From 86a6b88bb1f8eccabf177bf6a3ecc90b6c44e3dc Mon Sep 17 00:00:00 2001 From: JordenReuter <149687553+JordenReuter@users.noreply.github.com> Date: Tue, 21 May 2024 13:06:44 +0200 Subject: [PATCH] feat: impl of new internal api (#36) --- .../onecx-permission-bff-extensions.adoc | 24 +-- .../controllers/AssignmentRestController.java | 64 ++++---- .../bff/rs/mappers/AssignmentMapper.java | 8 +- src/main/openapi/openapi-bff.yaml | 139 +++++++++++------- .../rs/AssignmentRestControllerTest.java | 111 ++++++-------- 5 files changed, 179 insertions(+), 167 deletions(-) diff --git a/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc b/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc index fe25bc9..cec4da7 100644 --- a/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc +++ b/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc @@ -47,38 +47,38 @@ h| Version | tkit-quarkus-log-cdi | https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-log-cdi.html[Link] -| https://github.com/1000kit/tkit-quarkus/blob/2.22.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-cdi.adoc[Link] -| 2.22.0 +| https://github.com/1000kit/tkit-quarkus/blob/2.23.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-cdi.adoc[Link] +| 2.23.0 | tkit-quarkus-log-rs | https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-log-rs.html[Link] -| https://github.com/1000kit/tkit-quarkus/blob/2.22.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-rs.adoc[Link] -| 2.22.0 +| https://github.com/1000kit/tkit-quarkus/blob/2.23.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-rs.adoc[Link] +| 2.23.0 | tkit-quarkus-log-json | https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-log-json.html[Link] -| https://github.com/1000kit/tkit-quarkus/blob/2.22.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-json.adoc[Link] -| 2.22.0 +| https://github.com/1000kit/tkit-quarkus/blob/2.23.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-json.adoc[Link] +| 2.23.0 | tkit-quarkus-rest | https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-rest.html[Link] -| https://github.com/1000kit/tkit-quarkus/blob/2.22.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-rest.adoc[Link] -| 2.22.0 +| https://github.com/1000kit/tkit-quarkus/blob/2.23.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-rest.adoc[Link] +| 2.23.0 | tkit-quarkus-rest-context | https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-rest-context.html[Link] -| https://github.com/1000kit/tkit-quarkus/blob/2.22.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-rest-context.adoc[Link] -| 2.22.0 +| https://github.com/1000kit/tkit-quarkus/blob/2.23.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-rest-context.adoc[Link] +| 2.23.0 | tkit-quarkus-security | https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-security.html[Link] -| https://github.com/1000kit/tkit-quarkus/blob/2.22.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-security.adoc[Link] -| 2.22.0 +| https://github.com/1000kit/tkit-quarkus/blob/2.23.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-security.adoc[Link] +| 2.23.0 | quarkus-hibernate-validator diff --git a/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java b/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java index 2d1bbd6..64c3c76 100644 --- a/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java +++ b/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java @@ -45,52 +45,51 @@ public Response createAssignment(CreateAssignmentRequestDTO createAssignmentRequ } @Override - public Response grantAssignments(CreateProductAssignmentsRequestDTO createProductAssignmentsRequestDTO) { - - //!! This is workaround for current UI - - // app-id not null, take only first product from list - if (createProductAssignmentsRequestDTO.getAppId() != null && !createProductAssignmentsRequestDTO.getAppId().isEmpty()) { - int status = Response.Status.BAD_REQUEST.getStatusCode(); - for (int i = 0; i < createProductAssignmentsRequestDTO.getProductNames().size(); i++) { - try (Response response = assignmentClient.grantRoleProductAssignments( - createProductAssignmentsRequestDTO.getRoleId(), - mapper.mapRoleProduct(createProductAssignmentsRequestDTO, i))) { - status = response.getStatus(); - } - } - return Response.status(status).build(); + public