Commit 1207a27e authored by Artem Dobrynin (EPAM)'s avatar Artem Dobrynin (EPAM)
Browse files

Revert GONRG-1424: R3 Entitlements SQL an endpoint "List all users"

parent ef69cd53
......@@ -59,6 +59,18 @@ Each API is authorized by the following steps:
```
</details>
* **GET /entitlements/v1/users**. Retrieves all the members that are within the data partition provided in the _data-partition-id_ header. This API lists the direct members of the entitlements service (excluding service accounts). **NB!** At the moment, this API endpoint only available in GCP-JDBC implementation of the Entitlements Service.
<details>
```
curl --request GET \
--url '/entitlements/v1/users' \
--header 'authorization: Bearer <JWT>' \
--header 'content-type: application/json' \
--header 'data-partition-id: osdu'
```
</details>
* **GET /entitlements/v1/groups/{group_email}/members**. Retrieves members that belong to the _group_email_ within the data partition provided in the _data-partition-id_ header. Sample _group_email_ value is `{name}@{data-partition-id}.{domain}.com`. The query parameter role can be specified to a filter group members by role of OWNER or MEMBER. In addition to authorization, the user or service extracted from JWT (email claim) in the _Authorization_ header is checked for membership within _group_email_ as OWNER or MEMBER. This API lists the direct members of the group (excluding hierarchical groups).
<details>
......
docs/entitlements.png

39.5 KB | W: | H:

docs/entitlements.png

46.6 KB | W: | H:

docs/entitlements.png
docs/entitlements.png
docs/entitlements.png
docs/entitlements.png
  • 2-up
  • Swipe
  • Onion skin
......@@ -17,6 +17,7 @@ package entitlements.core <<Rectangle>> {
+ addMemberToGroup(groupEmail: GroupEmail, memberInfo: MemberInfo)
+ addMemberToDataGroup(groupEmail: GroupEmail, memberInfo: MemberInfo)
+ getGroupMembers(groupEmail: GroupEmail)
+ listAllMembers()
+ getMemberGroups()
+ createGroup(createGroup: CreateGroup)
+ deleteGroup(groupEmail: GroupEmail)
......@@ -33,6 +34,7 @@ package entitlements.core <<Rectangle>> {
+ deleteGroup(groupEmail: GroupEmail)
+ listUserGroups(memberEmail: String, domain: String)
+ getGroupMembers(groupEmail: String)
+ getAllMembers()
}
interface UserInfoProvider {
......
......@@ -72,6 +72,13 @@ public class EntitlementsApi {
return new ResponseEntity<>(members, HttpStatus.OK);
}
@GetMapping("/users")
@PreAuthorize("@authorizationFilter.hasRole('" + EntitlementsRole.ADMIN +"')")
public ResponseEntity<Members> listAllMembers(){
Members members = entitlementsService.listAllMembers();
return new ResponseEntity<>(members, HttpStatus.OK);
}
@PostMapping("/groups/{groupEmail}/members")
@PreAuthorize("@authorizationFilter.hasRole('" + EntitlementsRole.USER + "')")
public ResponseEntity<MemberInfo> postMembers(
......
......@@ -35,6 +35,8 @@ public interface EntitlementsService {
Members getGroupMembers(GroupEmail groupEmail, @Nullable String cursor, @Nullable Integer limit,
@Nullable String role);
Members listAllMembers();
Groups getMemberGroups();
GroupInfo createGroup(CreateGroup createGroup);
......
......@@ -37,4 +37,6 @@ public interface GroupsRepository<GT, MT, GT1, MT1> {
GT1 listUserGroups(String memberEmail, String domain);
MT1 getGroupMembers(String groupEmail, String cursor, Integer limit, String role);
MT1 getAllMembers();
}
......@@ -18,6 +18,7 @@
package org.opengroup.osdu.java.entitlements.jdbc.mapper;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.SQLException;
import org.opengroup.osdu.java.entitlements.jdbc.model.MemberInfoEntity;
import org.springframework.jdbc.core.RowMapper;
......@@ -26,10 +27,28 @@ public class MemberInfoEntityMapper implements RowMapper<MemberInfoEntity> {
@Override
public MemberInfoEntity mapRow(ResultSet rs, int rowNum) throws SQLException {
Long id = hasColumn(rs, "id") ? rs.getLong("id") : -1L;
String email = hasColumn(rs, "email") ? rs.getString("email") : "";
String role = hasColumn(rs, "role") ? rs.getString("role") : "";
return MemberInfoEntity.builder()
.id(rs.getLong("id"))
.email(rs.getString("email"))
.role(rs.getString("role"))
.id(id)
.email(email)
.role(role)
.build();
}
private boolean hasColumn(ResultSet rs, String columnName) throws SQLException{
ResultSetMetaData metaData = rs.getMetaData();
int columns = metaData.getColumnCount();
for (int i = 1; i <= columns; i++) {
if (columnName.equals(metaData.getColumnName(i))) {
return true;
}
}
return false;
}
}
......@@ -130,6 +130,12 @@ public class JdbcEntitlementsServiceImpl implements EntitlementsService {
return groupsRepository.getGroupMembers(groupEmail.getGroupEmail(), cursor, limit, groupEmail.getGroupEmail());
}
@Override
public Members listAllMembers() {
checkTenant(headers.getPartitionId());
return groupsRepository.getAllMembers();
}
@Override
public Groups getMemberGroups() {
checkTenant(headers.getPartitionId());
......
