Skip to content

Commit

Permalink
HELLODATA-1881 - further fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
Slawomir Wieczorek committed Dec 13, 2024
1 parent 6ed8185 commit 181ea20
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 22 deletions.
21 changes: 20 additions & 1 deletion ...bedag/dap/hellodata/sidecars/sftpgo/listener/SftpGoPublishedAppInfoResourcesConsumer.java
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,29 @@
package ch.bedag.dap.hellodata.sidecars.sftpgo.listener;

import ch.bedag.dap.hellodata.commons.SlugifyUtil;
import ch.bedag.dap.hellodata.commons.nats.annotation.JetStreamSubscribe;
import ch.bedag.dap.hellodata.commons.sidecars.context.HdBusinessContextInfo;
import ch.bedag.dap.hellodata.commons.sidecars.context.HdContextType;
import ch.bedag.dap.hellodata.commons.sidecars.resources.v1.appinfo.AppInfoResource;
import ch.bedag.dap.hellodata.sidecars.sftpgo.client.model.Permission;
import ch.bedag.dap.hellodata.sidecars.sftpgo.service.SftpGoService;
import lombok.AllArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.springframework.stereotype.Service;

import java.util.List;

import static ch.bedag.dap.hellodata.commons.sidecars.events.HDEvent.PUBLISH_APP_INFO_RESOURCES;

@Log4j2
@Service
@AllArgsConstructor
public class SftpGoPublishedAppInfoResourcesConsumer {

public static final String ADMIN_GROUP_POSTFIX = "-admin";
public static final String EDITOR_GROUP_POSTFIX = "-editor";
public static final String VIEWER_GROUP_POSTFIX = "-viewer";

private final SftpGoService sftpGoService;

@SuppressWarnings("unused")
Expand All @@ -27,7 +35,18 @@ public void subscribe(AppInfoResource appInfoResource) {
log.info("------- Received appInfo resource {}, for the following context config {}", appInfoResource, businessContextInfo);
String dataDomainKey = subContext.getKey();
log.info("--> Creating missing groups with virtual folders for the data domain: {} ", dataDomainKey);
sftpGoService.createGroup(dataDomainKey, subContext.getName());
String groupName = SlugifyUtil.slugify(dataDomainKey, "");
sftpGoService.createGroup(dataDomainKey, subContext.getName(), groupName + ADMIN_GROUP_POSTFIX, List.of(Permission.STAR));
sftpGoService.createGroup(dataDomainKey, subContext.getName(), groupName + EDITOR_GROUP_POSTFIX,
List.of(Permission.LIST,
Permission.DOWNLOAD,
Permission.RENAME,
Permission.OVERWRITE,
Permission.RENAME_DIRS,
Permission.COPY,
Permission.CREATE_DIRS));
sftpGoService.createGroup(dataDomainKey, subContext.getName(), groupName + VIEWER_GROUP_POSTFIX,
List.of(Permission.LIST, Permission.DOWNLOAD));
}
}
}
31 changes: 18 additions & 13 deletions .../ch/bedag/dap/hellodata/sidecars/sftpgo/listener/SftpGoUpdateUserContextRoleConsumer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

import ch.bedag.dap.hellodata.commons.SlugifyUtil;
import ch.bedag.dap.hellodata.commons.nats.annotation.JetStreamSubscribe;
import ch.bedag.dap.hellodata.commons.sidecars.context.HelloDataContextConfig;
import ch.bedag.dap.hellodata.commons.sidecars.context.role.HdRoleName;
import ch.bedag.dap.hellodata.commons.sidecars.resources.v1.user.data.UserContextRoleUpdate;
import ch.bedag.dap.hellodata.sidecars.sftpgo.client.model.GroupMapping;
Expand All @@ -18,6 +19,7 @@
import java.util.UUID;

import static ch.bedag.dap.hellodata.commons.sidecars.events.HDEvent.UPDATE_USER_CONTEXT_ROLE;
import static ch.bedag.dap.hellodata.sidecars.sftpgo.listener.SftpGoPublishedAppInfoResourcesConsumer.*;
import static ch.bedag.dap.hellodata.sidecars.sftpgo.service.SftpGoService.ADMIN_GROUP_NAME;