Response grantRoleAssignments(String roleId) { + try (Response response = assignmentClient.grantRoleAssignments(roleId)) { + return Response.status(response.getStatus()).build(); } + } - // list of product-names - try (Response response = assignmentClient.grantRoleProductsAssignments( - createProductAssignmentsRequestDTO.getRoleId(), - mapper.mapRoleProducts(createProductAssignmentsRequestDTO))) { + @Override + public Response grantRoleApplicationAssignments(String roleId, + CreateRoleApplicationAssignmentRequestDTO createRoleApplicationAssignmentRequestDTO) { + try (Response response = assignmentClient.grantRoleApplicationAssignments(roleId, + mapper.map(createRoleApplicationAssignmentRequestDTO))) { return Response.status(response.getStatus()).build(); } } @Override - public Response grantRoleAssignments(String roleId) { - try (Response response = assignmentClient.grantRoleAssignments(roleId)) { + public Response grantRoleProductsAssignments(String roleId, + CreateRoleProductsAssignmentRequestDTO createRoleProductsAssignmentRequestDTO) { + try (Response response = assignmentClient.grantRoleProductsAssignments(roleId, + mapper.map(createRoleProductsAssignmentRequestDTO))) { return Response.status(response.getStatus()).build(); } } @Override - public Response grantRoleProductAssignments(String roleId, - CreateRoleProductAssignmentRequestDTO createRoleProductAssignmentRequestDTO) { - try (Response response = assignmentClient.grantRoleProductAssignments(roleId, - mapper.map(createRoleProductAssignmentRequestDTO))) { + public Response revokeRoleApplicationAssignments(String roleId, + RevokeRoleApplicationAssignmentRequestDTO revokeRoleApplicationAssignmentRequestDTO) { + try (Response response = assignmentClient.revokeRoleApplicationAssignments(roleId, + mapper.map(revokeRoleApplicationAssignmentRequestDTO))) { return Response.status(response.getStatus()).build(); } } @Override - public Response grantRoleProductsAssignments(String roleId, - CreateRoleProductsAssignmentRequestDTO createRoleProductsAssignmentRequestDTO) { - try (Response response = assignmentClient.grantRoleProductsAssignments(roleId, - mapper.map(createRoleProductsAssignmentRequestDTO))) { + public Response revokeRoleAssignments(String roleId) { + try (Response response = assignmentClient.revokeRoleAssignments(roleId)) { + return Response.status(response.getStatus()).build(); + } + } + + @Override + public Response revokeRoleProductsAssignments(String roleId, + RevokeRoleProductsAssignmentRequestDTO revokeRoleProductsAssignmentRequestDTO) { + try (Response response = assignmentClient.revokeRoleProductsAssignments(roleId, + mapper.map(revokeRoleProductsAssignmentRequestDTO))) { return Response.status(response.getStatus()).build(); } } @@ -110,13 +109,6 @@ public Response getAssignment(String id) { } } - @Override - public Response revokeAssignments(RevokeAssignmentRequestDTO revokeAssignmentRequestDTO) { - try (Response response = assignmentClient.revokeAssignments(mapper.map(revokeAssignmentRequestDTO))) { - return Response.status(response.getStatus()).build(); - } - } - @Override public Response searchAssignments(AssignmentSearchCriteriaDTO assignmentSearchCriteriaDTO) { try (Response response = assignmentClient.searchAssignments(mapper.map(assignmentSearchCriteriaDTO))) { diff --git a/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java b/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java index cdd3960..58c541e 100644 --- a/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java +++ b/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java @@ -19,8 +19,6 @@ public interface AssignmentMapper { @Mapping(target = "removeStreamItem", ignore = true) AssignmentPageResultDTO map(AssignmentPageResult pageResult); - RevokeAssignmentRequest map(RevokeAssignmentRequestDTO revokeAssignmentRequestDTO); - CreateRoleProductsAssignmentRequest mapRoleProducts(CreateProductAssignmentsRequestDTO createProductAssignmentsRequestDTO); default CreateRoleProductAssignmentRequest mapRoleProduct( @@ -30,7 +28,11 @@ default CreateRoleProductAssignmentRequest mapRoleProduct( .appId(createProductAssignmentsRequestDTO.getAppId()); } - CreateRoleProductAssignmentRequest map(CreateRoleProductAssignmentRequestDTO