diff --git a/pom.xml b/pom.xml
index 8fda15b..d46d1a3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2,7 +2,7 @@
4.0.0
org.folio
mod-batch-print
- 1.1.0-SNAPSHOT
+ 1.0.0-SNAPSHOT
jar
mod-batch-print
diff --git a/src/main/java/org/folio/print/server/resources/BatchCreationResource.java b/src/main/java/org/folio/print/server/resources/BatchCreationResource.java
index 7b3da96..12722c7 100644
--- a/src/main/java/org/folio/print/server/resources/BatchCreationResource.java
+++ b/src/main/java/org/folio/print/server/resources/BatchCreationResource.java
@@ -37,8 +37,8 @@ public Future createRouter(Vertx vertx) {
private void process(RoutingContext ctx, Vertx vertx) {
String tenant = ctx.request().getHeader(XOkapiHeaders.TENANT);
- JsonArray permissions = new JsonArray(ctx.request().getHeader(XOkapiHeaders.PERMISSIONS));
- PrintStorage printStorage = new PrintStorage(vertx, tenant, permissions);
+ LOGGER.debug("process:: tenant " + tenant);
+ PrintStorage printStorage = new PrintStorage(vertx, tenant);
LocalDateTime localDateTime = LocalDateTime.now().with(LocalTime.MIDNIGHT);
printStorage.getEntriesByQuery("type=\"SINGLE\" and created > " + localDateTime
diff --git a/src/main/java/org/folio/print/server/service/PrintService.java b/src/main/java/org/folio/print/server/service/PrintService.java
index 32785a4..f6641a3 100644
--- a/src/main/java/org/folio/print/server/service/PrintService.java
+++ b/src/main/java/org/folio/print/server/service/PrintService.java
@@ -118,12 +118,8 @@ private void handlers(RouterBuilder routerBuilder) {
static PrintStorage createFromParams(Vertx vertx, RequestParameters params) {
// get tenant
RequestParameter tenantParameter = params.headerParameter(XOkapiHeaders.TENANT);
- String tenant = tenantParameter.getString();
- // get permissions which is required in OpenAPI spec
- RequestParameter okapiPermissions = params.headerParameter(XOkapiHeaders.PERMISSIONS);
- JsonArray permissions = new JsonArray(okapiPermissions.getString());
- return new PrintStorage(vertx, tenant, permissions);
+ return new PrintStorage(vertx, tenantParameter.getString());
}
public static PrintStorage create(RoutingContext ctx) {
@@ -220,7 +216,7 @@ public Future postInit(Vertx vertx, String tenant, JsonObject tenantAttrib
if (!tenantAttributes.containsKey("module_to")) {
return Future.succeededFuture(); // doing nothing for disable
}
- PrintStorage storage = new PrintStorage(vertx, tenant, null);
+ PrintStorage storage = new PrintStorage(vertx, tenant);
return storage.init();
}
diff --git a/src/main/java/org/folio/print/server/storage/PrintStorage.java b/src/main/java/org/folio/print/server/storage/PrintStorage.java
index 93a7326..8eb90a6 100644
--- a/src/main/java/org/folio/print/server/storage/PrintStorage.java
+++ b/src/main/java/org/folio/print/server/storage/PrintStorage.java
@@ -48,19 +48,15 @@ public class PrintStorage {
private final String printTable;
- private final JsonArray permissions;
-
/**
* Construct storage request for a user with given okapi permissions.
*
* @param vertx Vert.x handle
* @param tenant tenant
- * @param permissions permissions as it comes from X-Okapi-Permissions
*/
- public PrintStorage(Vertx vertx, String tenant, JsonArray permissions) {
+ public PrintStorage(Vertx vertx, String tenant) {
this.pool = TenantPgPool.pool(vertx, tenant);
- this.permissions = permissions;
this.printTable = pool.getSchema() + ".printing";
}
@@ -81,17 +77,6 @@ public Future init() {
));
}
- /**
- * Checks if access is allowed.
- *
- * @param type read/write value
- * @param permissions permissions given at runtime
- * @return true if access is OK; false otherwise (forbidden)
- */
- static boolean checkDesiredPermissions(String type, JsonArray permissions) {
- return permissions.contains(PERM_PREFIX + "." + PERM_PRINT + "." + type);
- }
-
PrintEntry fromRow(Row row) {
PrintEntry entry = new PrintEntry();
entry.setId(row.getUUID("id"));
@@ -109,9 +94,6 @@ PrintEntry fromRow(Row row) {
* @return async result with success if created; failed otherwise
*/
public Future createEntry(PrintEntry entry) {
- if (!checkDesiredPermissions(PERM_WRITE, permissions)) {
- return Future.failedFuture(new ForbiddenException());
- }
return pool.preparedQuery(
"INSERT INTO " + printTable
+ " (id, created, type, sorting_field, content)"
@@ -144,9 +126,6 @@ public Future getEntry(UUID id) {
if (entry == null) {
throw new NotFoundException();
}
- if (!checkDesiredPermissions(PERM_READ, permissions)) {
- throw new ForbiddenException();
- }
return entry;
});
}
@@ -175,9 +154,6 @@ public Future deleteEntry(UUID id) {
if (entry == null) {
return Future.failedFuture(new NotFoundException());
}
- if (!checkDesiredPermissions(PERM_WRITE, permissions)) {
- return Future.failedFuture(new ForbiddenException());
- }
return pool.preparedQuery(
"DELETE FROM " + printTable + " WHERE id = $1")
.execute(Tuple.of(id))
@@ -197,9 +173,6 @@ public Future deleteEntry(UUID id) {
* @return async result with success if created; failed otherwise
*/
public Future updateEntry(PrintEntry entry) {
- if (!checkDesiredPermissions(PERM_WRITE, permissions)) {
- return Future.failedFuture(new ForbiddenException());
- }
return pool.preparedQuery(
"UPDATE " + printTable
+ " SET created = $2, type = $3, sorting_field = $4, content = $5"
@@ -235,9 +208,6 @@ public Future updateEntry(PrintEntry entry) {
*/
public Future getEntries(HttpServerResponse response, String cqlQuery,
int offset, int limit) {
- if (!checkDesiredPermissions(PERM_READ, permissions)) {
- return Future.failedFuture(new ForbiddenException());
- }
Pair sqlQuery = createSqlQuery(cqlQuery, offset, limit);
String countQuery = "SELECT COUNT(*) FROM " + sqlQuery.getRight();
@@ -317,9 +287,6 @@ void resultFooter(HttpServerResponse response, RowSet rowSet, String diagno
* @return Result list
*/
public Future> getEntriesByQuery(String cqlQuery, int offset, int limit) {
- if (!checkDesiredPermissions(PERM_READ, permissions)) {
- return Future.failedFuture(new ForbiddenException());
- }
Pair sqlQuery = createSqlQuery(cqlQuery, offset, limit);
diff --git a/src/test/java/org/folio/print/server/main/MainVerticleTest.java b/src/test/java/org/folio/print/server/main/MainVerticleTest.java
index c83c0d2..9232b87 100644
--- a/src/test/java/org/folio/print/server/main/MainVerticleTest.java
+++ b/src/test/java/org/folio/print/server/main/MainVerticleTest.java
@@ -189,58 +189,6 @@ public void testPostBodyTooBig() {
.body(is("Request Entity Too Large"));
}
- @Test
- public void testMissingPermissions() {
- PrintEntry entry = new PrintEntry();
- entry.setContent("AA");
- entry.setCreated(ZonedDateTime.now().withZoneSameInstant(ZoneOffset.UTC));
- entry.setId(UUID.randomUUID());
- entry.setType(PrintEntryType.SINGLE);
-
- JsonObject en = JsonObject.mapFrom(entry);
-
- RestAssured.given()
- .header(XOkapiHeaders.TENANT, TENANT_1)
- .header(XOkapiHeaders.PERMISSIONS, permRead.encode())
- .contentType(ContentType.JSON)
- .body(en.encode())
- .post("/print/entries")
- .then()
- .statusCode(403);
-
- RestAssured.given()
- .header(XOkapiHeaders.TENANT, TENANT_1)
- .header(XOkapiHeaders.PERMISSIONS, permRead.encode())
- .contentType(ContentType.JSON)
- .body(en.encode())
- .put("/print/entries/" + en.getString("id"))
- .then()
- .statusCode(403);
-
- RestAssured.given()
- .header(XOkapiHeaders.TENANT, TENANT_1)
- .header(XOkapiHeaders.PERMISSIONS, permWrite.encode())
- .contentType(ContentType.JSON)
- .body(en.encode())
- .post("/print/entries")
- .then()
- .statusCode(204);
-
- RestAssured.given()
- .header(XOkapiHeaders.TENANT, TENANT_1)
- .header(XOkapiHeaders.PERMISSIONS, permWrite.encode())
- .get("/print/entries/" + en.getString("id"))
- .then()
- .statusCode(403);
-
- RestAssured.given()
- .header(XOkapiHeaders.TENANT, TENANT_1)
- .header(XOkapiHeaders.PERMISSIONS, permRead.encode())
- .delete("/print/entries/" + en.getString("id"))
- .then()
- .statusCode(403);
- }
-
@Test
public void testNotFound() {
PrintEntry entry = new PrintEntry();