@Log4j2
Expand All @@ -27,6 +29,7 @@ public class SftpGoUpdateUserContextRoleConsumer {

private final SftpGoService sftpGoService;
private final SftpGoUserResourceProviderService sftpGoUserResourceProviderService;
private final HelloDataContextConfig helloDataContextConfig;

@SuppressWarnings("unused")
@JetStreamSubscribe(event = UPDATE_USER_CONTEXT_ROLE)
Expand All @@ -42,41 +45,43 @@ public void processContextRoleUpdate(UserContextRoleUpdate userContextRoleUpdate
}
}

private void addGroup(GroupMapping.TypeEnum type, String adminGroupName, User user) {
private void addUserToGroup(GroupMapping.TypeEnum type, String adminGroupName, User user) {
GroupMapping groupMapping = new GroupMapping();
groupMapping.type(type);
groupMapping.name(adminGroupName);
user.addGroupsItem(groupMapping);
}

private void removeGroup(User user, String adminGroupName) {
private void removeUserFromGroup(User user, String adminGroupName) {
user.setGroups(new ArrayList<>(user.getGroups().stream().filter(groupMapping -> !groupMapping.getName().equalsIgnoreCase(adminGroupName)).toList()));
}

private void checkDataDomainRoles(UserContextRoleUpdate userContextRoleUpdate, User user) {
userContextRoleUpdate.getContextRoles().stream()
.filter(contextRole -> contextRole.getParentContextKey() != null).forEach(userContextRole -> {
.filter(contextRole -> !contextRole.getContextKey().equalsIgnoreCase(helloDataContextConfig.getBusinessContext().getKey())).forEach(userContextRole -> {
String groupName = SlugifyUtil.slugify(userContextRole.getContextKey(), "");
removeUserFromGroup(user, groupName + ADMIN_GROUP_POSTFIX);
removeUserFromGroup(user, groupName + EDITOR_GROUP_POSTFIX);
removeUserFromGroup(user, groupName + VIEWER_GROUP_POSTFIX);
switch (userContextRole.getRoleName()) {
case NONE -> removeGroup(user, groupName);
case DATA_DOMAIN_ADMIN, DATA_DOMAIN_EDITOR, DATA_DOMAIN_VIEWER -> { //TODO ACL based on permission level
removeGroup(user, ADMIN_GROUP_NAME);
addGroup(GroupMapping.TypeEnum.NUMBER_2, groupName, user);
}
case DATA_DOMAIN_ADMIN ->
addUserToGroup(GroupMapping.TypeEnum.NUMBER_2, groupName + ADMIN_GROUP_POSTFIX, user);
case DATA_DOMAIN_EDITOR ->
addUserToGroup(GroupMapping.TypeEnum.NUMBER_2, groupName + EDITOR_GROUP_POSTFIX, user);
case DATA_DOMAIN_VIEWER ->
addUserToGroup(GroupMapping.TypeEnum.NUMBER_2, groupName + VIEWER_GROUP_POSTFIX, user);
}
});
}