createRoleProductAssignmentRequestDTO); + CreateRoleProductAssignmentRequest map(CreateRoleApplicationAssignmentRequestDTO createRoleProductAssignmentRequestDTO); CreateRoleProductsAssignmentRequest map(CreateRoleProductsAssignmentRequestDTO createRoleProductsAssignmentRequestDTO); + + RevokeRoleProductAssignmentRequest map(RevokeRoleApplicationAssignmentRequestDTO revokeRoleApplicationAssignmentRequestDTO); + + RevokeRoleProductsAssignmentRequest map(RevokeRoleProductsAssignmentRequestDTO revokeRoleProductsAssignmentRequestDTO); } diff --git a/src/main/openapi/openapi-bff.yaml b/src/main/openapi/openapi-bff.yaml index 8bd312d..57058f3 100644 --- a/src/main/openapi/openapi-bff.yaml +++ b/src/main/openapi/openapi-bff.yaml @@ -389,31 +389,6 @@ paths: application/json: schema: $ref: '#/components/schemas/ProblemDetailResponse' - /assignments/grant: - post: - x-onecx: - permissions: - assignment: - - write - tags: - - assignment - description: Create new assignments by criteria - operationId: grantAssignments - requestBody: - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/CreateProductAssignmentsRequest' - responses: - 201: - description: New assignments created - 400: - description: Bad request - content: - application/json: - schema: - $ref: '#/components/schemas/ProblemDetailResponse' /assignments/grant/{roleId}: post: tags: @@ -431,12 +406,12 @@ paths: description: New assignment created 404: description: Data not found - /assignments/grant/{roleId}/product: + /assignments/grant/{roleId}/application: post: tags: - assignment - description: Create new assignments for role and product - operationId: grantRoleProductAssignments + description: Create new assignments for role and application + operationId: grantRoleApplicationAssignments parameters: - name: roleId in: path @@ -448,7 +423,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CreateRoleProductAssignmentRequest' + $ref: '#/components/schemas/CreateRoleApplicationAssignmentRequest' responses: 201: description: New assignment created @@ -489,25 +464,76 @@ paths: application/json: schema: $ref: '#/components/schemas/ProblemDetailResponse' - /assignments/revoke: + # + /assignments/revoke/{roleId}: post: - x-onecx: - permissions: - assignment: - - delete tags: - assignment - description: delete assignments by criteria - operationId: revokeAssignments + description: Revoke assignments for role + operationId: revokeRoleAssignments + parameters: + - name: roleId + in: path + required: true + schema: + type: string + responses: + 204: + description: assignment revoked + 404: + description: Data not found + /assignments/revoke/{roleId}/application: + post: + tags: + - assignment + description: Revoke assignments for role and application + operationId: revokeRoleApplicationAssignments + parameters: + - name: roleId + in: path + required: true + schema: + type: string requestBody: required: true content: application/json: schema: - $ref: '#/components/schemas/RevokeAssignmentRequest' + $ref: '#/components/schemas/RevokeRoleApplicationAssignmentRequest' responses: 204: - description: revoked assignments + description: assignments revoked + 404: + description: Data not found + 400: + description: Bad request + content: + application/json: + schema: + $ref: '#/components/schemas/ProblemDetailResponse' + /assignments/revoke/{roleId}/products: + post: + tags: + - assignment + description: Revoke assignments for role and products + operationId: revokeRoleProductsAssignments + parameters: + - name: roleId + in: path + required: true + schema: + type: string + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/RevokeRoleProductsAssignmentRequest' + responses: + 204: + description: assignment revoked + 404: + description: Data not found 400: description: Bad request content: @@ -927,21 +953,6 @@ components: type: array items: type: string - RevokeAssignmentRequest: - type: object - required: - - roleId - properties: - roleId: - type: string - appId: - type: string - permissionId: - type: string - productNames: - type: array - items: - type: string Assignment: type: object properties: @@ -1137,7 +1148,27 @@ components: minItems: 1 items: type: string - CreateRoleProductAssignmentRequest: + CreateRoleApplicationAssignmentRequest: + type: object + required: + - productName + - appId + properties: + appId: + type: string + productName: + type: string + RevokeRoleProductsAssignmentRequest: + type: object + required: + - productNames + properties: + productNames: + type: array + minItems: 1 + items: + type: string + RevokeRoleApplicationAssignmentRequest: type: object required: - productName diff --git a/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java b/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java index bab2e16..b2578b9 100644 --- a/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java +++ b/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java @@ -250,117 +250,104 @@ void deleteAssignmentTest() { } @Test - void createProductAssignmentsTest() { - - CreateRoleProductsAssignmentRequest request = new CreateRoleProductsAssignmentRequest(); - request.setProductNames(List.of("product1")); - + void grantRoleAssignments_Test() { // create mock rest endpoint - mockServerClient.when(request().withPath("/internal/assignments/grant/role1/products").withMethod(HttpMethod.POST) - .withBody(JsonBody.json(request))) + mockServerClient.when(request().withPath("/internal/assignments/grant/role123").withMethod(HttpMethod.POST)) .withId(MOCKID) - .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode()) - .withContentType(MediaType.APPLICATION_JSON)); - - CreateProductAssignmentsRequestDTO requestDTO = new CreateProductAssignmentsRequestDTO(); - requestDTO.setRoleId("role1"); - requestDTO.setProductNames(List.of("product1")); + .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); given() .when() .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) .header(APM_HEADER_PARAM, ADMIN) .contentType(APPLICATION_JSON) - .body(requestDTO) - .post("/grant") + .pathParam("roleId", "role123") + .post("/grant/{roleId}") .then() .statusCode(Response.Status.CREATED.getStatusCode()); + } - requestDTO.setAppId(""); - given() - .when() - .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) - .header(APM_HEADER_PARAM, ADMIN) - .contentType(APPLICATION_JSON) - .body(requestDTO) - .post("/grant") - .then() - .statusCode(Response.Status.CREATED.getStatusCode()); + @Test + void grantRoleApplicationAssignments_Test() { - mockServerClient.when(request().withPath("/internal/assignments/grant/role1/product").withMethod(HttpMethod.POST)) + CreateRoleProductAssignmentRequest request = new CreateRoleProductAssignmentRequest(); + request.setAppId("app1"); + request.setProductName("product1"); + // create mock rest endpoint + mockServerClient.when(request().withPath("/internal/assignments/grant/role123/product").withMethod(HttpMethod.POST) + .withBody(JsonBody.json(request))) .withId(MOCKID) - .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode()) - .withContentType(MediaType.APPLICATION_JSON)); + .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + CreateRoleApplicationAssignmentRequestDTO requestDTO = new CreateRoleApplicationAssignmentRequestDTO(); requestDTO.setAppId("app1"); + requestDTO.setProductName("product1"); given() .when() .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) .header(APM_HEADER_PARAM, ADMIN) .contentType(APPLICATION_JSON) .body(requestDTO) - .post("/grant") + .pathParam("roleId", "role123") + .post("/grant/{roleId}/application") .then() .statusCode(Response.Status.CREATED.getStatusCode()); - } @Test - void revokeAssignmentsTest() { - RevokeAssignmentRequest request = new RevokeAssignmentRequest(); - request.setRoleId("role1"); - request.setProductNames(List.of("product1")); + void grantRoleProductsAssignments_Test() { + CreateRoleProductsAssignmentRequest request = new CreateRoleProductsAssignmentRequest(); + request.setProductNames(List.of("product1", "product2", "product3")); // create mock rest endpoint - mockServerClient.when(request().withPath("/internal/assignments/revoke").withMethod(HttpMethod.POST) - .withBody(JsonBody.json(request))) + mockServerClient.when(request().withPath("/internal/assignments/grant/role123/products").withMethod(HttpMethod.POST)) .withId(MOCKID) - .respond(httpRequest -> response().withStatusCode(Response.Status.NO_CONTENT.getStatusCode()) - .withContentType(MediaType.APPLICATION_JSON)); + .