......@@ -306,6 +306,22 @@ public class JdbcGroupsRepository implements GroupsRepository<GroupInfo, MemberI
return members;
}
@Override
public Members getAllMembers() {
List<MemberInfoEntity> memberList = jdbcTemplate.query(
"SELECT * from \"member\"",
new MemberInfoEntityMapper()
);
Members members = new Members();
members.setMembers(memberList.stream()
.map(MemberInfoEntity::toMemberInfo)
.collect(Collectors.toList()));
return members;
}
private boolean isGroup(String memberEmail){
Integer count = jdbcTemplate.queryForObject(
"SELECT count(*) FROM \"group\" WHERE email = ?",
......
......@@ -18,11 +18,15 @@ package org.opengroup.osdu.java.entitlements.jdbc.service;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.when;
import static org.springframework.test.util.ReflectionTestUtils.setField;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
......@@ -34,6 +38,7 @@ import org.opengroup.osdu.core.common.model.entitlements.GroupEmail;
import org.opengroup.osdu.core.common.model.entitlements.GroupInfo;
import org.opengroup.osdu.core.common.model.entitlements.Groups;
import org.opengroup.osdu.core.common.model.entitlements.MemberInfo;
import org.opengroup.osdu.core.common.model.entitlements.Members;
import org.opengroup.osdu.core.common.model.entitlements.Roles;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
......@@ -50,6 +55,7 @@ public class JdbcEntitlementsServiceImplTest {
private final String EXECUTOR_USER_EMAIL = "executor.test@test.com";
private final String TARGET_MEMBER_EMAIL = "user.test@test.com";
private final String MEMBER_TEMPLATE_EMAIL = "user%s.test@test.com";
private final String GROUP_NAME = "test.group";
private final GroupEmail GROUP_EMAIL = new GroupEmail("test.group@odsu.test.com");
private final String GROUP_DESCRIPTION = "Test group";
......@@ -176,4 +182,53 @@ public class JdbcEntitlementsServiceImplTest {
entitlementsService.deleteMemberFromGroup(GROUP_EMAIL, TARGET_MEMBER_EMAIL);
}
@Test
public void testGetMembersFromGroup(){
List<MemberInfo> memberInfos = new ArrayList<>();
for (int i = 1; i <= 5; i++) {
memberInfos.add(MemberInfo
.Member(String.format(MEMBER_TEMPLATE_EMAIL, i))
);
}
MemberInfo executorMember = MemberInfo.builder()
.email(EXECUTOR_USER_EMAIL)
.role(Roles.MEMBER)
.build();
Members expectedMembers = new Members();
expectedMembers.setMembers(memberInfos);
when(groupsRepository.getGroupMembers(any(), any(), any(), any())).thenReturn(expectedMembers);
when(groupsRepository.getMemberFromGroup(any(), any())).thenReturn(executorMember);
Members actualMembers = entitlementsService.getGroupMembers(GROUP_EMAIL, "", 10, Roles.MEMBER);
assertNotNull(actualMembers.getMembers());
assertEquals(memberInfos.size(), actualMembers.getMembers().size());
}
@Test
public void testGetAllMembers(){
List<MemberInfo> memberInfos = new ArrayList<>();
for (int i = 1; i <= 5; i++) {
memberInfos.add(MemberInfo.builder()
.email(String.format(MEMBER_TEMPLATE_EMAIL, i))
.role("")
.build()
);
}
Members expectedMembers = new Members();
expectedMembers.setMembers(memberInfos);
when(groupsRepository.getAllMembers()).thenReturn(expectedMembers);
Members actualMembers = entitlementsService.listAllMembers();
assertNotNull(actualMembers.getMembers());
assertEquals(memberInfos.size(), actualMembers.getMembers().size());
}
}
\ No newline at end of file
......@@ -41,6 +41,7 @@ import org.springframework.stereotype.Service;
import java.io.IOException;
import java.util.Collections;
import sun.reflect.generics.reflectiveObjects.NotImplementedException;
import static java.util.Arrays.asList;
......@@ -214,6 +215,11 @@ public class GSuiteGroupsRepository implements GroupsRepository<Group, Member, G
}
}
@Override
public Members getAllMembers() {
throw new DirectoryApiException(new NotImplementedException());
}
private Directory getDirectory() {
return factory.getDirectoryInstance();
}
......
