Merge branch 'main' into feat/john/Better-submission-wizard-

OPASettings/config.yaml

@@ -0,0 +1,8 @@
+services:
+  acmecorp:
+    url: https://host.docker.internal:7157/api/OPA/BundleGet
+    allow_insecure_tls : true
+
+discovery:
+  service: acmecorp
+  resource: /example/discovery.tar.gz

OPASettings/discovery.rego

@@ -0,0 +1,13 @@
+package play
+import rego.v1
+import input
+
+default allow := false
+
+allow if {
+   print("input", input)
+   allowed_test
+}
+
+allowed_test if input.action.operation in ["ExecuteQuery", "AccessCatalog"]
+allowed_test if input.context.identity.user == input.action.resource.table.schemaName

README.md

@@ -1 +1,5 @@
-# DARE-Control
+# DARE-Control
+
+to connect them together
+u = sailegressapi
+pass = password123

docker-compose.yml

@@ -109,10 +109,30 @@ services:
       - 8181:8181 
     command:
       - "run"
-      - "--server"  
+      - "--server" 
+      - "-c"
+      - "config.yaml"
     networks:
       - communicating
-
+    volumes:
+      - ./OPASettings/config.yaml:/config.yaml
+
+   # command:
+   #   - "run" 
+   #   - "stuff/bundle.tar.gz"
+
+    #command:
+    #  - "build" 
+    #  - "-b" 
+    #  - "--debug"
+    #  - "stuff/"
+    #  - "-o"
+    #  - "stuff/bundle.tar.gz"
+    networks:
+      - communicating
+    volumes:
+      - ./OPASettings:/stuff:rw
+
   #postgresHasura:
   #  image: postgres:15
   #  restart: always

src/BL/Models/Submission.cs

@@ -33,6 +33,8 @@ public class Submission : BaseModel
         public StatusType Status { get; set; }
         public string? StatusDescription { get; set; }
 
+        public string? QueryToken { get; set; }
+
         public string GetTotalDisplayTime()
         {
             var end = EndTime == DateTime.MinValue ? (DateTime.Now).ToUniversalTime() : EndTime;

src/BL/Models/ViewModels/OPASettings.cs

@@ -7,6 +7,7 @@ public class OPASettings
         public double ExpiryDelayMinutes { get; set; }
         public bool UseRealExpiry { get; set; }
 
+        public string OPAPolicyUploadURL { get; set; }
     }
 }
 

src/BL/Services/BaseClientHelper.cs

@@ -153,7 +153,7 @@ protected async Task<HttpResponseMessage> ClientHelperRequestAsync(string endPoi
                         // Output the string contentsn
 
                     }
-                    Log.Information("{Function} Api returned an error for {endPoint} Response {Res} Error content {Content}", "ClientHelperRequestAsync",endPoint ,  res, content);
+                     Log.Information("{Function} Api returned an error for {endPoint} Response {Res} Error content {Content}", "ClientHelperRequestAsync",endPoint ,  res, content);
                     throw new Exception("API Call Failure: " + res.StatusCode + ": " + res.ReasonPhrase + " " + content);
                 }
                 Log.Information("{Function} The response {res}", "ClientHelperRequestAsync", res);

src/BL/Services/KeycloakTokenHelper.cs

@@ -36,13 +36,15 @@ public async Task<string> GetTokenForUser(string username, string password, stri
             string clientSecret = _clientSecret;
 
             Log.Information($"GetTokenForUser _proxyUrl > {_proxyUrl} UseProxy > {_useProxy}");
-
-            // Create an HttpClientHandler with proxy settings
-            HttpClientHandler handler = new HttpClientHandler
+            HttpClientHandler handler = new HttpClientHandler();
+            handler.UseProxy = _useProxy;
+            if (_useProxy)
             {
-                Proxy = new WebProxy(_proxyUrl), // Replace with your proxy server URL
-                UseProxy = _useProxy
-            };
+                // Create an HttpClientHandler with proxy settings
+                handler.Proxy = new WebProxy(_proxyUrl); // Replace with your proxy server URL
+
+            }
+
 
