generated from it-at-m/oss-repository-en-template
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bug/optimize fix user select (#1758)
* engine-rest init user resolve * engine-rest init user resolve * engine-rest rename resolveGroups to resolveUserGroups * engine-rest use val instead of var * engine-rest init engine optimize authorizations * engine-rest refactor ldap cache namings * engine-rest refactor ldap cache namings * engine-rest init ldap resolve groups and users * engine-rest implement user filter with engine and ldap * engine-rest implement user filter with engine and ldap * engine-rest add caching for new implementations * engine-rest fix typo * engine-rest init EngineRestUserFilterTest * engine-rest update .run config * engine-rest fix/refactor cache config * engine-rest update logging * engine-rest update logging * engine-rest update logging * stack add kibana * stack add kibana * engine-rest init ldap test * engine-rest test update ldap data * engine-rest update LdapAdapterTest * engine-rest update LdapAdapterTest testResolveUserGroups * engine-rest update LdapAdapterTest testGetGroupsMembers * engine-rest cleanup LdapTestConfiguration * engine-rest cleanup LdapTestConfiguration * engine-rest update java doc * engine-rest cleanup code Co-authored-by: markostreich <[email protected]> * engine-rest update README.md --------- Co-authored-by: markostreich <[email protected]>
- Loading branch information
1 parent
c45e3a5
commit bbe03db
Showing
27 changed files
with
708 additions
and
46 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
58 changes: 58 additions & 0 deletions
58
...st-service/src/main/java/de/muenchen/oss/digiwf/adapter/in/rest/EngineRestUserFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| package de.muenchen.oss.digiwf.adapter.in.rest; | ||
|
|
||
| import com.fasterxml.jackson.databind.ObjectMapper; | ||
| import de.muenchen.oss.digiwf.application.port.in.ResolveUserInPort; | ||
| import jakarta.servlet.*; | ||
| import jakarta.servlet.http.HttpServletRequest; | ||
| import jakarta.servlet.http.HttpServletResponse; | ||
| import lombok.RequiredArgsConstructor; | ||
| import lombok.extern.slf4j.Slf4j; | ||
| import lombok.val; | ||
|
|
||
| import java.io.IOException; | ||
| import java.util.regex.Pattern; | ||
|
|
||
| @Slf4j | ||
| @RequiredArgsConstructor | ||
| public class EngineRestUserFilter implements Filter { | ||
|
|
||
| public static final String ROUTE_PATTERN = "/engine/default/user/([\\w.]+)/profile"; | ||
| private final ObjectMapper objectMapper; | ||
| private final Pattern pattern = Pattern.compile(ROUTE_PATTERN); | ||
| private final ResolveUserInPort resolveUserInPort; | ||
|
|
||
| @Override | ||
| public void init(FilterConfig filterConfig) throws ServletException { | ||
| Filter.super.init(filterConfig); | ||
| } | ||
|
|
||
| @Override | ||
| public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { | ||
| log.debug("EngineRestUserFilter called"); | ||
|
|
||
| if (servletRequest instanceof HttpServletRequest request && servletResponse instanceof HttpServletResponse response) { | ||
| val path = request.getPathInfo(); | ||
| val matcher = pattern.matcher(path); | ||
| if (!matcher.matches()) { | ||
| log.warn("Request to user endpoint not matching profile path: {}", path); | ||
| filterChain.doFilter(servletRequest, servletResponse); | ||
| return; | ||
| } | ||
| val username = matcher.group(1); | ||
| log.trace("Asking profile for user {}", username); | ||
|
|
||
| val payload = resolveUserInPort.resolveUser(username); | ||
| log.debug("Resolved user {} to: {}", username, payload); | ||
| if (payload == null) { | ||
| response.setStatus(HttpServletResponse.SC_NOT_FOUND); | ||
| } else { | ||
| response.setStatus(HttpServletResponse.SC_OK); | ||
| response.setContentType("application/json"); | ||
| objectMapper.writeValue(response.getWriter(), payload); | ||
| } | ||
| } else { | ||
| log.debug("Skipped filter"); | ||
| filterChain.doFilter(servletRequest, servletResponse); | ||
| } | ||
| } | ||
| } |
39 changes: 39 additions & 0 deletions
39
...e-rest-service/src/main/java/de/muenchen/oss/digiwf/adapter/out/engine/EngineAdapter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| package de.muenchen.oss.digiwf.adapter.out.engine; | ||
|
|
||
| import de.muenchen.oss.digiwf.application.port.out.EngineAuthorizationsOutPort; | ||
| import de.muenchen.oss.digiwf.domain.Group; | ||
| import lombok.RequiredArgsConstructor; | ||
| import lombok.extern.slf4j.Slf4j; | ||
| import org.camunda.bpm.engine.AuthorizationService; | ||
| import org.camunda.bpm.engine.authorization.Permissions; | ||
| import org.camunda.bpm.engine.authorization.Resources; | ||
| import org.springframework.cache.annotation.Cacheable; | ||
| import org.springframework.lang.NonNull; | ||
| import org.springframework.stereotype.Component; | ||
| import org.springframework.validation.annotation.Validated; | ||
|
|
||
| import java.util.List; | ||
|
|
||
| @Component | ||
| @RequiredArgsConstructor | ||
| @Slf4j | ||
| @Validated | ||
| public class EngineAdapter implements EngineAuthorizationsOutPort { | ||
| private final AuthorizationService authorizationService; | ||
|
|
||
| @NonNull | ||
| @Override | ||
| @Cacheable(EngineCacheConfiguration.OPTIMIZE_AUTH_CACHE) | ||
| public List<Group> getOptimizeAuthorizedGroups() { | ||
| log.info("Loading optimize authorized groups"); | ||
| return authorizationService.createAuthorizationQuery() | ||
| .resourceType(Resources.APPLICATION) | ||
| .hasPermission(Permissions.ACCESS) | ||
| .list().stream().filter( | ||
| i -> i.getGroupId() != null && | ||
| (i.getResourceId().equals("optimize") || i.getResourceId().equals("*")) | ||
| ) | ||
| .map(i -> new Group(i.getGroupId())) | ||
| .toList(); | ||
| } | ||
| } |
28 changes: 28 additions & 0 deletions
28
...ice/src/main/java/de/muenchen/oss/digiwf/adapter/out/engine/EngineCacheConfiguration.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| package de.muenchen.oss.digiwf.adapter.out.engine; | ||
|
|
||
| import com.github.benmanes.caffeine.cache.Caffeine; | ||
| import com.github.benmanes.caffeine.cache.Ticker; | ||
| import org.springframework.cache.Cache; | ||
| import org.springframework.cache.annotation.EnableCaching; | ||
| import org.springframework.cache.caffeine.CaffeineCache; | ||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
|
|
||
| import java.util.concurrent.TimeUnit; | ||
|
|
||
| @Configuration | ||
| @EnableCaching | ||
| public class EngineCacheConfiguration { | ||
| static final String OPTIMIZE_AUTH_CACHE = "optimizeAuthCache"; | ||
| private static final int ENGINE_CACHE_ENTRY_SECONDS_TO_EXPIRE = 60 * 15; | ||
|
|
||
| @Bean | ||
| public Cache optimizeAuthCache(final Ticker ticker) { | ||
| return new CaffeineCache(OPTIMIZE_AUTH_CACHE, | ||
| Caffeine.newBuilder() | ||
| .expireAfterWrite(ENGINE_CACHE_ENTRY_SECONDS_TO_EXPIRE, TimeUnit.SECONDS) | ||
| .ticker(ticker) | ||
| .build() | ||
| ); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.