From 97df5c06733679c7c66364c3b576ef267cd37e4c Mon Sep 17 00:00:00 2001 From: Dmitriy Kopylenko Date: Tue, 25 Jun 2019 16:51:25 -0400 Subject: [PATCH] 1263(1336) --- ...MetadataFilterEnversVersioningTests.groovy | 244 +++++++++++++++++- .../controller/MetadataFiltersController.java | 31 ++- 2 files changed, 252 insertions(+), 23 deletions(-) diff --git a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataFilterEnversVersioningTests.groovy b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataFilterEnversVersioningTests.groovy index 67c7787e2..05c8f5ea0 100644 --- a/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataFilterEnversVersioningTests.groovy +++ b/backend/src/enversTest/groovy/edu/internet2/tier/shibboleth/admin/ui/repository/envers/MetadataFilterEnversVersioningTests.groovy @@ -5,9 +5,16 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.EntitiesVersioningCo import edu.internet2.tier.shibboleth.admin.ui.configuration.InternationalizationConfiguration import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityRoleWhiteListFilter +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.NameIdFormatFilter +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.RequiredValidUntilFilter +import edu.internet2.tier.shibboleth.admin.ui.domain.filters.SignatureValidationFilter +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FileBackedHttpMetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.FilesystemMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.LocalDynamicMetadataResolver -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver +import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver import edu.internet2.tier.shibboleth.admin.ui.repository.FilterRepository import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverVersionService @@ -15,14 +22,14 @@ import org.springframework.beans.factory.annotation.Autowired import org.springframework.boot.autoconfigure.domain.EntityScan import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest import org.springframework.data.jpa.repository.config.EnableJpaRepositories +import org.springframework.test.annotation.DirtiesContext import org.springframework.test.context.ContextConfiguration import org.springframework.transaction.PlatformTransactionManager import spock.lang.Specification -import javax.persistence.EntityManager /** - * Testing metadata resolver envers versioning + * Testing metadata resolver envers versioning with metadata filters */ @DataJpaTest @ContextConfiguration(classes = [CoreShibUiConfiguration, InternationalizationConfiguration, SearchConfiguration, TestConfiguration, EntitiesVersioningConfiguration]) @@ -43,9 +50,9 @@ class MetadataFilterEnversVersioningTests extends Specification { PlatformTransactionManager txMgr - def "test versioning of LocalDynamicMetadataResolver"() { + def "test versioning of MetadataResolver with EntityRoleWhiteListFilter"() { when: 'Add initial filter' - LocalDynamicMetadataResolver mr = new LocalDynamicMetadataResolver(name: 'ldmr') + def mr = new LocalDynamicMetadataResolver(name: 'resolver') mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { metadataResolverRepository.save(mr) } @@ -61,15 +68,111 @@ class MetadataFilterEnversVersioningTests extends Specification { def mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) def mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) - then: versions.size() == 2 mrv1.metadataFilters.size() == 0 mrv2.metadataFilters.size() == 1 when: 'Update filter' - filter = filterRepository.findByResourceId(filter.resourceId) + filter = mr.metadataFilters[0] filter.retainedRoles = ['role1', 'role2'] + filter.removeEmptyEntitiesDescriptors = false + filter = EnversTestsSupport.doInExplicitTransaction(txMgr) { + filterRepository.save(filter) + } + mr.markAsModified() + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + def mrv3 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[2].id) + + then: + versions.size() == 3 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters[0].retainedRoles.size() == 1 + mrv2.metadataFilters[0].retainedRoles == ['role1'] + mrv3.metadataFilters[0].retainedRoles.size() == 2 + mrv3.metadataFilters[0].retainedRoles == ['role1','role2'] + mrv3.metadataFilters[0].removeEmptyEntitiesDescriptors == false + } + + //@DirtiesContext + def "test versioning of MetadataResolver with EntityAttributesFilter"() { + when: 'Add initial filter' + def mr = new FileBackedHttpMetadataResolver(name: 'resolver') + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + EntityAttributesFilter filter = new