Merge pull request #101 from ananjaykumar2/idchange/uuid

uuid chages

Jenkinsfile

@@ -70,7 +70,7 @@ pipeline {
     stage('Run GIS interface server'){
       steps{
         script{
-            sh 'scp src/test/resources/IUDX_GIS_Server_APIs_V4.5.0.postman_collection.json jenkins@jenkins-master:/var/lib/jenkins/iudx/gis/Newman/'
+            sh 'scp src/test/resources/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json jenkins@jenkins-master:/var/lib/jenkins/iudx/gis/Newman/'
             sh 'docker compose -f docker-compose.test.yml up -d integTest'
             sh 'sleep 45'
         }
@@ -90,7 +90,7 @@ pipeline {
           script{
             startZap ([host: 'localhost', port: 8090, zapHome: '/var/lib/jenkins/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/OWASP_ZAP/ZAP_2.11.0'])
             sh 'curl http://127.0.0.1:8090/JSON/pscan/action/disableScanners/?ids=10096'
-            sh 'HTTP_PROXY=\'127.0.0.1:8090\' newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V4.5.0.postman_collection.json -e /home/ubuntu/configs/gis-postman-env.json -n 2 --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/report.html --reporter-htmlextra-skipSensitiveData'
+            sh 'HTTP_PROXY=\'127.0.0.1:8090\' newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json -e /home/ubuntu/configs/gis-postman-env.json -n 2 --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/report.html --reporter-htmlextra-skipSensitiveData'
             runZapAttack()
           }
         }
@@ -153,7 +153,7 @@ pipeline {
           steps {
             node('built-in') {
               script{
-                sh 'newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V4.5.0.postman_collection.json -e /home/ubuntu/configs/cd/gis-postman-env.json --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/cd-report.html --reporter-htmlextra-skipSensitiveData'
+                sh 'newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json -e /home/ubuntu/configs/cd/gis-postman-env.json --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/cd-report.html --reporter-htmlextra-skipSensitiveData'
               }
             }
           }

src/main/java/iudx/gis/server/apiserver/ApiServerVerticle.java

@@ -375,11 +375,18 @@ private void executeSearchQuery(
     postgresService.executeQuery(
         query,
         handler -> {
+          JsonObject result = handler.result();
           if (handler.succeeded()) {
             LOGGER.debug("Success: Search Success");
-            handleSuccessResponse(response, ResponseType.Ok.getCode(), handler.result());
-            context.data().put(RESPONSE_SIZE, response.bytesWritten());
-            // Future.future(fu -> updateAuditTable(context));
+            JsonArray rows = result.getJsonArray("result");
+            if (rows.size() < 1) {
+              handleResponse(
+                  response, HttpStatusCode.NOT_FOUND, ResponseUrn.RESOURCE_NOT_FOUND);
+            } else {
+              handleSuccessResponse(response, ResponseType.Ok.getCode(), handler.result());
+              context.data().put(RESPONSE_SIZE, response.bytesWritten());
+              // Future.future(fu -> updateAuditTable(context));
+            }
           } else if (handler.failed()) {
             LOGGER.error("Fail: Search Fail");
             processBackendResponse(response, handler.cause().getMessage());

src/main/java/iudx/gis/server/apiserver/handlers/AuthHandler.java

@@ -54,21 +54,14 @@ public void handle(RoutingContext context) {
       token = "public";
     }
 
-    String paramId = getId4rmRequest();
-
-    String id = null;
-
-    if (paramId != null && !paramId.isBlank()) {
-      id = paramId;
-    }
+    String id = getId(context);
 
     JsonObject authInfo =
         new JsonObject()
             .put(API_ENDPOINT, path)
             .put(HEADER_TOKEN, token)
             .put(API_METHOD, method)
             .put(ID, id);
-
     LOGGER.debug("Info :" + context.request().path());
     LOGGER.debug("Info :" + context.request().path().split("/").length);
 
