diff options
author | Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2023-07-11 08:44:51 +0000 |
---|---|---|
committer | Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2023-07-11 08:44:51 +0000 |
commit | b146259516cc90cc9084bdf2f69c358b896cfdf7 (patch) | |
tree | cfbe215be6415cd2ffb0f03d23eaae26b3886bf1 /app | |
parent | 24a8c0fc70f6493bd7f07f12c723b7e2acf3f558 (diff) |
history repo code is missing
Issue-ID: PORTALNG-8
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Change-Id: I01f1789eb840661115bfd806a0622d02666100c0
Diffstat (limited to 'app')
28 files changed, 2574 insertions, 0 deletions
diff --git a/app/LICENSE b/app/LICENSE new file mode 100644 index 0000000..abe3069 --- /dev/null +++ b/app/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2021 TNAP / development / system-team + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/app/LICENSE_HEADER b/app/LICENSE_HEADER new file mode 100644 index 0000000..66e028a --- /dev/null +++ b/app/LICENSE_HEADER @@ -0,0 +1,20 @@ +/* + * + * Copyright (c) ${year}. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ diff --git a/app/build.gradle b/app/build.gradle new file mode 100644 index 0000000..160f0c4 --- /dev/null +++ b/app/build.gradle @@ -0,0 +1,106 @@ +/* + * This file was generated by the Gradle 'init' task. + */ +plugins { + id 'org.onap.portal.history.java-application-conventions' + id 'io.spring.dependency-management' + id 'org.springframework.boot' + id 'jacoco' + id 'org.sonarqube' + id 'com.github.hierynomus.license' + id 'com.gorylenko.gradle-git-properties' +} +apply from: "${rootDir}/gradle/verify-licenses.gradle" + +configurations { + compileOnly { + extendsFrom annotationProcessor + } +} + +ext { + vavrVersion = '0.10.4' + problemVersion = '0.27.1' + problemSpringVersion = '0.27.0' + logbackVersion = '1.2.11' + logstashLogbackVersion = '7.2' + embedMongoVersion = '3.2.8' + embedMongoIntegrationVersion = '1.1.0-spring27x' + springCloudWiremockVersion = '3.1.0' +} + +dependencies { + implementation project(':openapi') + implementation 'org.springframework.boot:spring-boot-starter-actuator' + implementation 'org.springframework.boot:spring-boot-starter-data-mongodb-reactive' + implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server' + implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-webflux' + implementation 'org.springframework.boot:spring-boot-starter-validation' + implementation "io.vavr:vavr:$vavrVersion" + implementation "org.zalando:problem:$problemVersion" + implementation "org.zalando:jackson-datatype-problem:$problemVersion" + implementation "org.zalando:problem-spring-webflux:$problemSpringVersion" + implementation "ch.qos.logback:logback-classic:$logbackVersion" + implementation "ch.qos.logback:logback-core:$logbackVersion" + implementation "net.logstash.logback:logstash-logback-encoder:$logstashLogbackVersion" + + compileOnly 'org.projectlombok:lombok' + + developmentOnly 'org.springframework.boot:spring-boot-devtools' + + annotationProcessor 'org.springframework.boot:spring-boot-configuration-processor' + annotationProcessor 'org.projectlombok:lombok' + + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testImplementation 'io.projectreactor:reactor-test' + testImplementation 'io.rest-assured:rest-assured' + testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock:$springCloudWiremockVersion" + testImplementation "de.flapdoodle.embed:de.flapdoodle.embed.mongo:$embedMongoVersion" + testImplementation "de.flapdoodle.embed:de.flapdoodle.embed.mongo.spring:$embedMongoIntegrationVersion" + testCompileOnly 'org.projectlombok:lombok' + testAnnotationProcessor 'org.projectlombok:lombok' +} + +test { + useJUnitPlatform() + finalizedBy(jacocoTestReport) +} + +jacocoTestReport { + reports { + xml.enabled true + } +} + +application { + // Define the main class for the application. + mainClass = 'org.onap.portal.history.PortalHistoryApplication' +} + +sourceCompatibility = '17' +targetCompatibility = '17' + +downloadLicenses { + dependencyConfiguration = 'implementation' + includeProjectDependencies = false +} + +license { + ignoreFailures = true + header = project.file('LICENSE_HEADER') + includes(["**/*.java"]) + ext.year = Calendar.getInstance().get(Calendar.YEAR) +} +configurations.implementation.setCanBeResolved(true) + +springBoot { + buildInfo { + properties { + artifact = "org-onap-portal-history" + version = rootProject.file('version').text.trim() + group = rootProject.group + name = "History service that saves user actions" + } + } +}
\ No newline at end of file diff --git a/app/src/main/java/org/onap/portal/history/PortalHistoryApplication.java b/app/src/main/java/org/onap/portal/history/PortalHistoryApplication.java new file mode 100644 index 0000000..0e712f2 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/PortalHistoryApplication.java @@ -0,0 +1,39 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +/* + * This Java source file was generated by the Gradle 'init' task. + */ +package org.onap.portal.history; + + +import org.onap.portal.history.configuration.PortalHistoryConfig; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.context.properties.EnableConfigurationProperties; + +@EnableConfigurationProperties(PortalHistoryConfig.class) +@SpringBootApplication +public class PortalHistoryApplication { + public static void main(String[] args) { + SpringApplication.run(PortalHistoryApplication.class, args); + } +} diff --git a/app/src/main/java/org/onap/portal/history/configuration/BeansConfig.java b/app/src/main/java/org/onap/portal/history/configuration/BeansConfig.java new file mode 100644 index 0000000..9a60681 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/configuration/BeansConfig.java @@ -0,0 +1,50 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.configuration; + + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder; +import org.zalando.problem.jackson.ProblemModule; + +import java.time.Clock; + +@Configuration +public class BeansConfig { + @Bean + Clock clock() { + return Clock.systemUTC(); + } + + @Bean + public ObjectMapper objectMapper(Jackson2ObjectMapperBuilder builder) { + return builder + .modules(new ProblemModule(), new JavaTimeModule()) + .build() + .setSerializationInclusion(JsonInclude.Include.NON_NULL); + } + +} diff --git a/app/src/main/java/org/onap/portal/history/configuration/Errorhandler.java b/app/src/main/java/org/onap/portal/history/configuration/Errorhandler.java new file mode 100644 index 0000000..583420b --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/configuration/Errorhandler.java @@ -0,0 +1,94 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.configuration; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import org.onap.portal.history.exception.ProblemException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.web.reactive.error.ErrorWebExceptionHandler; +import org.springframework.core.io.buffer.DataBufferFactory; +import org.springframework.http.HttpStatus; +import org.springframework.http.server.reactive.ServerHttpResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import org.zalando.problem.Problem; +import org.zalando.problem.Status; +import reactor.core.publisher.Mono; + +@Component +public class Errorhandler implements ErrorWebExceptionHandler { + + @Autowired + ObjectMapper objectMapper; + + /** + * Override the handle methode to implement custom error handling + * Set response status code to BAD REQUEST, set header content-type and fill the body with the Problem object along the API model + */ + @Override + public Mono<Void> handle(ServerWebExchange exchange, Throwable ex) { + ServerHttpResponse httpResponse = exchange.getResponse(); + setResponseStatus(httpResponse, ex); + httpResponse.getHeaders().add("Content-Type", "application/problem+json"); + return httpResponse.writeWith(Mono.fromSupplier(() -> { + DataBufferFactory bufferFactory = httpResponse.bufferFactory(); + try { + return + (httpResponse.getStatusCode() == HttpStatus.INTERNAL_SERVER_ERROR) + ? httpResponse.bufferFactory().wrap(objectMapper.writeValueAsBytes(setProblemException(httpResponse, ex.getMessage()))) + : httpResponse.bufferFactory().wrap(objectMapper.writeValueAsBytes(ex)); + } catch (JsonProcessingException e) { + return bufferFactory.wrap(new byte[0]); + } + })); + } + + /** + * Set the response status + * @param httpResponse response which status code should be set + * @param ex throwable exception to identify the Problem class + */ + private void setResponseStatus(ServerHttpResponse httpResponse, Throwable ex) { + if (ex instanceof Problem) { + httpResponse.setStatusCode(HttpStatus.BAD_REQUEST); + } else { + httpResponse.setStatusCode(HttpStatus.INTERNAL_SERVER_ERROR); + } + } + + /** + * Build a problem exception and set the response