add cache to tenant interceptor
This commit is contained in:
parent
fcc3dd7609
commit
a5f31ab880
|
@ -69,6 +69,7 @@ public class TenantInterceptor implements WebRequestInterceptor {
|
||||||
private final ConventionService conventionService;
|
private final ConventionService conventionService;
|
||||||
private final UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler;
|
private final UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler;
|
||||||
private final AuthorizationProperties authorizationProperties;
|
private final AuthorizationProperties authorizationProperties;
|
||||||
|
private final UserTenantRolesCacheService userTenantRolesCacheService;
|
||||||
@PersistenceContext
|
@PersistenceContext
|
||||||
public EntityManager entityManager;
|
public EntityManager entityManager;
|
||||||
|
|
||||||
|
@ -82,7 +83,7 @@ public class TenantInterceptor implements WebRequestInterceptor {
|
||||||
TenantScopeProperties tenantScopeProperties,
|
TenantScopeProperties tenantScopeProperties,
|
||||||
UserAllowedTenantCacheService userAllowedTenantCacheService,
|
UserAllowedTenantCacheService userAllowedTenantCacheService,
|
||||||
PlatformTransactionManager transactionManager,
|
PlatformTransactionManager transactionManager,
|
||||||
ErrorThesaurusProperties errors, QueryUtilsService queryUtilsService, LockByKeyManager lockByKeyManager, ConventionService conventionService, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, AuthorizationProperties authorizationProperties) {
|
ErrorThesaurusProperties errors, QueryUtilsService queryUtilsService, LockByKeyManager lockByKeyManager, ConventionService conventionService, UserTouchedIntegrationEventHandler userTouchedIntegrationEventHandler, AuthorizationProperties authorizationProperties, UserTenantRolesCacheService userTenantRolesCacheService) {
|
||||||
this.tenantScope = tenantScope;
|
this.tenantScope = tenantScope;
|
||||||
this.userScope = userScope;
|
this.userScope = userScope;
|
||||||
this.currentPrincipalResolver = currentPrincipalResolver;
|
this.currentPrincipalResolver = currentPrincipalResolver;
|
||||||
|
@ -97,6 +98,7 @@ public class TenantInterceptor implements WebRequestInterceptor {
|
||||||
this.conventionService = conventionService;
|
this.conventionService = conventionService;
|
||||||
this.userTouchedIntegrationEventHandler = userTouchedIntegrationEventHandler;
|
this.userTouchedIntegrationEventHandler = userTouchedIntegrationEventHandler;
|
||||||
this.authorizationProperties = authorizationProperties;
|
this.authorizationProperties = authorizationProperties;
|
||||||
|
this.userTenantRolesCacheService = userTenantRolesCacheService;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -145,7 +147,10 @@ public class TenantInterceptor implements WebRequestInterceptor {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
this.syncUserWithClaims();
|
UserTenantRolesCacheService.UserTenantRolesCacheValue cacheValue = this.userTenantRolesCacheService.lookup(this.userTenantRolesCacheService.buildKey(this.userScope.getUserId(), this.tenantScope.isDefaultTenant() ? UUID.fromString("00000000-0000-0000-0000-000000000000") : this.tenantScope.getTenant()));
|
||||||
|
if (cacheValue == null || !this.userRolesSynced(cacheValue.getRoles())) {
|
||||||
|
this.syncUserWithClaims();
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if (!isAllowedNoTenant) {
|
if (!isAllowedNoTenant) {
|
||||||
if (!this.isWhiteListedEndpoint(request)) {
|
if (!this.isWhiteListedEndpoint(request)) {
|
||||||
|
@ -244,6 +249,8 @@ public class TenantInterceptor implements WebRequestInterceptor {
|
||||||
}
|
}
|
||||||
|
|
||||||
private void syncUserWithClaims() throws InvalidApplicationException, InterruptedException {
|
private void syncUserWithClaims() throws InvalidApplicationException, InterruptedException {
|
||||||
|
|
||||||
|
|
||||||
boolean usedResource = false;
|
boolean usedResource = false;
|
||||||
String lockId = userScope.getUserId().toString().toLowerCase(Locale.ROOT);
|
String lockId = userScope.getUserId().toString().toLowerCase(Locale.ROOT);
|
||||||
boolean hasChanges = false;
|
boolean hasChanges = false;
|
||||||
|
@ -258,7 +265,14 @@ public class TenantInterceptor implements WebRequestInterceptor {
|
||||||
try {
|
try {
|
||||||
status = transactionManager.getTransaction(definition);
|
status = transactionManager.getTransaction(definition);
|
||||||
|
|
||||||
List<String> existingUserRoles = this.collectUserRoles();
|
UserTenantRolesCacheService.UserTenantRolesCacheValue cacheValue = this.userTenantRolesCacheService.lookup(this.userTenantRolesCacheService.buildKey(this.userScope.getUserId(), this.tenantScope.isDefaultTenant() ? UUID.fromString("00000000-0000-0000-0000-000000000000") : this.tenantScope.getTenant()));
|
||||||
|
List<String> existingUserRoles;
|
||||||
|
if (cacheValue != null) {
|
||||||
|
existingUserRoles = cacheValue.getRoles();
|
||||||
|
} else {
|
||||||
|
existingUserRoles = this.collectUserRoles();
|
||||||
|
this.userTenantRolesCacheService.put(new UserTenantRolesCacheService.UserTenantRolesCacheValue(this.userScope.getUserId(), this.tenantScope.isDefaultTenant() ? UUID.fromString("00000000-0000-0000-0000-000000000000") : this.tenantScope.getTenant(), existingUserRoles));
|
||||||
|
}
|
||||||
if (!this.userRolesSynced(existingUserRoles)) {
|
if (!this.userRolesSynced(existingUserRoles)) {
|
||||||
this.syncRoles();
|
this.syncRoles();
|
||||||
hasChanges = true;
|
hasChanges = true;
|
||||||
|
|
|
@ -8,3 +8,5 @@ import org.springframework.context.annotation.Configuration;
|
||||||
@ConfigurationProperties(prefix = "cache.user-allowed-tenant")
|
@ConfigurationProperties(prefix = "cache.user-allowed-tenant")
|
||||||
public class UserAllowedTenantCacheOptions extends CacheOptions {
|
public class UserAllowedTenantCacheOptions extends CacheOptions {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -88,3 +88,4 @@ public class UserAllowedTenantCacheService extends CacheService<UserAllowedTenan
|
||||||
return this.generateKey(keyParts);
|
return this.generateKey(keyParts);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
package eu.eudat.interceptors.tenant;
|
||||||
|
|
||||||
|
import gr.cite.tools.cache.CacheOptions;
|
||||||
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
@ConfigurationProperties(prefix = "cache.user-tenant-roles")
|
||||||
|
public class UserTenantRolesCacheOptions extends CacheOptions {
|
||||||
|
}
|
|
@ -0,0 +1,91 @@
|
||||||
|
package eu.eudat.interceptors.tenant;
|
||||||
|
|
||||||
|
import eu.eudat.event.UserAddedToTenantEvent;
|
||||||
|
import eu.eudat.event.UserRemovedFromTenantEvent;
|
||||||
|
import gr.cite.tools.cache.CacheService;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.context.event.EventListener;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Locale;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
|
@Service
|
||||||
|
public class UserTenantRolesCacheService extends CacheService<UserTenantRolesCacheService.UserTenantRolesCacheValue> {
|
||||||
|
|
||||||
|
public static class UserTenantRolesCacheValue {
