diff --git a/.env.unix.example b/.env.unix.example index b352e9a482a5f582dd36e11aa32700e81ebcd824..2919f4e34af0acdbe9c1ce8be80ca9975bcd946a 100644 --- a/.env.unix.example +++ b/.env.unix.example @@ -20,4 +20,5 @@ SHARED_FILESYSTEM=/tmp LOG_LEVEL=trace # error, warning, info, debug, trace DEFAULT_ROLES=ROLE_RESEARCHER SUPERUSERS=user1,user2 -ELASTIC_PASSWORD=elastic \ No newline at end of file +ELASTIC_PASSWORD=elastic +CLIENT_SECRET=client-secret \ No newline at end of file diff --git a/.env.win.example b/.env.win.example index cf27aca493364a3665bd177230f9028384a2413a..12dd7219a161ff66ac0efb10fd8e59114ff9c24e 100644 --- a/.env.win.example +++ b/.env.win.example @@ -20,4 +20,5 @@ SHARED_FILESYSTEM=C:\tmp LOG_LEVEL=trace # error, warning, info, debug, trace DEFAULT_ROLES=ROLE_RESEARCHER SUPERUSERS=user1,user2 -ELASTIC_PASSWORD=elastic \ No newline at end of file +ELASTIC_PASSWORD=elastic +CLIENT_SECRET=client-secret \ No newline at end of file diff --git a/fda-container-service/Dockerfile b/fda-container-service/Dockerfile index 4752a4a140b1dd52e256350862067102131a78cd..0ea94f5755f709e7bd39a74073675eb150b1e964 100644 --- a/fda-container-service/Dockerfile +++ b/fda-container-service/Dockerfile @@ -29,6 +29,8 @@ ENV BROKER_PASSWORD=fda ENV SHARED_FILESYSTEM=/tmp ENV USER_NETWORK=userdb ENV LOG_LEVEL=debug +ENV CLIENT_SECRET=client-secret +ENV CLIENT_ID=dbrepo-client COPY ./service_ready /usr/bin RUN chmod +x /usr/bin/service_ready diff --git a/fda-container-service/rest-service/src/main/java/at/tuwien/endpoints/ContainerEndpoint.java b/fda-container-service/rest-service/src/main/java/at/tuwien/endpoints/ContainerEndpoint.java index 5c3d11e564d31020f65612052bbe570c212f887d..10455f9f964dd5385f1a3a84b0b40f57d0e6c0c5 100644 --- a/fda-container-service/rest-service/src/main/java/at/tuwien/endpoints/ContainerEndpoint.java +++ b/fda-container-service/rest-service/src/main/java/at/tuwien/endpoints/ContainerEndpoint.java @@ -60,7 +60,7 @@ public class ContainerEndpoint { @PostMapping @Transactional - @PreAuthorize("hasRole('ROLE_RESEARCHER')") + @PreAuthorize("hasAuthority('create-container')") @Operation(summary = "Create container", security = @SecurityRequirement(name = "bearerAuth")) public ResponseEntity<ContainerBriefDto> create(@Valid @RequestBody ContainerCreateRequestDto data, @NotNull Principal principal) diff --git a/fda-container-service/rest-service/src/main/resources/application-docker.yml b/fda-container-service/rest-service/src/main/resources/application-docker.yml index 9a58c8b516c57865f776419cbb58367aeb7334cb..83273c8f26d06baaa4ba9504ff1b370fd052bdbd 100644 --- a/fda-container-service/rest-service/src/main/resources/application-docker.yml +++ b/fda-container-service/rest-service/src/main/resources/application-docker.yml @@ -38,4 +38,6 @@ fda: network: userdb mount.path: /tmp ready.path: /ready + client_secret: "${CLIENT_SECRET}" + client_id: "${CLIENT_ID}" gateway.endpoint: http://gateway-service:9095 \ No newline at end of file diff --git a/fda-container-service/rest-service/src/main/resources/application-local.yml b/fda-container-service/rest-service/src/main/resources/application-local.yml index 13b0d446f6fe261b5567a2464802babdc77777fd..2a14576f355a68fe45af18459fea6dde9906fc37 100644 --- a/fda-container-service/rest-service/src/main/resources/application-local.yml +++ b/fda-container-service/rest-service/src/main/resources/application-local.yml @@ -38,4 +38,6 @@ fda: network: userdb mount.path: /tmp ready.path: ./ready + client_secret: Gp9IALXWsfftK8ek1J6jNT9hNfWV5U5c + client_id: dbrepo-client gateway.endpoint: http://localhost:9095 \ No newline at end of file diff --git a/fda-container-service/rest-service/src/main/resources/application.yml b/fda-container-service/rest-service/src/main/resources/application.yml index e23246138ad7d1da2662c846daa8531d0152f4e5..c51eb9dd4061ac980c84aeb7d6776c38ff58b494 100644 --- a/fda-container-service/rest-service/src/main/resources/application.yml +++ b/fda-container-service/rest-service/src/main/resources/application.yml @@ -38,4 +38,6 @@ fda: network: "${USER_NETWORK}" mount.path: "${SHARED_FILESYSTEM}" ready.path: /ready + client_secret: "${CLIENT_SECRET}" + client_id: "${CLIENT_ID}" gateway.endpoint: http://gateway-service:9095 \ No newline at end of file diff --git a/fda-container-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java b/fda-container-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java index 0a59ea1f4519a9212ddabb9f05ed96276fc07441..5fd75bb0250fededa0da2b1a2401f56cbbbc725b 100644 --- a/fda-container-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java +++ b/fda-container-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java @@ -34,7 +34,7 @@ public abstract class BaseUnitTest { .authority("ROLE_RESEARCHER") .build(); - public final static Long USER_1_ID = 1L; + public final static String USER_1_ID = "090dc12a-a46a-4515-b1f0-cff697d5f985"; public final static String USER_1_USERNAME = "junit"; public final static String USER_1_EMAIL = "junit@gmail.com"; public final static String USER_1_AFFILIATION = "TU Wien"; @@ -89,7 +89,7 @@ public abstract class BaseUnitTest { public final static Principal USER_1_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_1_DETAILS, USER_1_PASSWORD, USER_1_DETAILS.getAuthorities()); - public final static Long USER_2_ID = 2L; + public final static String USER_2_ID = "0153f998-bd4c-4154-993e-75c355499044"; public final static String USER_2_USERNAME = "dev"; public final static String USER_2_EMAIL = "dev@gmail.com"; public final static Boolean USER_2_EMAIL_VERIFIED = false; @@ -126,7 +126,7 @@ public abstract class BaseUnitTest { public final static Principal USER_2_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_2_DETAILS, USER_2_PASSWORD, USER_2_DETAILS.getAuthorities()); - public final static Long USER_3_ID = 3L; + public final static String USER_3_ID = "fea123c7-1851-4e01-969a-53407fa6a451"; public final static String USER_3_USERNAME = "steward"; public final static String USER_3_EMAIL = "steward@gmail.com"; public final static Boolean USER_3_EMAIL_VERIFIED = false; @@ -163,6 +163,7 @@ public abstract class BaseUnitTest { public final static Principal USER_3_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_3_DETAILS, USER_3_PASSWORD, USER_3_DETAILS.getAuthorities()); + public final static String USER_4_ID = "824d2c13-78d9-43c5-a4af-288120e2b44b"; public final static String USER_4_USERNAME = "nobody"; public final static String USER_4_EMAIL = "nobody@gmail.com"; public final static Boolean USER_4_EMAIL_VERIFIED = false; @@ -171,6 +172,7 @@ public abstract class BaseUnitTest { public final static String USER_4_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; public final static User USER_4 = User.builder() + .id(USER_4_ID) .username(USER_4_USERNAME) .email(USER_4_EMAIL) .emailVerified(USER_4_EMAIL_VERIFIED) @@ -180,7 +182,7 @@ public abstract class BaseUnitTest { .roles(List.of()) .build(); - public final static Long USER_5_ID = 5L; + public final static String USER_5_ID = "d2f3a8f4-c7fe-49e8-9d14-6dad0f6b9406"; public final static String USER_5_USERNAME = "mweise"; public final static String USER_5_EMAIL = "mweise@gmail.com"; public final static Boolean USER_5_EMAIL_VERIFIED = false; diff --git a/fda-container-service/services/src/main/java/at/tuwien/config/GatewayConfig.java b/fda-container-service/services/src/main/java/at/tuwien/config/GatewayConfig.java index a6a8a2003ea62692634571d94edd5cc37f177d32..a6b06b72a439c55a13e231a6b48d1f04673f2c07 100644 --- a/fda-container-service/services/src/main/java/at/tuwien/config/GatewayConfig.java +++ b/fda-container-service/services/src/main/java/at/tuwien/config/GatewayConfig.java @@ -1,17 +1,25 @@ package at.tuwien.config; +import lombok.Getter; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.client.RestTemplate; import org.springframework.web.util.DefaultUriBuilderFactory; +@Getter @Configuration public class GatewayConfig { @Value("${fda.gateway.endpoint}") private String gatewayEndpoint; + @Value("${fda.client_secret}") + private String clientSecret; + + @Value("${fda.client_id}") + private String clientId; + @Bean public RestTemplate restTemplate() { final RestTemplate restTemplate = new RestTemplate(); diff --git a/fda-container-service/services/src/main/java/at/tuwien/gateway/impl/AuthenticationServiceGatewayImpl.java b/fda-container-service/services/src/main/java/at/tuwien/gateway/impl/AuthenticationServiceGatewayImpl.java index 2a922bc209fe774f297aa9917301f565203deb6b..f2e5e35219547b0c54dbedfeac9cde4577d18472 100644 --- a/fda-container-service/services/src/main/java/at/tuwien/gateway/impl/AuthenticationServiceGatewayImpl.java +++ b/fda-container-service/services/src/main/java/at/tuwien/gateway/impl/AuthenticationServiceGatewayImpl.java @@ -1,6 +1,9 @@ package at.tuwien.gateway.impl; -import at.tuwien.api.user.UserDto; +import at.tuwien.api.auth.TokenIntrospectDto; +import at.tuwien.api.user.UserBriefDto; +import at.tuwien.api.user.UserDetailsDto; +import at.tuwien.config.GatewayConfig; import at.tuwien.gateway.AuthenticationServiceGateway; import at.tuwien.mapper.UserMapper; import lombok.extern.slf4j.Slf4j; @@ -8,6 +11,8 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.*; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Service; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; import org.springframework.web.client.HttpStatusCodeException; import org.springframework.web.client.RestTemplate; @@ -19,25 +24,35 @@ public class AuthenticationServiceGatewayImpl implements AuthenticationServiceGa private final UserMapper userMapper; private final RestTemplate restTemplate; + private final GatewayConfig gatewayConfig; @Autowired - public AuthenticationServiceGatewayImpl(UserMapper userMapper, RestTemplate restTemplate) { + public AuthenticationServiceGatewayImpl(UserMapper userMapper, RestTemplate restTemplate, GatewayConfig gatewayConfig) { this.userMapper = userMapper; this.restTemplate = restTemplate; + this.gatewayConfig = gatewayConfig; } @Override public UserDetails validate(String token) throws ServletException { final HttpHeaders headers = new HttpHeaders(); - headers.set("Authorization", "Bearer " + token); + headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); + final MultiValueMap<String, String> body = new LinkedMultiValueMap<>(); + body.add("client_secret", gatewayConfig.getClientSecret()); + body.add("client_id", gatewayConfig.getClientId()); + body.add("token", token); try { - final ResponseEntity<UserDto> response = restTemplate.exchange("/api/auth", HttpMethod.PUT, - new HttpEntity<>(null, headers), UserDto.class); - if (!response.getStatusCode().equals(HttpStatus.ACCEPTED)) { + final ResponseEntity<TokenIntrospectDto> response = restTemplate.exchange("/api/auth/realms/dbrepo/protocol/openid-connect/token/introspect", HttpMethod.POST, + new HttpEntity<>(body, headers), TokenIntrospectDto.class); + if (!response.getStatusCode().equals(HttpStatus.OK)) { log.error("Failed to validate token with status code {}", response.getStatusCode()); - throw new ServletException("Failed to validate token"); + throw new ServletException("Failed to validate token: http status code is not ok"); + } else if (response.getBody() == null) { + throw new ServletException("Failed to validate token: body is null"); + } else if (!response.getBody().getActive()) { + throw new ServletException("Failed to validate token: token is not active"); } - final UserDetails dto = userMapper.userDtoToUserDetailsDto(response.getBody()); + final UserDetailsDto dto = userMapper.tokenIntrospectDtoToUserDetailsDto(response.getBody()); log.trace("gateway authenticated user {}", dto); return dto; } catch (HttpStatusCodeException e) { diff --git a/fda-container-service/services/src/main/java/at/tuwien/mapper/UserMapper.java b/fda-container-service/services/src/main/java/at/tuwien/mapper/UserMapper.java index 56ea4ffa88bebad519c932dc52ebdf8ea94bd06e..e5ebe0bde07b297692218a9f953b349e27b7f71a 100644 --- a/fda-container-service/services/src/main/java/at/tuwien/mapper/UserMapper.java +++ b/fda-container-service/services/src/main/java/at/tuwien/mapper/UserMapper.java @@ -1,18 +1,33 @@ package at.tuwien.mapper; +import at.tuwien.api.auth.TokenIntrospectDto; import at.tuwien.api.user.GrantedAuthorityDto; +import at.tuwien.api.user.UserBriefDto; import at.tuwien.api.user.UserDetailsDto; -import at.tuwien.api.user.UserDto; import org.mapstruct.Mapper; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; + @Mapper(componentModel = "spring") public interface UserMapper { org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(UserMapper.class); - UserDetailsDto userDtoToUserDetailsDto(UserDto data); + UserDetailsDto userBriefDtoToUserDetailsDto(UserBriefDto data); + + default UserDetailsDto tokenIntrospectDtoToUserDetailsDto(TokenIntrospectDto data) { + return UserDetailsDto.builder() + .id(data.getSub()) + .username(data.getUsername()) + .authorities(Arrays.stream(data.getRealmAccess().getRoles()) + .map(SimpleGrantedAuthority::new) + .collect(Collectors.toList())) + .build(); + } default GrantedAuthority grantedAuthorityDtoToGrantedAuthority(GrantedAuthorityDto data) { final GrantedAuthority authority = new SimpleGrantedAuthority(data.getAuthority()); diff --git a/fda-container-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java b/fda-container-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java index 6ff7d02b4d002dfb2c6b49fa5bc626429794c44e..52fec3af7ca856095581bd2dae572134ceb263b0 100644 --- a/fda-container-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java +++ b/fda-container-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java @@ -25,8 +25,8 @@ public class UserServiceImpl implements UserService { public User findByUsername(String username) throws UserNotFoundException { final Optional<User> optional = userRepository.findByUsername(username); if (optional.isEmpty()) { - log.error("Failed to find user with username {}", username); - throw new UserNotFoundException("Failed to find user"); + log.error("Failed to find user with username '{}'", username); + throw new UserNotFoundException("Failed to find user with username '" + username + "'"); } return optional.get(); } diff --git a/fda-database-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java b/fda-database-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java index e32140f007c003e33e6a48b9224080ea216d3d58..9b95bc1c4daa1866212e6af8f59e1afdc8a41ffb 100644 --- a/fda-database-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java +++ b/fda-database-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java @@ -78,7 +78,7 @@ public abstract class BaseUnitTest { .image(IMAGE_SEARCH) .build(); - public final static Long USER_1_ID = 1L; + public final static String USER_1_ID = "090dc12a-a46a-4515-b1f0-cff697d5f985"; public final static String USER_1_USERNAME = "junit"; public final static String USER_1_PASSWORD = "junit"; public final static String USER_1_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; @@ -116,6 +116,7 @@ public abstract class