status code to BAD REQUEST for every response + * @param httpResponse response which status code should be set + * @param message for the detail of the problem exception + * @return problem exception instance + */ + private ProblemException setProblemException(ServerHttpResponse httpResponse, String message){ + httpResponse.setStatusCode(HttpStatus.BAD_REQUEST); + return ProblemException.builder() + .status(Status.INTERNAL_SERVER_ERROR) + .title(Status.INTERNAL_SERVER_ERROR.getReasonPhrase()) + .detail(message) + .build(); + + } +} diff --git a/app/src/main/java/org/onap/portal/history/configuration/LogInterceptor.java b/app/src/main/java/org/onap/portal/history/configuration/LogInterceptor.java new file mode 100644 index 0000000..113aad8 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/configuration/LogInterceptor.java @@ -0,0 +1,62 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.configuration; + +import org.onap.portal.history.util.Logger; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.reactive.ServerWebExchangeContextFilter; +import org.springframework.web.server.ServerWebExchange; +import org.springframework.web.server.WebFilter; +import org.springframework.web.server.WebFilterChain; +import reactor.core.publisher.Mono; + +import java.util.List; + +@Component +public class LogInterceptor implements WebFilter { + public static final String EXCHANGE_CONTEXT_ATTRIBUTE = + ServerWebExchangeContextFilter.class.getName() + ".EXCHANGE_CONTEXT"; + + public static final String X_REQUEST_ID = "X-Request-Id"; + + /** + * Override a web filter to write log entries for every request and response and add header in response with X_REQUEST_ID + */ + @Override + public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { + List<String> xRequestIdList = exchange.getRequest().getHeaders().get(X_REQUEST_ID); + if (xRequestIdList != null && !xRequestIdList.isEmpty()) { + String xRequestId = xRequestIdList.get(0); + Logger.requestLog( xRequestId, exchange.getRequest().getMethod(), exchange.getRequest().getURI()); + + exchange.getResponse().getHeaders().add(X_REQUEST_ID, xRequestId); + exchange.getResponse().beforeCommit(() -> { + Logger.responseLog(xRequestId,exchange.getResponse().getStatusCode()); + return Mono.empty(); + }); + } + + return chain + .filter(exchange) + .contextWrite(cxt -> cxt.put(EXCHANGE_CONTEXT_ATTRIBUTE, exchange)); + } +} diff --git a/app/src/main/java/org/onap/portal/history/configuration/PortalHistoryConfig.java b/app/src/main/java/org/onap/portal/history/configuration/PortalHistoryConfig.java new file mode 100644 index 0000000..85304b9 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/configuration/PortalHistoryConfig.java @@ -0,0 +1,37 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.configuration; + +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.ConstructorBinding; + +import javax.validation.constraints.NotBlank; + +@Data +@ConstructorBinding +@ConfigurationProperties("portal-history") +public class PortalHistoryConfig { + + @NotBlank + private final Integer saveInterval; +} diff --git a/app/src/main/java/org/onap/portal/history/configuration/SchedulerConfig.java b/app/src/main/java/org/onap/portal/history/configuration/SchedulerConfig.java new file mode 100644 index 0000000..529cbc3 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/configuration/SchedulerConfig.java @@ -0,0 +1,55 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.configuration; + +import org.onap.portal.history.services.ActionsService; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.scheduling.annotation.EnableScheduling; +import org.springframework.scheduling.annotation.Scheduled; +import org.springframework.stereotype.Component; + +@Slf4j +@Component +@EnableScheduling +public class SchedulerConfig { + + private final ActionsService actionsService; + private final PortalHistoryConfig portalHistoryConfig; + + @Autowired + public SchedulerConfig(ActionsService actionsService, PortalHistoryConfig portalHistoryConfig){ + this.actionsService = actionsService; + this.portalHistoryConfig = portalHistoryConfig; + } + + /** + * This method will be trigger by Spring Boot scheduler. + * The cron execution time is configured in the application properties as well as the save interval. + */ + @Scheduled(cron="${portal-history.delete-interval}") + public void runDeleteActions(){ + actionsService.deleteActions(portalHistoryConfig.getSaveInterval()); + log.info("Delete actions in scheduled job"); + } +} diff --git a/app/src/main/java/org/onap/portal/history/configuration/SecurityConfig.java b/app/src/main/java/org/onap/portal/history/configuration/SecurityConfig.java new file mode 100644 index 0000000..e825295 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/configuration/SecurityConfig.java @@ -0,0 +1,53 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.configuration; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; +import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; +import org.springframework.security.config.web.server.ServerHttpSecurity; +import org.springframework.security.web.server.SecurityWebFilterChain; + +/** + * Configures the access control of the API endpoints. + */ +// https://hantsy.github.io/spring-reactive-sample/security/config.html +@EnableWebFluxSecurity +@Configuration +public class SecurityConfig { + + @Bean + public SecurityWebFilterChain springSecurityWebFilterChain(ServerHttpSecurity http) { + return http.httpBasic().disable() + .formLogin().disable() + .csrf().disable() + .cors() + .and() + .authorizeExchange() + .pathMatchers(HttpMethod.GET, "/actuator/**").permitAll() + .anyExchange().authenticated() + .and() + .oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt) + .build(); + } +} diff --git a/app/src/main/java/org/onap/portal/history/configuration/package-info.java b/app/src/main/java/org/onap/portal/history/configuration/package-info.java new file mode 100644 index 0000000..ccaa303 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/configuration/package-info.java @@ -0,0 +1,25 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +@ParametersAreNonnullByDefault +package org.onap.portal.history.configuration; + +import javax.annotation.ParametersAreNonnullByDefault; diff --git a/app/src/main/java/org/onap/portal/history/controller/ActionsController.java b/app/src/main/java/org/onap/portal/history/controller/ActionsController.java new file mode 100644 index 0000000..9fd9f79 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/controller/ActionsController.java @@ -0,0 +1,88 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.controller; + +import java.util.Optional; + +import javax.validation.Valid; +import javax.validation.constraints.Max; +import javax.validation.constraints.Min; + +import org.onap.portal.history.configuration.PortalHistoryConfig; +import org.onap.portal.history.openapi.api.ActionsApi; +import org.onap.portal.history.openapi.model.ActionResponse; +import org.onap.portal.history.openapi.model.ActionsListResponse; +import org.onap.portal.history.openapi.model.CreateActionRequest; +import org.onap.portal.history.services.ActionsService; +import org.onap.portal.history.util.IdTokenExchange; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.server.ServerWebExchange; + +import reactor.core.publisher.Mono; + +@RestController +public class ActionsController implements ActionsApi { + + private final ActionsService actionsService; + private final PortalHistoryConfig portalHistoryConfig; + + public ActionsController(ActionsService actionsService, PortalHistoryConfig portalHistoryConfig){ + this.actionsService = actionsService; + this.portalHistoryConfig = portalHistoryConfig; + } + + @Override + public Mono<ResponseEntity<ActionResponse>> createAction(String userId, String xRequestId, Mono<CreateActionRequest> createActionRequest, ServerWebExchange exchange) { + + return IdTokenExchange + .validateUserId(userId, exchange, xRequestId) + .then(createActionRequest.flatMap(action -> actionsService.createActions(userId, action, portalHistoryConfig.getSaveInterval(), xRequestId))) + .map(ResponseEntity::ok); + } + + @Override + public Mono<ResponseEntity<Object>> deleteActions(String userId, String xRequestId, Integer deleteAfterHours, ServerWebExchange exchange) { + + return IdTokenExchange + .validateUserId(userId, exchange, xRequestId) + .then(actionsService.deleteUserActions(userId, deleteAfterHours, xRequestId)) + .map(ResponseEntity::ok); + } + + @Override + public Mono<ResponseEntity<ActionsListResponse>> getActions(String userId, String xRequestId, Optional<Integer> page, Optional<Integer> pageSize, Optional<Integer> showLastHours, ServerWebExchange exchange) { + + return IdTokenExchange + .validateUserId(userId, exchange, xRequestId) + .then(actionsService.getActions(userId, page.orElse(1), pageSize.orElse(10), showLastHours.orElse(portalHistoryConfig.getSaveInterval()), portalHistoryConfig.getSaveInterval(), xRequestId)) + .map(ResponseEntity::ok); + } + + @Override + public Mono<ResponseEntity<ActionsListResponse>> listActions(String xRequestId, @Valid Optional<@Min(1) Integer> page, @Valid Optional<@Min(1) @Max(5000) Integer> pageSize, @Valid Optional<Integer> showLastHours, ServerWebExchange exchange) { + + return actionsService + .listActions(page.orElse(1), pageSize.orElse(10), showLastHours.orElse(portalHistoryConfig.getSaveInterval()), portalHistoryConfig.getSaveInterval(), xRequestId) + .map(ResponseEntity::ok); + } +} diff --git a/app/src/main/java/org/onap/portal/history/entities/ActionsDao.java b/app/src/main/java/org/onap/portal/history/entities/ActionsDao.java new file mode 100644 index 0000000..5457e87 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/entities/ActionsDao.java @@ -0,0 +1,44 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.entities; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.data.mongodb.core.mapping.Document; +import java.util.Date; + +/** + * Data access object for the actions in the MongoDB repository. + * No database id is set in this class because MongoDB use internal _id as primary key / uniq object identifier + */ +@Document(collection = "actions") +@Getter +@Setter +public class ActionsDao { + + private String userId; + + private Date actionCreatedAt; + + private Object action; + +} diff --git a/app/src/main/java/org/onap/portal/history/exception/ProblemException.java b/app/src/main/java/org/onap/portal/history/exception/ProblemException.java new file mode 100644 index 0000000..f51d246 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/exception/ProblemException.java @@ -0,0 +1,55 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.exception; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.NoArgsConstructor; +import org.zalando.problem.AbstractThrowableProblem; +import org.zalando.problem.Problem; +import org.zalando.problem.Status; +import org.zalando.problem.StatusType; + +import java.net.URI; + +/** + * Default problem exception. This class has the same structure as the problem response model from the api. + */ +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor +@EqualsAndHashCode(callSuper = true) +public class ProblemException extends AbstractThrowableProblem { + @Builder.Default private final URI type = Problem.DEFAULT_TYPE; + + @Builder.Default private final String title = "Bad history error"; + + @Builder.Default private final StatusType status = Status.BAD_REQUEST; + + @Builder.Default private final String detail = "Please add more details here"; + + @Builder.Default private final URI instance = null; + +} diff --git a/app/src/main/java/org/onap/portal/history/repository/ActionsRepository.java b/app/src/main/java/org/onap/portal/history/repository/ActionsRepository.java new file mode 100644 index 0000000..79fc378 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/repository/ActionsRepository.java @@ -0,0 +1,42 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.repository; + +import java.util.Date; + +import org.onap.portal.history.entities.ActionsDao; +import org.springframework.data.domain.Pageable; +import org.springframework.data.mongodb.repository.ReactiveMongoRepository; + +import reactor.core.publisher.Flux; +import reactor.core.publisher.Mono; + +public interface ActionsRepository extends ReactiveMongoRepository<ActionsDao, String> { + + Flux<ActionsDao> findAllByActionCreatedAtAfter(Pageable pageable, Date actionCreatedAt); + + Flux<ActionsDao> findAllByUserIdAndActionCreatedAtAfter(Pageable pageable, String userId, Date actionCreatedAt); + + Mono<Long> deleteAllByUserIdAndActionCreatedAtIsBefore(String userId, Date actionCreatedAt); + + Mono<Long> deleteAllByActionCreatedAtIsBefore(Date actionCreatedAt); +} diff --git a/app/src/main/java/org/onap/portal/history/services/ActionsService.java b/app/src/main/java/org/onap/portal/history/services/ActionsService.java new file mode 100644 index 0000000..a14fef2 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/services/ActionsService.java @@ -0,0 +1,218 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.services; + +import java.time.LocalDateTime; +import java.time.ZoneId; +import java.time.ZoneOffset; +import java.time.ZonedDateTime; +import java.util.Date; + +import org.onap.portal.history.entities.ActionsDao; +import org.onap.portal.history.exception.ProblemException; +import org.onap.portal.history.openapi.model.ActionResponse; +import org.onap.portal.history.openapi.model.ActionsListResponse; +import org.onap.portal.history.openapi.model.CreateActionRequest; +import org.onap.portal.history.repository.ActionsRepository; +import org.onap.portal.history.util.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.domain.PageRequest; +import org.springframework.data.domain.Pageable; +import org.springframework.data.domain.Sort; +import org.springframework.http.HttpStatus; +import org.springframework.stereotype.Service; +import org.zalando.problem.Problem; +import org.zalando.problem.Status; + +import lombok.extern.slf4j.Slf4j; +import reactor.core.publisher.Mono; + + +@Slf4j +@Service +public class ActionsService { + + @Autowired + private ActionsRepository repository; + + /** + * Retrieve actions for a given userId from the database and provide a list with actions + * @param userId only actions for this <code>userId</code> should be retrieved + * @param page which page should be retrieved from the list of actions. From a user perspective the first page has the page number 1. + * In the response list the first page starts with 0. Therefore, a subtraction is needed. + * @param pageSize length of the response list + * @param showLastHours for which hours from the current time the actions should be retrieved. + * @param saveInterval value will be part of the response action object. This value is set in the application properties. + * In the future this value can be provided from the client. + * @param xRequestId from the request header. Will be used in an error log + * @return If successful object with an item list of action objects and an item with the list count, otherwise Mono error + */ + public Mono<ActionsListResponse> getActions(String userId, Integer page, Integer pageSize, Integer showLastHours, Integer saveInterval, String xRequestId){ + Pageable paging = PageRequest.of(page - 1 , pageSize, Sort.by(Sort.Direction.DESC, "actionCreatedAt")); + var dateAfter = Date.from(ZonedDateTime.now().minusHours(showLastHours).toInstant()); + return repository + .findAllByUserIdAndActionCreatedAtAfter(paging,userId, dateAfter) + .map(actionDao -> toActionResponse(actionDao, saveInterval)) + .collectList() + .map(this::toActionsListResponse) + .switchIfEmpty(Mono.just(new ActionsListResponse().totalCount(0))) + .onErrorResume(ex -> { + Logger.errorLog(xRequestId,"Get actions cannot be executed for user with id ", userId); + return getError("Get actions can not be executed for user with id " + userId); + }); + } + + /** + * Create an action data record in the database + * @param userId the id of the user for which the action should be stored + * @param createActionRequest the action object which should be stored + * @param saveInterval value will be part of the response action object. This value is set in the application properties. + * In the future this value can be provided from the client. + * @param xRequestId from the request header. Will be used in an error log + * @return If successful object with the stored action, otherwise Mono error + */ + public Mono<ActionResponse> createActions(String userId, CreateActionRequest createActionRequest, Integer saveInterval, String xRequestId) { + return repository + .save(toActionsDao(userId, createActionRequest)) + .map(action -> toActionResponse(action, saveInterval)) + .onErrorResume(ex -> { + Logger.errorLog(xRequestId,"Action for user can not be executed for user with id ", userId ); + return Mono.error(ProblemException.builder() + .type(Problem.DEFAULT_TYPE) + .status(Status.BAD_REQUEST) + .title(HttpStatus.BAD_REQUEST.toString()) + .detail("Action for user can not be executed for user with id " + userId) + .build()); + }); + } + + /** + * List all actions without a userId filter. + * @param page which page should be retrieved from the list of actions. From a user perspective the first page has the page number 1. + * In the response list the first page starts with 0. Therefore, a subtraction is needed. + * @param pageSize length of the response list + * @param showLastHours for which hours from the current time the actions should be retrieved. + * @param