......@@ -19,6 +19,7 @@ package org.opengroup.osdu.java.gcp.entitlements.service;
import static java.util.Arrays.asList;
import static java.util.Objects.isNull;
import static org.springframework.http.HttpStatus.METHOD_NOT_ALLOWED;
import com.google.api.services.admin.directory.model.Group;
import com.google.api.services.admin.directory.model.Member;
......@@ -54,6 +55,7 @@ import org.opengroup.osdu.java.gcp.entitlements.exception.DirectoryApiException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import sun.reflect.generics.reflectiveObjects.NotImplementedException;
@RequiredArgsConstructor
@Service
......@@ -169,6 +171,14 @@ public class GsuiteEntitlementsServiceImpl implements EntitlementsService {
return osduMembers;
}
public Members listAllMembers(){
throw new AppException(
METHOD_NOT_ALLOWED.value(),
METHOD_NOT_ALLOWED.getReasonPhrase(),
"This method is not implemented yet",
new NotImplementedException());
}
public Groups getMemberGroups() {
String tenantName = headers.getPartitionId();
String memberEmail = memberIdentity.getMemberEmail();
......
......@@ -39,6 +39,7 @@ import java.util.Objects;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
import sun.reflect.generics.reflectiveObjects.NotImplementedException;
import static com.mongodb.client.model.Filters.eq;
import static java.util.Arrays.asList;
......@@ -203,4 +204,9 @@ public class GroupsRepositoryMongo implements GroupsRepository<GroupInfo, Member
members.setMembers(memberInfos);
return members;
}
@Override
public Members getAllMembers() {
throw new NotImplementedException();
}
}
......@@ -31,6 +31,7 @@ import org.springframework.stereotype.Service;
import java.util.Collections;
import java.util.stream.Stream;
import sun.reflect.generics.reflectiveObjects.NotImplementedException;
import static java.util.Arrays.asList;
......@@ -82,6 +83,11 @@ public class MongoEntitlementsServiceImpl implements EntitlementsService {
return groupsRepository.getGroupMembers(groupEmail.getGroupEmail(), cursor, limit, groupEmail.getGroupEmail());
}
@Override
public Members listAllMembers() {
throw new NotImplementedException();
}
@Override
public Groups getMemberGroups() {
checkTenant(headers.getPartitionId());
......
package org.opengroup.osdu.java.entitlements.apitests;
import static java.lang.String.format;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import com.google.gson.Gson;
import com.sun.jersey.api.client.ClientResponse;
import org.apache.http.HttpStatus;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.opengroup.osdu.core.common.model.entitlements.Members;
import org.opengroup.osdu.java.entitlements.util.Config;
import org.opengroup.osdu.java.entitlements.util.HTTPClient;
import org.opengroup.osdu.java.entitlements.util.JdbcDatabaseService;
import org.opengroup.osdu.java.entitlements.util.GroupUtils;
import org.opengroup.osdu.java.entitlements.util.HTTPClientGcp;
......@@ -9,6 +20,8 @@ import org.opengroup.osdu.java.entitlements.util.UserUtils;
public class TestApiManageMembersInGroups extends ApiManageMembersInGroupsTest {
private static final String USERS_PATH = "/users";
@Override
@Before
public void setup() throws Exception {
......@@ -23,6 +36,32 @@ public class TestApiManageMembersInGroups extends ApiManageMembersInGroupsTest {
userPostedBody = UserUtils.generateUserRequestBody(userEmail, "MEMBER");
}
@Test
public void givenValidCredentialsWhenAccessingAllUsersThenReturnAllUsers() throws Exception{
ClientResponse getMembersResponse = client.send(
USERS_PATH,
"GET",
client.getValidHeaders(),
""
);
assertEquals(HttpStatus.SC_OK, getMembersResponse.getStatus());
Members members = new Gson().fromJson(getMembersResponse.getEntity(String.class), Members.class);
assertFalse(members.getMembers().isEmpty());
}
@Test
public void givenIntegrationTesterWithoutPermission_whenAddMemberToGroup_thenForbidden() throws Exception {
ClientResponse getMembersResponse = client.send(
USERS_PATH,
"GET",
HTTPClient.getHeaders(Config.getTenantName(), client.getNoDataAccessToken()),
""
);
assertEquals(HttpStatus.SC_FORBIDDEN, getMembersResponse.getStatus());
}
@Override
@After
public void tearDown() throws Exception {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment