diff --git a/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc b/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc index 9c7c8a7..fe25bc9 100644 --- a/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc +++ b/docs/modules/onecx-permission-bff/pages/onecx-permission-bff-extensions.adoc @@ -12,37 +12,37 @@ h| Version | https://quarkus.io/guides/rest[Link] | https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-rest.adoc[Link] -| 3.9.3 +| 3.9.4 | quarkus-smallrye-openapi | https://quarkus.io/guides/openapi-swaggerui[Link] | https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-smallrye-openapi.adoc[Link] -| 3.9.3 +| 3.9.4 | quarkus-rest-jackson | https://quarkus.io/guides/rest-json[Link] | -| 3.9.3 +| 3.9.4 | quarkus-smallrye-health | https://quarkus.io/guides/smallrye-health[Link] | https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-smallrye-health.adoc[Link] -| 3.9.3 +| 3.9.4 | quarkus-openapi-generator | https://docs.quarkiverse.io/quarkus-openapi-generator/dev/index.html[Link] -| https://github.com/quarkiverse/quarkus-openapi-generator/blob/2.4.1/docs/modules/ROOT/pages/includes/quarkus-openapi-generator.adoc[Link] -| 2.4.1 +| https://github.com/quarkiverse/quarkus-openapi-generator/blob/2.4.2/docs/modules/ROOT/pages/includes/quarkus-openapi-generator.adoc[Link] +| 2.4.2 | quarkus-rest-client-jackson | https://quarkus.io/guides/rest-client[Link] | -| 3.9.3 +| 3.9.4 | tkit-quarkus-log-cdi @@ -84,44 +84,44 @@ h| Version | https://quarkus.io/guides/validation[Link] | https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-hibernate-validator.adoc[Link] -| 3.9.3 +| 3.9.4 | onecx-permissions | https://onecx.github.io/docs/onecx-quarkus/current/onecx-quarkus/onecx-permissions.html[Link] -| https://github.com/onecx/onecx-quarkus/blob/0.17.0/docs/modules/onecx-quarkus/pages/includes/onecx-permissions.adoc[Link] -| 0.17.0 +| https://github.com/onecx/onecx-quarkus/blob/0.18.0/docs/modules/onecx-quarkus/pages/includes/onecx-permissions.adoc[Link] +| 0.18.0 | quarkus-oidc | https://quarkus.io/guides/security-oidc-bearer-token-authentication-tutorial[Link] | https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-oidc.adoc[Link] -| 3.9.3 +| 3.9.4 | onecx-core | https://onecx.github.io/docs/onecx-quarkus/current/onecx-quarkus/onecx-core.html[Link] | -| 0.17.0 +| 0.18.0 | quarkus-arc | https://quarkus.io/guides/cdi-reference[Link] | https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-arc.adoc[Link] -| 3.9.3 +| 3.9.4 | quarkus-container-image-docker | https://quarkus.io/guides/container-image[Link] | https://github.com/quarkusio/quarkusio.github.io/blob/develop/_generated-doc/latest/config/quarkus-container-image-docker.adoc[Link] -| 3.9.3 +| 3.9.4 | quarkus-rest-client-oidc-filter | | -| 3.9.3 +| 3.9.4 |=== \ No newline at end of file diff --git a/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java b/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java index 0904a74..2d1bbd6 100644 --- a/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java +++ b/src/main/java/org/tkit/onecx/permission/bff/rs/controllers/AssignmentRestController.java @@ -47,7 +47,7 @@ public Response createAssignment(CreateAssignmentRequestDTO createAssignmentRequ @Override public Response grantAssignments(CreateProductAssignmentsRequestDTO createProductAssignmentsRequestDTO) { - //!!! This is workaround for current UI + //!! This is workaround for current UI // app-id not null, take only first product from list if (createProductAssignmentsRequestDTO.getAppId() != null && !createProductAssignmentsRequestDTO.getAppId().isEmpty()) { @@ -70,6 +70,31 @@ public Response grantAssignments(CreateProductAssignmentsRequestDTO createProduc } } + @Override + public Response grantRoleAssignments(String roleId) { + try (Response response = assignmentClient.grantRoleAssignments(roleId)) { + return Response.status(response.getStatus()).build(); + } + } + + @Override + public Response grantRoleProductAssignments(String roleId, + CreateRoleProductAssignmentRequestDTO createRoleProductAssignmentRequestDTO) { + try (Response response = assignmentClient.grantRoleProductAssignments(roleId, + mapper.map(createRoleProductAssignmentRequestDTO))) { + return Response.status(response.getStatus()).build(); + } + } + + @Override + public Response grantRoleProductsAssignments(String roleId, + CreateRoleProductsAssignmentRequestDTO createRoleProductsAssignmentRequestDTO) { + try (Response response = assignmentClient.grantRoleProductsAssignments(roleId, + mapper.map(createRoleProductsAssignmentRequestDTO))) { + return Response.status(response.getStatus()).build(); + } + } + @Override public Response deleteAssignment(String id) { try (Response response = assignmentClient.deleteAssignment(id)) { diff --git a/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java b/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java index b3ab591..cdd3960 100644 --- a/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java +++ b/src/main/java/org/tkit/onecx/permission/bff/rs/mappers/AssignmentMapper.java @@ -29,4 +29,8 @@ default CreateRoleProductAssignmentRequest mapRoleProduct( .productName(createProductAssignmentsRequestDTO.getProductNames().get(productIndex)) .appId(createProductAssignmentsRequestDTO.getAppId()); } + + CreateRoleProductAssignmentRequest map(CreateRoleProductAssignmentRequestDTO createRoleProductAssignmentRequestDTO); + + CreateRoleProductsAssignmentRequest map(CreateRoleProductsAssignmentRequestDTO createRoleProductsAssignmentRequestDTO); } diff --git a/src/main/openapi/openapi-bff.yaml