|
||||||
|
|
||||||
|
public UserTenantRolesCacheValue() {
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserTenantRolesCacheValue(UUID userId, UUID tenantId, List<String> roles) {
|
||||||
|
this.userId = userId;
|
||||||
|
this.tenantId = tenantId;
|
||||||
|
this.roles = roles;
|
||||||
|
}
|
||||||
|
|
||||||
|
private UUID userId;
|
||||||
|
|
||||||
|
public UUID getUserId() {
|
||||||
|
return userId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUserId(UUID userId) {
|
||||||
|
this.userId = userId;
|
||||||
|
}
|
||||||
|
|
||||||
|
private UUID tenantId;
|
||||||
|
|
||||||
|
public UUID getTenantId() {
|
||||||
|
return tenantId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTenantId(UUID tenantId) {
|
||||||
|
this.tenantId = tenantId;
|
||||||
|
}
|
||||||
|
|
||||||
|
private List<String> roles;
|
||||||
|
|
||||||
|
public List<String> getRoles() {
|
||||||
|
return roles;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setRoles(List<String> roles) {
|
||||||
|
this.roles = roles;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
public UserTenantRolesCacheService(UserTenantRolesCacheOptions options) {
|
||||||
|
super(options);
|
||||||
|
}
|
||||||
|
|
||||||
|
@EventListener
|
||||||
|
public void handleUserRemovedFromTenantEvent(UserRemovedFromTenantEvent event) {
|
||||||
|
this.evict(this.buildKey(event.getUserId(), event.getTenantId()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@EventListener
|
||||||
|
public void handleUserAddedToTenantEvent(UserAddedToTenantEvent event) {
|
||||||
|
this.evict(this.buildKey(event.getUserId(), event.getTenantId()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected Class<UserTenantRolesCacheValue> valueClass() {
|
||||||
|
return UserTenantRolesCacheValue.class;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String keyOf(UserTenantRolesCacheValue value) {
|
||||||
|
return this.buildKey(value.getUserId(), value.getTenantId());
|
||||||
|
}
|
||||||
|
|
||||||
|
public String buildKey(UUID userId, UUID tenantId) {
|
||||||
|
HashMap<String, String> keyParts = new HashMap<>();
|
||||||
|
keyParts.put("$user_id$", userId.toString().toLowerCase(Locale.ROOT));
|
||||||
|
keyParts.put("$tenant_id$", tenantId.toString().toLowerCase(Locale.ROOT));
|
||||||
|
return this.generateKey(keyParts);
|
||||||
|
}
|
||||||
|
}
|
|
@ -68,6 +68,12 @@ cache:
|
||||||
maximumSize: 500
|
maximumSize: 500
|
||||||
enableRecordStats: false
|
enableRecordStats: false
|
||||||
expireAfterWriteSeconds: 60
|
expireAfterWriteSeconds: 60
|
||||||
|
- names: [ userTenantRoles ]
|
||||||
|
allowNullValues: true
|
||||||
|
initialCapacity: 100
|
||||||
|
maximumSize: 500
|
||||||
|
enableRecordStats: false
|
||||||
|
expireAfterWriteSeconds: 60
|
||||||
mapCaches:
|
mapCaches:
|
||||||
userBySubjectId:
|
userBySubjectId:
|
||||||
name: userBySubjectId
|
name: userBySubjectId
|
||||||
|
@ -81,6 +87,9 @@ cache:
|
||||||
userAllowedTenant:
|
userAllowedTenant:
|
||||||
name: userAllowedTenant
|
name: userAllowedTenant
|
||||||
keyPattern: user_allowed_tenant$tenant_id$_$user_id$:v0
|
keyPattern: user_allowed_tenant$tenant_id$_$user_id$:v0
|
||||||
|
userTenantRoles:
|
||||||
|
name: userTenantRoles
|
||||||
|
keyPattern: user_tenant_roles$tenant_id$_$user_id$:v0
|
||||||
supportiveMaterial:
|
supportiveMaterial:
|
||||||
name: supportiveMaterial
|
name: supportiveMaterial
|
||||||
keyPattern: supportive_material_$type$_$lang$:v0
|
keyPattern: supportive_material_$type$_$lang$:v0
|
||||||
|
|
Loading…
Reference in New Issue