Skip to content

Commit

Permalink
feat: improved exception mapping and added docs (#25)
Browse files Browse the repository at this point in the history
  • Loading branch information
JordenReuter authored Apr 17, 2024
1 parent 639555c commit da4f57a
Show file tree
Hide file tree
Showing 10 changed files with 282 additions and 4 deletions.
3 changes: 3 additions & 0 deletions docs/antora.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
name: onecx-permission
title: Permission Bff
version: latest
1 change: 1 addition & 0 deletions docs/modules/onecx-permission-bff/nav.adoc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
* xref:onecx-permission-bff:index.adoc[Permission Bff]
8 changes: 8 additions & 0 deletions docs/modules/onecx-permission-bff/pages/index.adoc
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
include::onecx-permission-bff-attributes.adoc[opts=optional]

== onecx-permission-bff

include::docs.adoc[opts=optional]


include::onecx-permission-bff-docs.adoc[opts=optional]
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@

:docker-registry: https://github.com/onecx/onecx-permission-bff/pkgs/container/onecx-permission-bff
:helm-registry: https://github.com/onecx/onecx-permission-bff/pkgs/container/charts%2Fonecx-permission-bff
:properties-file: src/main/resources/application.properties
:helm-file: src/main/helm/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@

include::onecx-permission-bff-attributes.adoc[opts=optional]

=== Default properties

.{properties-file}
[%collapsible%open]
====
[source,properties,subs=attributes+]
----
quarkus.http.auth.permission.health.paths=/q/*
quarkus.http.auth.permission.health.policy=permit
quarkus.http.auth.permission.default.paths=/*
quarkus.http.auth.permission.default.policy=authenticated
onecx.permissions.application-id=${quarkus.application.name}
org.eclipse.microprofile.rest.client.propagateHeaders=apm-principal-token
%prod.quarkus.rest-client.onecx_permission_svc.url=http://onecx-permission-svc:8080
%prod.quarkus.rest-client.onecx_workspace_svc.url=http://onecx-workspace-svc:8080
%prod.quarkus.rest-client.onecx_product_store_svc.url=http://onecx-product-store-svc:8080
%prod.quarkus.rest-client.onecx_iam_svc.url=http://onecx-iam-kc-svc:8080
%prod.quarkus.oidc-client.client-id=${quarkus.application.name}
quarkus.openapi-generator.codegen.input-base-dir=target/tmp/openapi
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.config-key=onecx_permission_svc
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.base-package=gen.org.tkit.onecx.permission.client
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_permission_svc_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.config-key=onecx_workspace_svc
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.base-package=gen.org.tkit.onecx.permission.client
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_workspace_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.config-key=onecx_product_store_svc
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.base-package=gen.org.tkit.onecx.product.store.client
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_product_store_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.config-key=onecx_iam_svc
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.base-package=gen.org.tkit.onecx.iam.client
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.return-response=true
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.additional-api-type-annotations=@org.eclipse.microprofile.rest.client.annotation.RegisterClientHeaders;
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.model-name-suffix=IamV1
quarkus.openapi-generator.codegen.spec.onecx_iam_svc_v1_yaml.additional-model-type-annotations=@io.quarkus.runtime.annotations.RegisterForReflection;
----
====

=== Extensions

include::onecx-permission-bff-extensions.adoc[opts=optional]

=== Container

{docker-registry}[Docker registry]


=== Helm

{helm-registry}[Helm registry]

Default values

.{helm-file}
[source,yaml]
----
app:
name: bff
image:
repository: "onecx/onecx-permission-bff"
operator:
# Permission
permission:
enabled: true
spec:
permissions:
permission:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
role:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
assignment:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
application:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
workspace:
read: permission on all GET requests and POST search
write: permission on PUT, POST, PATCH requests, where objects are saved or updated
delete: permission on all DELETE requests
----

Original file line number Diff line number Diff line change
@@ -0,0 +1,127 @@

include::onecx-permission-bff-attributes.adoc[opts=optional]

[.extension.table.searchable, cols="50,.^15,.^15,.^20"]
|===
h| Extensions
h| Documentation
h| Configuration
h| Version

| quarkus-resteasy-reactive

| https://quarkus.io/guides/resteasy-reactive[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-resteasy-reactive.adoc[Link]
| 3.9.3
| quarkus-smallrye-openapi
| https://quarkus.io/guides/openapi-swaggerui[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-smallrye-openapi.adoc[Link]
| 3.9.3
| quarkus-resteasy-reactive-jackson
| https://quarkus.io/guides/rest-json[Link]
|
| 3.9.3
| quarkus-smallrye-health
| https://quarkus.io/guides/smallrye-health[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-smallrye-health.adoc[Link]
| 3.9.3
| quarkus-openapi-generator
| https://docs.quarkiverse.io/quarkus-openapi-generator/dev/index.html[Link]
| https://github.com/quarkiverse/quarkus-openapi-generator/blob/2.4.1/docs/modules/ROOT/pages/includes/quarkus-openapi-generator.adoc[Link]
| 2.4.1
| quarkus-rest-client-reactive-jackson
| https://quarkus.io/guides/rest-client[Link]
|
| 3.9.3
| tkit-quarkus-log-cdi
| https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-log-cdi.html[Link]
| https://github.com/1000kit/tkit-quarkus/blob/2.21.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-cdi.adoc[Link]
| 2.21.0
| tkit-quarkus-log-rs
| https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-log-rs.html[Link]
| https://github.com/1000kit/tkit-quarkus/blob/2.21.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-rs.adoc[Link]
| 2.21.0
| tkit-quarkus-log-json
| https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-log-json.html[Link]
| https://github.com/1000kit/tkit-quarkus/blob/2.21.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-log-json.adoc[Link]
| 2.21.0
| tkit-quarkus-rest
| https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-rest.html[Link]
| https://github.com/1000kit/tkit-quarkus/blob/2.21.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-rest.adoc[Link]
| 2.21.0
| tkit-quarkus-rest-context
| https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-rest-context.html[Link]
| https://github.com/1000kit/tkit-quarkus/blob/2.21.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-rest-context.adoc[Link]
| 2.21.0
| tkit-quarkus-security
| https://1000kit.github.io/tkit-quarkus/current/tkit-quarkus/tkit-quarkus-security.html[Link]
| https://github.com/1000kit/tkit-quarkus/blob/2.21.0/docs/modules/tkit-quarkus/pages/includes/tkit-quarkus-security.adoc[Link]
| 2.21.0
| quarkus-hibernate-validator
| https://quarkus.io/guides/validation[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-hibernate-validator.adoc[Link]
| 3.9.3
| onecx-permissions
| https://onecx.github.io/docs/onecx-quarkus/current/onecx-quarkus/onecx-permissions.html[Link]
| https://github.com/onecx/onecx-quarkus/blob/0.16.0/docs/modules/onecx-quarkus/pages/includes/onecx-permissions.adoc[Link]
| 0.16.0
| quarkus-oidc
| https://quarkus.io/guides/security-oidc-bearer-token-authentication-tutorial[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-oidc.adoc[Link]
| 3.9.3
| quarkus-oidc-client-reactive-filter
| https://quarkus.io/guides/security-openid-connect-client-reference[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-oidc-client-reactive-filter.adoc[Link]
| 3.9.3
| onecx-core
| https://onecx.github.io/docs/onecx-quarkus/current/onecx-quarkus/onecx-core.html[Link]
|
| 0.16.0
| quarkus-arc
| https://quarkus.io/guides/cdi-reference[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-arc.adoc[Link]
| 3.9.3
| quarkus-container-image-docker
| https://quarkus.io/guides/container-image[Link]
| https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-container-image-docker.adoc[Link]
| 3.9.3
|===
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<parent>
<groupId>org.tkit.onecx</groupId>
<artifactId>onecx-quarkus3-parent</artifactId>
<version>0.38.0</version>
<version>0.46.0</version>
</parent>

<artifactId>onecx-permission-bff</artifactId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.transaction.Transactional;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.Response;

import org.eclipse.microprofile.rest.client.inject.RestClient;
import org.jboss.resteasy.reactive.ClientWebApplicationException;
import org.jboss.resteasy.reactive.server.ServerExceptionMapper;
import org.tkit.onecx.permission.bff.rs.mappers.ExceptionMapper;
import org.tkit.onecx.permission.bff.rs.mappers.WorkspaceMapper;
Expand Down Expand Up @@ -93,7 +93,7 @@ public Response getDetailsByWorkspaceName(String workspaceName) {
}

@ServerExceptionMapper
public Response restException(WebApplicationException ex) {
return Response.status(ex.getResponse().getStatus()).build();
public Response clientRestException(ClientWebApplicationException ex) {
return exceptionMapper.clientException(ex);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
import jakarta.validation.Path;
import jakarta.ws.rs.core.Response;

import org.jboss.resteasy.reactive.ClientWebApplicationException;
import org.jboss.resteasy.reactive.RestResponse;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
Expand Down Expand Up @@ -57,4 +58,12 @@ List<ProblemDetailInvalidParamDTO> createErrorValidationResponse(
default String mapPath(Path path) {
return path.toString();
}

default Response clientException(ClientWebApplicationException ex) {
if (ex.getResponse().getStatus() == 500) {
return Response.status(400).build();
} else {
return Response.status(ex.getResponse().getStatus()).build();
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,34 @@ void searchWorkspacesTest() {
Assertions.assertEquals(2, output.getStream().size());
}

@Test
void searchWorkspaces_Internal_Server_Error_Test() {
WorkspaceSearchCriteria criteria = new WorkspaceSearchCriteria();
criteria.setPageNumber(0);
criteria.setPageSize(100);

// create mock rest endpoint
mockServerClient
.when(request().withPath("/v1/workspaces/search").withMethod(HttpMethod.POST)
.withBody(JsonBody.json(criteria))
.withContentType(MediaType.APPLICATION_JSON))
.withId(MOCKID)
.respond(httpRequest -> response().withStatusCode(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode()));
var input = new WorkspaceSearchCriteriaDTO();
input.setPageSize(100);
input.setPageNumber(0);

given()
.when()
.auth().oauth2(keycloakClient.getAccessToken(ADMIN))
.header(APM_HEADER_PARAM, ADMIN)
.contentType(APPLICATION_JSON)
.body(input)
.post("/search")
.then()
.statusCode(Response.Status.BAD_REQUEST.getStatusCode());
}

@Test
void getAllProductsByWorkspaceNameTest() {
String workspaceName = "workspace1";
Expand Down

0 comments on commit da4f57a

Please sign in to comment.