saveInterval value will be part of the response action object. This value is set in the application properties. + * * In the future this value can be provided from the client. + * @param xRequestId from the request header. Will be used in an error log + * @return If successful list with action response object, otherwise Mono error + */ + public Mono<ActionsListResponse> listActions(Integer page, Integer pageSize, Integer showLastHours, Integer saveInterval, String xRequestId){ + + var paging = PageRequest.of(page - 1 , pageSize, Sort.by(Sort.Direction.DESC, "actionCreatedAt")); + var dateAfter = Date.from(ZonedDateTime.now().minusHours(showLastHours).toInstant()); + + return repository + .findAllByActionCreatedAtAfter(paging,dateAfter) + .map(actionDto -> toActionResponse(actionDto, saveInterval)) + .collectList() + .map(this::toActionsListResponse) + .onErrorResume(ProblemException.class, + ex -> { + Logger.errorLog(xRequestId,"List actions cannot be created", null ); + return getError("List actions cannot be created"); + }); + } + + /** + * Delete actions for a given userId and action is create after hours + * @param userId the id of the user for which the action should be deleted + * @param deleteAfterHours hours after the actions should be deleted + * @param xRequestId from the request header. Will be used in an error log + * @return If successful empty Mono object, otherwise Mono error + */ + public Mono<Object> deleteUserActions(String userId, Integer deleteAfterHours, String xRequestId ){ + var dateAfter = Date.from(ZonedDateTime.now().minusHours(deleteAfterHours).toInstant()); + return repository + .deleteAllByUserIdAndActionCreatedAtIsBefore(userId, dateAfter) + .map(resp -> new Object()) + .onErrorResume(ProblemException.class,ex -> { + Logger.errorLog(xRequestId,"Deletion of actions cannot be executed for user", userId ); + return Mono.error(ex); + }); + } + + /** + * Delete actions after hours. This service will be used in the cron job. The job will be implemented with a separate user story. + * @param deleteAfterHours hours after the actions should be deleted + * @return If successful empty Mono object, otherwise Mono error + */ + public Mono<Object> deleteActions(Integer deleteAfterHours ){ + var dateAfter = Date.from(LocalDateTime.now().minusHours(deleteAfterHours).atZone(ZoneId.of("CET")).toInstant()); + return repository + .deleteAllByActionCreatedAtIsBefore(dateAfter) + .map(resp -> new Object()) + .onErrorResume(ProblemException.class,ex -> { + Logger.errorLog(null,"Delete all actions in cron job cannot be executed ", null); + return getError("Delete all actions after hours cannot be executed"); + }); + } + + /** + * + * @param resp List of ActionResponses + * @param saveInterval value will be part of the response action object. This value is set in the application properties. + * @return ActionsListResponse + */ + private ActionsListResponse toActionsListResponse(java.util.List<ActionResponse> actionResponses) { + var actionsListResponse = new ActionsListResponse(); + actionsListResponse.setActionsList(actionResponses); + actionsListResponse.setTotalCount(actionResponses.size()); + return actionsListResponse; + } + + /** + * + * @param actionsDao ActionsDao, return from the MongoDB repository query + * @param saveInterval value will be part of the response action object. This value is set in the application properties. + * @return action response object + */ + public ActionResponse toActionResponse(ActionsDao actionsDao, Integer saveInterval){ + return new ActionResponse() + .actionCreatedAt(actionsDao.getActionCreatedAt().toInstant().atOffset(ZoneOffset.ofHours(0))) + .saveInterval(saveInterval) + .action(actionsDao.getAction()); + } + + private ActionsDao toActionsDao(String userId, CreateActionRequest createActionRequest) { + var actionsDao = new ActionsDao(); + actionsDao.setUserId(userId); + actionsDao.setActionCreatedAt(new Date(createActionRequest.getActionCreatedAt().toEpochSecond()*1000)); + actionsDao.setAction(createActionRequest.getAction()); + return actionsDao; + } + + /** + * Build a problem exception with given message + * @param message will be detail part of the problem object + * @return Mono error with problem exception + */ + private Mono<ActionsListResponse> getError(String message) { + return Mono.error(ProblemException.builder() + .type(Problem.DEFAULT_TYPE) + .status(Status.BAD_REQUEST) + .title(HttpStatus.BAD_REQUEST.toString()) + .detail(message) + .build()); + } + +} diff --git a/app/src/main/java/org/onap/portal/history/util/IdTokenExchange.java b/app/src/main/java/org/onap/portal/history/util/IdTokenExchange.java new file mode 100644 index 0000000..82cc67a --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/util/IdTokenExchange.java @@ -0,0 +1,126 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.util; + +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.JWTParser; + +import java.text.ParseException; + +import org.onap.portal.history.exception.ProblemException; +import org.springframework.web.server.ServerWebExchange; +import org.zalando.problem.Problem; +import org.zalando.problem.Status; +import reactor.core.publisher.Mono; + +/** + * Represents a function that handles the <a href="https://jwt.io/introduction">JWT</a> identity token. + * Use this to check if the incoming requests are authorized to call the given endpoint + */ + +public final class IdTokenExchange { + + public static final String X_AUTH_IDENTITY_HEADER = "X-Auth-Identity"; + public static final String JWT_CLAIM_USERID = "sub"; + + private IdTokenExchange(){ + + } + + /** + * Extract the identity header from the given {@link ServerWebExchange}. + * @param exchange the ServerWebExchange that contains information about the incoming request + * @param xRequestId the id of the request to use in error log + * @return the identity header in the form of <code>Bearer {@literal <Token>}<c/ode> + */ + private static Mono<String> extractIdentityHeader(ServerWebExchange exchange, String xRequestId) { + return Mono.just(exchange.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER)) + .map(headers -> headers.get(0)) + .onErrorResume(Exception.class, ex -> Mono.error(ProblemException.builder() + .type(Problem.DEFAULT_TYPE) + .status(Status.FORBIDDEN) + .title("Forbidden access") + .detail(X_AUTH_IDENTITY_HEADER + " is not set") + .build())); + } + + /** + * Extract the identity token from the given {@link ServerWebExchange}. + * @see <a href="https://openid.net/specs/openid-connect-core-1_0.html#IDToken">OpenId Connect ID Token</a> + * @param exchange the ServerWebExchange that contains information about the incoming request + * @param xRequestId the id of the request to use in error log + * @return the identity token that contains user roles + */ + private static Mono<String> extractIdToken(ServerWebExchange exchange, String xRequestId) { + return extractIdentityHeader(exchange, xRequestId) + .map(identityHeader -> identityHeader.replace("Bearer ", "")); + } + + /** + * Extract the <code>userId</code> from the given {@link ServerWebExchange} + * @param exchange the ServerWebExchange that contains information about the incoming request + * @param xRequestId the id of the request to use in error log + * @return the id of the user + */ + public static Mono<String> extractUserId(ServerWebExchange exchange,String xRequestId) { + return extractIdToken(exchange, xRequestId) + .flatMap(idToken -> extractUserClaim(idToken)); + } + + private static Mono<String> extractUserClaim(String idToken) { + JWTClaimsSet jwtClaimSet; + try { + jwtClaimSet = JWTParser.parse(idToken).getJWTClaimsSet(); + } catch (ParseException e) { + return Mono.error(e); + } + return Mono.just(String.class.cast(jwtClaimSet.getClaim(JWT_CLAIM_USERID))); + } + + + /** + * Validate if given <code>userId</code> is same as extracted from the given {@link ServerWebExchange} + * @param userId from the path parameter of the REST call + * @param exchange the ServerWebExchange that contains information about the incoming request + * @param xRequestId the id of the request to use in error log + * @return <code>empty Mono</code> userId is the same as extracted from {@link ServerWebExchange} + * <code>Forbidden</code> userId is <bold>not</bold> the same as extracted from {@link ServerWebExchange} + */ + public static Mono<Void> validateUserId(String userId, ServerWebExchange exchange, String xRequestId){ + + return extractUserId(exchange, xRequestId) + .map(userSub -> userSub.equals(userId)) + .flatMap( match -> { + if (Boolean.TRUE.equals(match)) { + return Mono.empty(); + } else{ + Logger.errorLog(xRequestId,"Requested "+ userId + " did not match the JWT in the X-Auth-Identity header" , userId ); + return