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + + CreateRoleProductsAssignmentRequestDTO requestDTO = new CreateRoleProductsAssignmentRequestDTO(); + requestDTO.setProductNames(List.of("product1", "product2", "product3")); - RevokeAssignmentRequestDTO requestDTO = new RevokeAssignmentRequestDTO(); - requestDTO.setRoleId("role1"); - requestDTO.setProductNames(List.of("product1")); given() .when() .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) .header(APM_HEADER_PARAM, ADMIN) .contentType(APPLICATION_JSON) .body(requestDTO) - .post("/revoke") + .pathParam("roleId", "role123") + .post("/grant/{roleId}/products") .then() - .statusCode(Response.Status.NO_CONTENT.getStatusCode()); + .statusCode(Response.Status.CREATED.getStatusCode()); } @Test - void grantRoleAssignments_Test() { + void revokeRoleAssignments_Test() { // create mock rest endpoint - mockServerClient.when(request().withPath("/internal/assignments/grant/role123").withMethod(HttpMethod.POST)) + mockServerClient.when(request().withPath("/internal/assignments/revoke/role123").withMethod(HttpMethod.POST)) .withId(MOCKID) - .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + .respond(httpRequest -> response().withStatusCode(Response.Status.NO_CONTENT.getStatusCode())); given() .when() .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) .header(APM_HEADER_PARAM, ADMIN) .contentType(APPLICATION_JSON) .pathParam("roleId", "role123") - .post("/grant/{roleId}") + .post("/revoke/{roleId}") .then() - .statusCode(Response.Status.CREATED.getStatusCode()); + .statusCode(Response.Status.NO_CONTENT.getStatusCode()); } @Test - void grantRoleProductAssignments_Test() { + void revokeRoleApplicationAssignments_Test() { - CreateRoleProductAssignmentRequest request = new CreateRoleProductAssignmentRequest(); + RevokeRoleProductAssignmentRequest request = new RevokeRoleProductAssignmentRequest(); request.setAppId("app1"); request.setProductName("product1"); // create mock rest endpoint - mockServerClient.when(request().withPath("/internal/assignments/grant/role123/product").withMethod(HttpMethod.POST) + mockServerClient.when(request().withPath("/internal/assignments/revoke/role123/product").withMethod(HttpMethod.POST) .withBody(JsonBody.json(request))) .withId(MOCKID) - .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + .respond(httpRequest -> response().withStatusCode(Response.Status.NO_CONTENT.getStatusCode())); - CreateRoleProductAssignmentRequestDTO requestDTO = new CreateRoleProductAssignmentRequestDTO(); + RevokeRoleApplicationAssignmentRequestDTO requestDTO = new RevokeRoleApplicationAssignmentRequestDTO(); requestDTO.setAppId("app1"); requestDTO.setProductName("product1"); given() @@ -370,22 +357,22 @@ void grantRoleProductAssignments_Test() { .contentType(APPLICATION_JSON) .body(requestDTO) .pathParam("roleId", "role123") - .post("/grant/{roleId}/product") + .post("/revoke/{roleId}/application") .then() - .statusCode(Response.Status.CREATED.getStatusCode()); + .statusCode(Response.Status.NO_CONTENT.getStatusCode()); } @Test - void grantRoleProductsAssignments_Test() { + void revokeRoleProductsAssignments_Test() { - CreateRoleProductsAssignmentRequest request = new CreateRoleProductsAssignmentRequest(); + RevokeRoleProductsAssignmentRequest request = new RevokeRoleProductsAssignmentRequest(); request.setProductNames(List.of("product1", "product2", "product3")); // create mock rest endpoint - mockServerClient.when(request().withPath("/internal/assignments/grant/role123/products").withMethod(HttpMethod.POST)) + mockServerClient.when(request().withPath("/internal/assignments/revoke/role123/products").withMethod(HttpMethod.POST)) .withId(MOCKID) - .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + .respond(httpRequest -> response().withStatusCode(Response.Status.NO_CONTENT.getStatusCode())); - CreateRoleProductsAssignmentRequestDTO requestDTO = new CreateRoleProductsAssignmentRequestDTO(); + RevokeRoleProductsAssignmentRequestDTO requestDTO = new RevokeRoleProductsAssignmentRequestDTO(); requestDTO.setProductNames(List.of("product1", "product2", "product3")); given() @@ -395,8 +382,8 @@ void grantRoleProductsAssignments_Test() { .contentType(APPLICATION_JSON) .body(requestDTO) .pathParam("roleId", "role123") - .post("/grant/{roleId}/products") + .post("/revoke/{roleId}/products") .then() - .statusCode(Response.Status.CREATED.getStatusCode()); + .statusCode(Response.Status.NO_CONTENT.getStatusCode()); } }