Merge branch 'fix_swagger_for_collaboration' into 'master'

Bypass info and swagger apis in collaboration filter

See merge request !626

NOTICE

@@ -348,8 +348,8 @@ The following software have components provided under the terms of this license:
 - Google APIs Client Library for Java (from https://repo1.maven.org/maven2/com/google/api-client/google-api-client)
 - Google App Engine extensions to the Google HTTP Client Library for Java. (from https://repo1.maven.org/maven2/com/google/http-client/google-http-client-appengine)
 - Google Cloud Core (from https://github.com/googleapis/google-cloud-java, https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-core, https://github.com/googleapis/java-core)
-- Google Cloud Core HTTP (from https://github.com/GoogleCloudPlatform/google-cloud-java/tree/master/google-cloud-core-http, https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-core-http, https://github.com/googleapis/java-core)
-- Google Cloud Core gRPC (from https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-core-grpc, https://github.com/googleapis/java-core)
+- Google Cloud Core HTTP (from https://github.com/GoogleCloudPlatform/google-cloud-java/tree/master/google-cloud-core-http, https://github.com/googleapis/google-cloud-java, https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-core-http, https://github.com/googleapis/java-core)
+- Google Cloud Core gRPC (from https://github.com/googleapis/google-cloud-java, https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-core-grpc, https://github.com/googleapis/java-core)
 - Google Cloud Datastore (from https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-datastore, https://github.com/googleapis/java-datastore)
 - Google Cloud IAM Service Account Credentials (from https://github.com/googleapis/google-cloud-java, https://github.com/googleapis/java-iamcredentials)
 - Google Cloud Logging (from https://github.com/googleapis/google-cloud-java/tree/master/google-cloud-clients/google-cloud-logging, https://github.com/googleapis/java-logging)

provider/storage-azure/src/main/resources/application.properties

@@ -127,3 +127,4 @@ springdoc.swagger-ui.doc-expansion=none
 
 #Collaboration context featureflag name:partition specific
 featureFlag.strategy=dataPartition
+collaborationFilter.excludedPaths=info,swagger,health,api-docs

storage-core/src/main/java/org/opengroup/osdu/storage/util/CollaborationFilter.java

@@ -5,6 +5,7 @@ import org.apache.http.HttpStatus;
 import org.opengroup.osdu.core.common.feature.IFeatureFlag;
 import org.opengroup.osdu.core.common.model.http.AppError;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.MediaType;
 import org.springframework.stereotype.Component;
 import javax.servlet.Filter;
@@ -16,25 +17,30 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.List;
 
 import static org.opengroup.osdu.storage.util.StringConstants.COLLABORATIONS_FEATURE_NAME;
 
 @Component
 public class CollaborationFilter implements Filter {
     public static final String X_COLLABORATION_HEADER_NAME = "x-collaboration";
-    private static final String DATA_PARTITION_ID = "data-partition-id";
-
 
     @Autowired
     public IFeatureFlag collaborationFeatureFlag;
 
+    @Value("#{'${collaborationFilter.excludedPaths:info,swagger,health,api-docs}'.split(',')}")
+    private List<String> excludedPaths;
+
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws IOException, ServletException {
+
+        HttpServletRequest httpRequest = (HttpServletRequest) request;
+
         HttpServletResponse httpResponse = (HttpServletResponse) response;
 
-        if (!collaborationFeatureFlag.isFeatureEnabled(COLLABORATIONS_FEATURE_NAME)) {
-            String collaborationHeader = ((HttpServletRequest) request).getHeader(X_COLLABORATION_HEADER_NAME);
+        if (!isExcludedPath(httpRequest) && !collaborationFeatureFlag.isFeatureEnabled(COLLABORATIONS_FEATURE_NAME)) {
+            String collaborationHeader = httpRequest.getHeader(X_COLLABORATION_HEADER_NAME);
             if (!Strings.isNullOrEmpty(collaborationHeader)) {
                 httpResponse.setContentType(MediaType.APPLICATION_JSON_VALUE);
                 httpResponse.setStatus(HttpStatus.SC_LOCKED);
@@ -53,4 +59,9 @@ public class CollaborationFilter implements Filter {
         return "{\"code\": " + appError.getCode() + ",\"reason\": \"" + appError.getReason() + "\",\"message\": \"" + appError.getMessage() + "\"}";
     }
 