Mono.error(ProblemException.builder() + .type(Problem.DEFAULT_TYPE) + .status(Status.FORBIDDEN) + .title("Forbidden access") + .detail("UserId did not match with JWT in " + X_AUTH_IDENTITY_HEADER) + .build()); + } + }); + } +} diff --git a/app/src/main/java/org/onap/portal/history/util/Logger.java b/app/src/main/java/org/onap/portal/history/util/Logger.java new file mode 100644 index 0000000..4cb3420 --- /dev/null +++ b/app/src/main/java/org/onap/portal/history/util/Logger.java @@ -0,0 +1,64 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.util; + +import lombok.extern.slf4j.Slf4j; +import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; + +import java.net.URI; + +@Slf4j +public class Logger { + + private Logger(){} + + /** + * Write log to stdout for incoming request + * @param xRequestId from the request header + * @param methode http methode which is invoke + * @param path which is called be the request + */ + public static void requestLog(String xRequestId, HttpMethod methode, URI path) { + log.info("Portal-history - request - X-Request-Id {} {} {}", xRequestId, methode, path); + } + + /** + * Write log to stdout for the outgoing response + * @param xRequestId from the request header + * @param code http status of the response + */ + public static void responseLog(String xRequestId, HttpStatus code) { + log.info("Portal-history - response - X-Request-Id {} {}", xRequestId, code); + } + + /** + * Write error log to stdout + * @param xRequestId from the request header + * @param msg message which should be written + * @param id of the related object of the message + */ + public static void errorLog(String xRequestId, String msg, String id) { + log.info( + "Portal-history - error - X-Request-Id {} {} {} not found", xRequestId, msg, id); + } +} diff --git a/app/src/main/resources/application-local.yml b/app/src/main/resources/application-local.yml new file mode 100644 index 0000000..a908c1b --- /dev/null +++ b/app/src/main/resources/application-local.yml @@ -0,0 +1,42 @@ +server: + port: 9002 + address: 0.0.0.0 + +spring: + jackson: + serialization: + # needed for serializing objects of type object + FAIL_ON_EMPTY_BEANS: false + security: + oauth2: + resourceserver: + jwt: + jwk-set-uri: http://localhost:8080/auth/realms/ONAP/protocol/openid-connect/certs #Keycloak Endpoint + data: + mongodb: + database: portal_history + host: localhost + port: 27017 + username: root + password: password + +portal-history: + save-interval: 72 + delete-interval: 0 * * * * * + +management: + endpoints: + web: + exposure: + include: "*" + info: + build: + enabled: true + env: + enabled: true + git: + enabled: true + java: + enabled: true + + diff --git a/app/src/main/resources/application.yml b/app/src/main/resources/application.yml new file mode 100644 index 0000000..3bfd624 --- /dev/null +++ b/app/src/main/resources/application.yml @@ -0,0 +1,40 @@ +server: + port: 9002 + address: 0.0.0.0 + +spring: + jackson: + serialization: + # needed for serializing objects of type object + FAIL_ON_EMPTY_BEANS: false + security: + oauth2: + resourceserver: + jwt: + jwk-set-uri: ${KEYCLOAK_URL}/auth/realms/${KEYCLOAK_REALM}/protocol/openid-connect/certs #Keycloak Endpoint + data: + mongodb: + database: ${PORTALHISTORY_DATABASE} + host: ${PORTALHISTORY_HOST} + port: ${PORTALHISTORY_PORT} + username: ${PORTALHISTORY_USERNAME} + password: ${PORTALHISTORY_PASSWORD} + +portal-history: + save-interval: 72 + delete-interval: 0 0 * * * * + +management: + endpoints: + web: + exposure: + include: "*" + info: + build: + enabled: true + env: + enabled: true + git: + enabled: true + java: + enabled: true diff --git a/app/src/main/resources/logback-spring.xml b/app/src/main/resources/logback-spring.xml new file mode 100644 index 0000000..f4ef0bf --- /dev/null +++ b/app/src/main/resources/logback-spring.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration scan="true"> + <include resource="org/springframework/boot/logging/logback/defaults.xml"/> + + <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>${LOGBACK_LEVEL:-info}</level> + </filter> + <encoder class="net.logstash.logback.encoder.LogstashEncoder"/> + </appender> + + <root level="all"> + <appender-ref ref="stdout"/> + </root> +</configuration> diff --git a/app/src/test/java/org/onap/portal/history/BaseIntegrationTest.java b/app/src/test/java/org/onap/portal/history/BaseIntegrationTest.java new file mode 100644 index 0000000..e00b770 --- /dev/null +++ b/app/src/test/java/org/onap/portal/history/BaseIntegrationTest.java @@ -0,0 +1,180 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.github.tomakehurst.wiremock.client.WireMock; +import com.nimbusds.jose.jwk.JWKSet; +import org.onap.portal.history.util.IdTokenExchange; +import io.restassured.RestAssured; +import io.restassured.filter.log.RequestLoggingFilter; +import io.restassured.filter.log.ResponseLoggingFilter; +import io.restassured.specification.RequestSpecification; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.BeforeEach; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.cloud.contract.wiremock.AutoConfigureWireMock; +import org.springframework.http.MediaType; + +import java.util.List; +import java.util.UUID; + +/** Base class for all tests that has the common config including port, realm, logging and auth. */ +@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +@AutoConfigureWireMock(port = 0) +public abstract class BaseIntegrationTest { + +// @TestConfiguration +// public static class Config { +// @Bean +// WireMockConfigurationCustomizer optionsCustomizer() { +// return options -> options.extensions(new ResponseTemplateTransformer(true)); +// } +// } + + @LocalServerPort protected int port; + @Value("${portal-history.realm}") + protected String realm; + + @Value("${portal-history.delete-interval}") + protected String deleteInterval; + + @Autowired protected ObjectMapper objectMapper; + @Autowired private TokenGenerator tokenGenerator; + + @BeforeAll + public static void setup() { + RestAssured.filters(new RequestLoggingFilter(), new ResponseLoggingFilter()); + } + + /** Mocks the OIDC auth flow. */ + @BeforeEach + public void mockAuth() { + WireMock.reset(); + + WireMock.stubFor( + WireMock.get( + WireMock.urlMatching( + String.format("/auth/realms/%s/protocol/openid-connect/certs", realm))) + .willReturn( + WireMock.aResponse() + .withHeader("Content-Type", JWKSet.MIME_TYPE) + .withBody(tokenGenerator.getJwkSet().toString()))); + + final TokenGenerator.TokenGeneratorConfig config = + TokenGenerator.TokenGeneratorConfig.builder().port(port).realm(realm).sub("test-user").build(); + + WireMock.stubFor( + WireMock.post( + WireMock.urlMatching( + String.format("/auth/realms/%s/protocol/openid-connect/token", realm))) + .withBasicAuth("test", "test") + .withRequestBody(WireMock.containing("grant_type=client_credentials")) + .willReturn( + WireMock.aResponse() + .withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE) + .withBody( + objectMapper + .createObjectNode() + .put("token_type", "bearer") + .put("access_token", tokenGenerator.generateToken(config)) + .put("expires_in", config.getExpireIn().getSeconds()) + .put("refresh_token", tokenGenerator.generateToken(config)) + .put("refresh_expires_in", config.getExpireIn().getSeconds()) + .put("not-before-policy", 0) + .put("session_state", UUID.randomUUID().toString()) + .put("scope", "email profile") + .toString()))); + } + + /** + * Builds an OAuth2 configuration including the roles, port and realm. This config can be used to + * generate OAuth2 access tokens. + * + * @param sub the userId + * @param roles the roles used for RBAC + * @return the OAuth2 configuration + */ + protected TokenGenerator.TokenGeneratorConfig getTokenGeneratorConfig(String sub, List<String> roles) { + return TokenGenerator.TokenGeneratorConfig.builder() + .port(port) + .sub(sub) + .realm(realm) + .roles(roles) + .build(); + } + + /** Get a RequestSpecification that does not have an Identity header. */ + protected RequestSpecification unauthenticatedRequestSpecification() { + return RestAssured.given().port(port); + } + + /** + * Object to store common attributes of requests that are going to be made. Adds an Identity + * header for the <code>onap_admin</code> role to the request. + * @return the definition of the incoming request (northbound) + */ + protected RequestSpecification requestSpecification() { + final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig("test-user", List.of("foo"))); + + return unauthenticatedRequestSpecification() + .auth() + .preemptive() + .oauth2(idToken) + .