From e4a1f83b13426ce7878e451fe864f9571424d1a7 Mon Sep 17 00:00:00 2001 From: Alexis de Talhouët Date: Mon, 4 Mar 2019 21:37:27 -0500 Subject: Add gRPC & REST basic auth support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: Iaa187a8288a9c84aa80b596a14e66de10a9b7501 Issue-ID: CCSDK-1055 Signed-off-by: Alexis de Talhouët --- ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml | 6 ++++++ .../selfservice/api/BluePrintManagementGRPCHandler.kt | 5 ++++- .../selfservice/api/BluePrintProcessingGRPCHandler.kt | 4 +++- .../selfservice/api/ExecutionServiceController.kt | 5 ++++- .../selfservice/api/ExecutionServiceHandlerTest.kt | 3 ++- 5 files changed, 19 insertions(+), 4 deletions(-) (limited to 'ms/blueprintsprocessor/modules/inbounds') diff --git a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml index c05b84ad9..f538a152d 100755 --- a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml +++ b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/pom.xml @@ -32,6 +32,12 @@ Blueprints Processor Selfservice API + + + org.springframework.security + spring-security-core + + org.onap.ccsdk.apps.components proto-definition diff --git a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintManagementGRPCHandler.kt b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintManagementGRPCHandler.kt index fb0bc5678..d689187e8 100644 --- a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintManagementGRPCHandler.kt +++ b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintManagementGRPCHandler.kt @@ -28,16 +28,18 @@ import org.onap.ccsdk.apps.controllerblueprints.management.api.BluePrintManageme import org.onap.ccsdk.apps.controllerblueprints.management.api.BluePrintManagementOutput import org.onap.ccsdk.apps.controllerblueprints.management.api.BluePrintManagementServiceGrpc import org.slf4j.LoggerFactory +import org.springframework.security.access.prepost.PreAuthorize import org.springframework.stereotype.Service import java.io.File @Service -class BluePrintManagementGRPCHandler(private val bluePrintCoreConfiguration: BluePrintCoreConfiguration, +open class BluePrintManagementGRPCHandler(private val bluePrintCoreConfiguration: BluePrintCoreConfiguration, private val bluePrintCatalogService: BluePrintCatalogService) : BluePrintManagementServiceGrpc.BluePrintManagementServiceImplBase() { private val log = LoggerFactory.getLogger(BluePrintManagementGRPCHandler::class.java) + @PreAuthorize("hasRole('USER')") override fun uploadBlueprint(request: BluePrintManagementInput, responseObserver: StreamObserver) { val blueprintName = request.blueprintName val blueprintVersion = request.blueprintVersion @@ -61,6 +63,7 @@ class BluePrintManagementGRPCHandler(private val bluePrintCoreConfiguration: Blu } } + @PreAuthorize("hasRole('USER')") override fun removeBlueprint(request: BluePrintManagementInput, responseObserver: StreamObserver) { val blueprintName = request.blueprintName val blueprintVersion = request.blueprintVersion diff --git a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintProcessingGRPCHandler.kt b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintProcessingGRPCHandler.kt index edb1d31dc..aadbec83a 100644 --- a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintProcessingGRPCHandler.kt +++ b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/BluePrintProcessingGRPCHandler.kt @@ -23,14 +23,16 @@ import org.onap.ccsdk.apps.controllerblueprints.processing.api.BluePrintProcessi import org.onap.ccsdk.apps.controllerblueprints.processing.api.ExecutionServiceInput import org.onap.ccsdk.apps.controllerblueprints.processing.api.ExecutionServiceOutput import org.slf4j.LoggerFactory +import org.springframework.security.access.prepost.PreAuthorize import org.springframework.stereotype.Service @Service -class BluePrintProcessingGRPCHandler(private val bluePrintCoreConfiguration: BluePrintCoreConfiguration, +open class BluePrintProcessingGRPCHandler(private val bluePrintCoreConfiguration: BluePrintCoreConfiguration, private val executionServiceHandler: ExecutionServiceHandler) : BluePrintProcessingServiceGrpc.BluePrintProcessingServiceImplBase() { private