MaDgiK-CITE
/
argos
13
0
Fork 0
Code Issues Pull Requests Projects Releases 3 Wiki Activity

elastic apply tenant logic

This commit is contained in:
Efstratios Giannopoulos 2024-04-03 12:22:43 +03:00
parent b3db6f1085
commit f47c049b8c
9 changed files with 171 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
dmp-backend/core/src/main/java/eu/eudat/data/TenantEntityManager.java
View File

@ -3,12 +3,14 @@ package eu.eudat.data;
import eu.eudat.authorization.Permission;
import eu.eudat.commons.scope.tenant.TenantScope;
import eu.eudat.commons.scope.tenant.TenantScoped;
import eu.eudat.data.tenant.TenantScopedBaseEntity;
import gr.cite.commons.web.authz.service.AuthorizationService;
import gr.cite.commons.web.oidc.principal.CurrentPrincipalResolver;
import gr.cite.commons.web.oidc.principal.extractor.ClaimExtractor;
import gr.cite.tools.exception.MyForbiddenException;
import jakarta.persistence.*;
import org.hibernate.Session;
import org.springframework.stereotype.Service;
import org.springframework.web.context.annotation.RequestScope;
@ -81,4 +83,27 @@ public class TenantEntityManager {
this.entityManager.clear();
}
public void enableTenantFilters() throws InvalidApplicationException {
if(!tenantScope.isDefaultTenant()) {
this.entityManager
.unwrap(Session.class)
.enableFilter(TenantScopedBaseEntity.TENANT_FILTER)
.setParameter(TenantScopedBaseEntity.TENANT_FILTER_TENANT_PARAM, tenantScope.getTenant().toString());
} else {
this.entityManager
.unwrap(Session.class)
.enableFilter(TenantScopedBaseEntity.DEFAULT_TENANT_FILTER);
}
}
public void disableTenantFilters(){
this.entityManager
.unwrap(Session.class)
.disableFilter(TenantScopedBaseEntity.TENANT_FILTER);
this.entityManager
.unwrap(Session.class)
.disableFilter(TenantScopedBaseEntity.DEFAULT_TENANT_FILTER);
}
}

13
dmp-backend/core/src/main/java/eu/eudat/elastic/data/DescriptionElasticEntity.java
View File

@ -1,7 +1,6 @@
package eu.eudat.elastic.data;
import eu.eudat.commons.enums.DescriptionStatus;
import eu.eudat.commons.enums.DescriptionTemplateVersionStatus;
import eu.eudat.elastic.data.nested.*;
import gr.cite.tools.elastic.ElasticConstants;
import org.springframework.data.annotation.Id;
@ -19,6 +18,10 @@ public class DescriptionElasticEntity {
private UUID id;
public final static String _id = "id";
@Field(value = DescriptionElasticEntity._tenantId, type = FieldType.Keyword)
private UUID tenantId;
public final static String _tenantId = "tenantId";
@MultiField(mainField = @Field(value = DescriptionElasticEntity._label, type = FieldType.Text), otherFields = {
@InnerField(suffix = ElasticConstants.SubFields.keyword, type = FieldType.Keyword)
})
@ -65,6 +68,14 @@ public class DescriptionElasticEntity {
this.id = id;
}
public UUID getTenantId() {
return tenantId;
}
public void setTenantId(UUID tenantId) {
this.tenantId = tenantId;
}
public String getLabel() {
return label;
}

12
dmp-backend/core/src/main/java/eu/eudat/elastic/data/DmpElasticEntity.java
View File

@ -19,6 +19,10 @@ public class DmpElasticEntity {
private UUID id;
public final static String _id = "id";
@Field(value = DmpElasticEntity._tenantId, type = FieldType.Keyword)
private UUID tenantId;
public final static String _tenantId = "tenantId";
@MultiField(mainField = @Field(value = DmpElasticEntity._label, type = FieldType.Text), otherFields = {
@InnerField(suffix = ElasticConstants.SubFields.keyword, type = FieldType.Keyword)
})
@ -84,6 +88,14 @@ public class DmpElasticEntity {
this.id = id;
}
public UUID getTenantId() {
return tenantId;
}
public void setTenantId(UUID tenantId) {
this.tenantId = tenantId;
}
public String getLabel() {
return label;
}

3
dmp-backend/core/src/main/java/eu/eudat/elastic/elasticbuilder/DescriptionElasticBuilder.java
View File

@ -67,6 +67,9 @@ public class DescriptionElasticBuilder extends BaseElasticBuilder<DescriptionEla
if (d.getFinalizedAt() != null) {
m.setFinalizedAt(Date.from(d.getFinalizedAt()));
}
if (d.getTenantId() != null) {
m.setTenantId(d.getTenantId());
}
if (referenceElasticEntityMap != null) m.setReferences(referenceElasticEntityMap.getOrDefault(d.getId(), null));
if (tagElasticEntityMap != null) m.setTags(tagElasticEntityMap.getOrDefault(d.getId(), null));
if (dmpElasticEntityMap != null) m.setDmp(dmpElasticEntityMap.getOrDefault(d.getDmpId(), null));