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken); + } + + /** + * Object to store common attributes of requests that are going to be made. Adds an Identity + * header for the <code>onap_admin</code> role to the request. + * @param userId the userId that should be contained in the incoming request + * @return the definition of the incoming request (northbound) + */ + protected RequestSpecification requestSpecification(String userId) { + final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig(userId, List.of("foo"))); + + return unauthenticatedRequestSpecification() + .auth() + .preemptive() + .oauth2(idToken) + .header(IdTokenExchange.X_AUTH_IDENTITY_HEADER, "Bearer " + idToken); + } + + /** + * Object to store common attributes of requests that are going to be made. Adds an Identity + * header for the <code>onap_admin</code> role to the request. + * @param userId the userId that should be contained in the incoming request + * @return the definition of the incoming request (northbound) + */ + protected RequestSpecification wrongHeaderRequestSpecification(String userId) { + final String idToken = tokenGenerator.generateToken(getTokenGeneratorConfig(userId, List.of("foo"))); + + return unauthenticatedRequestSpecification() + .auth() + .preemptive() + .oauth2(idToken) + .header("X-WRONG-HEADER", "Bearer " + idToken); + } +} diff --git a/app/src/test/java/org/onap/portal/history/TokenGenerator.java b/app/src/test/java/org/onap/portal/history/TokenGenerator.java new file mode 100644 index 0000000..986507c --- /dev/null +++ b/app/src/test/java/org/onap/portal/history/TokenGenerator.java @@ -0,0 +1,129 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history; + +import com.nimbusds.jose.JOSEObjectType; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.JWSSigner; +import com.nimbusds.jose.crypto.RSASSASigner; +import com.nimbusds.jose.jwk.JWKSet; +import com.nimbusds.jose.jwk.KeyUse; +import com.nimbusds.jose.jwk.RSAKey; +import com.nimbusds.jose.jwk.gen.RSAKeyGenerator; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; +import lombok.Builder; +import lombok.Getter; +import lombok.NonNull; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import java.time.Clock; +import java.time.Duration; +import java.time.Instant; +import java.util.Collections; +import java.util.Date; +import java.util.List; +import java.util.UUID; + +@Component +public class TokenGenerator { + + private static final String ROLES_CLAIM = "roles"; + private static final String USERID_CLAIM = "sub"; + + private final Clock clock; + private final RSAKey jwk; + private final JWKSet jwkSet; + private final JWSSigner signer; + + @Autowired + public TokenGenerator(Clock clock) { + try { + this.clock = clock; + jwk = + new RSAKeyGenerator(2048) + .keyUse(KeyUse.SIGNATURE) + .keyID(UUID.randomUUID().toString()) + .generate(); + jwkSet = new JWKSet(jwk); + signer = new RSASSASigner(jwk); + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + public JWKSet getJwkSet() { + return jwkSet; + } + + public String generateToken(TokenGeneratorConfig config) { + final Instant iat = clock.instant(); + final Instant exp = iat.plus(config.expireIn); + + final JWTClaimsSet claims = + new JWTClaimsSet.Builder() + .jwtID(UUID.randomUUID().toString()) + .subject(UUID.randomUUID().toString()) + .issuer(config.issuer()) + .issueTime(Date.from(iat)) + .expirationTime(Date.from(exp)) + .claim(ROLES_CLAIM, config.getRoles()) + .claim(USERID_CLAIM, config.getSub()) + .build(); + + final SignedJWT jwt = + new SignedJWT( + new JWSHeader.Builder(JWSAlgorithm.RS256) + .keyID(jwk.getKeyID()) + .type(JOSEObjectType.JWT) + .build(), + claims); + + try { + jwt.sign(signer); + } catch (Exception e) { + throw new RuntimeException(e); + } + + return jwt.serialize(); + } + + @Getter + @Builder + public static class TokenGeneratorConfig { + private final int port; + + @NonNull private final String sub; + + @NonNull private final String realm; + + @NonNull @Builder.Default private final Duration expireIn = Duration.ofMinutes(5); + + @Builder.Default private final List<String> roles = Collections.emptyList(); + + public String issuer() { + return String.format("http://localhost:%d/auth/realms/%s", port, realm); + } + } +} diff --git a/app/src/test/java/org/onap/portal/history/actions/ActionDto.java b/app/src/test/java/org/onap/portal/history/actions/ActionDto.java new file mode 100644 index 0000000..2deec8e --- /dev/null +++ b/app/src/test/java/org/onap/portal/history/actions/ActionDto.java @@ -0,0 +1,39 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.actions; + +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +@Getter +@Setter +@AllArgsConstructor +@NoArgsConstructor +public class ActionDto { + String type; + String action; + String message; + String downStreamSystem; + String downStreamId; +} diff --git a/app/src/test/java/org/onap/portal/history/actions/ActionFixtures.java b/app/src/test/java/org/onap/portal/history/actions/ActionFixtures.java new file mode 100644 index 0000000..efab59a --- /dev/null +++ b/app/src/test/java/org/onap/portal/history/actions/ActionFixtures.java @@ -0,0 +1,126 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.actions; + +import java.time.OffsetDateTime; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import org.onap.portal.history.entities.ActionsDao; +import org.onap.portal.history.openapi.model.CreateActionRequest; + +public class ActionFixtures { + + public static List<CreateActionRequest> createActionRequestList( + Integer numberOfActions, String userId, OffsetDateTime createdAt){ + List<CreateActionRequest> createActionRequestList = new ArrayList<>(); + for (Integer i = 1; i <= numberOfActions; i++) { + createActionRequestList.add( + generateActionRequest( + "Instantiation", "create", "action" + i, i.toString(), "SO", i, i, i, userId, createdAt)); + } + return createActionRequestList; + } + + public static List<CreateActionRequest> createActionRequestListHourOffsetOnly( + Integer numberOfActions, String userId, OffsetDateTime createdAt){ + List<CreateActionRequest> createActionRequestList = new ArrayList<>(); + for (Integer i = 1; i <= numberOfActions; i++) { + createActionRequestList.add( + generateActionRequest( + "Instantiation", "create", "action" + i, i.toString(), "SO", i, 0, 0, userId, createdAt)); + } + return createActionRequestList; + } + + public static CreateActionRequest generateActionRequest( + String type, + String action, + String message, + String id, + String downStreamSystem, + Integer deltaHours, + Integer deltaMinutes, + Integer deltaSeconds, + String userId, + OffsetDateTime createdAt) { + ActionDto actionDto = new ActionDto(); + actionDto.setType(type); + actionDto.setAction(action); + actionDto.setMessage(message); + actionDto.setDownStreamSystem(downStreamSystem); + actionDto.setDownStreamId(id); + + return new CreateActionRequest() + .userId(userId) + .action(actionDto) + .actionCreatedAt(createdAt.minusHours(deltaHours).minusMinutes(deltaMinutes).minusSeconds(deltaSeconds)); + } + + public static List<ActionsDao> actionsDaoList( + Integer numberOfActions, String userId, OffsetDateTime createdAt){ + List<ActionsDao> actionsDaoList = new ArrayList<>(); + for (Integer i = 1; i <= numberOfActions; i++) { + actionsDaoList.add( + generateActionsDao( + "Instantiation", "create", "action" + i, i.toString(), "SO", i, i, i, userId, createdAt)); + } + return actionsDaoList; + } + + public static ActionsDao generateActionsDao( + String type, + String action, + String message, + String id, + String downStreamSystem, + Integer deltaHours, + Integer deltaMinutes, + Integer deltaSeconds, + String userId, + OffsetDateTime createdAt) { + ActionDto actionDto = new ActionDto(); + actionDto.setType(type); + actionDto.setAction(action); + actionDto.setMessage(message); + actionDto.setDownStreamSystem(downStreamSystem); + actionDto.setDownStreamId(id); + + ActionsDao actionsDao = new ActionsDao(); + actionsDao.setUserId(userId); + actionsDao.setAction(actionDto); + actionsDao.setActionCreatedAt(new Date(createdAt.minusHours(deltaHours).minusMinutes(deltaMinutes).minusSeconds(deltaSeconds).toEpochSecond()*1000)); + return actionsDao; + } + + public static List<ActionsDao> actionsDaoListHourOffsetOnly( + Integer numberOfActions, String userId, OffsetDateTime createdAt){ + List<ActionsDao> actionsDaoList = new ArrayList<>(); + for (Integer i = 1; i <= numberOfActions; i++) { + actionsDaoList.add( + generateActionsDao( + "Instantiation", "create", "action" + i, i.toString(), "SO", i, 0, 0, userId, createdAt)); + } + return actionsDaoList; + } +} diff --git a/app/src/test/java/org/onap/portal/history/actions/ActionsControllerIntegrationTest.java b/app/src/test/java/org/onap/portal/history/actions/ActionsControllerIntegrationTest.java new file mode 100644 index 0000000..c5fa17b --- /dev/null +++ b/app/src/test/java/org/onap/portal/history/actions/ActionsControllerIntegrationTest.java @@ -0,0 +1,571 @@ +/* + * + * Copyright (c) 2022. Deutsche