set new creation role name. Add further logs
This commit is contained in:
parent
c11fb3b44d
commit
8eb58fd6f4
|
@ -13,7 +13,6 @@ import lombok.extern.slf4j.Slf4j;
|
|||
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||
import org.gcube.common.keycloak.model.ModelUtils;
|
||||
import org.gcube.common.resources.gcore.*;
|
||||
import org.gcube.common.resources.gcore.common.Platform;
|
||||
import org.gcube.common.resources.gcore.utils.Group;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.informationsystem.icproxy.profiles.ServiceEndpointProfile;
|
||||
|
@ -27,16 +26,15 @@ import org.gcube.common.encryption.StringEncrypter;
|
|||
@Path("ServiceEndpoint")
|
||||
public class ServiceEndpointResource {
|
||||
|
||||
public static final String ENABLED_ROLE="service-endpoint-key";
|
||||
public static final String DECRYPT_ROLE ="service-endpoint-key";
|
||||
public static final String CREATE_ROLE ="is-resource-create";
|
||||
|
||||
@GET
|
||||
@Path("/{category}")
|
||||
@Produces(MediaType.APPLICATION_XML)
|
||||
public List<ServiceEndpoint> retrieve(@NotNull @PathParam("category") String resourceCategory) {
|
||||
log.info("ServiceEndpoint called with category {} in context {}",resourceCategory, ScopeProvider.instance.get());
|
||||
|
||||
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
||||
|
||||
List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceCategory));
|
||||
log.debug("retrieved resources are "+endpoints.size());
|
||||
return endpoints;
|
||||
|
@ -66,48 +64,53 @@ public class ServiceEndpointResource {
|
|||
@NotNull @PathParam("category") String resourceCategory, @NotNull @PathParam("result") String resultXPath) {
|
||||
log.info("ServiceEndpoint called with category {} and name {} and result {} in scope {}"
|
||||
,resourceCategory, resourceName, resultXPath, ScopeProvider.instance.get());
|
||||
|
||||
SimpleQuery query = getQuery(resourceName, resourceCategory);
|
||||
|
||||
if (resultXPath.startsWith("/"))
|
||||
query.setResult("$resource"+resultXPath);
|
||||
else
|
||||
query.setResult("$resource/"+resultXPath);
|
||||
|
||||
DiscoveryClient<String> client = client();
|
||||
List<String> endpoints = client.submit(query);
|
||||
StringBuilder builder = new StringBuilder("<Results>");
|
||||
for (String single: endpoints)
|
||||
builder.append("<Result>").append(single.replaceAll("\n", "")).append("</Result>");
|
||||
|
||||
builder.append("</Results>");
|
||||
|
||||
log.debug("retrieved resources are "+endpoints.size());
|
||||
return builder.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Used for creating a new ServiceEndpoint resource starting from a XML resource as input param
|
||||
* @param resourceProfile a complete ServiceEndpoint resource in XML
|
||||
* @return the resource id
|
||||
*/
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_XML)
|
||||
@Produces(MediaType.TEXT_PLAIN)
|
||||
@Consumes(MediaType.APPLICATION_XML)
|
||||
public ServiceEndpoint create(ServiceEndpoint resourceProfile) {
|
||||
public String create(ServiceEndpoint resourceProfile) {
|
||||
log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get());
|
||||
if (Objects.nonNull(resourceProfile) && isRoleEnabled()){
|
||||
if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){
|
||||
log.debug("going to encrypt and push");
|
||||
registerSE(encryptResource(resourceProfile));
|
||||
String id=registerSE(encryptResource(resourceProfile));
|
||||
log.debug("pushed on IS");
|
||||
return resourceProfile;
|
||||
return id;
|
||||
}else{
|
||||
throw new RuntimeException("ServiceEndpoint profile is null or user not enabled");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Used for creating a new ServiceEndpoint resource starting from a simplified JSON resource
|
||||
* @param resourceProfile a simplified JSON resource defined by ServiceEndpointProfile class
|
||||
* @return the new resource created in XML format
|
||||
*/
|
||||
@POST
|
||||
@Produces(MediaType.APPLICATION_XML)
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public ServiceEndpoint create(ServiceEndpointProfile resourceProfile) {
|
||||
log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get());
|
||||
if (Objects.nonNull(resourceProfile) && isRoleEnabled()){
|
||||
if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){
|
||||
ServiceEndpoint newResource= new ServiceEndpoint();
|
||||
ServiceEndpoint.Profile profile=newResource.newProfile().category(resourceProfile.getCategory()).name(resourceProfile.getName());
|
||||
profile.newPlatform().name(resourceProfile.getPlatform()).version((short)1).minorVersion((short)0).revisionVersion((short)0).buildVersion((short)0);
|
||||
|
@ -184,7 +187,7 @@ public class ServiceEndpointResource {
|
|||
|
||||
private List<ServiceEndpoint> getServiceEndpoints(boolean isDecrypt, List<ServiceEndpoint> endpoints) {
|
||||
if (isDecrypt) {
|
||||
if (isRoleEnabled()){
|
||||
if (isRoleEnabled(DECRYPT_ROLE)){
|
||||
List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
|
||||
for (ServiceEndpoint resource : endpoints) {
|
||||
ses.add(decryptResource(resource));
|
||||
|
@ -197,27 +200,33 @@ public class ServiceEndpointResource {
|
|||
return endpoints;
|
||||
}
|
||||
|
||||
private boolean isRoleEnabled(){
|
||||
private boolean isRoleEnabled(String role){
|
||||
boolean isEnabled = false;
|
||||
log.debug("checking role");
|
||||
String at= AccessTokenProvider.instance.get();
|
||||
try{
|
||||
if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains(ENABLED_ROLE )) {
|
||||
log.info("The client is authorized to see the resource as 'free-to-air'");
|
||||
return true;
|
||||
if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains(role)) {
|
||||
isEnabled=true;
|
||||
}
|
||||
}catch (Exception e){
|
||||
log.error("token not retrieved properly: "+e.getMessage());
|
||||
e.printStackTrace();
|
||||
}
|
||||
log.info("user not authorized, sorry");
|
||||
return false;
|
||||
log.debug("role enabled "+isEnabled);
|
||||
return isEnabled;
|
||||
}
|
||||
private static String registerSE(ServiceEndpoint toRegister) {
|
||||
log.trace("going to create a new ServiceEndpoint resource. registerSE method");
|
||||
RegistryPublisher rp= RegistryPublisherFactory.create();
|
||||
if(log.isDebugEnabled())
|
||||
Resources.print(toRegister);
|
||||
Resource r=rp.create(toRegister);
|
||||
return r.id();
|
||||
if (Objects.nonNull(r)) {
|
||||
log.debug("resource registered with id " + r.id());
|
||||
return r.id();
|
||||
}else{
|
||||
throw new RuntimeException("Creation failed, null returned: "+toRegister);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue