UMA working for syncStations

noi-techpark · Mar 14, 2024 · c5f2b0c · c5f2b0c
1 parent ed1ff83
commit c5f2b0c
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 17 deletions.
diff --git a/calls.http b/calls.http
@@ -210,17 +210,19 @@ Authorization: Bearer {{authtoken}}
 ]
 
 ### Sync stations
-POST {{host}}/json/syncStations/TestStations
+POST {{host}}/json/syncStations/testtype
 ?prn=test
 &prv=11111
+&syncState=false
+&onlyActivation=false
 Content-Type: application/json
 Authorization: Bearer {{authtoken}}
 
 [
     {
       "id": "example-station-id-1",
       "name": "example-station-name-1",
-      "origin": "docs-example",
+      "origin": "testorigin",
       "latitude": 46.333,
       "longitude": 11.356,
       "municipality": "Bolzano", 
@@ -231,7 +233,7 @@ Authorization: Bearer {{authtoken}}
     {
       "id": "example-station-id-2",
       "name": "example-station-name-2",
-      "origin": "docs-example",
+      "origin": "testorigin",
       "latitude": 46.333,
       "longitude": 11.356,
       "municipality": "Bolzano", 

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -31,8 +31,7 @@ services:
       - "${SERVER_PORT}:${SERVER_PORT}"
       - 8990:8990
     volumes:
-      # comment this line, if you don't want to write to your local maven repos
-      - ~/.m2/:/var/maven/.m2
+      - maven-cache:/var/maven/.m2
       - ./:/code
     working_dir: /code
     tty: true
@@ -80,3 +79,6 @@ services:
       DB_PASSWORD: password
     ports:
       - "8991:8991"
+
+volumes:
+  maven-cache:
diff --git a/...rc/main/java/com/opendatahub/timeseries/bdp/writer/writer/authz/AuthorizeSyncStation.java b/...rc/main/java/com/opendatahub/timeseries/bdp/writer/writer/authz/AuthorizeSyncStation.java
@@ -5,12 +5,15 @@
 package com.opendatahub.timeseries.bdp.writer.writer.authz;
 
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import java.util.function.BooleanSupplier;
 import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
 
 import com.opendatahub.timeseries.bdp.dto.dto.StationDto;
@@ -42,21 +45,11 @@ public static void authorize(HttpServletRequest req, String stationType, List<St
         var authorizedResources = authz.getAuthorizedResources("station", "write");
 
         log.debug("Got authorized resources from server: {}", authorizedResources);
+
 
         boolean authorized = authorizedResources.stream()
                 .flatMap(r -> r.getUris().stream())
-                .map(s -> UriComponentsBuilder.fromUriString(s).build())
-                // it's just a bunch of lambdas that produce booleans, and all have to be true
-                .filter(u -> Arrays.stream(new BooleanSupplier[] {
-                        () -> "bdp".equals(u.getScheme()),
-                        () -> "station".equals(u.getSchemeSpecificPart()),
-                        () -> u.getQueryParams().get("stationType").stream().anyMatch(s -> s.equals(stationType)),
-                        () -> u.getQueryParams().get("origin").stream().anyMatch(s -> s.equals(origin)),
-                        () -> u.getQueryParams().get("syncState").stream().map(Boolean::getBoolean)
-                                .anyMatch(b -> b == syncState),
-                        () -> u.getQueryParams().get("onlyActivation").stream().map(Boolean::getBoolean)
-                                .anyMatch(b -> b == onlyActivation)
-                }).allMatch(BooleanSupplier::getAsBoolean))
+                .filter(u -> uriMatches(u, stationType, origin, syncState, onlyActivation))
                 .findAny().isPresent();
 
         log.debug("Authorization on resource granted: {}", authorized);
@@ -65,4 +58,29 @@ public static void authorize(HttpServletRequest req, String stationType, List<St
             throw new NotAuthorizedException("Missing authorization");
         }
     }
+
+    private record Test(String name, BooleanSupplier condition){}
+
+    public static boolean uriMatches(String uri, String stationType, String origin, boolean syncState, boolean onlyActivation) {
+        var u = UriComponentsBuilder.fromUriString(uri).build();
+
+        log.debug("Checking URI {}", u);
+        return Arrays.stream(new Test[] {
+            new Test("scheme", () -> "bdp".equals(u.getScheme())),
+            new Test("authority", () -> "station".equals(u.getHost())),
+            new Test("stationType", () -> getQueryParam(u, "stationType").anyMatch(s -> s.equals(stationType))),
+            new Test("origin", () -> getQueryParam(u, "origin").anyMatch(s -> s.equals(origin))),
+            new Test("syncState", () -> getQueryParam(u, "syncState").map(Boolean::parseBoolean).anyMatch(b -> b == syncState)),
+            new Test("onlyActivation", () -> getQueryParam(u, "onlyActivation").map(Boolean::parseBoolean).anyMatch(b -> b == onlyActivation))
+        })
+        .allMatch(t -> {
+            boolean result = t.condition.getAsBoolean();
+            log.debug("Check {}: {}", t.name, result);
+            return result;
+        });
+    }
+
+    private static Stream<String> getQueryParam(UriComponents u, String param){
+        return u.getQueryParams().getOrDefault(param, Collections.emptyList()).stream();
+    }
 }
diff --git a/writer/src/test/java/com/opendatahub/timeseries/bdp/writer/AuthorizationTest.java b/writer/src/test/java/com/opendatahub/timeseries/bdp/writer/AuthorizationTest.java
@@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: NOI Techpark <[email protected]>
+//
+// SPDX-License-Identifier: AGPL-3.0-or-later
+package com.opendatahub.timeseries.bdp.writer;
+
+import static org.junit.jupiter.api.Assertions.*;
+import org.junit.jupiter.api.Test;
+
+import com.opendatahub.timeseries.bdp.writer.writer.authz.AuthorizeSyncStation;
+
+public class AuthorizationTest {
+    @Test
+    public void testStationSyncUrlMatch() {
+        // actually matches what's in the URL
+        var uri = "bdp://station?origin=testorigin&stationType=testtype&syncState=false&onlyActivation=true";
+        assertTrue(AuthorizeSyncStation.uriMatches(uri, "testtype", "testorigin", false, true));
+        assertFalse(AuthorizeSyncStation.uriMatches(uri, "EchargingStation", "testorigin", false, true));
+        assertFalse(AuthorizeSyncStation.uriMatches(uri, "testtype", "A22", false, true));
+        assertFalse(AuthorizeSyncStation.uriMatches(uri, "testtype", "testorigin", true, true));
+        assertFalse(AuthorizeSyncStation.uriMatches(uri, "testtype", "testorigin", false, false));
+
+        uri = "bdp://station?origin=testorigin&syncState=false&onlyActivation=true";
+        // Missing stationType in URL
+        assertFalse(AuthorizeSyncStation.uriMatches(uri, "EchargingStation", "testorigin", false, true));
+
+        uri = "bdp://station?origin=testorigin&stationType=test1&stationType=test2&syncState=false&onlyActivation=true";
+        // duplicate parameter
+        assertTrue(AuthorizeSyncStation.uriMatches(uri, "test1", "testorigin", false, true));
+        assertTrue(AuthorizeSyncStation.uriMatches(uri, "test2", "testorigin", false, true));
+    }
+}