Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add role operator flag #64

Merged
merged 1 commit into from
Jun 6, 2024
Merged

feat: add role operator flag #64

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion docs/modules/onecx-permission-svc/pages/onecx-permission-svc-docs.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ quarkus.hibernate-orm.multitenant=DISCRIMINATOR
quarkus.hibernate-orm.jdbc.timezone=UTC
quarkus.liquibase.migrate-at-start=true
quarkus.liquibase.validate-on-migrate=true
quarkus.hibernate-orm.log.sql=true
tkit.rs.context.tenant-id.enabled=true
onecx.permission.token.verified=true
onecx.permission.token.issuer.public-key-location.suffix=/protocol/openid-connect/certs
Expand Down Expand Up @@ -61,3 +60,9 @@ app:

----

vc"
db:
enabled: true

----

1 change: 1 addition & 0 deletions src/main/java/org/tkit/onecx/permission/domain/di/mappers/TemplateMapper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ public interface TemplateMapper {
@Mapping(target = "modificationCount", ignore = true)
@Mapping(target = "persisted", ignore = true)
@Mapping(target = "tenantId", ignore = true)
@Mapping(target = "operator", ignore = true)
Role createRole(String name, String description);

@Mapping(target = "mandatory", ignore = true)
Expand Down
6 changes: 6 additions & 0 deletions src/main/java/org/tkit/onecx/permission/domain/models/Role.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,4 +39,10 @@ public class Role extends TraceableEntity {
@Column(name = "MANDATORY")
private Boolean mandatory;

/**
* Flag to identify role created by an operator
*/
@Column(name = "OPERATOR")
private Boolean operator;

}
7 changes: 6 additions & 1 deletion src/main/java/org/tkit/onecx/permission/domain/services/AssignmentService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import jakarta.transaction.Transactional;

import org.tkit.onecx.permission.domain.daos.AssignmentDAO;
import org.tkit.onecx.permission.domain.daos.RoleDAO;
import org.tkit.onecx.permission.domain.models.Assignment;
import org.tkit.onecx.permission.domain.models.Role;

Expand All @@ -17,6 +18,9 @@ public class AssignmentService {
@Inject
AssignmentDAO dao;

@Inject
RoleDAO roleDAO;

@Transactional
public void createAssignments(Role role, List<Assignment> assignments) {
dao.deleteByRoleId(role.getId());
Expand All @@ -36,8 +40,9 @@ public void createRoleProductsAssignments(Role role, List<String> productNames,
}

@Transactional
public void importOperator(List<Assignment> assignments, Map<String, List<String>> productNames) {
public void importOperator(List<Assignment> assignments, Map<String, List<String>> productNames, List<Role> createRoles) {
productNames.forEach((productName, apps) -> dao.deleteByProductNameAppIds(productName, apps));
roleDAO.create(createRoles);
dao.create(assignments);

}
Expand Down
5 changes: 3 additions & 2 deletions src/main/java/org/tkit/onecx/permission/rs/exim/v1/controllers/PermissionExportImportV1.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,11 @@ public Response operatorImportAssignments(AssignmentSnapshotDTOV1 assignmentSnap

// create assignments
List<EximProblemDetailInvalidParamDTOV1> problems = new ArrayList<>();
var assignments = mapper.createAssignments(problems, assignmentSnapshotDTO, roleMap, permissionMap);
List<Role> createRoles = new ArrayList<>();
var assignments = mapper.createAssignments(problems, assignmentSnapshotDTO, roleMap, permissionMap, createRoles);

// delete old and create new assignments
service.importOperator(assignments, request.product());
service.importOperator(assignments, request.product(), createRoles);

// check problems
if (!problems.isEmpty()) {
Expand Down
49 changes: 34 additions & 15 deletions src/main/java/org/tkit/onecx/permission/rs/exim/v1/mappers/EximMapperV1.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,15 @@ public interface EximMapperV1 {
Assignment create(Role role, Permission permission);

default List<Assignment> createAssignments(List<EximProblemDetailInvalidParamDTOV1> problems, AssignmentSnapshotDTOV1 dto,
Map<String, Role> roleMap, Map<String, Permission> permissionMap) {
Map<String, Role> roleMap, Map<String, Permission> permissionMap, List<Role> createRoles) {
List<Assignment> assignments = new ArrayList<>();
dto.getAssignments().forEach((productName, product) -> {
if (product != null) {
product.forEach((appId, app) -> {
if (app != null) {
assignments
.addAll(createProductAppAssignments(productName, appId, app, problems, roleMap, permissionMap));
.addAll(createProductAppAssignments(productName, appId, app, problems, roleMap, permissionMap,
createRoles));
}
});
}
Expand All @@ -47,7 +48,7 @@ default List<Assignment> createAssignments(List<EximProblemDetailInvalidParamDTO

default List<Assignment> createProductAppAssignments(String productName, String appId,
Map<String, Map<String, List<String>>> dto, List<EximProblemDetailInvalidParamDTOV1> problems,
Map<String, Role> roleMap, Map<String, Permission> permissionMap) {
Map<String, Role> roleMap, Map<String, Permission> permissionMap, List<Role> createRoles) {
List<Assignment> assignments = new ArrayList<>();

// application role - resource - actions
Expand All @@ -56,26 +57,44 @@ default List<Assignment> createProductAppAssignments(String productName, String

var role = roleMap.get(roleName);
if (role == null) {
problems.add(createProblem("Role not found", "Role name: " + roleName));
continue;
role = createRole(roleName);
roleMap.put(roleName, role);
}

e.getValue().forEach((resource, actions) -> actions.forEach(action -> {
var permId = permId(productName, appId, resource, action);
var permission = permissionMap.get(permId);
if (permission == null) {
problems.add(createProblem("Permission not found", "Permission ID: " + permId));
} else {
var assignment = create(role, permission);
assignment.setOperator(true);
assignments.add(assignment);
for (Map.Entry<String, List<String>> me : e.getValue().entrySet()) {
var resource = me.getKey();

for (String action : me.getValue()) {
var permId = permId(productName, appId, resource, action);
var permission = permissionMap.get(permId);
if (permission == null) {
problems.add(createProblem("Permission not found", "Permission ID: " + permId));
} else {
var assignment = create(role, permission);
assignment.setOperator(true);
assignments.add(assignment);
}
}
}));
}
}

return assignments;
}

@Mapping(target = "mandatory", ignore = true)
@Mapping(target = "description", ignore = true)
@Mapping(target = "id", ignore = true)
@Mapping(target = "creationDate", ignore = true)
@Mapping(target = "creationUser", ignore = true)
@Mapping(target = "modificationDate", ignore = true)
@Mapping(target = "modificationUser", ignore = true)
@Mapping(target = "controlTraceabilityManual", ignore = true)
@Mapping(target = "modificationCount", ignore = true)
@Mapping(target = "persisted", ignore = true)
@Mapping(target = "tenantId", ignore = true)
@Mapping(target = "operator", constant = "true")
Role createRole(String name);

EximProblemDetailInvalidParamDTOV1 createProblem(String name, String message);

default RequestData createRequestData(AssignmentSnapshotDTOV1 dto) {
Expand Down
2 changes: 2 additions & 0 deletions src/main/java/org/tkit/onecx/permission/rs/internal/mappers/RoleMapper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ public interface RoleMapper {
@Mapping(target = "modificationCount", ignore = true)
@Mapping(target = "persisted", ignore = true)
@Mapping(target = "tenantId", ignore = true)
@Mapping(target = "operator", ignore = true)
Role create(CreateRoleRequestDTO dto);

RoleDTO map(Role data);
Expand All @@ -41,5 +42,6 @@ public interface RoleMapper {
@Mapping(target = "controlTraceabilityManual", ignore = true)
@Mapping(target = "persisted", ignore = true)
@Mapping(target = "tenantId", ignore = true)
@Mapping(target = "operator", ignore = true)
void update(UpdateRoleRequestDTO dto, @MappingTarget Role role);
}
3 changes: 3 additions & 0 deletions src/main/openapi/onecx-permission-internal-openapi.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -812,6 +812,9 @@ components:
mandatory:
type: boolean
default: false
operator:
type: boolean
default: false
UserAssignmentPageResult:
type: object
properties:
Expand Down
1 change: 1 addition & 0 deletions src/main/resources/db/changeLog.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,6 @@
<include relativeToChangelogFile="true" file="v1/2024-05-13-mandatory-flags.xml" />
<include relativeToChangelogFile="true" file="v1/2024-05-16-operator-flag.xml" />
<include relativeToChangelogFile="true" file="v1/2024-05-28-assignment-operator.xml" />
<include relativeToChangelogFile="true" file="v1/2024-06-06-role-operator.xml" />

</databaseChangeLog>
13 changes: 13 additions & 0 deletions src/main/resources/db/v1/2024-06-06-role-operator.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<?xml version="1.1" encoding="UTF-8" standalone="no"?>
<databaseChangeLog
xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd"
objectQuotingStrategy="QUOTE_ONLY_RESERVED_WORDS">

<changeSet author="dev (generated)" id="1717685572396-1">
<addColumn tableName="role">
<column name="operator" type="bool"/>
</addColumn>
</changeSet>
</databaseChangeLog>
2 changes: 1 addition & 1 deletion ...t/java/org/tkit/onecx/permission/rs/exim/v1/controllers/PermissionExportImportV1Test.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ void operatorImportMissingDataTest() {
assertThat(dto.getErrorCode()).isEqualTo(EximExceptionMapperV1.ErrorCode.INVALID_IMPORT_REQUEST.name());
assertThat(dto.getDetail()).isEqualTo(
"The request could not be fully completed due to a conflict with the current state of the roles and permissions");
assertThat(dto.getInvalidParams()).isNotNull().hasSize(3);
assertThat(dto.getInvalidParams()).isNotNull().hasSize(4);
}

@Test
Expand Down
Loading