@@ -118,10 +111,32 @@ public String getNormalizedPath(String url) {
     return path;
   }
 
+  private String getId(RoutingContext context) {
+    String paramId = getId4rmRequest();
+    String bodyId = getId4rmBody(context);
+    String id;
+    if (paramId != null && !paramId.isBlank()) {
+      id = paramId;
+    } else {
+      id = bodyId;
+    }
+    return id;
+  }
+
   private String getId4rmRequest() {
     return request.getParam(ID);
   }
 
+  private String getId4rmBody(RoutingContext context) {
+    JsonObject body = context.body().asJsonObject();
+    String id = null;
+    if (body != null) {
+      id = body.getString("id");
+
+    }
+    return id;
+  }
+
   private JsonObject generateResponse(ResponseUrn urn, HttpStatusCode statusCode) {
     return new JsonObject()
         .put(JSON_TYPE, urn.getUrn())

src/main/java/iudx/gis/server/apiserver/validation/types/IdTypeValidator.java

@@ -12,8 +12,7 @@ public class IdTypeValidator implements Validator {
   private static final Logger LOGGER = LogManager.getLogger(IdTypeValidator.class);
   private static final Pattern regexIDPattern =
       Pattern.compile(
-          "^[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z.]{4,100}/{1}[a-zA-Z-_.]"
-              + "{4,100}/{1}[a-zA-Z0-9-_.]{4,100}$");
+          "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$");
   private Integer maxLength = VALIDATION_ID_MAX_LEN;
   private String value;
   private boolean required;

src/main/java/iudx/gis/server/authenticator/JwtAuthenticationServiceImpl.java

@@ -10,6 +10,7 @@
 import io.vertx.core.Promise;
 import io.vertx.core.Vertx;
 import io.vertx.core.buffer.Buffer;
+import io.vertx.core.json.JsonArray;
 import io.vertx.core.json.JsonObject;
 import io.vertx.ext.auth.authentication.TokenCredentials;
 import io.vertx.ext.auth.jwt.JWTAuth;
@@ -95,7 +96,6 @@ public AuthenticationService tokenIntrospect(
     Future<JwtData> jwtDecodeFuture = decodeJwt(token);
 
