Skip to content

Commit

Permalink
Merge pull request #738 from MAIF/feat/#714
Browse files Browse the repository at this point in the history 
Fix #714
  • Loading branch information
@quentinovega
quentinovega authored Aug 30, 2024
2 parents e3c8984 + 4d72c16 commit 2ff84ba
Show file tree
Hide file tree
Showing 28 changed files with 2,689 additions and 1,238 deletions.
4 changes: 2 additions & 2 deletions daikoku/app/controllers/AdminApiController.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -322,15 +322,15 @@ class StateAdminApiController(
}

def reset() =
DaikokuApiAction.async { _ =>
DaikokuApiAction.async { ctx =>
(for {
_ <- EitherT.cond[Future][AppError, Unit](
env.config.isDev || env.config.mode == DaikokuMode.Test,
(),
AppError.SecurityError("Action not avalaible")
)
_ <- EitherT.liftF[Future, AppError, Unit](env.dataStore.clear())
_ <- EitherT.liftF[Future, AppError, Done](env.initDatastore())
_ <- EitherT.liftF[Future, AppError, Done](env.initDatastore(ctx.request.getQueryString("path")))
} yield Ok(Json.obj("done" -> true)))
.leftMap(_.render())
.merge
Expand Down
6 changes: 5 additions & 1 deletion daikoku/app/controllers/AppError.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ object AppError {
case object SubscriptionAggregationTeamConflict extends AppError
case object SubscriptionAggregationOtoroshiConflict extends AppError
case object SubscriptionAggregationDisabled extends AppError
case object EnvironmentSubscriptionAggregationDisabled extends AppError
case object MissingParentSubscription extends AppError
case object TranslationNotFound extends AppError
case object Unauthorized extends AppError
Expand Down Expand Up @@ -106,6 +107,7 @@ object AppError {
case SubscriptionNotFound => NotFound(toJson(error))
case SubscriptionParentExisted => Conflict(toJson(error))
case SubscriptionAggregationDisabled => BadRequest(toJson(error))
case EnvironmentSubscriptionAggregationDisabled => BadRequest(toJson(error))
case SubscriptionAggregationTeamConflict => Conflict(toJson(error))
case SubscriptionAggregationOtoroshiConflict => Conflict(toJson(error))
case MissingParentSubscription => NotFound(toJson(error))
Expand All @@ -115,7 +117,7 @@ object AppError {
case NameAlreadyExists => Conflict(toJson(error))
case ThirdPartyPaymentSettingsNotFound => NotFound(toJson(error))
case SecurityError(security) =>
play.api.mvc.Results.Unauthorized(toJson(error))
play.api.mvc.Results.Forbidden(toJson(error))
case TeamAlreadyVerified => Conflict(toJson(error))
case UnexpectedError => BadRequest(toJson(error))
case InternalServerError(message) =>
Expand Down Expand Up @@ -167,6 +169,8 @@ object AppError {
"The subscription already has a subscription parent - it cannot be extended any further"
case SubscriptionAggregationDisabled =>
"Aggregation of api keys is disabled on plan or on tenant"
case EnvironmentSubscriptionAggregationDisabled =>
"Aggregation of api keys is disabled on plan or on tenant for environment mode"
case SubscriptionAggregationTeamConflict =>
"The new subscription has another team of the parent subscription"
case SubscriptionAggregationOtoroshiConflict =>
Expand Down
29 changes: 29 additions & 0 deletions daikoku/app/controllers/admin-api-openapi.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,10 @@
"type": "boolean",
"nullable": true
},
"environmentAggregationApiKeysSecurity": {
"type": "boolean",
"nullable": true
},
"robotTxt": {
"type": "string",
"nullable": true
Expand Down Expand Up @@ -2486,7 +2490,12 @@
"aggregationApiKeysSecurity": {
"type": "boolean",
"nullable": false
},
"environmentAggregationApiKeysSecurity": {
"type": "boolean",
"nullable": false
}

},
"required": [
"_id",
Expand Down Expand Up @@ -2581,6 +2590,10 @@
"type": "boolean",
"nullable": true
},
"environmentAggregationApiKeysSecurity": {
"type": "boolean",
"nullable": true
},
"swagger": {
"nullable": true,
"$ref": "#/components/schemas/SwaggerAccess"
Expand Down Expand Up @@ -2703,6 +2716,10 @@
"type": "boolean",
"nullable": false
},
"environmentAggregationApiKeysSecurity": {
"type": "boolean",
"nullable": false
},
"swagger": {
"nullable": true,
"$ref": "#/components/schemas/SwaggerAccess"
Expand Down Expand Up @@ -2835,6 +2852,10 @@
"type": "boolean",
"nullable": false
},
"environmentAggregationApiKeysSecurity": {
"type": "boolean",
"nullable": false
},
"swagger": {
"nullable": true,
"$ref": "#/components/schemas/SwaggerAccess"
Expand Down Expand Up @@ -2973,6 +2994,10 @@
"type": "boolean",
"nullable": false
},
"environmentAggregationApiKeysSecurity": {
"type": "boolean",
"nullable": false
},
"swagger": {
"nullable": true,
"$ref": "#/components/schemas/SwaggerAccess"
Expand Down Expand Up @@ -3108,6 +3133,10 @@
"type": "boolean",
"nullable": false
},
"environmentAggregationApiKeysSecurity": {
"type": "boolean",
"nullable": false
},
"swagger": {
"nullable": true,
"$ref": "#/components/schemas/SwaggerAccess"
Expand Down
4 changes: 4 additions & 0 deletions daikoku/app/domain/SchemaDefinition.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -245,6 +245,10 @@ object SchemaDefinition {
OptionType(BooleanType),
resolve = _.value.aggregationApiKeysSecurity
),
Field(
"environmentAggregationApiKeysSecurity",
OptionType(BooleanType),
resolve = _.value.environmentAggregationApiKeysSecurity),
Field(
"display",
OptionType(StringType),
Expand Down
8 changes: 7 additions & 1 deletion daikoku/app/domain/json.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1007,7 +1007,7 @@ object json {
otoroshiTarget =
(json \ "otoroshiTarget").asOpt(OtoroshiTargetFormat),
aggregationApiKeysSecurity =
(json \ "aggregationApiKeysSecurity").asOpt[Boolean]
(json \ "aggregationApiKeysSecurity").asOpt[Boolean],
)
)
} recover {
Expand Down Expand Up @@ -2202,6 +2202,8 @@ object json {
tenantMode = (json \ "tenantMode").asOpt(TenantModeFormat),
aggregationApiKeysSecurity = (json \ "aggregationApiKeysSecurity")
.asOpt[Boolean],
environmentAggregationApiKeysSecurity = (json \ "environmentAggregationApiKeysSecurity")
.asOpt[Boolean],
robotTxt = (json \ "robotTxt").asOpt[String],
thirdPartyPaymentSettings = (json \ "thirdPartyPaymentSettings")
.asOpt(SeqThirdPartyPaymentSettingsFormat)
Expand Down Expand Up @@ -2279,6 +2281,10 @@ object json {
.map(JsBoolean)
.getOrElse(JsBoolean(false))
.as[JsValue],
"environmentAggregationApiKeysSecurity" -> o.environmentAggregationApiKeysSecurity
.map(JsBoolean)
.getOrElse(JsBoolean(false))
.as[JsValue],
"robotTxt" -> o.robotTxt
.map(JsString.apply)
.getOrElse(JsNull)
Expand Down
5 changes: 5 additions & 0 deletions daikoku/app/domain/tenantEntities.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -388,6 +388,7 @@ case class Tenant(
defaultMessage: Option[String] = None,
tenantMode: Option[TenantMode] = None,
aggregationApiKeysSecurity: Option[Boolean] = None,
environmentAggregationApiKeysSecurity: Option[Boolean] = None,
robotTxt: Option[String] = None,
thirdPartyPaymentSettings: Seq[ThirdPartyPaymentSettings] = Seq.empty,
display: TenantDisplay = TenantDisplay.Default,
Expand Down Expand Up @@ -455,6 +456,10 @@ case class Tenant(
.map(JsBoolean)
.getOrElse(JsBoolean(false))
.as[JsValue],
"environmentAggregationApiKeysSecurity" -> environmentAggregationApiKeysSecurity
.map(JsBoolean)
.getOrElse(JsBoolean(false))
.as[JsValue],
"display" -> display.name,
"environments" -> JsArray(environments.map(JsString.apply).toSeq),
"loginProvider" -> authProvider.name,
Expand Down
6 changes: 3 additions & 3 deletions daikoku/app/env/env.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,7 +306,7 @@ sealed trait Env {

def getDaikokuUrl(tenant: Tenant, path: String): String

def initDatastore()(implicit ec: ExecutionContext): Future[Done]
def initDatastore(path: Option[String]= None)(implicit ec: ExecutionContext): Future[Done]
}

class DaikokuEnv(
Expand Down Expand Up @@ -376,14 +376,14 @@ class DaikokuEnv(
}
}

override def initDatastore()(implicit ec: ExecutionContext): Future[Done] = {
override def initDatastore(path: Option[String]=None)(implicit ec: ExecutionContext): Future[Done] = {
def run(isEmpty: Boolean): Future[Unit] = {
if (isEmpty) {
(dataStore match {
case store: PostgresDataStore => store.checkDatabase()
case _ => FastFuture.successful(None)
}).map { _ =>
config.init.data.from match {
path.orElse(config.init.data.from) match {
case Some(path)
if path.startsWith("http://") || path
.startsWith("https://") =>
Expand Down
8 changes: 8 additions & 0 deletions daikoku/app/utils/ApiService.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2328,6 +2328,14 @@ class ApiService(
.findById(subscription.plan),
AppError.PlanNotFound
)
_ <- EitherT.cond[Future][AppError, Unit](
tenant.display != TenantDisplay.Environment || (tenant.environmentAggregationApiKeysSecurity match {
case Some(true) => plan.customName == parentPlan.customName
case _ => true
}),
(),
AppError.SecurityError(s"Environment Subscription Aggregation security is enabled, a subscription cannot be extended by another environment")
)
_ <- EitherT.cond[Future][AppError, Unit](
parentPlan.otoroshiTarget
.map(_.otoroshiSettings) == plan.otoroshiTarget
Expand Down
1 change: 0 additions & 1 deletion daikoku/javascript/src/components/adminbackoffice/otoroshi/InititializeFromOtoroshi.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,6 @@ export const InitializeFromOtoroshi = () => {
const orderedApikeys = orderBy(state.context.apikeys, ['clientName']);

const filterApikeys = (entity: { label: string, prefix: string, value: string }) => {
console.debug({ entity, orderedApikeys })
return orderedApikeys.filter((apikey) => (apikey.authorizedEntities || '').includes(`${entity.prefix}${entity.value}`));
};

Expand Down
Loading

0 comments on commit 2ff84ba

Please sign in to comment.