BaseUnitTest { .build(); public final static UserDetails USER_1_DETAILS = UserDetailsDto.builder() + .id(USER_1_ID) .username(USER_1_USERNAME) .email(USER_1_EMAIL) .password(USER_1_PASSWORD) @@ -125,11 +126,13 @@ public abstract class BaseUnitTest { public final static Principal USER_1_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_1_DETAILS, USER_1_PASSWORD, USER_1_DETAILS.getAuthorities()); - public final static Long USER_2_ID = 2L; - public final static String USER_2_USERNAME = "junit2"; - public final static String USER_2_PASSWORD = "junit2"; + public final static String USER_2_ID = "0153f998-bd4c-4154-993e-75c355499044"; + public final static String USER_2_USERNAME = "dev"; + public final static String USER_2_EMAIL = "dev@gmail.com"; + public final static Boolean USER_2_EMAIL_VERIFIED = false; + public final static Boolean USER_2_THEME_DARK = false; + public final static String USER_2_PASSWORD = "p455w0rdh45"; public final static String USER_2_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; - public final static String USER_2_EMAIL = "junit2@ossdip.at"; public final static Boolean USER_2_VERIFIED = true; public final static Boolean USER_2_THEME = false; @@ -172,11 +175,13 @@ public abstract class BaseUnitTest { public final static Principal USER_2_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_2_DETAILS, USER_2_PASSWORD, USER_2_DETAILS.getAuthorities()); - public final static Long USER_3_ID = 3L; - public final static String USER_3_USERNAME = "junit3"; - public final static String USER_3_PASSWORD = "junit3"; + public final static String USER_3_ID = "fea123c7-1851-4e01-969a-53407fa6a451"; + public final static String USER_3_USERNAME = "steward"; + public final static String USER_3_EMAIL = "steward@gmail.com"; + public final static Boolean USER_3_EMAIL_VERIFIED = false; + public final static Boolean USER_3_THEME_DARK = false; + public final static String USER_3_PASSWORD = "p455w0rdh45"; public final static String USER_3_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; - public final static String USER_3_EMAIL = "junit3@ossdip.at"; public final static Boolean USER_3_VERIFIED = true; public final static Boolean USER_3_THEME = false; @@ -184,10 +189,9 @@ public abstract class BaseUnitTest { .id(USER_3_ID) .username(USER_3_USERNAME) .email(USER_3_EMAIL) - .emailVerified(USER_3_VERIFIED) - .themeDark(USER_3_THEME) + .emailVerified(USER_3_EMAIL_VERIFIED) + .themeDark(USER_3_THEME_DARK) .password(USER_3_PASSWORD) - .roles(List.of(RoleType.ROLE_DEVELOPER)) .databasePassword(USER_3_DATABASE_PASSWORD) .build(); @@ -212,22 +216,23 @@ public abstract class BaseUnitTest { public final static Principal USER_3_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_3_DETAILS, USER_3_PASSWORD, USER_3_DETAILS.getAuthorities()); - public final static Long USER_4_ID = 4L; - public final static String USER_4_USERNAME = "junit4"; - public final static String USER_4_PASSWORD = "junit4"; - public final static String USER_4_DATABASE_PASSWORD = "*A8C67ABBEAE847AABCF49680A157D85D44A117E9"; - public final static String USER_4_EMAIL = "junit4@ossdip.at"; - public final static Boolean USER_4_VERIFIED = true; - public final static Boolean USER_4_THEME = false; + public final static String USER_4_ID = "824d2c13-78d9-43c5-a4af-288120e2b44b"; + public final static String USER_4_USERNAME = "nobody"; + public final static String USER_4_EMAIL = "nobody@gmail.com"; + public final static Boolean USER_4_EMAIL_VERIFIED = false; + public final static Boolean USER_4_THEME_DARK = false; + public final static String USER_4_PASSWORD = "p455w0rdh45"; + public final static String USER_4_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; public final static User USER_4 = User.builder() .id(USER_4_ID) .username(USER_4_USERNAME) .email(USER_4_EMAIL) - .emailVerified(USER_4_VERIFIED) - .themeDark(USER_4_THEME) + .emailVerified(USER_4_EMAIL_VERIFIED) + .themeDark(USER_4_THEME_DARK) .password(USER_4_PASSWORD) .databasePassword(USER_4_DATABASE_PASSWORD) + .roles(List.of()) .build(); public final static UserDetails USER_4_DETAILS = UserDetailsDto.builder() diff --git a/fda-database-service/rest-service/src/test/java/at/tuwien/endpoint/AccessEndpointUnitTest.java b/fda-database-service/rest-service/src/test/java/at/tuwien/endpoint/AccessEndpointUnitTest.java index 5df660db4becde7c2a2fac25a45f5f323b285561..a8f560b3b325ce7e3731819a24bdc8e83c7bb309 100644 --- a/fda-database-service/rest-service/src/test/java/at/tuwien/endpoint/AccessEndpointUnitTest.java +++ b/fda-database-service/rest-service/src/test/java/at/tuwien/endpoint/AccessEndpointUnitTest.java @@ -260,7 +260,7 @@ public class AccessEndpointUnitTest extends BaseUnitTest { } protected void generic_find(Long containerId, Long databaseId, Database database, DatabaseAccess access, - String username, Long userId, Principal principal) throws AccessDeniedException, + String username, String userId, Principal principal) throws AccessDeniedException, NotAllowedException { /* mock */ diff --git a/fda-database-service/rest-service/src/test/java/at/tuwien/service/AccessServiceIntegrationTest.java b/fda-database-service/rest-service/src/test/java/at/tuwien/service/AccessServiceIntegrationTest.java index fc5b005e1a6cc39e77424bf5de95586b6440d79b..eb7a433d7da378ff8011fcf16edb045f791ce534 100644 --- a/fda-database-service/rest-service/src/test/java/at/tuwien/service/AccessServiceIntegrationTest.java +++ b/fda-database-service/rest-service/src/test/java/at/tuwien/service/AccessServiceIntegrationTest.java @@ -283,7 +283,7 @@ public class AccessServiceIntegrationTest extends BaseUnitTest { /* ## GENERIC TEST CASES ## */ /* ################################################################################################### */ - protected void create_generic(AccessTypeDto accessTypeDto, AccessType access, String username, Long userId) + protected void create_generic(AccessTypeDto accessTypeDto, AccessType access, String username, String userId) throws UserNotFoundException, NotAllowedException, QueryMalformedException, DatabaseNotFoundException, DatabaseMalformedException { final DatabaseGiveAccessDto request = DatabaseGiveAccessDto.builder() @@ -301,7 +301,7 @@ public class AccessServiceIntegrationTest extends BaseUnitTest { } protected void update_generic(Long containerId, Long databaseId, AccessTypeDto accessTypeDto, AccessType access, - String username, Long userId) throws UserNotFoundException, NotAllowedException, + String username, String userId) throws UserNotFoundException, NotAllowedException, QueryMalformedException, DatabaseNotFoundException, DatabaseMalformedException { final DatabaseModifyAccessDto request = DatabaseModifyAccessDto.builder() .type(accessTypeDto) diff --git a/fda-database-service/services/src/main/java/at/tuwien/repository/jpa/DatabaseAccessRepository.java b/fda-database-service/services/src/main/java/at/tuwien/repository/jpa/DatabaseAccessRepository.java index 96da3fff83f35aa9282f506199cab200a3e192ab..62123403ef4e1acc3d95cfbc8c242cf62daf7592 100644 --- a/fda-database-service/services/src/main/java/at/tuwien/repository/jpa/DatabaseAccessRepository.java +++ b/fda-database-service/services/src/main/java/at/tuwien/repository/jpa/DatabaseAccessRepository.java @@ -12,9 +12,9 @@ import java.util.Optional; @Repository public interface DatabaseAccessRepository extends JpaRepository<DatabaseAccess, Long> { - void deleteByHdbidAndHuserid(Long databaseId, Long userId); + void deleteByHdbidAndHuserid(Long databaseId, String userId); - Optional<DatabaseAccess> findByHdbidAndHuserid(Long databaseId, Long userId); + Optional<DatabaseAccess> findByHdbidAndHuserid(Long databaseId, String userId); List<DatabaseAccess> findByHdbid(Long databaseId); diff --git a/fda-identifier-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java b/fda-identifier-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java index 33ca36bbbf648eb77d133a5fe65bc2ceb0abec03..7e471a4206dfb6000273e78c6ccdb49a368f5323 100644 --- a/fda-identifier-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java +++ b/fda-identifier-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java @@ -16,6 +16,7 @@ import at.tuwien.entities.identifier.*; import at.tuwien.entities.user.RoleType; import at.tuwien.entities.user.User; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.test.context.TestPropertySource; @@ -32,7 +33,7 @@ public abstract class BaseUnitTest { public final static String JWT_1 = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJtd2Vpc2UiLCJybmQiOjk2NjIyNzAwMCwiZXhwIjoxNjczODg2MDk5LCJpYXQiOjE2NzM3OTk2OTl9.y1jqokCfZE7c_Ztt_nLQlf73jCYXPH5TZpCvo3RwS0C5azyrqLh03bphl6R8A24g6Kv_3qjzvnubNIwmO7y7pA"; - public final static Long USER_1_ID = 1L; + public final static String USER_1_ID = "090dc12a-a46a-4515-b1f0-cff697d5f985"; public final static String USER_1_USERNAME = "junit"; public final static String USER_1_PASSWORD = "junit"; public final static String USER_1_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; @@ -89,7 +90,7 @@ public abstract class BaseUnitTest { public final static Principal USER_1_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_1_DETAILS, USER_1_PASSWORD, USER_1_DETAILS.getAuthorities()); - public final static Long USER_2_ID = 2L; + public final static String USER_2_ID = "0153f998-bd4c-4154-993e-75c355499044"; public final static String USER_2_USERNAME = "junit2"; public final static String USER_2_PASSWORD = "junit2"; public final static String USER_2_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; @@ -134,15 +135,18 @@ public abstract class BaseUnitTest { public final static Principal USER_2_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_2_DETAILS, USER_2_PASSWORD, USER_2_DETAILS.getAuthorities()); - public final static String USER_3_USERNAME = "junit3"; - public final static String USER_3_PASSWORD = "junit3"; - public final static String USER_3_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; - public final static String USER_3_EMAIL = "junit3@example.com"; - public final static Boolean USER_3_EMAIL_VERIFIED = true; + public final static String USER_3_ID = "fea123c7-1851-4e01-969a-53407fa6a451"; + public final static String USER_3_USERNAME = "steward"; + public final static String USER_3_EMAIL = "steward@gmail.com"; + public final static Boolean USER_3_EMAIL_VERIFIED = false; public final static Boolean USER_3_THEME_DARK = false; + public final static String USER_3_PASSWORD = "p455w0rdh45"; + public final static String USER_3_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; + public final static RoleType USER_3_ROLE_TYPE = RoleType.ROLE_DATA_STEWARD; public final static Instant USER_3_CREATED = Instant.now() .minus(1, ChronoUnit.DAYS); public final static Instant USER_3_LAST_MODIFIED = USER_3_CREATED; + public final static GrantedAuthority USER_3_AUTHORITY = new SimpleGrantedAuthority("ROLE_DATA_STEWARD"); public final static User USER_3 = User.builder() .username(USER_3_USERNAME) diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/auth/RealmAccessDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/auth/RealmAccessDto.java new file mode 100644 index 0000000000000000000000000000000000000000..268d959905e1043f7ac0048067f0e072cdf1e127 --- /dev/null +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/auth/RealmAccessDto.java @@ -0,0 +1,22 @@ +package at.tuwien.api.auth; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.*; + +import javax.validation.constraints.NotNull; + +@Getter +@Setter +@ToString +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class RealmAccessDto { + + @NotNull + @Schema(description = "list of roles associated to the user", example = "[\"create-container\",\"create-database\"]") + private String[] roles; + + + +} diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/auth/TokenIntrospectDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/auth/TokenIntrospectDto.java new file mode 100644 index 0000000000000000000000000000000000000000..93e38adb6f7c2c8b1eda6d018ddc35a97ce1aa82 --- /dev/null +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/auth/TokenIntrospectDto.java @@ -0,0 +1,81 @@ +package at.tuwien.api.auth; + +import com.fasterxml.jackson.annotation.JsonProperty; +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.*; + +import javax.validation.constraints.NotNull; + +@Getter +@Setter +@ToString +@Builder +@AllArgsConstructor +@NoArgsConstructor +public class TokenIntrospectDto { + + @NotNull + @Schema(description = "expiration timestamp", example = "1679602372") + private Long exp; + + @NotNull + @Schema(example = "1679602072") + private Long iat; + + @NotNull + @Schema(example = "6aa375aa-d5bb-4b1e-9f89-347084a739e3") + private String jti; + + @NotNull + @Schema(description = "issuer", example = "6aa375aa-d5bb-4b1e-9f89-347084a739e3") + private String iss; + + @NotNull + @Schema(description = "user id", example = "9670828b-8159-4642-be19-e77ca018e644") + private String sub; + + @NotNull + @Schema(description = "type", example = "Bearer") + private String typ; + + @NotNull + @Schema(example = "0170887f-4ffc-4bb7-9292-9334132cd430") + private String azp; + + @NotNull + @Schema(example = "0170887f-4ffc-4bb7-9292-9334132cd430") + @JsonProperty("session_state") + private String sessionState; + + @NotNull + @Schema(example = "1") + private Integer acr; + + @NotNull + @JsonProperty("allowed-origins") + @Schema(example = "[\"*\"]") + private String[] allowedOrigins; + + @NotNull + @JsonProperty("realm_access") + private RealmAccessDto realmAccess; + + @NotNull + @JsonProperty("client_id") + @Schema(example = "dbrepo-client") + private String clientId; + + @NotNull + @JsonProperty("preferred_username") + @Schema(example = "jdoe") + private String username; + + @NotNull + @Schema(example = "openid email profile") + private String scope; + + @NotNull + @Schema(example = "true") + private Boolean active; + +} diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewBriefDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewBriefDto.java index cffc32b11b09cfa3c3c5f5c34ae2619d34885df6..ab1c9766c2059249d38fb40ae9821cbdb49e4488 100644 --- a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewBriefDto.java +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewBriefDto.java @@ -52,7 +52,7 @@ public class ViewBriefDto { private Instant created; @JsonIgnore - private Long createdBy; + private String createdBy; @NotNull private UserDto creator; diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewDto.java index 63b377b6ee6cc51c3c516e99c40935aca5c9d64b..3a7e78863f92a198bc972aa448503661fa089e2a 100644 --- a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewDto.java +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/ViewDto.java @@ -57,7 +57,7 @@ public class ViewDto { private Instant created; @JsonIgnore - private Long createdBy; + private String createdBy; @NotNull private UserDto creator; diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryBriefDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryBriefDto.java index a5837412a7bb1c5d6d917d19ed96e4564108410d..895bf93ab0c50aae20e48c53e22866240d72980c 100644 --- a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryBriefDto.java +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryBriefDto.java @@ -35,7 +35,7 @@ public class QueryBriefDto { @JsonIgnore @NotNull(message = "created by is required") - private Long createdBy; + private String createdBy; @NotNull(message = "creator is required") private UserDto creator; diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryDto.java index 72aaa0c7425b64b2a228775b73285116e1244a0b..d35bb51d7c922ba9f737b3d8b1cb44b94fa3bddf 100644 --- a/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryDto.java +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/database/query/QueryDto.java @@ -37,7 +37,7 @@ public class QueryDto { @JsonIgnore @EqualsAndHashCode.Exclude @NotNull(message = "created by is required") - private Long createdBy; + private String createdBy; @NotNull(message = "creator is required") private UserDto creator; diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserBriefDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserBriefDto.java index d9fcb94624cdfd7e609760002b6d7ec144996b75..db7b84038c5018395849a532c8926a315aebd9d8 100644 --- a/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserBriefDto.java +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserBriefDto.java @@ -5,6 +5,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.media.Schema; import lombok.*; +import org.springframework.security.core.userdetails.UserDetails; import javax.validation.constraints.NotNull; import java.util.List; @@ -18,24 +19,33 @@ import java.util.List; public class UserBriefDto { @NotNull - private Long id; + @JsonProperty("sub") + private String id; + + @ToString.Exclude + @org.springframework.data.annotation.Transient + private List<GrantedAuthorityDto> authorities; @NotNull - @Schema(example = "user", description = "Only contains lowercase characters") + @JsonProperty("preferred_username") + @Schema(example = "jcarberry", description = "Only contains lowercase characters") private String username; - @JsonIgnore + @Schema(example = "Josiah Carberry") + private String name; + @JsonProperty("titles_before") @Schema(example = "Prof.") private String titlesBefore; - @JsonIgnore @JsonProperty("titles_after") private String titlesAfter; + @JsonProperty("given_name") @Schema(example = "Josiah") private String firstname; + @JsonProperty("family_name") @Schema(example = "Carberry") private String lastname; @@ -45,11 +55,6 @@ public class UserBriefDto { @Schema(example = "0000-0002-1825-0097") private String orcid; - @NotNull - @Schema(description = "Roles of the user", example = "[ROLE_RESEARCHER]") - @org.springframework.data.annotation.Transient - private List<String> roles; - @JsonIgnore @JsonProperty("theme_dark") @Schema(example = "true") diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDetailsDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDetailsDto.java index e99cff9a90d8eda5cf4d3f2ac901df49ca3de1dd..53e238e3c84c1030a99f7fff0ed544a9bcdd92ee 100644 --- a/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDetailsDto.java +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDetailsDto.java @@ -16,7 +16,7 @@ import java.util.List; @NoArgsConstructor public class UserDetailsDto implements UserDetails { - private Long id; + private String id; private List<? extends GrantedAuthority> authorities; diff --git a/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDto.java b/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDto.java index d159083a40538080460b3a2993b47a0e76760a17..4ea96b26876d00cc68a845ad78733e7301de5e94 100644 --- a/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDto.java +++ b/fda-metadata-db/api/src/main/java/at/tuwien/api/user/UserDto.java @@ -19,16 +19,21 @@ import java.util.List; public class UserDto { @NotNull - private Long id; + @JsonProperty("sub") + private String id; @ToString.Exclude @org.springframework.data.annotation.Transient private List<GrantedAuthorityDto> authorities; @NotNull + @JsonProperty("preferred_username") @Schema(example = "jcarberry", description = "Only contains lowercase characters") private String username; + @Schema(example = "Josiah Carberry") + private String name; + @JsonProperty("titles_before") @Schema(example = "Prof.") private String titlesBefore; @@ -36,9 +41,11 @@ public class UserDto { @JsonProperty("titles_after") private String titlesAfter; + @JsonProperty("given_name") @Schema(example = "Josiah") private String firstname; + @JsonProperty("family_name") @Schema(example = "Carberry") private String lastname; diff --git a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/database/DatabaseAccess.java b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/database/DatabaseAccess.java index 15c9998577747a5ed704b8ee53c7c206fedb69b8..d1d64f5678198b9cb4479ef3485d41046bcb42a8 100644 --- a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/database/DatabaseAccess.java +++ b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/database/DatabaseAccess.java @@ -22,7 +22,7 @@ public class DatabaseAccess { @Id @EqualsAndHashCode.Include @Column(name = "user_id", updatable = false) - private Long huserid; + private String huserid; @Id @EqualsAndHashCode.Include diff --git a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/TimeSecret.java b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/TimeSecret.java index 6cf18cf730876418c9c5fbfd36bcc2c1b8d799f3..c7c6dbaadd3c77672368459e58b5b1c15ac32a51 100644 --- a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/TimeSecret.java +++ b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/TimeSecret.java @@ -29,7 +29,7 @@ public class TimeSecret { private Long id; @Column(nullable = false) - private Long uid; + private String uid; @ToString.Exclude @Column(nullable = false, updatable = false) diff --git a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/Token.java b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/Token.java index 52b46b094419adaa8fe0b7dcb15deb8dc1a7a39a..461f3b466acdef5aa258b4b0b3667e068ba1ea20 100644 --- a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/Token.java +++ b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/Token.java @@ -33,7 +33,7 @@ public class Token { private Long id; @Column(nullable = false, updatable = false) - private Long creator; + private String creator; @Transient @ToString.Exclude diff --git a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/User.java b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/User.java index 65e451cc7af30bf6980c31b8fb5a758fad98b347..ac9437853f85b01c017be872c38cc1c2116c8f6e 100644 --- a/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/User.java +++ b/fda-metadata-db/entities/src/main/java/at/tuwien/entities/user/User.java @@ -23,7 +23,10 @@ import java.util.List; @Table(name = "mdb_users") @NamedNativeQueries({ @NamedNativeQuery(name = "User.findAll", - query = "SELECT * FROM `mdb_users` WHERE `username` = 'system'", + query = "SELECT e.* FROM `keycloak`.`REALM` r JOIN `keycloak`.`USER_ENTITY` e ON r.`ID` = e.`REALM_ID` WHERE r.`NAME` = 'dbrepo' AND e.`USERNAME` != 'system'", + resultClass = User.class), + @NamedNativeQuery(name = "User.findByUsername", + query = "SELECT e.* FROM `keycloak`.`REALM` r JOIN `keycloak`.`USER_ENTITY` e ON r.`ID` = e.`REALM_ID` WHERE r.`NAME` = 'dbrepo' AND e.`USERNAME` = ?", resultClass = User.class) }) public class User { @@ -33,8 +36,8 @@ public class User { @EqualsAndHashCode.Include @GeneratedValue(generator = "users-sequence") @GenericGenerator(name = "users-sequence", strategy = "increment") - @Column(name = "userid", updatable = false, nullable = false) - private Long id; + @Column(updatable = false, nullable = false) + private String id; @Column(unique = true, nullable = false) private String username; diff --git a/fda-metadata-db/setup-schema.sql b/fda-metadata-db/setup-schema.sql index 4e77b22b9976094a647a70bdbf8b3a1de5970baf..79772515aefffb370c2fd3d0ae028c8905842465 100644 --- a/fda-metadata-db/setup-schema.sql +++ b/fda-metadata-db/setup-schema.sql @@ -1,34 +1,31 @@ -CREATE DATABASE keycloak; +CREATE DATABASE IF NOT EXISTS keycloak; BEGIN; CREATE TABLE IF NOT EXISTS mdb_users ( - UserID bigint not null AUTO_INCREMENT, - external_id VARCHAR(255) UNIQUE, - OID bigint, - username VARCHAR(255) not null, + UserID character varying(255) not null default uuid(), + username VARCHAR(255) not null, First_name VARCHAR(50), Last_name VARCHAR(50), Gender ENUM ('M', 'F', 'D'), Preceding_titles VARCHAR(255), Postpositioned_title VARCHAR(255), orcid VARCHAR(16), - theme_dark BOOLEAN NOT NULL DEFAULT false, + theme_dark BOOLEAN NOT NULL DEFAULT false, affiliation VARCHAR(255), - Main_Email VARCHAR(255) not null, - main_email_verified bool not null default false, - password VARCHAR(255) not null, - database_password VARCHAR(255) not null, - created timestamp NOT NULL DEFAULT NOW(), + Main_Email VARCHAR(255) not null, + main_email_verified bool not null default false, + password VARCHAR(255) not null, + database_password VARCHAR(255) not null, + created timestamp NOT NULL DEFAULT NOW(), last_modified timestamp, PRIMARY KEY (UserID), UNIQUE (username), - UNIQUE (Main_Email), - UNIQUE (OID) + UNIQUE (Main_Email) ) WITH SYSTEM VERSIONING; -CREATE TABLE mdb_images +CREATE TABLE IF NOT EXISTS mdb_images ( id bigint NOT NULL AUTO_INCREMENT, repository character varying(255) NOT NULL, @@ -46,10 +43,10 @@ CREATE TABLE mdb_images UNIQUE (repository, tag) ) WITH SYSTEM VERSIONING; -CREATE TABLE mdb_time_secrets +CREATE TABLE IF NOT EXISTS mdb_time_secrets ( id bigint not null AUTO_INCREMENT, - uid bigint not null, + uid character varying(255) not null, token character varying(255) NOT NULL, processed boolean NOT NULL default false, created timestamp NOT NULL DEFAULT NOW(), @@ -58,19 +55,19 @@ CREATE TABLE mdb_time_secrets FOREIGN KEY (uid) REFERENCES mdb_users (UserID) ) WITH SYSTEM VERSIONING; -CREATE TABLE mdb_tokens +CREATE TABLE IF NOT EXISTS mdb_tokens ( - id bigint not null AUTO_INCREMENT, - token_hash varchar(255) NOT NULL, - creator bigint not null, - created timestamp NOT NULL DEFAULT NOW(), - expires timestamp NOT NULL, + id bigint not null AUTO_INCREMENT, + token_hash varchar(255) NOT NULL, + creator character varying(255) not null, + created timestamp NOT NULL DEFAULT NOW(), + expires timestamp NOT NULL, last_used timestamp, PRIMARY KEY (id), FOREIGN KEY (creator) REFERENCES mdb_users (UserID) ) WITH SYSTEM VERSIONING; -CREATE TABLE mdb_images_date +CREATE TABLE IF NOT EXISTS mdb_images_date ( id bigint NOT NULL AUTO_INCREMENT, iid bigint NOT NULL, @@ -94,8 +91,8 @@ CREATE TABLE IF NOT EXISTS mdb_containers image_id bigint NOT NULL, ip_address character varying(255), created timestamp NOT NULL DEFAULT NOW(), - created_by bigint NOT NULL, - owned_by bigint NOT NULL, + created_by character varying(255) NOT NULL, + owned_by character varying(255) NOT NULL, LAST_MODIFIED timestamp, PRIMARY KEY (id), FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), @@ -103,7 +100,7 @@ CREATE TABLE IF NOT EXISTS mdb_containers FOREIGN KEY (image_id) REFERENCES mdb_images (id) ) WITH SYSTEM VERSIONING; -CREATE TABLE mdb_images_environment_item +CREATE TABLE IF NOT EXISTS mdb_images_environment_item ( id bigint NOT NULL AUTO_INCREMENT, `key` character varying(255) NOT NULL, @@ -129,10 +126,10 @@ CREATE TABLE IF NOT EXISTS mdb_data CREATE TABLE IF NOT EXISTS mdb_user_roles ( - id bigint NOT NULL AUTO_INCREMENT, - uid bigint not null, - role varchar(255) not null, - created timestamp NOT NULL DEFAULT NOW(), + id bigint NOT NULL AUTO_INCREMENT, + uid character varying(255) not null, + role varchar(255) not null, + created timestamp NOT NULL DEFAULT NOW(), last_modified timestamp, PRIMARY KEY (id), FOREIGN KEY (uid) REFERENCES mdb_users (UserID), @@ -156,9 +153,9 @@ CREATE TABLE IF NOT EXISTS mdb_databases description TEXT, engine character varying(20), is_public BOOLEAN NOT NULL DEFAULT TRUE, - created_by bigint NOT NULL, - owned_by bigint NOT NULL, - contact_person bigint, + created_by character varying(255) NOT NULL, + owned_by character varying(255) NOT NULL, + contact_person character varying(255), created timestamp NOT NULL DEFAULT NOW(), last_modified timestamp, PRIMARY KEY (id), @@ -194,7 +191,7 @@ CREATE TABLE IF NOT EXISTS mdb_tables element_false VARCHAR(50), Version TEXT, created timestamp NOT NULL DEFAULT NOW(), - created_by bigint NOT NULL, + created_by character varying(255) NOT NULL, last_modified timestamp, PRIMARY KEY (ID, tDBID), FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), @@ -203,21 +200,21 @@ CREATE TABLE IF NOT EXISTS mdb_tables CREATE TABLE IF NOT EXISTS mdb_columns ( - ID bigint NOT NULL AUTO_INCREMENT, - cDBID bigint NOT NULL, - tID bigint NOT NULL, + ID bigint NOT NULL AUTO_INCREMENT, + cDBID bigint NOT NULL, + tID bigint NOT NULL, dfID bigint, cName VARCHAR(100), - internal_name VARCHAR(100) NOT NULL, + internal_name VARCHAR(100) NOT NULL, Datatype VARCHAR(50), - length INT NULL, - ordinal_position INTEGER NOT NULL, - is_primary_key BOOLEAN NOT NULL, - index_length INT NULL, - auto_generated BOOLEAN DEFAULT false, - is_null_allowed BOOLEAN NOT NULL, - created_by bigint NOT NULL, - created timestamp NOT NULL DEFAULT NOW(), + length INT NULL, + ordinal_position INTEGER NOT NULL, + is_primary_key BOOLEAN NOT NULL, + index_length INT NULL, + auto_generated BOOLEAN DEFAULT false, + is_null_allowed BOOLEAN NOT NULL, + created_by character varying(255) NOT NULL, + created timestamp NOT NULL DEFAULT NOW(), last_modified timestamp, FOREIGN KEY (cDBID, tID) REFERENCES mdb_tables (tDBID, ID), FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), @@ -282,14 +279,14 @@ CREATE TABLE IF NOT EXISTS mdb_columns_cat CREATE TABLE IF NOT EXISTS mdb_constraints_foreign_key ( - fkid BIGINT NOT NULL AUTO_INCREMENT, - tid BIGINT NOT NULL, - tdbid BIGINT NOT NULL, - rtid BIGINT NOT NULL, - rtdbid BIGINT NOT NULL, - on_update INT NULL, - on_delete INT NULL, - position INT NULL, + fkid BIGINT NOT NULL AUTO_INCREMENT, + tid BIGINT NOT NULL, + tdbid BIGINT NOT NULL, + rtid BIGINT NOT NULL, + rtdbid BIGINT NOT NULL, + on_update INT NULL, + on_delete INT NULL, + position INT NULL, PRIMARY KEY (fkid), FOREIGN KEY (tid, tdbid) REFERENCES mdb_tables (id, tdbid), FOREIGN KEY (rtid, rtdbid) REFERENCES mdb_tables (id, tdbid) @@ -297,14 +294,14 @@ CREATE TABLE IF NOT EXISTS mdb_constraints_foreign_key CREATE TABLE IF NOT EXISTS mdb_constraints_foreign_key_reference ( - id BIGINT NOT NULL AUTO_INCREMENT, - fkid BIGINT NOT NULL, - cid BIGINT NOT NULL, - ctid BIGINT NOT NULL, - ctdbid BIGINT NOT NULL, - rcid BIGINT NOT NULL, - rctid BIGINT NOT NULL, - rctdbid BIGINT NOT NULL, + id BIGINT NOT NULL AUTO_INCREMENT, + fkid BIGINT NOT NULL, + cid BIGINT NOT NULL, + ctid BIGINT NOT NULL, + ctdbid BIGINT NOT NULL, + rcid BIGINT NOT NULL, + rctid BIGINT NOT NULL, + rctdbid BIGINT NOT NULL, PRIMARY KEY (id), FOREIGN KEY (fkid) REFERENCES mdb_constraints_foreign_key (fkid) ON UPDATE CASCADE, FOREIGN KEY (cid, ctdbid, ctid) REFERENCES mdb_columns (id, cdbid, tid), @@ -323,11 +320,11 @@ CREATE TABLE IF NOT EXISTS mdb_constraints_unique CREATE TABLE IF NOT EXISTS mdb_constraints_unique_columns ( - id BIGINT NOT NULL AUTO_INCREMENT, - uid BIGINT NOT NULL, - cid BIGINT NOT NULL, - ctid BIGINT NOT NULL, - ctdbid BIGINT NOT NULL, + id BIGINT NOT NULL AUTO_INCREMENT, + uid BIGINT NOT NULL, + cid BIGINT NOT NULL, + ctid BIGINT NOT NULL, + ctdbid BIGINT NOT NULL, PRIMARY KEY (id), FOREIGN KEY (uid) REFERENCES mdb_constraints_unique (uid), FOREIGN KEY (cid, ctdbid, ctid) REFERENCES mdb_columns (id, cdbid, tid) @@ -335,10 +332,10 @@ CREATE TABLE IF NOT EXISTS mdb_constraints_unique_columns CREATE TABLE IF NOT EXISTS mdb_constraints_checks ( - id BIGINT NOT NULL AUTO_INCREMENT, - tid BIGINT NOT NULL, - tdbid BIGINT NOT NULL, - checks VARCHAR(255) NOT NULL, + id BIGINT NOT NULL AUTO_INCREMENT, + tid BIGINT NOT NULL, + tdbid BIGINT NOT NULL, + checks VARCHAR(255) NOT NULL, PRIMARY KEY (id), FOREIGN KEY (tid, tdbid) REFERENCES mdb_tables (id, tdbid) ) WITH SYSTEM VERSIONING; @@ -348,7 +345,7 @@ CREATE TABLE IF NOT EXISTS mdb_concepts uri text not null, name VARCHAR(255), created timestamp NOT NULL DEFAULT NOW(), - created_by bigint, + created_by character varying(255), FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), PRIMARY KEY (uri(200)) ) WITH SYSTEM VERSIONING; @@ -358,7 +355,7 @@ CREATE TABLE IF NOT EXISTS mdb_units uri text not null, name VARCHAR(255), created timestamp NOT NULL DEFAULT NOW(), - created_by bigint, + created_by character varying(255), FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), PRIMARY KEY (uri(200)) ) WITH SYSTEM VERSIONING; @@ -389,34 +386,34 @@ CREATE TABLE IF NOT EXISTS mdb_columns_units CREATE TABLE IF NOT EXISTS mdb_view ( - id bigint NOT NULL AUTO_INCREMENT, - vcid bigint NOT NULL, - vdbid bigint NOT NULL, - vName VARCHAR(255) NOT NULL, - internal_name VARCHAR(255) NOT NULL, - Query TEXT NOT NULL, - Public BOOLEAN NOT NULL, + id bigint NOT NULL AUTO_INCREMENT, + vcid bigint NOT NULL, + vdbid bigint NOT NULL, + vName VARCHAR(255) NOT NULL, + internal_name VARCHAR(255) NOT NULL, + Query TEXT NOT NULL, + Public BOOLEAN NOT NULL, NumCols INTEGER, NumRows INTEGER, - InitialView BOOLEAN NOT NULL, - created timestamp NOT NULL DEFAULT NOW(), + InitialView BOOLEAN NOT NULL, + created timestamp NOT NULL DEFAULT NOW(), last_modified timestamp, - created_by bigint NOT NULL, + created_by character varying(255) NOT NULL, FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), FOREIGN KEY (vdbid) REFERENCES mdb_databases (id), PRIMARY KEY (id, vcid, vdbid) ) WITH SYSTEM VERSIONING; -CREATE TABLE mdb_view_columns +CREATE TABLE IF NOT EXISTS mdb_view_columns ( - id BIGINT NOT NULL AUTO_INCREMENT, - cid BIGINT NOT NULL, - ctid BIGINT NOT NULL, - cdbid BIGINT NOT NULL, - vid BIGINT NOT NULL, - vcid BIGINT NOT NULL, - vdbid BIGINT NOT NULL, - position INTEGER NULL, + id BIGINT NOT NULL AUTO_INCREMENT, + cid BIGINT NOT NULL, + ctid BIGINT NOT NULL, + cdbid BIGINT NOT NULL, + vid BIGINT NOT NULL, + vcid BIGINT NOT NULL, + vdbid BIGINT NOT NULL, + position INTEGER NULL, PRIMARY KEY (id), FOREIGN KEY (vid, vcid, vdbid) REFERENCES mdb_view (id, vcid, vdbid), FOREIGN KEY (cid, cdbid, ctid) REFERENCES mdb_columns (ID, cDBID, tID) @@ -446,7 +443,7 @@ CREATE TABLE IF NOT EXISTS mdb_identifiers result_number bigint, doi VARCHAR(255), created timestamp NOT NULL DEFAULT NOW(), - created_by bigint NOT NULL, + created_by character varying(255) NOT NULL, last_modified timestamp, PRIMARY KEY (id), /* must be a single id from persistent identifier concept */ FOREIGN KEY (cid) REFERENCES mdb_containers (id), @@ -457,13 +454,13 @@ CREATE TABLE IF NOT EXISTS mdb_identifiers CREATE TABLE IF NOT EXISTS mdb_related_identifiers ( - id bigint NOT NULL AUTO_INCREMENT, - iid bigint NOT NULL, - value varchar(255) NOT NULL, + id bigint NOT NULL AUTO_INCREMENT, + iid bigint NOT NULL, + value varchar(255) NOT NULL, type varchar(255), relation varchar(255), - created timestamp NOT NULL DEFAULT NOW(), - created_by bigint NOT NULL, + created timestamp NOT NULL DEFAULT NOW(), + created_by character varying(255) NOT NULL, last_modified timestamp, PRIMARY KEY (id, iid), /* must be a single id from persistent identifier concept */ FOREIGN KEY (iid) REFERENCES mdb_identifiers (id), @@ -472,17 +469,17 @@ CREATE TABLE IF NOT EXISTS mdb_related_identifiers CREATE TABLE IF NOT EXISTS mdb_creators ( - id bigint NOT NULL AUTO_INCREMENT, - pid bigint NOT NULL, - firstname VARCHAR(255) NOT NULL, - lastname VARCHAR(255) NOT NULL, + id bigint NOT NULL AUTO_INCREMENT, + pid bigint NOT NULL, + firstname VARCHAR(255) NOT NULL, + lastname VARCHAR(255) NOT NULL, affiliation VARCHAR(255), orcid VARCHAR(255), - created timestamp NOT NULL DEFAULT NOW(), - created_by bigint NOT NULL, - last_modified timestamp NOT NULL, - FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), + created timestamp NOT NULL DEFAULT NOW(), + created_by character varying(255) NOT NULL, + last_modified timestamp NOT NULL, PRIMARY KEY (id, pid), + FOREIGN KEY (created_by) REFERENCES mdb_users (UserID), FOREIGN KEY (pid) REFERENCES mdb_identifiers (id) ) WITH SYSTEM VERSIONING; @@ -490,24 +487,27 @@ CREATE TABLE IF NOT EXISTS mdb_feed ( fDBID bigint, fID bigint, - fUserId bigint REFERENCES mdb_users (UserID), + fUserId character varying(255) not null, fDataID bigint REFERENCES mdb_data (ID), - created timestamp NOT NULL DEFAULT NOW(), + created timestamp NOT NULL DEFAULT NOW(), + PRIMARY KEY (fDBID, fID, fUserId, fDataID), FOREIGN KEY (fDBID, fID) REFERENCES mdb_tables (tDBID, ID), - PRIMARY KEY (fDBID, fID, fUserId, fDataID) + FOREIGN KEY (fUserId) REFERENCES mdb_users (UserID) ) WITH SYSTEM VERSIONING; CREATE TABLE IF NOT EXISTS mdb_update ( - uUserID bigint REFERENCES mdb_users (UserID), - uDBID bigint REFERENCES mdb_databases (id), - created timestamp NOT NULL DEFAULT NOW(), - PRIMARY KEY (uUserID, uDBID) + uUserID character varying(255) NOT NULL, + uDBID bigint NOT NULL, + created timestamp NOT NULL DEFAULT NOW(), + PRIMARY KEY (uUserID, uDBID), + FOREIGN KEY (uUserID) REFERENCES mdb_users (UserID), + FOREIGN KEY (uDBID) REFERENCES mdb_databases (id) ) WITH SYSTEM VERSIONING; CREATE TABLE IF NOT EXISTS mdb_access ( - aUserID bigint REFERENCES mdb_users (UserID), + aUserID character varying(255) REFERENCES mdb_users (UserID), aDBID bigint REFERENCES mdb_databases (id), attime TIMESTAMP, download BOOLEAN, @@ -517,7 +517,7 @@ CREATE TABLE IF NOT EXISTS mdb_access CREATE TABLE IF NOT EXISTS mdb_have_access ( - user_id bigint REFERENCES mdb_users (UserID), + user_id character varying(255) REFERENCES mdb_users (UserID), database_id bigint REFERENCES mdb_databases (id), access_type ENUM ('READ', 'WRITE_OWN', 'WRITE_ALL') NOT NULL, created timestamp NOT NULL DEFAULT NOW(), diff --git a/fda-query-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java b/fda-query-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java index 05746427c70f6e306974911ae7778d970da6019e..637d3763364e391b0a028b4e7e4d70d802ee6b44 100644 --- a/fda-query-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java +++ b/fda-query-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java @@ -66,7 +66,7 @@ public abstract class BaseUnitTest { public final static String JWT_1 = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJtd2Vpc2UiLCJybmQiOjk2NjIyNzAwMCwiZXhwIjoxNjczODg2MDk5LCJpYXQiOjE2NzM3OTk2OTl9.y1jqokCfZE7c_Ztt_nLQlf73jCYXPH5TZpCvo3RwS0C5azyrqLh03bphl6R8A24g6Kv_3qjzvnubNIwmO7y7pA"; - public final static Long USER_1_ID = 1L; + public final static String USER_1_ID = "090dc12a-a46a-4515-b1f0-cff697d5f985"; public final static String USER_1_USERNAME = "guest"; public final static String USER_1_EMAIL = "junit@example.com"; public final static String USER_1_PASSWORD = "password"; @@ -105,7 +105,7 @@ public abstract class BaseUnitTest { public final static Principal USER_1_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_1_DETAILS, USER_1_PASSWORD, USER_1_DETAILS.getAuthorities()); - public final static Long USER_2_ID = 2L; + public final static String USER_2_ID = "0153f998-bd4c-4154-993e-75c355499044"; public final static String USER_2_USERNAME = "junit2"; public final static String USER_2_EMAIL = "junit2@example.com"; public final static String USER_2_PASSWORD = "password"; @@ -135,7 +135,7 @@ public abstract class BaseUnitTest { public final static Principal USER_2_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_2_DETAILS, USER_2_PASSWORD, USER_2_DETAILS.getAuthorities()); - public final static Long USER_3_ID = 3L; + public final static String USER_3_ID = "fea123c7-1851-4e01-969a-53407fa6a451"; public final static String USER_3_USERNAME = "system"; public final static String USER_3_EMAIL = "system@example.com"; public final static String USER_3_PASSWORD = "password"; @@ -165,6 +165,41 @@ public abstract class BaseUnitTest { public final static Principal USER_3_PRINCIPAL = new UsernamePasswordAuthenticationToken(USER_3_DETAILS, USER_3_PASSWORD, USER_3_DETAILS.getAuthorities()); + public final static String USER_4_ID = "824d2c13-78d9-43c5-a4af-288120e2b44b"; + public final static String USER_4_USERNAME = "nobody"; + public final static String USER_4_EMAIL = "nobody@gmail.com"; + public final static Boolean USER_4_EMAIL_VERIFIED = false; + public final static Boolean USER_4_THEME_DARK = false; + public final static String USER_4_PASSWORD = "p455w0rdh45"; + public final static String USER_4_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; + + public final static User USER_4 = User.builder() + .id(USER_4_ID) + .username(USER_4_USERNAME) + .email(USER_4_EMAIL) + .emailVerified(USER_4_EMAIL_VERIFIED) + .themeDark(USER_4_THEME_DARK) + .password(USER_4_PASSWORD) + .databasePassword(USER_4_DATABASE_PASSWORD) + .roles(List.of()) + .build(); + + public final static String USER_5_ID = "d2f3a8f4-c7fe-49e8-9d14-6dad0f6b9406"; + public final static String USER_5_USERNAME = "mweise"; + public final static String USER_5_EMAIL = "mweise@gmail.com"; + public final static Boolean USER_5_EMAIL_VERIFIED = false; + public final static Boolean USER_5_THEME_DARK = false; + public final static String USER_5_PASSWORD = "p455w0rdh45"; + public final static String USER_5_DATABASE_PASSWORD = "*A8C67ABBEAE837AABCF49680A157D85D44A117E9"; + + public final static UserDetailsDto USER_5_DETAILS_DTO = UserDetailsDto.builder() + .id(USER_5_ID) + .username(USER_5_USERNAME) + .email(USER_5_EMAIL) + .password(USER_5_PASSWORD) + .authorities(List.of()) + .build(); + public final static Long IMAGE_1_ID = 1L; public final static String IMAGE_1_REPOSITORY = "mariadb"; public final static String IMAGE_1_TAG = "10.5"; diff --git a/fda-query-service/rest-service/src/test/java/at/tuwien/endpoint/StoreEndpointUnitTest.java b/fda-query-service/rest-service/src/test/java/at/tuwien/endpoint/StoreEndpointUnitTest.java index 42782640bde805393dcf28bc3e735c5e9ecd1461..ed344f89d4b6aa8b6e50fc988d3fd704c3f77118 100644 --- a/fda-query-service/rest-service/src/test/java/at/tuwien/endpoint/StoreEndpointUnitTest.java +++ b/fda-query-service/rest-service/src/test/java/at/tuwien/endpoint/StoreEndpointUnitTest.java @@ -330,7 +330,7 @@ public class StoreEndpointUnitTest extends BaseUnitTest { } protected QueryDto find_generic(Long containerId, Long databaseId, Database database, Long queryId, Query query, - Long userId, User user, Principal principal) throws QueryStoreException, + String userId, User user, Principal principal) throws QueryStoreException, QueryNotFoundException, DatabaseNotFoundException, ImageNotSupportedException, UserNotFoundException, NotAllowedException, DatabaseConnectionException { diff --git a/fda-query-service/services/src/main/java/at/tuwien/repository/jpa/UserRepository.java b/fda-query-service/services/src/main/java/at/tuwien/repository/jpa/UserRepository.java index 3772a12f59a6e9a9225612d34a0bf7b4a50fcd4e..e77de8f6a8160d1f2e04a0ce7575b1ee3d833a0a 100644 --- a/fda-query-service/services/src/main/java/at/tuwien/repository/jpa/UserRepository.java +++ b/fda-query-service/services/src/main/java/at/tuwien/repository/jpa/UserRepository.java @@ -7,7 +7,7 @@ import org.springframework.stereotype.Repository; import java.util.Optional; @Repository -public interface UserRepository extends JpaRepository<User, Long> { +public interface UserRepository extends JpaRepository<User, String> { Optional<User> findByUsername(String username); diff --git a/fda-query-service/services/src/main/java/at/tuwien/service/UserService.java b/fda-query-service/services/src/main/java/at/tuwien/service/UserService.java index 1ad5b35be5d315434c75556c16fc4bb47b661833..830efcaf6b54b8420149aa4fa5aeb0db758de4e0 100644 --- a/fda-query-service/services/src/main/java/at/tuwien/service/UserService.java +++ b/fda-query-service/services/src/main/java/at/tuwien/service/UserService.java @@ -42,5 +42,5 @@ public interface UserService { * @return The user. * @throws UserNotFoundException The user was not found in the metadata database. */ - User find(Long id) throws UserNotFoundException; + User find(String id) throws UserNotFoundException; } diff --git a/fda-query-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java b/fda-query-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java index 71f6c45ec4277c47a6f664c875fe64883f50dd61..89a95b367828f166b0d9c0bde5fa224314a091db 100644 --- a/fda-query-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java +++ b/fda-query-service/services/src/main/java/at/tuwien/service/impl/UserServiceImpl.java @@ -73,7 +73,7 @@ public class UserServiceImpl implements UserService { } @Override - public User find(Long id) throws UserNotFoundException { + public User find(String id) throws UserNotFoundException { final Optional<User> optional = userRepository.findById(id); if (optional.isEmpty()) { log.error("Failed to retrieve user with id {}", id); diff --git a/fda-table-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java b/fda-table-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java index 08631811019b691a48e725754a824f989c060f05..f4522249263b31d32cd3b0cc8dd5a054fe3e8196 100644 --- a/fda-table-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java +++ b/fda-table-service/rest-service/src/test/java/at/tuwien/BaseUnitTest.java @@ -29,7 +29,7 @@ import static java.time.temporal.ChronoUnit.*; @TestPropertySource(locations = "classpath:application.properties") public abstract class BaseUnitTest { - public final static Long USER_1_ID = 1L; + public final static String USER_1_ID = "090dc12a-a46a-4515-b1f0-cff697d5f985"; public final static String USER_1_USERNAME = "junit"; public final static String USER_1_EMAIL = "junit@example.com"; public final static String USER_1_PASSWORD = "password"; @@ -56,7 +56,7 @@ public abstract class BaseUnitTest { .password("password") .build(); - public final static Long USER_2_ID = 2L; + public final static String USER_2_ID = "0153f998-bd4c-4154-993e-75c355499044"; public final static String USER_2_USERNAME = "junit2"; public final static String USER_2_EMAIL = "junit2@example.com"; public final static String USER_2_PASSWORD = "password";