Telekom AG + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + * + */ + +package org.onap.portal.history.actions; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.junit.jupiter.api.Assertions.assertNotNull; + +import java.time.LocalDateTime; +import java.time.OffsetDateTime; +import java.time.ZoneOffset; +import java.time.format.DateTimeFormatter; +import java.time.temporal.ChronoUnit; +import java.util.List; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.onap.portal.history.BaseIntegrationTest; +import org.onap.portal.history.entities.ActionsDao; +import org.onap.portal.history.openapi.model.ActionResponse; +import org.onap.portal.history.openapi.model.ActionsListResponse; +import org.onap.portal.history.openapi.model.CreateActionRequest; +import org.onap.portal.history.openapi.model.Problem; +import org.onap.portal.history.repository.ActionsRepository; +import org.onap.portal.history.services.ActionsService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; + +import com.fasterxml.jackson.core.JsonProcessingException; + +import io.restassured.http.Header; + +class ActionsControllerIntegrationTest extends BaseIntegrationTest { + + protected static final String X_REQUEST_ID = "addf6005-3075-4c80-b7bc-2c70b7d42b57"; + protected static final String X_REQUEST_ID2 = "addf6005-3075-4c80-b7bc-2c70b7d42b22"; + + @Autowired + ActionsService actionsService; + + @Autowired + private ActionsRepository repository; + + // @Value("${portal-history.save-interval}") + protected Integer saveInterval = 72; + + @BeforeEach + void deleteMongoDataBase(){ + repository.deleteAll().block(); + } + + @Test + void thatUserCanHaveNoHistoryYet() throws JsonProcessingException { + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions/test-user") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertNotNull(response); + assertThat(response.getTotalCount()).isEqualTo(0); + } + + @Test + void thatActionCanBeSaved() throws Exception{ + ActionDto actionDto = new ActionDto(); + actionDto.setType("instantiation"); + actionDto.setAction("create"); + actionDto.setDownStreamId("1234"); + actionDto.setDownStreamSystem("SO"); + actionDto.setMessage("no details"); + + CreateActionRequest actionRequest = new CreateActionRequest() + .actionCreatedAt(OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)) + .userId("test-user") + .action(actionDto); + + ActionResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .body(actionRequest) + .when() + .post( "/v1/actions/test-user") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionResponse.class); + + assertThat(response.getActionCreatedAt()).isEqualTo(actionRequest.getActionCreatedAt().truncatedTo(ChronoUnit.SECONDS).format(DateTimeFormatter.ISO_DATE_TIME)); + assertThat(response.getSaveInterval()).isEqualTo(saveInterval); + assertThat(objectMapper.writeValueAsString(response.getAction())).isEqualTo(objectMapper.writeValueAsString(actionRequest.getAction())); + } + + @Test + void thatActionsCanBeListedWithoutParameter() throws JsonProcessingException { + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoList(500, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + repository + .saveAll(actionsDaoList) + .blockLast(); + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isEqualTo(10); + assertThat(response.getActionsList().get(0).getSaveInterval()).isEqualTo(saveInterval); + assertThat(response.getActionsList().get(9).getSaveInterval()).isEqualTo(saveInterval); + assertThat(objectMapper.writeValueAsString(response.getActionsList().get(0).getAction())).isEqualTo(objectMapper.writeValueAsString(actionsDaoList.get(0).getAction())); + assertThat(objectMapper.writeValueAsString(response.getActionsList().get(9).getAction())).isEqualTo(objectMapper.writeValueAsString(actionsDaoList.get(9).getAction())); + } + + @Test + void thatActionsCanBeListedWithParameter() throws JsonProcessingException { + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoList(20, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + repository + .saveAll(actionsDaoList) + .blockLast(); + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions?page=1&pageSize=5") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isEqualTo(5); + assertThat(response.getActionsList().get(0).getSaveInterval()).isEqualTo(saveInterval); + assertThat(response.getActionsList().get(4).getSaveInterval()).isEqualTo(saveInterval); + assertThat(objectMapper.writeValueAsString(response.getActionsList().get(0).getAction())).isEqualTo(objectMapper.writeValueAsString(actionsDaoList.get(0).getAction())); + assertThat(objectMapper.writeValueAsString(response.getActionsList().get(4).getAction())).isEqualTo(objectMapper.writeValueAsString(actionsDaoList.get(4).getAction())); + } + + @Test + void thatActionsCanBeListedWithParameterInOrderByActionCreatedAt() { + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoList(5, "test-user", OffsetDateTime.of(LocalDateTime.now().minusDays(2), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + actionsDaoList.addAll(ActionFixtures.actionsDaoList(5, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS))); + actionsDaoList.addAll(ActionFixtures.actionsDaoList(5, "test-user", OffsetDateTime.of(LocalDateTime.now().minusHours(6), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS))); + actionsDaoList.addAll(ActionFixtures.actionsDaoList(5, "test-user", OffsetDateTime.of(LocalDateTime.now().minusHours(12), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS))); + repository + .saveAll(actionsDaoList) + .blockLast(); + + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions?page=1&pageSize=5") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isEqualTo(5); + assertThat(response.getActionsList().get(0).getSaveInterval()).isEqualTo(saveInterval); + assertThat(response.getActionsList().get(4).getSaveInterval()).isEqualTo(saveInterval); + assertThat(response.getActionsList().get(0).getActionCreatedAt()).isEqualTo(actionsDaoList.get(5).getActionCreatedAt().toInstant().atOffset(ZoneOffset.UTC)); + assertThat(response.getActionsList().get(4).getActionCreatedAt()).isEqualTo(actionsDaoList.get(9).getActionCreatedAt().toInstant().atOffset(ZoneOffset.UTC)); + } + + @Test + void thatActionsCanBeListedWithShowLastHours() throws JsonProcessingException { + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(20, "test-user", OffsetDateTime.now().plusMinutes(30).truncatedTo(ChronoUnit.SECONDS)); + repository + .saveAll(actionsDaoList) + .blockLast(); + + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions?page=1&pageSize=20&showLastHours=12") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isEqualTo(12); + assertThat(response.getActionsList().get(0).getSaveInterval()).isEqualTo(saveInterval); + assertThat(objectMapper.writeValueAsString(response.getActionsList().get(0).getAction())).isEqualTo(objectMapper.writeValueAsString(actionsDaoList.get(0).getAction())); + assertThat(objectMapper.writeValueAsString(response.getActionsList().get(11).getAction())).isEqualTo(objectMapper.writeValueAsString(actionsDaoList.get(11).getAction())); + } + + @Test + void thatActionsCanNotBeListedWithWrongPageParameter() { + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoList(5, "test-user", OffsetDateTime.of(LocalDateTime.now().minusDays(2), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + repository + .saveAll(actionsDaoList) + .blockLast(); + + Problem response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions?page=0&pageSize=5") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.BAD_REQUEST.value()) + .extract() + .body() + .as(Problem.class); + + assertThat(response.getStatus()).isEqualTo(500); + } + + @Test + void thatActionsCanBeGetForUserWithShowLastHours(){ + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.now().plusMinutes(30).