3
dmp-backend/core/src/main/java/eu/eudat/elastic/elasticbuilder/DmpElasticBuilder.java
View File

@ -62,6 +62,9 @@ public class DmpElasticBuilder extends BaseElasticBuilder<DmpElasticEntity, DmpE
if (d.getFinalizedAt() != null) {
m.setFinalizedAt(Date.from(d.getFinalizedAt()));
}
if (d.getTenantId() != null) {
m.setTenantId(d.getTenantId());
}
if (referenceElasticEntityMap != null) m.setReferences(referenceElasticEntityMap.getOrDefault(d.getId(), null));
if (descriptionElasticEntityMap != null) m.setDescriptions(descriptionElasticEntityMap.getOrDefault(d.getId(), null));
if (collaboratorElasticEntityMap != null) m.setCollaborators(collaboratorElasticEntityMap.getOrDefault(d.getId(), null));

35
dmp-backend/core/src/main/java/eu/eudat/elastic/query/DescriptionElasticQuery.java
View File

@ -2,9 +2,11 @@ package eu.eudat.elastic.query;
import co.elastic.clients.elasticsearch._types.query_dsl.Query;
import co.elastic.clients.elasticsearch._types.query_dsl.QueryBuilders;
import eu.eudat.authorization.AuthorizationFlags;
import eu.eudat.authorization.Permission;
import eu.eudat.commons.enums.DescriptionStatus;
import eu.eudat.commons.enums.DmpAccessType;
import eu.eudat.commons.enums.DmpStatus;
import eu.eudat.commons.scope.tenant.TenantScope;
import eu.eudat.commons.scope.user.UserScope;
import eu.eudat.service.elastic.AppElasticProperties;
import eu.eudat.elastic.data.DescriptionElasticEntity;
@ -26,6 +28,7 @@ import org.springframework.context.annotation.Scope;
import org.springframework.data.elasticsearch.client.elc.ElasticsearchTemplate;
import org.springframework.stereotype.Component;
import javax.management.InvalidApplicationException;
import java.io.IOException;
import java.time.Instant;
import java.util.*;
@ -132,14 +135,16 @@ public class DescriptionElasticQuery extends ElasticQuery<DescriptionElasticEnti
private final AppElasticProperties appElasticProperties;
private final ElasticService elasticService;
private final UserScope userScope;
private final TenantScope tenantScope;
private final AuthorizationService authService;
@Autowired()
public DescriptionElasticQuery(ElasticsearchTemplate elasticsearchTemplate, ElasticProperties elasticProperties, QueryFactory queryFactory, AppElasticProperties appElasticProperties, ElasticService elasticService, UserScope userScope, AuthorizationService authService) {
public DescriptionElasticQuery(ElasticsearchTemplate elasticsearchTemplate, ElasticProperties elasticProperties, QueryFactory queryFactory, AppElasticProperties appElasticProperties, ElasticService elasticService, UserScope userScope, TenantScope tenantScope, AuthorizationService authService) {
super(elasticsearchTemplate, elasticProperties);
this.queryFactory = queryFactory;
this.appElasticProperties = appElasticProperties;
this.elasticService = elasticService;
this.userScope = userScope;
this.tenantScope = tenantScope;
this.authService = authService;
}
@ -155,10 +160,32 @@ public class DescriptionElasticQuery extends ElasticQuery<DescriptionElasticEnti
return DescriptionElasticEntity.class;
}
private Query applyTenant(List<Query> predicates){
if (this.tenantScope.isSet()){
Query tenantQuery;
if (this.tenantScope.isDefaultTenant()){
tenantQuery = this.fieldNotExists(this.elasticFieldOf(DescriptionElasticEntity._tenantId))._toQuery();
}
else {
try {
tenantQuery = this.or(this.fieldNotExists(this.elasticFieldOf(DescriptionElasticEntity._tenantId))._toQuery(),
this.equals(this.elasticFieldOf(DescriptionElasticEntity._tenantId), this.tenantScope.getTenant()))._toQuery();
} catch (InvalidApplicationException e) {
throw new RuntimeException(e);
}
}
if (predicates == null) return tenantQuery;
else return this.and(tenantQuery, this.or(predicates)._toQuery());
} else {
if (predicates != null) return this.or(predicates)._toQuery();
}
return null;
}
@Override
protected Query applyAuthZ() {
if (this.authorize.contains(AuthorizationFlags.None)) return null;
//if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDescription)) return null;
if (this.authorize.contains(AuthorizationFlags.None)) return this.applyTenant(null);
if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDescription)) return this.applyTenant(null);
UUID userId = null;
boolean usePublic = this.authorize.contains(AuthorizationFlags.Public);
if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe();
@ -177,7 +204,7 @@ public class DescriptionElasticQuery extends ElasticQuery<DescriptionElasticEnti
}
if (!predicates.isEmpty()) {
return this.or(predicates)._toQuery();
return this.applyTenant(predicates);
} else {
return this.equals(this.elasticFieldOf(DescriptionElasticEntity._id), UUID.randomUUID());
}

39
dmp-backend/core/src/main/java/eu/eudat/elastic/query/DmpElasticQuery.java
View File

@ -6,7 +6,9 @@ import eu.eudat.authorization.Permission;
import eu.eudat.commons.enums.DmpAccessType;
import eu.eudat.commons.enums.DmpStatus;
import eu.eudat.commons.enums.DmpVersionStatus;
import eu.eudat.commons.scope.tenant.TenantScope;
import eu.eudat.commons.scope.user.UserScope;
import eu.eudat.elastic.data.DescriptionElasticEntity;
import eu.eudat.service.elastic.AppElasticProperties;
import eu.eudat.elastic.data.DmpElasticEntity;
import eu.eudat.elastic.data.nested.NestedDescriptionElasticEntity;
@ -23,6 +25,7 @@ import org.springframework.context.annotation.Scope;
import org.springframework.data.elasticsearch.client.elc.ElasticsearchTemplate;
import org.springframework.stereotype.Component;
import javax.management.InvalidApplicationException;
import java.io.IOException;
import java.util.*;
import java.util.stream.Collectors;
@ -162,14 +165,16 @@ public class DmpElasticQuery extends ElasticQuery<DmpElasticEntity, UUID> {
private final AppElasticProperties appElasticProperties;
private final ElasticService elasticService;
private final UserScope userScope;
private final TenantScope tenantScope;
private final AuthorizationService authService;
@Autowired()
public DmpElasticQuery(ElasticsearchTemplate elasticsearchTemplate, ElasticProperties elasticProperties, QueryFactory queryFactory, AppElasticProperties appElasticProperties, ElasticService elasticService, UserScope userScope, AuthorizationService authService) {
public DmpElasticQuery(ElasticsearchTemplate elasticsearchTemplate, ElasticProperties elasticProperties, QueryFactory queryFactory, AppElasticProperties appElasticProperties, ElasticService elasticService, UserScope userScope, TenantScope tenantScope, AuthorizationService authService) {
super(elasticsearchTemplate, elasticProperties);
this.queryFactory = queryFactory;
this.appElasticProperties = appElasticProperties;
this.elasticService = elasticService;
this.userScope = userScope;
this.tenantScope = tenantScope;
this.authService = authService;
}
@ -183,10 +188,32 @@ public class DmpElasticQuery extends ElasticQuery<DmpElasticEntity, UUID> {
return DmpElasticEntity.class;
}
private Query applyTenant(List<Query> predicates){
if (this.tenantScope.isSet()){
Query tenantQuery;
if (this.tenantScope.isDefaultTenant()){
tenantQuery = this.fieldNotExists(this.elasticFieldOf(DmpElasticEntity._tenantId))._toQuery();
}
else {
try {
tenantQuery = this.or(this.fieldNotExists(this.elasticFieldOf(DmpElasticEntity._tenantId))._toQuery(),
this.equals(this.elasticFieldOf(DmpElasticEntity._tenantId), this.tenantScope.getTenant()))._toQuery();
} catch (InvalidApplicationException e) {
throw new RuntimeException(e);
}
}
if (predicates == null) return tenantQuery;
else return this.and(tenantQuery, this.or(predicates)._toQuery());
} else {
if (predicates != null) return this.or(predicates)._toQuery();
}
return null;
}
@Override
protected Query applyAuthZ() {
if (this.authorize.contains(AuthorizationFlags.None)) return null;
if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDmp)) return null;
if (this.authorize.contains(AuthorizationFlags.None)) return this.applyTenant(null);
if (this.authorize.contains(AuthorizationFlags.Permission) && this.authService.authorize(Permission.BrowseDmp)) return this.applyTenant(null);
UUID userId = null;
boolean usePublic = this.authorize.contains(AuthorizationFlags.Public);
if (this.authorize.contains(AuthorizationFlags.DmpAssociated)) userId = this.userScope.getUserIdSafe();
@ -203,7 +230,11 @@ public class DmpElasticQuery extends ElasticQuery<DmpElasticEntity, UUID> {
query.ids(userId);
predicates.add(this.nestedQuery(query).build()._toQuery());
}
return this.or(predicates)._toQuery();
if (!predicates.isEmpty()) {
return this.applyTenant(predicates);
} else {
return this.equals(this.elasticFieldOf(DescriptionElasticEntity._id), UUID.randomUUID());
}
}
@Override

4
dmp-backend/core/src/main/java/eu/eudat/service/elastic/ElasticService.java
View File

@ -30,7 +30,7 @@ public interface ElasticService {
void deleteDescriptionIndex() throws IOException;
void resetDmpIndex() throws IOException;
void resetDmpIndex() throws IOException, InvalidApplicationException;
void resetDescriptionIndex() throws IOException;
void resetDescriptionIndex() throws IOException, InvalidApplicationException;
}

19
dmp-backend/core/src/main/java/eu/eudat/service/elastic/ElasticServiceImpl.java
View File

@ -9,6 +9,7 @@ import eu.eudat.commons.enums.IsActive;
import eu.eudat.data.DescriptionEntity;
import eu.eudat.data.DmpEntity;
import eu.eudat.data.TenantEntityManager;
import eu.eudat.data.tenant.TenantScopedBaseEntity;
import eu.eudat.elastic.data.DescriptionElasticEntity;
import eu.eudat.elastic.data.DmpElasticEntity;
import eu.eudat.elastic.data.nested.*;
@ -29,6 +30,7 @@ import gr.cite.tools.exception.MyNotFoundException;
import gr.cite.tools.fieldset.BaseFieldSet;
import gr.cite.tools.logging.LoggerService;
import gr.cite.tools.logging.MapLogEntry;
import org.hibernate.Session;
import org.slf4j.LoggerFactory;
import org.springframework.context.MessageSource;
import org.springframework.context.i18n.LocaleContextHolder;
@ -133,6 +135,7 @@ public class ElasticServiceImpl implements ElasticService {
private Map<String, Property> createDescriptionTemplatePropertyMap(){
Map<String, Property> propertyMap = new HashMap<>();
propertyMap.put(DescriptionElasticEntity._id, this.createElastic(FieldType.Keyword, false));
propertyMap.put(DescriptionElasticEntity._tenantId, this.createElastic(FieldType.Keyword, false));
propertyMap.put(DescriptionElasticEntity._label, this.createElastic(FieldType.Keyword, false));
propertyMap.put(DescriptionElasticEntity._description, this.createElastic(FieldType.Text, true));
propertyMap.put(DescriptionElasticEntity._status, this.createElastic(FieldType.Short, false));
@ -149,6 +152,7 @@ public class ElasticServiceImpl implements ElasticService {
private Map<String, Property> createDmpTemplatePropertyMap(){
Map<String, Property> propertyMap = new HashMap<>();
propertyMap.put(DmpElasticEntity._id, this.createElastic(FieldType.Keyword, false));
propertyMap.put(DmpElasticEntity._tenantId, this.createElastic(FieldType.Keyword, false));
propertyMap.put(DmpElasticEntity._label, this.createElastic(FieldType.Text, true));
propertyMap.put(DmpElasticEntity._description, this.createElastic(FieldType.Text, false));
propertyMap.put(DmpElasticEntity._status, this.createElastic(FieldType.Short, false));
@ -356,7 +360,7 @@ public class ElasticServiceImpl implements ElasticService {
}
@Override
public void resetDmpIndex() throws IOException {
public void resetDmpIndex() throws IOException, InvalidApplicationException {
logger.debug(new MapLogEntry("reset dmp index"));
this.authorizationService.authorizeForce(Permission.ManageElastic);
@ -364,6 +368,8 @@ public class ElasticServiceImpl implements ElasticService {
this.deleteDmpIndex();
this.ensureDmpIndex();
try {
this.entityManager.disableTenantFilters();
int page = 0;
int pageSize = this.appElasticProperties.getResetBatchSize();
List<DmpEntity> items;
@ -379,10 +385,13 @@ public class ElasticServiceImpl implements ElasticService {
page++;
}
} while (items != null && !items.isEmpty());
}finally {
this.entityManager.enableTenantFilters();
}
}
@Override
public void resetDescriptionIndex() throws IOException {
public void resetDescriptionIndex() throws IOException, InvalidApplicationException {
logger.debug(new MapLogEntry("reset description index"));
this.authorizationService.authorizeForce(Permission.ManageElastic);
@ -390,6 +399,9 @@ public class ElasticServiceImpl implements ElasticService {
this.deleteDescriptionIndex();
this.ensureDescriptionIndex();
try {
this.entityManager.disableTenantFilters();
int page = 0;
int pageSize = this.appElasticProperties.getResetBatchSize();
List<DescriptionEntity> items;
@ -405,6 +417,9 @@ public class ElasticServiceImpl implements ElasticService {
page++;
}
} while (items != null && !items.isEmpty());
}finally {
this.entityManager.enableTenantFilters();
}
}
//endregion