             // Create an HttpClient with the handler
             return await KeycloakCommon.GetTokenForUserGuts(username, password, requiredRole, handler, keycloakBaseUrl, clientId, clientSecret);

src/DARE-API/Controllers/TESController.cs

@@ -21,6 +21,10 @@
 using Newtonsoft.Json.Linq;
 using System.Net.Http.Json;
 using static System.Runtime.InteropServices.JavaScript.JSType;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication;
+using DARE_API.Services.Contract;
+using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 
 namespace DARE_API.Controllers
 {
@@ -33,6 +37,8 @@ namespace DARE_API.Controllers
     public class TaskServiceApiController : ControllerBase
     {
 
+
+        private readonly IKeyCloakService _IKeyCloakService;
         private readonly ApplicationDbContext _DbContext;
         private readonly IBus _rabbit;
         protected readonly IHttpContextAccessor _httpContextAccessor;
@@ -46,17 +52,21 @@ public class TaskServiceApiController : ControllerBase
             { TesView.FULL, new JsonSerializerSettings { ContractResolver = FullTesTaskContractResolver.Instance } }
         };
 
+        private readonly IKeyclockTokenAPIHelper _IKeyclockTokenAPIHelper;
+
         /// <summary>
         /// Contruct a <see cref="TaskServiceApiController"/>
         /// </summary>
         /// <param name="repository">The main <see cref="ApplicationDbContext"/> database repository</param>
         /// <param name="rabbit">The main <see cref="IBus"/> easynet q sender</param>
-        public TaskServiceApiController(ApplicationDbContext repository, IBus rabbit, IHttpContextAccessor httpContextAccessor)
+        public TaskServiceApiController(ApplicationDbContext repository, IBus rabbit, IHttpContextAccessor httpContextAccessor, 
+            IKeyclockTokenAPIHelper IKeyclockTokenAPIHelper, IKeyCloakService IKeyCloakService)
         {
             _DbContext = repository;
             _rabbit = rabbit;
             _httpContextAccessor = httpContextAccessor;
-
+            _IKeyclockTokenAPIHelper = IKeyclockTokenAPIHelper;
+            _IKeyCloakService = IKeyCloakService;
         }
 
         /// <summary>
@@ -299,7 +309,8 @@ public virtual async Task<IActionResult> CreateTaskAsync([FromBody] TesTask tesT
                     return BadRequest("No valid tres for this project " + project + ".");
                 }
 
-
+                var Token = HttpContext.Request.Headers["Authorization"].FirstOrDefault();
+                Token = Token.Replace("Bearer ", "");
                 var sub = new Submission()
                 {
                     DockerInputLocation = tesTask.Executors.First().Image,
@@ -310,6 +321,7 @@ public virtual async Task<IActionResult> CreateTaskAsync([FromBody] TesTask tesT
                     SubmittedBy = user,
                     TesName = tesTask.Name,
                     SourceCrate = tesTask.Executors.First().Image,
+                    QueryToken = Token
                 };
 
 
@@ -535,7 +547,7 @@ public virtual async Task<IActionResult> ListTasks([FromQuery] string namePrefix
         {
             try { 
             var decodedPageToken =
-                pageToken is not null ? Encoding.UTF8.GetString(Base64UrlTextEncoder.Decode(pageToken)) : null;
+                pageToken is not null ? Encoding.UTF8.GetString(Microsoft.AspNetCore.Authentication.Base64UrlTextEncoder.Decode(pageToken)) : null;
 
             if (pageSize < 1 || pageSize > 2047)
             {
@@ -561,7 +573,7 @@ public virtual async Task<IActionResult> ListTasks([FromQuery] string namePrefix
 
 
             var nextPageToken = finalList.continuation;
-            var encodedNextPageToken = nextPageToken is not null ? Base64UrlTextEncoder.Encode(Encoding.UTF8.GetBytes(nextPageToken)) : null;
+            var encodedNextPageToken = nextPageToken is not null ? Microsoft.AspNetCore.Authentication.Base64UrlTextEncoder.Encode(Encoding.UTF8.GetBytes(nextPageToken)) : null;
             var response = new TesListTasksResponse { Tasks = tesTasks.ToList(), NextPageToken = encodedNextPageToken };
 
             return TesJsonResult(response, view);