MODEXPS-167 - Implement refresh token rotation (#275)

folio-org · Nov 2, 2023 · ed312ab · ed312ab
1 parent 7d16999
commit ed312ab
Show file tree

Hide file tree

Showing 27 changed files with 255 additions and 699 deletions.
diff --git a/descriptors/ModuleDescriptor-template.json b/descriptors/ModuleDescriptor-template.json
@@ -68,7 +68,32 @@
           "permissionsRequired": [
             "data-export.job.item.post"
           ],
-          "modulePermissions": []
+          "modulePermissions": [
+            "accounts.transfer.post",
+            "accounts.collection.get",
+            "circulation-logs.collection.get",
+            "configuration.entries.collection.get",
+            "configuration.entries.item.get",
+            "configuration.entries.item.post",
+            "configuration.entries.item.put",
+            "configuration.entries.item.delete",
+            "data-export.job.collection.get",
+            "data-export.config.collection.get",
+            "feefineactions.collection.get",
+            "finance.expense-classes.item.get",
+            "inventory-storage.holdings.item.get",
+            "inventory-storage.identifier-types.item.get",
+            "inventory-storage.locations.item.get",
+            "inventory-storage.material-types.item.get",
+            "inventory-storage.service-points.collection.get",
+            "organizations-storage.organizations.item.get",
+            "orders-storage.po-lines.collection.get",
+            "orders-storage.purchase-orders.collection.get",
+            "transfers.collection.get",
+            "users.collection.get",
+            "users.item.post",
+            "users.item.put"
+          ]
         },
         {
           "methods": [
@@ -151,6 +176,41 @@
           "modulePermissions": [
             "configuration.entries.item.delete"
           ]
+        },
+        {
+          "methods": [
+            "POST"
+          ],
+          "pathPattern": "/data-export-spring/jobs/send",
+          "permissionsRequired": [
+            "data-export.job.item.send"
+          ],
+          "modulePermissions": [
+            "accounts.transfer.post",
+            "accounts.collection.get",
+            "circulation-logs.collection.get",
+            "configuration.entries.collection.get",
+            "configuration.entries.item.get",
+            "configuration.entries.item.post",
+            "configuration.entries.item.put",
+            "configuration.entries.item.delete",
+            "data-export.job.collection.get",
+            "data-export.config.collection.get",
+            "feefineactions.collection.get",
+            "finance.expense-classes.item.get",
+            "inventory-storage.holdings.item.get",
+            "inventory-storage.identifier-types.item.get",
+            "inventory-storage.locations.item.get",
+            "inventory-storage.material-types.item.get",
+            "inventory-storage.service-points.collection.get",
+            "organizations-storage.organizations.item.get",
+            "orders-storage.po-lines.collection.get",
+            "orders-storage.purchase-orders.collection.get",
+            "transfers.collection.get",
+            "users.collection.get",
+            "users.item.post",
+            "users.item.put"
+          ]
         }
       ]
     },
@@ -250,6 +310,11 @@
       "displayName": "get data export jobs",
       "description": "Get data export jobs"
     },
+    {
+      "permissionName": "data-export.job.item.send",
+      "displayName": "send job to kafka",
+      "description": "Send job to Kafka"
+    },
     {
       "permissionName": "data-export.config.all",
       "displayName": "data export configurations - all permissions",
@@ -271,7 +336,8 @@
         "data-export.job.item.get",
         "data-export.job.collection.get",
         "data-export.job.item.download",
-        "data-export.job.item.resend"
+        "data-export.job.item.resend",
+        "data-export.job.item.send"
       ]
     },
     {

diff --git a/pom.xml b/pom.xml
@@ -89,6 +89,11 @@
       <artifactId>folio-spring-cql</artifactId>
       <version>${folio-spring-base.version}</version>
     </dependency>
+    <dependency>
+      <groupId>org.folio</groupId>
+      <artifactId>folio-spring-system-user</artifactId>
+      <version>${folio-spring-base.version}</version>
+    </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-properties-migrator</artifactId>

diff --git a/src/main/java/org/folio/des/client/AuthClient.java b/src/main/java/org/folio/des/client/AuthClient.java
diff --git a/src/main/java/org/folio/des/client/DataExportSpringClient.java b/src/main/java/org/folio/des/client/DataExportSpringClient.java
@@ -0,0 +1,16 @@
+package org.folio.des.client;
+
+import org.folio.des.config.feign.FeignClientConfiguration;
+import org.folio.des.domain.dto.Job;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+@FeignClient(name = "data-export-spring", configuration = FeignClientConfiguration.class)
+public interface DataExportSpringClient {
+  @PostMapping(value = "/jobs")
+  Job upsertJob(@RequestBody Job job);
+
+  @PostMapping(value = "/jobs/send")
+  void sendJob(@RequestBody Job job);
+}
diff --git a/src/main/java/org/folio/des/client/PermissionsClient.java b/src/main/java/org/folio/des/client/PermissionsClient.java
diff --git a/src/main/java/org/folio/des/client/UsersClient.java b/src/main/java/org/folio/des/client/UsersClient.java
diff --git a/src/main/java/org/folio/des/config/FolioExecutionContextHelper.java b/src/main/java/org/folio/des/config/FolioExecutionContextHelper.java
diff --git a/src/main/java/org/folio/des/controller/JobsController.java b/src/main/java/org/folio/des/controller/JobsController.java
@@ -10,10 +10,12 @@
 import java.util.UUID;
 
 import lombok.extern.log4j.Log4j2;
+import org.folio.des.builder.job.JobCommandSchedulerBuilder;
 import org.folio.des.domain.dto.ExportTypeSpecificParameters;
 import org.folio.des.domain.dto.Job;
 import org.folio.des.domain.dto.JobCollection;
 import org.folio.des.rest.resource.JobsApi;
+import org.folio.des.service.JobExecutionService;
 import org.folio.des.service.JobService;
 import org.springframework.core.io.InputStreamResource;
 import org.springframework.core.io.Resource;
@@ -32,6 +34,8 @@
 public class JobsController implements JobsApi {
 
   private final JobService service;
+  private final JobCommandSchedulerBuilder jobCommandSchedulerBuilder;
+  private final JobExecutionService jobExecutionService;
 
   @Override
   public ResponseEntity<Job> getJobById(UUID id) {
@@ -69,6 +73,13 @@ public ResponseEntity<Resource> downloadExportedFileByJobId(UUID id) {
     return ResponseEntity.ok(new InputStreamResource(service.downloadExportedFile(id)));
   }
 
+  @Override
+  public ResponseEntity<Void> sendJob(Job job) {
+    log.info("sendJob:: with job={}.", job);
+    jobExecutionService.sendJobCommand(jobCommandSchedulerBuilder.buildJobCommand(job));
+    return new ResponseEntity<>(HttpStatus.OK);
+  }
+
   private boolean isMissingRequiredParameters(Job job) {
     var exportTypeParameters = job.getExportTypeSpecificParameters();
     return (BULK_EDIT_QUERY == job.getType() && (isNull(job.getEntityType()) || isBlank(exportTypeParameters.getQuery()))) ||

diff --git a/src/main/java/org/folio/des/scheduling/quartz/job/OldDeleteJob.java b/src/main/java/org/folio/des/scheduling/quartz/job/OldDeleteJob.java
@@ -2,9 +2,11 @@
 
 import static org.folio.des.scheduling.quartz.QuartzConstants.TENANT_ID_PARAM;
 
-import org.folio.des.config.FolioExecutionContextHelper;
 import org.folio.des.service.JobService;
+import org.folio.spring.FolioExecutionContext;
+import org.folio.spring.context.ExecutionContextBuilder;
 import org.folio.spring.scope.FolioExecutionContextSetter;
+import org.folio.spring.service.SystemUserService;
 import org.quartz.JobExecutionContext;
 import org.quartz.JobExecutionException;
 
@@ -16,13 +18,14 @@
 public class OldDeleteJob implements org.quartz.Job {
 
   private final JobService jobService;
-  private final FolioExecutionContextHelper contextHelper;
+  private final ExecutionContextBuilder contextBuilder;
+  private final SystemUserService systemUserService;
   private static final String PARAM_NOT_FOUND_MESSAGE = "'%s' param is missing in the jobExecutionContext";
 
   @Override
   public void execute(JobExecutionContext jobExecutionContext) throws JobExecutionException {
     String tenantId = getTenantId(jobExecutionContext);
-    try (var context = new FolioExecutionContextSetter(contextHelper.getFolioExecutionContext(tenantId))) {
+    try (var context = new FolioExecutionContextSetter(folioExecutionContext(tenantId))) {
       jobService.deleteOldJobs();
     }
     log.info("execute:: deleteOldJobs executed");
@@ -35,4 +38,8 @@ private String getTenantId(JobExecutionContext jobExecutionContext) {
     }
     return tenantId;
   }
+
+  private FolioExecutionContext folioExecutionContext(String tenantId) {
+    return contextBuilder.forSystemUser(systemUserService.getAuthedSystemUser(tenantId));
+  }
 }