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList2 = ActionFixtures.actionsDaoList(10, "test2-user", OffsetDateTime.now().truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList3 = ActionFixtures.actionsDaoList(10, "test3-user", OffsetDateTime.now().truncatedTo(ChronoUnit.SECONDS)); + + actionsDaoList.addAll(actionsDaoList2); + actionsDaoList.addAll(actionsDaoList3); + + repository + .saveAll(actionsDaoList) + .blockLast(); + + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions/test-user?page=1&pageSize=20&showLastHours=2") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isEqualTo(2); + assertThat(response.getActionsList().get(0).getSaveInterval()).isEqualTo(saveInterval); + } + + @Test + void thatActionsCanBeGottenForUserWithShowLastHoursWithMinusValue(){ + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList2 = ActionFixtures.actionsDaoList(10, "test2-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList3 = ActionFixtures.actionsDaoList(10, "test3-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList4 = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now().plusHours(48), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + actionsDaoList.addAll(actionsDaoList2); + actionsDaoList.addAll(actionsDaoList3); + actionsDaoList.addAll(actionsDaoList4); + + repository + .saveAll(actionsDaoList) + .blockLast(); + + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions/test-user?page=1&pageSize=20&showLastHours=-2") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isEqualTo(10); + } + + @Test + void thatActionsCanBeGottenForUserWithoutParameter(){ + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList2 = ActionFixtures.actionsDaoList(10, "test2-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList3 = ActionFixtures.actionsDaoList(10, "test3-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList4 = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + actionsDaoList.addAll(actionsDaoList2); + actionsDaoList.addAll(actionsDaoList3); + actionsDaoList.addAll(actionsDaoList4); + repository + .saveAll(actionsDaoList) + .blockLast(); + + ActionsListResponse response = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions/test-user") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isEqualTo(10); + assertThat(response.getActionsList().get(0).getSaveInterval()).isEqualTo(saveInterval); + } + + @Test + void thatActionsCanBeGottenForUserWithShowLastHoursWithEmptyList() { + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList2 = ActionFixtures.actionsDaoList(10, "test2-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList3 = ActionFixtures.actionsDaoList(10, "test3-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList4 = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + actionsDaoList.addAll(actionsDaoList2); + actionsDaoList.addAll(actionsDaoList3); + actionsDaoList.addAll(actionsDaoList4); + repository + .saveAll(actionsDaoList) + .blockLast(); + + ActionsListResponse response = requestSpecification("test4-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions/test4-user?page=1&pageSize=20&showLastHours=2") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(response.getTotalCount()).isZero(); + } + + @Test + void thatActionsCanBeDeleted(){ + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.now().plusMinutes(30).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList2 = ActionFixtures.actionsDaoList(5, "test2-user", OffsetDateTime.now().truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList3 = ActionFixtures.actionsDaoList(3, "test3-user", OffsetDateTime.now().truncatedTo(ChronoUnit.SECONDS)); + actionsDaoList.addAll(actionsDaoList2); + actionsDaoList.addAll(actionsDaoList3); + repository + .saveAll(actionsDaoList) + .blockLast(); + + requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .delete( "/v1/actions/test-user?deleteAfterHours=2") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + ActionsListResponse responseGetUser = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID2 )) + .when() + .get( "/v1/actions/test-user?page=1&pageSize=20") + .then() + .header("X-Request-Id", X_REQUEST_ID2) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + ActionsListResponse responseGetUser2 = requestSpecification("test2-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID2 )) + .when() + .get( "/v1/actions/test2-user") + .then() + .header("X-Request-Id", X_REQUEST_ID2) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + ActionsListResponse responseGetUser3 = requestSpecification("test3-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID2 )) + .when() + .get( "/v1/actions/test3-user") + .then() + .header("X-Request-Id", X_REQUEST_ID2) + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(responseGetUser.getTotalCount()).isEqualTo(2); + assertThat(responseGetUser2.getTotalCount()).isEqualTo(5); + assertThat(responseGetUser3.getTotalCount()).isEqualTo(3); + } + + @Test + void thatActionsCanNotBeGetForUserBecauseOfWrongUserIdInToken(){ + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + repository + .saveAll(actionsDaoList) + .blockLast(); + + Problem response = requestSpecification("wrong-userId") + .given() + .accept(MediaType.APPLICATION_PROBLEM_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions/test-user") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.BAD_REQUEST.value()) + .extract() + .body() + .as(Problem.class); + + assertThat(response).isNotNull(); + assertThat(response.getStatus()).isEqualTo(HttpStatus.FORBIDDEN.value()); + } + + @Test + void thatActionsCanNotBeGetForUserBecauseOfWrongHeader(){ + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + repository + .saveAll(actionsDaoList) + .blockLast(); + + Problem response = wrongHeaderRequestSpecification("test-user") + .given() + .accept(MediaType.APPLICATION_PROBLEM_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID )) + .when() + .get( "/v1/actions/test-user") + .then() + .header("X-Request-Id", X_REQUEST_ID) + .statusCode(HttpStatus.BAD_REQUEST.value()) + .extract() + .body() + .as(Problem.class); + + assertThat(response).isNotNull(); + assertThat(response.getStatus()).isEqualTo(HttpStatus.FORBIDDEN.value()); + } + + @Test + void thatActionsCanBeDeletedForAllUsers(){ + // First mixed user actions for different users + List<ActionsDao> actionsDaoList = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now().minusHours(96), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList2 = ActionFixtures.actionsDaoList(8, "test2-user", OffsetDateTime.of(LocalDateTime.now().minusHours(24), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList3 = ActionFixtures.actionsDaoList(5, "test3-user", OffsetDateTime.of(LocalDateTime.now(), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + List<ActionsDao> actionsDaoList4 = ActionFixtures.actionsDaoListHourOffsetOnly(10, "test-user", OffsetDateTime.of(LocalDateTime.now().minusHours(48), ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS)); + + actionsDaoList.addAll(actionsDaoList2); + actionsDaoList.addAll(actionsDaoList3); + actionsDaoList.addAll(actionsDaoList4); + repository + .saveAll(actionsDaoList) + .blockLast(); + + actionsService.deleteActions(72).block(); + + ActionsListResponse responseGetUser = requestSpecification() + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID2 )) + .when() + .get( "/v1/actions/test-user?page=1&pageSize=20") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + ActionsListResponse responseGetUser2 = requestSpecification("test2-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID2 )) + .when() + .get( "/v1/actions/test2-user") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + ActionsListResponse responseGetUser3 = requestSpecification("test3-user") + .given() + .accept(MediaType.APPLICATION_JSON_VALUE) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .header(new Header("X-Request-Id", X_REQUEST_ID2 )) + .when() + .get( "/v1/actions/test3-user") + .then() + .statusCode(HttpStatus.OK.value()) + .extract() + .body() + .as(ActionsListResponse.class); + + assertThat(responseGetUser.getTotalCount()).isEqualTo(10); + assertThat(responseGetUser2.getTotalCount()).isEqualTo(8); + assertThat(responseGetUser3.getTotalCount()).isEqualTo(5); + } +} diff --git a/app/src/test/resources/application.yml b/app/src/test/resources/application.yml new file mode 100644 index 0000000..521befe --- /dev/null +++ b/app/src/test/resources/application.yml @@ -0,0 +1,38 @@ +server: + port: 9002 + address: 0.0.0.0 + +spring: + mongodb: + embedded: + version: 3.2.8 + jackson: + serialization: + # needed for serializing objects of type object + FAIL_ON_EMPTY_BEANS: false + security: + oauth2: + resourceserver: + jwt: + jwk-set-uri: http://localhost:${wiremock.server.port}/auth/realms/ONAP/protocol/openid-connect/certs #Keycloak Endpoint + +portal-history: + realm: ONAP + save-interval: 72 + delete-interval: '0 0 0 1 1 *' + +management: + endpoints: + web: + exposure: + include: "*" + info: + build: + enabled: true + env: + enabled: true + git: + enabled: true + java: + enabled: true + diff --git a/app/src/test/resources/logback-spring.xml b/app/src/test/resources/logback-spring.xml new file mode 100644 index 0000000..f4ef0bf --- /dev/null +++ b/app/src/test/resources/logback-spring.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration scan="true"> + <include resource="org/springframework/boot/logging/logback/defaults.xml"/> + + <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender"> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>${LOGBACK_LEVEL:-info}</level> + </filter> + <encoder class="net.logstash.logback.encoder.LogstashEncoder"/> + </appender> + + <root level="all"> + <appender-ref ref="stdout"/> + </root> +</configuration> |