private void checkBusinessContextRole(UserContextRoleUpdate userContextRoleUpdate, User user) {
Optional<UserContextRoleUpdate.ContextRole> businessDomainRole = userContextRoleUpdate.getContextRoles().stream()
.filter(contextRole -> contextRole.getParentContextKey() == null).findFirst();
.filter(contextRole -> contextRole.getContextKey().equalsIgnoreCase(helloDataContextConfig.getBusinessContext().getKey())).findFirst();
businessDomainRole.ifPresent(businessDomainRoleContext -> {
HdRoleName roleName = businessDomainRoleContext.getRoleName();
removeUserFromGroup(user, ADMIN_GROUP_NAME);
if (roleName != HdRoleName.NONE) {
removeGroup(user, ADMIN_GROUP_NAME);
addGroup(GroupMapping.TypeEnum.NUMBER_1, ADMIN_GROUP_NAME, user);
} else {
removeGroup(user, ADMIN_GROUP_NAME);
addUserToGroup(GroupMapping.TypeEnum.NUMBER_1, ADMIN_GROUP_NAME, user);
}
});
}
Expand Down
26 changes: 18 additions & 8 deletions ...ar-sftpgo/src/main/java/ch/bedag/dap/hellodata/sidecars/sftpgo/service/SftpGoService.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
package ch.bedag.dap.hellodata.sidecars.sftpgo.service;

import ch.bedag.dap.hellodata.commons.SlugifyUtil;
import ch.bedag.dap.hellodata.sidecars.sftpgo.client.api.FoldersApi;
import ch.bedag.dap.hellodata.sidecars.sftpgo.client.api.GroupsApi;
import ch.bedag.dap.hellodata.sidecars.sftpgo.client.api.TokenApi;
Expand All @@ -21,6 +20,7 @@
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import static ch.bedag.dap.hellodata.sidecars.sftpgo.client.model.Permission.STAR;
import static org.springframework.web.reactive.function.client.WebClientResponseException.Conflict;
Expand Down Expand Up @@ -104,10 +104,9 @@ public User createUser(String email, String username, String password) {
return createdUser;
}

public void createGroup(String dataDomainKey, String dataDomainName) {
public void createGroup(String dataDomainKey, String dataDomainName, String groupName, List<Permission> permissions) {
refreshToken();
GroupsApi groupsApi = new GroupsApi(apiClient);
String groupName = SlugifyUtil.slugify(dataDomainKey, "");
try {
Group existingGroup = groupsApi.getGroupByName(groupName, 0).block();
log.info("Group {} already exists", existingGroup.getName());
Expand All @@ -117,10 +116,16 @@ public void createGroup(String dataDomainKey, String dataDomainName) {
Group group = new Group();
group.setName(groupName);
group.setDescription(dataDomainName);

VirtualFolder vf = createVirtualFolder(dataDomainKey, dataDomainName, groupName);
List<VirtualFolder> virtualFolders = new ArrayList<>();
virtualFolders.add(vf);
group.setVirtualFolders(virtualFolders);
group.setVirtualFolders(List.of(vf));

GroupUserSettings groupUserSettings = new GroupUserSettings();
Map<String, List<Permission>> permissionsMap = new HashMap<>();
permissionsMap.put(vf.getVirtualPath() + "/*", permissions);
groupUserSettings.setPermissions(permissionsMap);
group.setUserSettings(groupUserSettings);

groupsApi.addGroup(group, 0).block();
log.info("Group {} created", groupName);
}
Expand All @@ -147,6 +152,12 @@ private void createAdminGroup(GroupsApi groupsApi) {
FoldersApi foldersApi = new FoldersApi(apiClient);
BaseVirtualFolder createdFolder = foldersApi.addFolder(baseVirtualFolder, 0).block();

Group group = getGroup(createdFolder);
groupsApi.addGroup(group, 0).block();
log.info("Admin group created");
}

private Group getGroup(BaseVirtualFolder createdFolder) {
Group group = new Group();
group.setName(ADMIN_GROUP_NAME);
group.setDescription("Admin group");
Expand All @@ -158,8 +169,7 @@ private void createAdminGroup(GroupsApi groupsApi) {
List<VirtualFolder> virtualFolders = new ArrayList<>();
virtualFolders.add(virtualFolder);
group.setVirtualFolders(virtualFolders);
groupsApi.addGroup(group, 0).block();
log.info("Admin group created");
return group;
}

private VirtualFolder createVirtualFolder(String dataDomainKey, String dataDomainName, String groupName) {
Expand Down

0 comments on commit 181ea20

Please sign in to comment.