val log = LoggerFactory.getLogger(BluePrintProcessingGRPCHandler::class.java) + @PreAuthorize("hasRole('USER')") override fun process( responseObserver: StreamObserver): StreamObserver { diff --git a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceController.kt b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceController.kt index 6477c0678..16f0fa869 100644 --- a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceController.kt +++ b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/main/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceController.kt @@ -23,6 +23,7 @@ import org.onap.ccsdk.apps.blueprintsprocessor.core.api.data.ExecutionServiceOut import org.springframework.beans.factory.annotation.Autowired import org.springframework.http.MediaType import org.springframework.http.codec.multipart.FilePart +import org.springframework.security.access.prepost.PreAuthorize import org.springframework.web.bind.annotation.PostMapping import org.springframework.web.bind.annotation.RequestBody import org.springframework.web.bind.annotation.RequestMapping @@ -34,7 +35,7 @@ import reactor.core.publisher.Mono @RestController @RequestMapping("/api/v1/execution-service") -class ExecutionServiceController { +open class ExecutionServiceController { @Autowired lateinit var executionServiceHandler: ExecutionServiceHandler @@ -48,6 +49,7 @@ class ExecutionServiceController { @PostMapping(path = ["/upload"], consumes = [MediaType.MULTIPART_FORM_DATA_VALUE]) @ApiOperation(value = "Upload CBA", notes = "Takes a File and load it in the runtime database") @ResponseBody + @PreAuthorize("hasRole('USER')") fun upload(@RequestPart("file") parts: Mono): Mono { return parts .filter { it is FilePart } @@ -59,6 +61,7 @@ class ExecutionServiceController { @ApiOperation(value = "Resolve Resource Mappings", notes = "Takes the blueprint information and process as per the payload") @ResponseBody + @PreAuthorize("hasRole('USER')") fun process(@RequestBody executionServiceInput: ExecutionServiceInput): ExecutionServiceOutput { if (executionServiceInput.actionIdentifiers.mode == ACTION_MODE_ASYNC) { throw IllegalStateException("Can't process async request through the REST endpoint. Use gRPC for async processing.") diff --git a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/test/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceHandlerTest.kt b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/test/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceHandlerTest.kt index de1201488..b730472e8 100644 --- a/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/test/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceHandlerTest.kt +++ b/ms/blueprintsprocessor/modules/inbounds/selfservice-api/src/test/kotlin/org/onap/ccsdk/apps/blueprintsprocessor/selfservice/api/ExecutionServiceHandlerTest.kt @@ -24,6 +24,7 @@ import org.onap.ccsdk.apps.blueprintsprocessor.core.api.data.ExecutionServiceInp import org.onap.ccsdk.apps.controllerblueprints.core.interfaces.BluePrintCatalogService import org.onap.ccsdk.apps.controllerblueprints.core.utils.JacksonUtils import org.springframework.beans.factory.annotation.Autowired +import org.springframework.boot.autoconfigure.security.SecurityProperties import org.springframework.boot.test.autoconfigure.web.reactive.WebFluxTest import org.springframework.context.annotation.ComponentScan import org.springframework.core.io.ByteArrayResource @@ -39,7 +40,7 @@ import kotlin.test.assertTrue @RunWith(SpringRunner::class) @WebFluxTest -@ContextConfiguration(classes = [ExecutionServiceHandler::class, BluePrintCoreConfiguration::class, BluePrintCatalogService::class]) +@ContextConfiguration(classes = [ExecutionServiceHandler::class, BluePrintCoreConfiguration::class, BluePrintCatalogService::class, SecurityProperties::class]) @ComponentScan(basePackages = ["org.onap.ccsdk.apps.blueprintsprocessor", "org.onap.ccsdk.apps.controllerblueprints"]) @TestPropertySource(locations = ["classpath:application-test.properties"]) class ExecutionServiceHandlerTest { -- cgit 1.2.3-korg