From 8eb58fd6f464f8d6eee6aa0f2630610cbc93556f Mon Sep 17 00:00:00 2001 From: Roberto Cirillo Date: Fri, 3 Mar 2023 11:49:02 +0100 Subject: [PATCH] set new creation role name. Add further logs --- .../resources/ServiceEndpointResource.java | 55 +++++++++++-------- 1 file changed, 32 insertions(+), 23 deletions(-) diff --git a/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java b/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java index 4f7ad4d..2aa2b6a 100644 --- a/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java +++ b/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java @@ -13,7 +13,6 @@ import lombok.extern.slf4j.Slf4j; import org.gcube.common.authorization.library.provider.AccessTokenProvider; import org.gcube.common.keycloak.model.ModelUtils; import org.gcube.common.resources.gcore.*; -import org.gcube.common.resources.gcore.common.Platform; import org.gcube.common.resources.gcore.utils.Group; import org.gcube.common.scope.api.ScopeProvider; import org.gcube.informationsystem.icproxy.profiles.ServiceEndpointProfile; @@ -27,16 +26,15 @@ import org.gcube.common.encryption.StringEncrypter; @Path("ServiceEndpoint") public class ServiceEndpointResource { - public static final String ENABLED_ROLE="service-endpoint-key"; + public static final String DECRYPT_ROLE ="service-endpoint-key"; + public static final String CREATE_ROLE ="is-resource-create"; @GET @Path("/{category}") @Produces(MediaType.APPLICATION_XML) public List retrieve(@NotNull @PathParam("category") String resourceCategory) { log.info("ServiceEndpoint called with category {} in context {}",resourceCategory, ScopeProvider.instance.get()); - DiscoveryClient client = clientFor(ServiceEndpoint.class); - List endpoints = client.submit(getQuery(resourceCategory)); log.debug("retrieved resources are "+endpoints.size()); return endpoints; @@ -66,48 +64,53 @@ public class ServiceEndpointResource { @NotNull @PathParam("category") String resourceCategory, @NotNull @PathParam("result") String resultXPath) { log.info("ServiceEndpoint called with category {} and name {} and result {} in scope {}" ,resourceCategory, resourceName, resultXPath, ScopeProvider.instance.get()); - SimpleQuery query = getQuery(resourceName, resourceCategory); - if (resultXPath.startsWith("/")) query.setResult("$resource"+resultXPath); else query.setResult("$resource/"+resultXPath); - DiscoveryClient client = client(); List endpoints = client.submit(query); StringBuilder builder = new StringBuilder(""); for (String single: endpoints) builder.append("").append(single.replaceAll("\n", "")).append(""); - builder.append(""); - log.debug("retrieved resources are "+endpoints.size()); return builder.toString(); } + /** + * Used for creating a new ServiceEndpoint resource starting from a XML resource as input param + * @param resourceProfile a complete ServiceEndpoint resource in XML + * @return the resource id + */ @POST - @Produces(MediaType.APPLICATION_XML) + @Produces(MediaType.TEXT_PLAIN) @Consumes(MediaType.APPLICATION_XML) - public ServiceEndpoint create(ServiceEndpoint resourceProfile) { + public String create(ServiceEndpoint resourceProfile) { log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get()); - if (Objects.nonNull(resourceProfile) && isRoleEnabled()){ + if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){ log.debug("going to encrypt and push"); - registerSE(encryptResource(resourceProfile)); + String id=registerSE(encryptResource(resourceProfile)); log.debug("pushed on IS"); - return resourceProfile; + return id; }else{ throw new RuntimeException("ServiceEndpoint profile is null or user not enabled"); } } + /** + * Used for creating a new ServiceEndpoint resource starting from a simplified JSON resource + * @param resourceProfile a simplified JSON resource defined by ServiceEndpointProfile class + * @return the new resource created in XML format + */ @POST @Produces(MediaType.APPLICATION_XML) @Consumes(MediaType.APPLICATION_JSON) public ServiceEndpoint create(ServiceEndpointProfile resourceProfile) { log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get()); - if (Objects.nonNull(resourceProfile) && isRoleEnabled()){ + if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){ ServiceEndpoint newResource= new ServiceEndpoint(); ServiceEndpoint.Profile profile=newResource.newProfile().category(resourceProfile.getCategory()).name(resourceProfile.getName()); profile.newPlatform().name(resourceProfile.getPlatform()).version((short)1).minorVersion((short)0).revisionVersion((short)0).buildVersion((short)0); @@ -184,7 +187,7 @@ public class ServiceEndpointResource { private List getServiceEndpoints(boolean isDecrypt, List endpoints) { if (isDecrypt) { - if (isRoleEnabled()){ + if (isRoleEnabled(DECRYPT_ROLE)){ List ses = new ArrayList<>(endpoints.size()); for (ServiceEndpoint resource : endpoints) { ses.add(decryptResource(resource)); @@ -197,27 +200,33 @@ public class ServiceEndpointResource { return endpoints; } - private boolean isRoleEnabled(){ + private boolean isRoleEnabled(String role){ + boolean isEnabled = false; log.debug("checking role"); String at= AccessTokenProvider.instance.get(); try{ - if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains(ENABLED_ROLE )) { - log.info("The client is authorized to see the resource as 'free-to-air'"); - return true; + if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains(role)) { + isEnabled=true; } }catch (Exception e){ log.error("token not retrieved properly: "+e.getMessage()); e.printStackTrace(); } - log.info("user not authorized, sorry"); - return false; + log.debug("role enabled "+isEnabled); + return isEnabled; } private static String registerSE(ServiceEndpoint toRegister) { + log.trace("going to create a new ServiceEndpoint resource. registerSE method"); RegistryPublisher rp= RegistryPublisherFactory.create(); if(log.isDebugEnabled()) Resources.print(toRegister); Resource r=rp.create(toRegister); - return r.id(); + if (Objects.nonNull(r)) { + log.debug("resource registered with id " + r.id()); + return r.id(); + }else{ + throw new RuntimeException("Creation failed, null returned: "+toRegister); + } } } \ No newline at end of file