From 9e835c90b44f640f5cdf6c1b547d828be7c7cacd Mon Sep 17 00:00:00 2001 From: PBeohar Date: Tue, 18 May 2021 15:18:26 -0500 Subject: [PATCH 1/4] Refactored bootstrapping of Initial Accounts --- .../osdu/entitlements/v2/AppProperties.java | 5 ++ .../osdu/entitlements/v2/api/InitApi.java | 2 +- .../service/DefaultTenantInitServiceImpl.java | 69 +++++++++++-------- .../v2/service/TenantInitService.java | 4 +- .../v2/util/FileReaderService.java | 1 + .../AppPropertiesTestConfiguration.java | 5 ++ .../DefaultTenantInitServiceImplTests.java | 6 +- .../v2/azure/AzureAppProperties.java | 7 ++ 8 files changed, 66 insertions(+), 33 deletions(-) diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java index 1e7f9606..3a568b81 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java @@ -32,6 +32,11 @@ public abstract class AppProperties { */ public abstract String getGroupsOfServicePrincipal(); + /** + * @return a path of configuration file + */ + public abstract List getGroupsOfInitialUsers(); + /** * Returns members which are protected from removal from their groups */ diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/api/InitApi.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/api/InitApi.java index 0a2dc47f..bdb6bf20 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/api/InitApi.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/api/InitApi.java @@ -17,7 +17,7 @@ public class InitApi { @PreAuthorize("@authorizationFilter.hasAnyPermission()") public ResponseEntity initiateTenant() { tenantInitService.createDefaultGroups(); - tenantInitService.bootstrapServicePrincipal(); + tenantInitService.bootstrapInitialAccounts(); return ResponseEntity.ok().build(); } } diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java index dfaf71ec..e868091f 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java @@ -21,6 +21,7 @@ import org.springframework.http.HttpStatus; import org.springframework.stereotype.Service; import java.util.ArrayList; +import java.util.Collections; import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; @@ -44,34 +45,38 @@ public class DefaultTenantInitServiceImpl implements TenantInitService { } @Override - public void customizedBootstrap() { - } - - @Override - public void bootstrapServicePrincipal() { + public void bootstrapInitialAccounts() { final Map userEmails = createUserEmails(); - final String fileContent = fileReaderService.readFile(appProperties.getGroupsOfServicePrincipal()); - final JsonObject userElement = getUserJsonObject(fileContent); - final String emailKey = userElement.get("email").getAsString(); - final String role = userElement.get("role").getAsString(); - final List groupNames = getGroupNamesForOwner(fileContent); - final AddMemberDto addMemberDto = AddMemberDto.builder() - .email(userEmails.get(emailKey)) - .role(Role.valueOf(role.toUpperCase())) - .build(); - String partitionId = requestInfo.getHeaders().getPartitionId(); - String partitionDomain = requestInfoUtilService.getDomain(partitionId); - final String requesterId = requestInfoUtilService.getUserId(requestInfo.getHeaders()); - groupNames.stream() - .map(name -> createEmail(name, partitionDomain)) - .forEach(groupId -> { - AddMemberServiceDto addMemberServiceDto = AddMemberServiceDto.builder() - .groupEmail(groupId) - .partitionId(partitionId) - .requesterId(requesterId) - .build(); - addMemberToGroup(addMemberDto, addMemberServiceDto); - }); + List fileNames = appProperties.getGroupsOfInitialUsers(); + for (String fileName : fileNames) { + final String fileContent = fileReaderService.readFile(fileName); + final JsonObject userElement = getUserJsonObject(fileContent); + final String emailKey = userElement.get("email").getAsString(); + final String role = userElement.get("role").getAsString(); + final List groupNames; + if (role.equalsIgnoreCase("OWNER")) { + groupNames = getGroupNamesForOwner(fileContent); + } else { + groupNames = getGroupNamesForMember(fileContent); + } + final AddMemberDto addMemberDto = AddMemberDto.builder() + .email(userEmails.get(emailKey)) + .role(Role.valueOf(role.toUpperCase())) + .build(); + String partitionId = requestInfo.getHeaders().getPartitionId(); + String partitionDomain = requestInfoUtilService.getDomain(partitionId); + final String requesterId = requestInfoUtilService.getUserId(requestInfo.getHeaders()); + groupNames.stream() + .map(name -> createEmail(name, partitionDomain)) + .forEach(groupId -> { + AddMemberServiceDto addMemberServiceDto = AddMemberServiceDto.builder() + .groupEmail(groupId) + .partitionId(partitionId) + .requesterId(requesterId) + .build(); + addMemberToGroup(addMemberDto, addMemberServiceDto); + }); + } } private void bootstrapGroups(final String fileName) { @@ -210,4 +215,14 @@ public class DefaultTenantInitServiceImpl implements TenantInitService { array.forEach(element -> groupNames.add(element.getAsJsonObject().get("groupName").getAsString())); return groupNames; } + + private List getGroupNamesForMember(final String fileContent) { + final List groupNames = new ArrayList<>(); + final JsonArray array = JsonParser.parseString(fileContent) + .getAsJsonObject() + .get("membersOf") + .getAsJsonArray(); + array.forEach(element -> groupNames.add(element.getAsJsonObject().get("groupName").getAsString())); + return groupNames; + } } diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/TenantInitService.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/TenantInitService.java index 97cf519a..fd595a4e 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/TenantInitService.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/TenantInitService.java @@ -5,7 +5,5 @@ public interface TenantInitService { void createDefaultGroups(); - void bootstrapServicePrincipal(); - - void customizedBootstrap(); + void bootstrapInitialAccounts(); } diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java index 0116141d..ef6cd54e 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java @@ -8,6 +8,7 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.nio.charset.StandardCharsets; +import java.util.List; @Service public class FileReaderService { diff --git a/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/configuration/AppPropertiesTestConfiguration.java b/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/configuration/AppPropertiesTestConfiguration.java index 6b8ecf36..21737b10 100644 --- a/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/configuration/AppPropertiesTestConfiguration.java +++ b/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/configuration/AppPropertiesTestConfiguration.java @@ -22,6 +22,11 @@ public class AppPropertiesTestConfiguration { return null; } + @Override + public List getGroupsOfInitialUsers() { + return null; + } + @Override public List getProtectedMembers() { return null; diff --git a/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java b/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java index b907371c..86e36d3d 100644 --- a/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java +++ b/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java @@ -120,8 +120,10 @@ public class DefaultTenantInitServiceImplTests { list.add("/provisioning/groups/datalake_user_groups.json"); list.add("/provisioning/groups/datalake_service_groups.json"); list.add("/provisioning/groups/data_groups.json"); + final List fileNames = new ArrayList<>(); + fileNames.add("groups_of_service_principal.json"); when(appProperties.getInitialGroups()).thenReturn(list); - when(appProperties.getGroupsOfServicePrincipal()).thenReturn("groups_of_service_principal.json"); + when(appProperties.getGroupsOfInitialUsers()).thenReturn(fileNames); } @Test @@ -231,7 +233,7 @@ public class DefaultTenantInitServiceImplTests { AddMemberServiceDto addMemberServiceDto2 = AddMemberServiceDto.builder().groupEmail("groupid2@dp.domain.com").requesterId("desId") .partitionId("dp").build(); - tenantInitService.bootstrapServicePrincipal(); + tenantInitService.bootstrapInitialAccounts(); verify(addMemberService).run(addMemberDto, addMemberServiceDto1); verify(addMemberService).run(addMemberDto, addMemberServiceDto2); diff --git a/provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/AzureAppProperties.java b/provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/AzureAppProperties.java index ceb6482b..c12fc7e4 100644 --- a/provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/AzureAppProperties.java +++ b/provider/entitlements-v2-azure/src/main/java/org/opengroup/osdu/entitlements/v2/azure/AzureAppProperties.java @@ -45,6 +45,13 @@ public class AzureAppProperties extends AppProperties { return initialGroups; } + @Override + public List getGroupsOfInitialUsers() { + List groupsOfInitialUsers = new ArrayList<>(); + groupsOfInitialUsers.add(getGroupsOfServicePrincipal()); + return groupsOfInitialUsers; + } + @Override public String getGroupsOfServicePrincipal() { return "/provisioning/accounts/groups_of_service_principal.json"; -- GitLab From 06d36f77ab42056080a48359dda3e3b7014b28e7 Mon Sep 17 00:00:00 2001 From: PBeohar Date: Tue, 18 May 2021 15:24:01 -0500 Subject: [PATCH 2/4] removed unused imports --- .../entitlements/v2/service/DefaultTenantInitServiceImpl.java | 1 - .../opengroup/osdu/entitlements/v2/util/FileReaderService.java | 1 - 2 files changed, 2 deletions(-) diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java index e868091f..a285ce86 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java @@ -21,7 +21,6 @@ import org.springframework.http.HttpStatus; import org.springframework.stereotype.Service; import java.util.ArrayList; -import java.util.Collections; import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java index ef6cd54e..0116141d 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/util/FileReaderService.java @@ -8,7 +8,6 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; import java.nio.charset.StandardCharsets; -import java.util.List; @Service public class FileReaderService { -- GitLab From c08fb305c742b9e2bc2d8b444b337aba54de6a65 Mon Sep 17 00:00:00 2001 From: PBeohar Date: Tue, 18 May 2021 16:05:52 -0500 Subject: [PATCH 3/4] added unit test --- .../osdu/entitlements/v2/AppProperties.java | 2 +- .../service/DefaultTenantInitServiceImpl.java | 2 +- .../DefaultTenantInitServiceImplTests.java | 33 +++++++++++++++++++ 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java index 3a568b81..e829fc3e 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/AppProperties.java @@ -33,7 +33,7 @@ public abstract class AppProperties { public abstract String getGroupsOfServicePrincipal(); /** - * @return a path of configuration file + * @return a list containing paths of configuration files */ public abstract List getGroupsOfInitialUsers(); diff --git a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java index a285ce86..f3770ca1 100644 --- a/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java +++ b/entitlements-v2-core/src/main/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImpl.java @@ -53,7 +53,7 @@ public class DefaultTenantInitServiceImpl implements TenantInitService { final String emailKey = userElement.get("email").getAsString(); final String role = userElement.get("role").getAsString(); final List groupNames; - if (role.equalsIgnoreCase("OWNER")) { + if ("OWNER".equalsIgnoreCase(role)) { groupNames = getGroupNamesForOwner(fileContent); } else { groupNames = getGroupNamesForMember(fileContent); diff --git a/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java b/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java index 86e36d3d..f5b499f1 100644 --- a/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java +++ b/entitlements-v2-core/src/test/java/org/opengroup/osdu/entitlements/v2/service/DefaultTenantInitServiceImplTests.java @@ -54,6 +54,23 @@ public class DefaultTenantInitServiceImplTests { " ]\n" + "}"; + private final String MEMBERS = "{\n" + + " \"users\": [\n" + + " {\n" + + " \"email\": \"SERVICE_PRINCIPAL\",\n" + + " \"role\": \"MEMBER\"\n" + + " }\n" + + " ],\n" + + " \"membersOf\": [\n" + + " {\n" + + " \"groupName\": \"groupId1\"\n" + + " },\n" + + " {\n" + + " \"groupName\": \"groupId2\"\n" + + " }\n" + + " ]\n" + + "}"; + private final String GROUPS_WITH_NO_MEMBERS = "{\n" + " \"groups\": [\n" + " {\n" + @@ -240,6 +257,22 @@ public class DefaultTenantInitServiceImplTests { verifyNoMoreInteractions(log); } + @Test + public void shouldSuccessfullyLoadInitialAccounts() { + when(fileReaderService.readFile("groups_of_service_principal.json")).thenReturn(MEMBERS); + AddMemberDto addMemberDto = AddMemberDto.builder().email("service_principal_username").role(Role.MEMBER).build(); + AddMemberServiceDto addMemberServiceDto1 = AddMemberServiceDto.builder().groupEmail("groupid1@dp.domain.com").requesterId("desId") + .partitionId("dp").build(); + AddMemberServiceDto addMemberServiceDto2 = AddMemberServiceDto.builder().groupEmail("groupid2@dp.domain.com").requesterId("desId") + .partitionId("dp").build(); + + tenantInitService.bootstrapInitialAccounts(); + + verify(addMemberService).run(addMemberDto, addMemberServiceDto1); + verify(addMemberService).run(addMemberDto, addMemberServiceDto2); + verifyNoMoreInteractions(log); + } + @Test public void shouldLoadInitialGroupsWithMembersWithFailure() { prepareFileReaderForGroupsTesting(GROUPS_WITH_MEMBERS); -- GitLab From 461427afadb593964cfd6c5c461104063fc72c43 Mon Sep 17 00:00:00 2001 From: PBeohar Date: Tue, 18 May 2021 16:18:39 -0500 Subject: [PATCH 4/4] updated aws and gcp AppProperties --- .../osdu/entitlements/v2/aws/AwsAppProperties.java | 7 +++++++ .../osdu/entitlements/v2/gcp/GcpAppProperties.java | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/provider/entitlements-v2-aws/src/main/java/org/opengroup/osdu/entitlements/v2/aws/AwsAppProperties.java b/provider/entitlements-v2-aws/src/main/java/org/opengroup/osdu/entitlements/v2/aws/AwsAppProperties.java index 6b54a146..3ac7212b 100644 --- a/provider/entitlements-v2-aws/src/main/java/org/opengroup/osdu/entitlements/v2/aws/AwsAppProperties.java +++ b/provider/entitlements-v2-aws/src/main/java/org/opengroup/osdu/entitlements/v2/aws/AwsAppProperties.java @@ -97,4 +97,11 @@ public class AwsAppProperties extends AppProperties { filePaths.add("/provisioning/groups/datalake_service_groups.json"); return filePaths; } + + @Override + public List getGroupsOfInitialUsers() { + List groupsOfInitialUsers = new ArrayList<>(); + groupsOfInitialUsers.add(getGroupsOfServicePrincipal()); + return groupsOfInitialUsers; + } } diff --git a/provider/entitlements-v2-gcp/src/main/java/org/opengroup/osdu/entitlements/v2/gcp/GcpAppProperties.java b/provider/entitlements-v2-gcp/src/main/java/org/opengroup/osdu/entitlements/v2/gcp/GcpAppProperties.java index 14473e37..3b97d5ef 100644 --- a/provider/entitlements-v2-gcp/src/main/java/org/opengroup/osdu/entitlements/v2/gcp/GcpAppProperties.java +++ b/provider/entitlements-v2-gcp/src/main/java/org/opengroup/osdu/entitlements/v2/gcp/GcpAppProperties.java @@ -146,4 +146,11 @@ public class GcpAppProperties extends AppProperties { filePaths.add("/provisioning/groups/datalake_service_groups.json"); return filePaths; } + + @Override + public List getGroupsOfInitialUsers() { + List groupsOfInitialUsers = new ArrayList<>(); + groupsOfInitialUsers.add(getGroupsOfServicePrincipal()); + return groupsOfInitialUsers; + } } -- GitLab