+    private boolean isExcludedPath(HttpServletRequest request) {
+        String path = request.getRequestURI().substring(request.getContextPath().length() + 1);
+        return excludedPaths.stream().anyMatch(path::contains);
+    }
+
 }

storage-core/src/test/java/org/opengroup/osdu/storage/util/CollaborationFilterTest.java

@@ -2,7 +2,6 @@ package org.opengroup.osdu.storage.util;
 
 import org.apache.http.HttpStatus;
 import org.junit.Before;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
@@ -10,6 +9,7 @@ import org.mockito.Mock;
 import org.mockito.runners.MockitoJUnitRunner;
 import org.opengroup.osdu.core.common.feature.IFeatureFlag;
 import org.opengroup.osdu.core.common.model.http.AppError;
+import org.springframework.test.util.ReflectionTestUtils;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
@@ -17,7 +17,9 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Arrays;
 
+import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 import static org.mockito.MockitoAnnotations.initMocks;
@@ -47,18 +49,19 @@ public class CollaborationFilterTest {
     public IFeatureFlag iCollaborationFeatureFlag;
     @Before
     public void setup() {
+        ReflectionTestUtils.setField(collaborationFilter, "excludedPaths", Arrays.asList("info", "swagger", "health", "api-docs"));
         initMocks(this);
-
     }
 
     @Test
     public void shouldThrowException_ifCollaborationHeaderProvided_whenCollaborationFeatureFlagDisabled() throws IOException, ServletException {
         when(httpServletRequest.getHeader(DATA_PARTITION_ID)).thenReturn(DATA_PARTITION);
+        when(httpServletRequest.getRequestURI()).thenReturn("https://my-service-url/api/storage/v2/");
+        when(httpServletRequest.getContextPath()).thenReturn("/api/storage/v2/");
         when(iCollaborationFeatureFlag.isFeatureEnabled(FEATURE_NAME)).thenReturn(false);
         when(httpServletRequest.getHeader(X_COLLABORATION_HEADER_NAME)).thenReturn(COLLABORATION_DIRECTIVES);
         when(httpServletResponse.getWriter()).thenReturn(writer);
 
-
         collaborationFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
 
         verify(httpServletResponse).setContentType("application/json");
@@ -66,4 +69,36 @@ public class CollaborationFilterTest {
         AppError errorResponse = new AppError(HttpStatus.SC_LOCKED, "Locked", "Feature is not enabled on this environment");
         verify(writer).write(CollaborationFilter.appErrorToJson(errorResponse));
     }
+
+    @Test
+    public void shouldSkipFilter_ifUrlContainsHealthEndpoint() throws IOException, ServletException {
+        when(httpServletRequest.getRequestURI()).thenReturn("https://my-service-url/api/storage/v2/health");
+        when(httpServletRequest.getContextPath()).thenReturn("/api/storage/v2/");
+        collaborationFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
+        verify(iCollaborationFeatureFlag, never()).isFeatureEnabled(FEATURE_NAME);
+    }
+
+    @Test
+    public void shouldSkipFilter_ifUrlContainsInfoEndpoint() throws IOException, ServletException {
+        when(httpServletRequest.getRequestURI()).thenReturn("https://my-service-url/api/storage/v2/info");
+        when(httpServletRequest.getContextPath()).thenReturn("/api/storage/v2/");
+        collaborationFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
+        verify(iCollaborationFeatureFlag, never()).isFeatureEnabled(FEATURE_NAME);
+    }
+
+    @Test
+    public void shouldSkipFilter_ifUrlContainsSwaggerEndpoint() throws IOException, ServletException {
+        when(httpServletRequest.getRequestURI()).thenReturn("https://my-service-url/api/storage/v2/swagger-ui/index.html");
+        when(httpServletRequest.getContextPath()).thenReturn("/api/storage/v2/");
+        collaborationFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
+        verify(iCollaborationFeatureFlag, never()).isFeatureEnabled(FEATURE_NAME);
+    }
+
+    @Test
+    public void shouldSkipFilter_ifUrlContainsApiDocsEndpoint() throws IOException, ServletException {
+        when(httpServletRequest.getRequestURI()).thenReturn("https://my-service-url/api/storage/v2/v3/api-docs");
+        when(httpServletRequest.getContextPath()).thenReturn("/api/storage/v2/");
+        collaborationFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
+        verify(iCollaborationFeatureFlag, never()).isFeatureEnabled(FEATURE_NAME);
+    }
 }