusx`

## <ins>Contact</ins> <a name="contact"></a>
## Contact

Contact the project developers via the project's "dev" list.
Contact the Eclipse Tractus-X developers via the developer mailing list.

- https://accounts.eclipse.org/mailing-list/tractusx-dev
* https://accounts.eclipse.org/mailing-list/tractusx-dev

Contact the project developers via eclipse matrix chat.

* Eclipse Matrix Chat https://chat.eclipse.org/#/room/#tractusx-trace-x:matrix.eclipse.org
10 changes: 10 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -180,3 +180,13 @@ DockerHub Frontend: https://hub.docker.com/r/tractusx/traceability-foss-frontend
As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).

As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.

## Contact

Contact the Eclipse Tractus-X developers via the developer mailing list.

* https://accounts.eclipse.org/mailing-list/tractusx-dev

Contact the project developers via eclipse matrix chat.

* Eclipse Matrix Chat https://chat.eclipse.org/#/room/#tractusx-trace-x:matrix.eclipse.org
6 changes: 3 additions & 3 deletions charts/traceability-foss/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,11 +34,11 @@ dependencies:
version: 1.3.27
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 12.1.6
version: 12.12.10
condition: postgresql.enabled
- name: pgadmin4
repository: https://helm.runix.net
version: 1.13.6
version: 1.23.1
condition: pgadmin4.enabled
- name: irs-helm
repository: https://eclipse-tractusx.github.io/item-relationship-service
Expand All @@ -51,5 +51,5 @@ dependencies:
- name: postgresql
alias: edc-postgresql
repository: https://charts.bitnami.com/bitnami
version: 12.1.6
version: 12.12.10
condition: edc-postgresql.enabled
4 changes: 2 additions & 2 deletions charts/traceability-foss/charts/backend/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,11 +25,11 @@ appVersion: "10.2.1"
dependencies:
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 12.1.6
version: 12.12.10
condition: postgresql.enabled
- name: pgadmin4
repository: https://helm.runix.net
version: 1.13.6
version: 1.23.1
condition: pgadmin4.enabled
- name: irs-helm
repository: https://eclipse-tractusx.github.io/item-relationship-service
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
# Concept #521: Revoked notification handling

| Key | Value |
|---------------|-----------------------------------------------------------------------|
| Author | ds-crehm |
| Creation date | 24.01.2024 |
| Ticket Id | #521 https://github.com/eclipse-tractusx/traceability-foss/issues/521 |
| State | DRAFT |

# Table of Contents
1. [Overview](#overview)
2. [Summary](#summary)
3. [Requirements](#requirements)
4. [Assumptions](#assumptions)
5. [Concept](#concept)
6. [References](#references)

# Overview

After a notification is created and approved, relevant policies must be verified before it can be sent.
There are three possibilities:
1. All constraints are fulfilled. The notification may be sent.
2. The policy is expired (validUntil DateTime < current DateTime). The notification is not permitted to be sent.
3. One or more policy-based constraints are not fulfilled. The notification is not permitted to be sent.

Policies are stored in the IRS' policy store. The IRS provides a policy store API to create, fetch and verify policies.

# Summary

If the notification may not be sent after the policy verification, the user must be notified properly.
The status of the notification must be updated accordingly.

# Requirements

- During policy check, throw separate Exceptions based on the type of failure.
- If policy is not valid -> UsagePolicyExpiredException
- If policy is valid but notification not permitted -> UsagePolicyPermissionException
- Transient quality investigation & alert status: "FAILED"
- Notification set to this status, when it could not be sent due to the policy exceptions
- Error toast message informing the user of the exception
- Detailed status information stored in the message history of the notification
- User must be able to resend the notification

# Assumptions

- The message history can show the current notification status persistently and accurately (https://github.com/eclipse-tractusx/traceability-foss/issues/423)
- IRS library response for verification has enough details to show the user
- If not, Trace-X might have to add additional information to the thrown exceptions

# Concept

### Backend

Instead of only having one UsagePolicyException, there must be two different exceptions:
- UsagePolicyPermissionException (thrown when permission validation fails; contains information from the IRS policy checker response)
- UsagePolicyExpiredException (thrown when policy validUntil DateTime < current DateTime)

When either of these is thrown, the notification will be set to the transient status "FAILED" and a message is stored in the message history, containing information about the exception.
The standard notification status flow must **not** be changed. The "FAILED" status will only extend this standard within Trace-X.
After the notification is successfully resent, the status will be set to "SENT". Alternatively, the user can cancel the notification flow, which will set the status to "CANCELLED"/"CLOSED".

Notification status flow:
![Notification-Status-Flow.png](Notification-Status-Flow.png)

Creating and sending notifications:
```mermaid
sequenceDiagram
participant TraceX
participant IRSLib
participant IRSPolicyStore
TraceX->>TraceX: Create notification
TraceX->>IRSLib: Get policy
activate IRSLib
IRSLib->>IRSPolicyStore: Get policy
activate IRSPolicyStore
IRSPolicyStore-->>IRSLib: Policy A(id,validUntil,permissions,...)
deactivate IRSPolicyStore
IRSLib-->>TraceX: Policy A (id,validUntil,permissions,...)
deactivate IRSLib
TraceX->>IRSLib: Verify notification with policy A
activate IRSLib
alt Success
IRSLib-->>TraceX: Success
TraceX->>TraceX: Send notification
else Exception
alt Notification rejected
IRSLib-->>TraceX: UsagePolicyPermissionException
else policy.validUntil<currentTime
IRSLib-->>TraceX: UsagePolicyExpiredException
end
deactivate IRSLib
TraceX->>TraceX: Notification status = FAILED
TraceX->>TraceX: Create error message
end
```

### Frontend

After creating and approving the notification and one of the exceptions is thrown:
1. An error toast message must be shown to the user
2. The notification status must be changed to "FAILED"
3. A new message must be created and shown in the message history including the error description

UsagePolicyPermissionException:
![UsagePolicyPermissionException-Mockup.png](UsagePolicyPermissionException-Mockup.png)
UsagePolicyExpiredException:
![UsagePolicyExpiredException-Mockup.png](UsagePolicyExpiredException-Mockup.png)

# References

- Current notification status flow: https://eclipse-tractusx.github.io/traceability-foss/docs/user/user-manual.html
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
40 changes: 39 additions & 1 deletion docs/src/docs/user/user-manual.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -148,11 +148,45 @@ Parts that are in a quality alert are highlighted yellow.
=== Parts selection -> Create Quality alert

Select one or multiple child components/parts/batches that are build into your part.
Selection will enable you to create a quality alert (notification) to your customers.
Selection will enable you to create a quality alert (notification) to your customers. For this action, a button appears at the top right of the table as soon as an asset has been selected
The quality alert will be added to a queue (queued & requested inbox) and not directly sent to the customers.

Once the quality alert is created you will get a pop-up and can directly navigate to the inbox for further action.

=== Parts selection -> Publish Assets

Select one or multiple parts that are in the AsBuilt lifecycle. A button will appear on the right of the lifecycle view selection:

image::https://raw.githubusercontent.com/eclipse-tractusx/traceability-foss/main/docs/src/images/arc42/user-guide/publish_assets_button.png[]

Selection will enable you to publish assets with the goal to persist them (import state "persistent").
With a click on the button a window will be opened, where the selected assets are displayed and a required policy must be selected:

image::https://raw.githubusercontent.com/eclipse-tractusx/traceability-foss/main/docs/src/images/arc42/user-guide/publish_assets_view.png[]

The following table explains the different import state an asset can have:

[cols="1,1"]
|===
|transient
|Asset is uploaded but not synchronized with the Item Relationship Service (IRS).

|in_synchronization
|Asset is in the process of synchronizing with the IRS.

|persistent
|Asset is successfully synchronized with the IRS.

|unset
|The import state of the asset was not set

|error
|Along the import state transition and error occurred.
|===




=== Parts table column settings

On the right upper site of a table there is a settings icon in which you can set the table columns to a desired view.
Expand Down Expand Up @@ -198,6 +232,10 @@ Zooming in/out can be done with the corresponding control buttons.
image:https://raw.githubusercontent.com/eclipse-tractusx/traceability-foss/main/docs/src/images/arc42/user-guide/open-new-tab.png[] Open part tree in new tab to zoom, scroll and focus in a larger view.
A minimap on the bottom right provides an overview of the current position on the part tree.

==== Asset State

Information about the import process and state of the part.

==== Manufacturer data

Detailed information on the IDs for the manufactured part/batch.
Expand Down
Binary file modified docs/src/images/arc42/user-guide/parts-list-detailed-view.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@
matTooltipPosition="above"
[class.mdc-tooltip--multiline]="true"
[matTooltipShowDelay]="1000"
[matTooltipDisabled]="roleService.hasAccess(['wip'])"
[matTooltipDisabled]="roleService.hasAccess(['admin'])"
>
<app-button
*ngIf="(allSelectedItems$ | async).length"
Expand Down Expand Up @@ -131,7 +131,8 @@
<app-sidenav-wrapper [isOpen]="isPublisherOpen$ | async" (sidenavAction)="isPublisherOpen$.next($event)">
<app-asset-publisher
[selectedAssets] = "allSelectedItems$ | async"
(submitted)="isPublisherOpen$.next(false)"
[isOpen]="isPublisherOpen$"
(submitted)="isPublisherOpen$.next(false); refreshPartsOnPublish($event);"
></app-asset-publisher>
</app-sidenav-wrapper>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,19 +19,19 @@
* SPDX-License-Identifier: Apache-2.0
********************************************************************************/

import { LayoutModule } from '@layout/layout.module';
import { SidenavComponent } from '@layout/sidenav/sidenav.component';
import { SidenavService } from '@layout/sidenav/sidenav.service';
import { OtherPartsModule } from '@page/other-parts/other-parts.module';
import { AssetAsBuiltFilter, AssetAsPlannedFilter } from '@page/parts/model/parts.model';
import { PartsComponent } from '@page/parts/presentation/parts.component';
import { TableHeaderSort } from '@shared/components/table/table.model';
import { toAssetFilter, toGlobalSearchAssetFilter } from '@shared/helper/filter-helper';
import { PartDetailsFacade } from '@shared/modules/part-details/core/partDetails.facade';
import { SharedModule } from '@shared/shared.module';
import { screen, waitFor } from '@testing-library/angular';
import { renderComponent } from '@tests/test-render.utils';
import { PartsModule } from '../parts.module';
import {LayoutModule} from '@layout/layout.module';
import {SidenavComponent} from '@layout/sidenav/sidenav.component';
import {SidenavService} from '@layout/sidenav/sidenav.service';
import {OtherPartsModule} from '@page/other-parts/other-parts.module';
import {AssetAsBuiltFilter, AssetAsPlannedFilter} from '@page/parts/model/parts.model';
import {PartsComponent} from '@page/parts/presentation/parts.component';
import {TableHeaderSort} from '@shared/components/table/table.model';
import {toAssetFilter, toGlobalSearchAssetFilter} from '@shared/helper/filter-helper';
import {PartDetailsFacade} from '@shared/modules/part-details/core/partDetails.facade';
import {SharedModule} from '@shared/shared.module';
import {screen, waitFor} from '@testing-library/angular';
import {renderComponent} from '@tests/test-render.utils';
import {PartsModule} from '../parts.module';

describe('Parts', () => {

Expand Down Expand Up @@ -315,4 +315,46 @@ describe('Parts', () => {
expect(partsFacadeSpy).toHaveBeenCalledWith();
});

it('shouldRefreshPartsOnPublishAction', async function() {
const { fixture } = await renderParts();
const { componentInstance } = fixture;



});

it('should show success toast and refresh parts on successful publish', async() => {
const { fixture } = await renderParts();
const { componentInstance } = fixture;
const partsFacade = (componentInstance as any)['partsFacade'];
const toastService = componentInstance.toastService;
spyOn(toastService, 'success');
spyOn(partsFacade, 'setPartsAsBuilt');
spyOn(partsFacade, 'setPartsAsPlanned');

componentInstance.refreshPartsOnPublish('');

expect(toastService.success).toHaveBeenCalledWith('requestPublishAssets.success');
expect(partsFacade.setPartsAsBuilt).toHaveBeenCalled();
expect(partsFacade.setPartsAsPlanned).toHaveBeenCalled();
});

it('should show error toast and not refresh parts on failed publish', async () => {
const { fixture } = await renderParts();
const { componentInstance } = fixture;
const partsFacade = (componentInstance as any)['partsFacade'];
const toastService = componentInstance.toastService;
spyOn(toastService, 'error');
spyOn(partsFacade, 'setPartsAsBuilt');
spyOn(partsFacade, 'setPartsAsPlanned');

componentInstance.refreshPartsOnPublish('Error message');

expect(toastService.error).toHaveBeenCalledWith('Error message');
expect(partsFacade.setPartsAsBuilt).not.toHaveBeenCalled();
expect(partsFacade.setPartsAsPlanned).not.toHaveBeenCalled();
});



});
Loading
Loading