     ResultContainer result = new ResultContainer();
-    LOGGER.debug("endPoint " + endPoint);
     if (endPoint != null && endPoint.equals(api.getAdminPath())) {
       jwtDecodeFuture
           .compose(
@@ -185,39 +185,36 @@ public Future<JwtData> decodeJwt(String jwtToken) {
   private Future<String> isOpenResource(String id) {
     LOGGER.trace("isOpenResource() started");
     Promise<String> promise = Promise.promise();
-
     String acl = resourceIdCache.getIfPresent(id);
     if (acl != null) {
       LOGGER.debug("Cache Hit");
       promise.complete(acl);
     } else {
       // cache miss
       LOGGER.debug("Cache miss calling cat server");
-      String[] idComponents = id.split("/");
-      if (idComponents.length < 4) {
-        promise.fail("Not Found " + id);
-      }
-      String groupId =
-          (idComponents.length == 4)
-              ? id
-              : String.join("/", Arrays.copyOfRange(idComponents, 0, 4));
       // 1. check group accessPolicy.
       // 2. check resource exist, if exist set accessPolicy to group accessPolicy. else fail
-      Future<String> groupAclFuture = getGroupAccessPolicy(groupId);
-      groupAclFuture
-          .compose(
-              groupACLResult -> {
-                String groupPolicy = groupACLResult;
-                return isResourceExist(id, groupPolicy);
-              })
+      getGrupId(id)
           .onSuccess(
-              handler -> {
-                promise.complete(resourceIdCache.getIfPresent(id));
-              })
-          .onFailure(
-              handler -> {
-                LOGGER.error("cat response failed for Id : (" + id + ")" + handler.getCause());
-                promise.fail("Not Found " + id);
+              groupId -> {
+                Future<String> groupAclFuture = getGroupAccessPolicy(groupId);
+                groupAclFuture
+                    .compose(
+                        groupACLResult -> {
+                          String groupPolicy = groupACLResult;
+                          return isResourceExist(id, groupPolicy);
+                        })
+                    .onSuccess(
+                        handler -> {
+                          promise.complete(resourceIdCache.getIfPresent(id));
+                        })
+                    .onFailure(
+                        handler -> {
+                          LOGGER.error(
+                              "cat response failed for Id : (" + id + ")" + handler.getCause());
+                          promise.fail("Not Found " + id);
+                        });
+
               });
     }
     return promise.future();
@@ -483,4 +480,35 @@ final class ResultContainer {
     JwtData jwtData;
     boolean isOpen;
   }
+
+  public Future<String> getGrupId(String id) {
+    LOGGER.debug("get item for id: {} ", id);
+    Promise<String> promise = Promise.promise();
+
+    catWebClient
+        .get(port, host, path)
+        .addQueryParam("property", "[id]")
+        .addQueryParam("value", "[[" + id + "]]")
+        .addQueryParam("filter", "[id,resourceGroup]")
+        .expect(ResponsePredicate.JSON)
+        .send(
+            relHandler -> {
+              if (relHandler.succeeded()
+                  && relHandler.result().bodyAsJsonObject().getInteger("totalHits") > 0) {
+                JsonArray resultArray =
+                    relHandler.result().bodyAsJsonObject().getJsonArray("results");
+                JsonObject response = resultArray.getJsonObject(0);
+                String groupId =
+                    response.containsKey("resourceGroup") ? response.getString("resourceGroup") :
+                        response.getString("id");
+                promise.complete(groupId);
+              } else {
+                LOGGER.error("catalogue call search api failed: " + relHandler.cause());
+                promise.fail("catalogue call search api failed");
+              }
+            });
+
+    return promise.future();
+  }
+
 }

src/main/resources/admin_crud_schema.json

@@ -7,8 +7,8 @@
       "$id": "#root/properties/id",
       "type": "string",
       "title": "Id",
-      "pattern": "^[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z.]{4,100}/{1}[a-zA-Z-_.]{4,100}/{1}[a-zA-Z0-9-_.]{4,100}$",
-      "maxLength": 512
+      "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$",
+      "maxLength": 36
     },
     "server-url": {
       "$id": "#root/properties/server-url",

src/test/java/iudx/gis/server/apiserver/handlers/AuthHandlerTest.java

@@ -5,6 +5,7 @@
 import io.vertx.core.http.HttpServerRequest;
 import io.vertx.core.http.HttpServerResponse;
 import io.vertx.core.json.JsonObject;
+import io.vertx.ext.web.RequestBody;
 import io.vertx.ext.web.RoutingContext;
 import io.vertx.junit5.VertxExtension;
 import io.vertx.junit5.VertxTestContext;
@@ -53,6 +54,8 @@ public class AuthHandlerTest {
   private static String dxApiBasePath;
   private static String adminBasePath;
   private static Api api;
+  @Mock
+  RequestBody requestBody;
   @BeforeEach
   public void setUp(VertxTestContext vertxTestContext, Vertx vertx) {
     //authHandler = AuthHandler.create(vertx);
@@ -66,6 +69,7 @@ public void setUp(VertxTestContext vertxTestContext, Vertx vertx) {
     jsonObject.put("adminBasePath","/admin/gis");
     dxApiBasePath = "/ngsi-ld/v1";
     adminBasePath = "/admin/gis";
+    AuthHandler.create(vertx,jsonObject);
     api = Api.getInstance(dxApiBasePath,adminBasePath);
     //lenient().doReturn(httpServerRequest).when(routingContextMock).request();
     //lenient().doReturn(httpServerResponse).when(routingContextMock).response();
@@ -84,10 +88,12 @@ public void testHandleSuccess(VertxTestContext vertxTestContext) {
     //HttpMethod httpMethodMock = mock(HttpMethod.class);
     //Map map = new HashMap<String, Object>();
     //AuthenticationService authenticationServiceMock = mock(AuthenticationService.class);
-
+    when(routingContextMock.body()).thenReturn(requestBody);
     //when(routingContextMock.request()).thenReturn(httpServerRequest);
-    when(routingContextMock.getBodyAsJson()).thenReturn(jsonObject);
+    when(requestBody.asJsonObject()).thenReturn(jsonObject);
     when(httpServerRequest.path()).thenReturn(api.getEntitiesRegex());
+
+
     //doReturn(NGSILD_ENTITIES_URL).when(httpServerRequest).path();
 
     AuthHandler.authenticator = mock(AuthenticationService.class);
@@ -128,7 +134,7 @@ public AsyncResult<JsonObject> answer(InvocationOnMock arg0) throws Throwable {
   public void testHandleFail(VertxTestContext vertxTestContext) {
     //JsonObject jsonObjectMock = new JsonObject().put("id", "iddd");
     authHandler = new AuthHandler();
-    String str = api.getEntitiesRegex();
+    String str = api.getEntitiesEndpoint();
     JsonObject jsonObject = new JsonObject();
     jsonObject.put("Dummy Key", "Dummy Value");
 
@@ -138,6 +144,10 @@ public void testHandleFail(VertxTestContext vertxTestContext) {
     //AuthenticationService authenticationServiceMock = mock(AuthenticationService.class);
     //AsyncResult<JsonObject> asyncResult = mock(AsyncResult.class);
 
+    when(routingContextMock.body()).thenReturn(requestBody);
+    //when(routingContextMock.request()).thenReturn(httpServerRequest);
+    when(requestBody.asJsonObject()).thenReturn(jsonObject);
+
     when(routingContextMock.getBodyAsJson()).thenReturn(jsonObject);
     when(httpServerRequest.path()).thenReturn(str);
     AuthHandler.authenticator = mock(AuthenticationService.class);

src/test/java/iudx/gis/server/apiserver/handlers/ValidationHandlerTest.java

@@ -46,7 +46,7 @@ public void testHandle(VertxTestContext vertxTestContext){
         when(routingContextMock.request()).thenReturn(httpServerRequestMock);
 
         parameters = MultiMap.caseInsensitiveMultiMap();
-        parameters.set(Constants.ID, "asdasd/asdasd/adasd/adasd/adasd");
+        parameters.set(Constants.ID, "83c2e5c2-3574-4e11-9530-2b1fbdfce836");
 
         when(httpServerRequestMock.params()).thenReturn(parameters);
         when(httpServerRequestMock.headers()).thenReturn(multiMapMock);

src/test/java/iudx/gis/server/apiserver/validation/types/IdTypeValidatorTest.java

@@ -27,10 +27,10 @@ static Stream<Arguments> allowedValues() {
         // Add any valid value which will pass successfully.
         return Stream.of(
                 Arguments.of(
-                        "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/surat-itms-realtime-information/surat-itms-live-eta",
+                        "83c2e5c2-3574-4e11-9530-2b1fbdfce836",
                         true),
                 Arguments.of(
-                        "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/pune-env-flood/FWR055",
+                        "83c2e5c2-3574-4e11-9530-2b1fbdfce836",
                         true),
                 Arguments.of(null, false));
     }
@@ -52,7 +52,7 @@ static Stream<Arguments> invalidValues() {
                 Arguments.of("  ", true),
                 Arguments.of("  ", false),
                 Arguments.of(
-                        "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/surat-itms-realtime-information/surat-itms-live-eta/sasd asdd",
+                        "83c2e5c2-3574-4e11-9530-2b1fbdfce836lfl",
                         true),
                 Arguments.of(
                         "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/surat-itms-realtime-information/surat-itms-live-eta AND 2434=2434 AND 'qLIl'='qLIl",