EntityAttributesFilter().with { + it.attributeRelease = ['attr1'] + it + } + mr.metadataFilters.add(filter) + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + def versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + def mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + def mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + + then: + versions.size() == 2 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters.size() == 1 + + when: 'Update filter' + filter = mr.metadataFilters[0] + filter.attributeRelease = ['attr1, attr2'] + filter = EnversTestsSupport.doInExplicitTransaction(txMgr) { + filterRepository.save(filter) + } + mr.markAsModified() + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + def mrv3 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[2].id) + + then: + versions.size() == 3 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters[0].attributes[0].attributeValues[0].xsStringvalue == 'attr1' + mrv3.metadataFilters[0].attributes[0].attributeValues[0].xsStringvalue == 'attr1, attr2' + } + + //@DirtiesContext + def "test versioning of MetadataResolver with SignatureValidationFilter"() { + when: 'Add initial filter' + def mr = new DynamicHttpMetadataResolver(name: 'resolver') + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + SignatureValidationFilter filter = new SignatureValidationFilter().with { + it.certificateFile = 'cert1.file' + it + } + mr.metadataFilters.add(filter) + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + def versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + def mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + def mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + + then: + versions.size() == 2 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters.size() == 1 + mrv2.metadataFilters[0].certificateFile == 'cert1.file' + + when: 'Update filter' + filter = mr.metadataFilters[0] + filter.certificateFile = 'cert2.file' filter = EnversTestsSupport.doInExplicitTransaction(txMgr) { filterRepository.save(filter) } @@ -84,5 +187,132 @@ class MetadataFilterEnversVersioningTests extends Specification { then: versions.size() == 3 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters[0].certificateFile == 'cert1.file' + mrv3.metadataFilters[0].certificateFile == 'cert2.file' + } + + def "test versioning of MetadataResolver with RequiredValidUntilFilter"() { + when: 'Add initial filter' + def mr = new FilesystemMetadataResolver(name: 'resolver') + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + RequiredValidUntilFilter filter = new RequiredValidUntilFilter().with { + it.maxValidityInterval = "PT1S" + it + } + mr.metadataFilters.add(filter) + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + def versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + def mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + def mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + + then: + versions.size() == 2 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters.size() == 1 + mrv2.metadataFilters[0].maxValidityInterval == 'PT1S' + + when: 'Update filter' + filter = mr.metadataFilters[0] + filter.maxValidityInterval = 'PT30S' + filter = EnversTestsSupport.doInExplicitTransaction(txMgr) { + filterRepository.save(filter) + } + mr.markAsModified() + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + def mrv3 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[2].id) + + then: + versions.size() == 3 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters[0].maxValidityInterval == 'PT1S' + mrv3.metadataFilters[0].maxValidityInterval == 'PT30S' + } + + @DirtiesContext + def "test versioning of MetadataResolver with NameIdFormatFilter"() { + when: 'Add initial filter' + def mr = new ResourceBackedMetadataResolver(name: 'resolver') + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + NameIdFormatFilter filter = new NameIdFormatFilter().with { + it.formats = ['format1'] + it + } + mr.metadataFilters.add(filter) + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + def versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + def mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + def mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + + then: + versions.size() == 2 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters.size() == 1 + mrv2.metadataFilters[0].formats == ['format1'] + + when: 'Update filter' + filter = mr.metadataFilters[0] + filter.formats = ['format1', 'format2'] + filter.removeExistingFormats = true + filter = EnversTestsSupport.doInExplicitTransaction(txMgr) { + filterRepository.save(filter) + } + mr.markAsModified() + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + def mrv3 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[2].id) + + then: + versions.size() == 3 + mrv1.metadataFilters.size() == 0 + mrv2.metadataFilters[0].formats == ['format1'] + mrv3.metadataFilters[0].formats == ['format1', 'format2'] + mrv3.metadataFilters[0].removeExistingFormats == true + } + + def "test versioning of deleting a filter"() { + when: 'Add initial filter' + def mr = new LocalDynamicMetadataResolver(name: 'resolver') + def filter = new EntityRoleWhiteListFilter() + + mr.metadataFilters.add(filter) + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + //And now remove filter + filter = filterRepository.findByResourceId(filter.resourceId) + mr.metadataFilters = [] + mr = EnversTestsSupport.doInExplicitTransaction(txMgr) { + metadataResolverRepository.save(mr) + } + EnversTestsSupport.doInExplicitTransaction(txMgr) { + filterRepository.delete(filter) + } + + def versions = metadataResolverVersionService.findVersionsForMetadataResolver(mr.resourceId) + def mrv1 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[0].id) + def mrv2 = metadataResolverVersionService.findSpecificVersionOfMetadataResolver(mr.resourceId, versions[1].id) + + then: + versions.size() == 2 + mrv1.metadataFilters.size() == 1 + mrv2.metadataFilters.size() == 0 } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java index 57d734f77..cbf5051ba 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/controller/MetadataFiltersController.java @@ -7,16 +7,10 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.filters.RequiredValidUntilFilter; import edu.internet2.tier.shibboleth.admin.ui.domain.filters.SignatureValidationFilter; import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.MetadataResolver; -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlFunctionDrivenDynamicHTTPMetadataResolver; -import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlLocalDynamicMetadataResolver; import edu.internet2.tier.shibboleth.admin.ui.repository.FilterRepository; import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverService; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; -import net.shibboleth.utilities.java.support.resolver.ResolverException; -import org.opensaml.saml.metadata.resolver.ChainingMetadataResolver; -import org.opensaml.saml.metadata.resolver.RefreshableMetadataResolver; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -36,6 +30,7 @@ import java.net.URI; import java.util.ArrayList; import java.util.List; +import java.util.Optional; import java.util.function.Supplier; import java.util.stream.Stream; @@ -102,19 +97,19 @@ public ResponseEntity create(@PathVariable String metadataResolverId, @Reques public ResponseEntity update(@PathVariable String metadataResolverId, @PathVariable String resourceId, @RequestBody MetadataFilter updatedFilter) { - MetadataFilter filterTobeUpdated = filterRepository.findByResourceId(resourceId); - if (filterTobeUpdated == null) { - return ResponseEntity.notFound().build(); - } MetadataResolver metadataResolver = findResolverOrThrowHttp404(metadataResolverId); - // check to make sure that the relationship exists - if (!metadataResolver.getMetadataFilters().contains(filterTobeUpdated)) { - // TODO: find a better response - return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + //Now we operate directly on the filter attached to MetadataResolver, + //Instead of fetching filter separately, to accommodate correct envers versioning with uni-directional one-to-many + Optional filterTobeUpdatedOptional = metadataResolver.getMetadataFilters() + .stream() + .filter(it -> it.getResourceId().equals(resourceId)) + .findFirst(); + if(!filterTobeUpdatedOptional.isPresent()) { + return ResponseEntity.notFound().build(); } - + MetadataFilter filterTobeUpdated = filterTobeUpdatedOptional.get(); if (!resourceId.equals(updatedFilter.getResourceId())) { return new ResponseEntity(HttpStatus.CONFLICT); } @@ -130,6 +125,10 @@ public ResponseEntity update(@PathVariable String metadataResolverId, MetadataFilter persistedFilter = filterRepository.save(filterTobeUpdated); + //To support envers versioning from MetadataResolver side + metadataResolver.markAsModified(); + repository.save(metadataResolver); + // TODO: this is wrong metadataResolverService.reloadFilters(metadataResolver.getResourceId()); @@ -244,4 +243,4 @@ private static URI getResourceUriFor(MetadataResolver mr, String filterResourceI .build() .toUri(); } -} \ No newline at end of file +}