b/src/main/openapi/openapi-bff.yaml index 383612a..8f215d3 100644 --- a/src/main/openapi/openapi-bff.yaml +++ b/src/main/openapi/openapi-bff.yaml @@ -414,6 +414,81 @@ paths: application/json: schema: $ref: '#/components/schemas/ProblemDetailResponse' + /assignments/grant/{roleId}: + post: + tags: + - assignment + description: Create new assignments for role + operationId: grantRoleAssignments + parameters: + - name: roleId + in: path + required: true + schema: + type: string + responses: + 201: + description: New assignment created + 404: + description: Data not found + /assignments/grant/{roleId}/product: + post: + tags: + - assignment + description: Create new assignments for role and product + operationId: grantRoleProductAssignments + parameters: + - name: roleId + in: path + required: true + schema: + type: string + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/CreateRoleProductAssignmentRequest' + responses: + 201: + description: New assignment created + 404: + description: Data not found + 400: + description: Bad request + content: + application/json: + schema: + $ref: '#/components/schemas/ProblemDetailResponse' + /assignments/grant/{roleId}/products: + post: + tags: + - assignment + description: Create new assignments for role and products + operationId: grantRoleProductsAssignments + parameters: + - name: roleId + in: path + required: true + schema: + type: string + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/CreateRoleProductsAssignmentRequest' + responses: + 201: + description: New assignment created + 404: + description: Data not found + 400: + description: Bad request + content: + application/json: + schema: + $ref: '#/components/schemas/ProblemDetailResponse' /assignments/revoke: post: x-onecx: @@ -593,6 +668,9 @@ components: type: string description: type: string + mandatory: + type: boolean + default: false UpdateRoleRequest: type: object required: @@ -751,6 +829,9 @@ components: type: string description: type: string + mandatory: + type: boolean + default: false CreatePermissionRequest: type: object properties: @@ -880,6 +961,9 @@ components: type: string id: type: string + mandatory: + type: boolean + default: false ApplicationSearchCriteria: type: object properties: @@ -1040,6 +1124,26 @@ components: type: string appId: type: string + CreateRoleProductsAssignmentRequest: + type: object + required: + - productNames + properties: + productNames: + type: array + minItems: 1 + items: + type: string + CreateRoleProductAssignmentRequest: + type: object + required: + - productName + - appId + properties: + appId: + type: string + productName: + type: string OffsetDateTime: format: date-time type: string diff --git a/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java b/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java index 76e54c1..bab2e16 100644 --- a/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java +++ b/src/test/java/org/tkit/onecx/permission/rs/AssignmentRestControllerTest.java @@ -330,4 +330,73 @@ void revokeAssignmentsTest() { .then() .statusCode(Response.Status.NO_CONTENT.getStatusCode()); } + + @Test + void grantRoleAssignments_Test() { + // create mock rest endpoint + mockServerClient.when(request().withPath("/internal/assignments/grant/role123").withMethod(HttpMethod.POST)) + .withId(MOCKID) + .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + given() + .when() + .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) + .header(APM_HEADER_PARAM, ADMIN) + .contentType(APPLICATION_JSON) + .pathParam("roleId", "role123") + .post("/grant/{roleId}") + .then() + .statusCode(Response.Status.CREATED.getStatusCode()); + } + + @Test + void grantRoleProductAssignments_Test() { + + CreateRoleProductAssignmentRequest request = new CreateRoleProductAssignmentRequest(); + request.setAppId("app1"); + request.setProductName("product1"); + // create mock rest endpoint + mockServerClient.when(request().withPath("/internal/assignments/grant/role123/product").withMethod(HttpMethod.POST) + .withBody(JsonBody.json(request))) + .withId(MOCKID) + .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + + CreateRoleProductAssignmentRequestDTO requestDTO = new CreateRoleProductAssignmentRequestDTO(); + requestDTO.setAppId("app1"); + requestDTO.setProductName("product1"); + given() + .when() + .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) + .header(APM_HEADER_PARAM, ADMIN) + .contentType(APPLICATION_JSON) + .body(requestDTO) + .pathParam("roleId", "role123") + .post("/grant/{roleId}/product") + .then() + .statusCode(Response.Status.CREATED.getStatusCode()); + } + + @Test + void grantRoleProductsAssignments_Test() { + + CreateRoleProductsAssignmentRequest request = new CreateRoleProductsAssignmentRequest(); + request.setProductNames(List.of("product1", "product2", "product3")); + // create mock rest endpoint + mockServerClient.when(request().withPath("/internal/assignments/grant/role123/products").withMethod(HttpMethod.POST)) + .withId(MOCKID) + .respond(httpRequest -> response().withStatusCode(Response.Status.CREATED.getStatusCode())); + + CreateRoleProductsAssignmentRequestDTO requestDTO = new CreateRoleProductsAssignmentRequestDTO(); + requestDTO.setProductNames(List.of("product1", "product2", "product3")); + + given() + .when() + .auth().oauth2(keycloakClient.getAccessToken(ADMIN)) + .header(APM_HEADER_PARAM, ADMIN) + .contentType(APPLICATION_JSON) + .body(requestDTO) + .pathParam("roleId", "role123") + .post("/grant/{roleId}/products") + .then() + .statusCode(Response.Status.CREATED.getStatusCode()); + } }