Skip to content
Permalink
Browse files
Making better use of permitted-feign-client.
  • Loading branch information
mifosio-04-04-2018 committed May 21, 2017
1 parent c56a4d5 commit 5cc71430959059d51e97b9856b88e2df38f7a74e
Showing 3 changed files with 56 additions and 16 deletions.
@@ -25,6 +25,7 @@
import io.mifos.core.lang.config.EnableTenantContext;
import io.mifos.core.mariadb.config.EnableMariaDB;
import io.mifos.permittedfeignclient.config.EnablePermissionRequestingFeignClient;
import io.mifos.rhythm.service.internal.identity.ApplicationPermissionRequestCreator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
@@ -56,7 +57,7 @@
@EnableTenantContext
@EnablePermissionRequestingFeignClient
@EnableApplicationName
@EnableFeignClients(basePackages = {"io.mifos.identity.api.v1"})
@EnableFeignClients(clients = {ApplicationPermissionRequestCreator.class})
@ComponentScan({
"io.mifos.rhythm.service.rest",
"io.mifos.rhythm.service.config",
@@ -0,0 +1,44 @@
/*
* Copyright 2017 The Mifos Initiative.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.mifos.rhythm.service.internal.identity;

import io.mifos.anubis.annotation.Permittable;
import io.mifos.core.api.annotation.ThrowsException;
import io.mifos.identity.api.v1.client.ApplicationPermissionAlreadyExistsException;
import io.mifos.identity.api.v1.domain.Permission;
import io.mifos.permittedfeignclient.annotation.EndpointSet;
import io.mifos.permittedfeignclient.annotation.PermittedFeignClientsConfiguration;
import org.springframework.cloud.netflix.feign.FeignClient;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

/**
* @author Myrle Krantz
*/
@EndpointSet(identifier = "rhythm__v1__identity__v1")
@FeignClient(name="identity-v1", path="/identity/v1", configuration=PermittedFeignClientsConfiguration.class)
public interface ApplicationPermissionRequestCreator {

@RequestMapping(value = "/applications/{applicationidentifier}/permissions", method = RequestMethod.POST,
consumes = {MediaType.APPLICATION_JSON_VALUE},
produces = {MediaType.ALL_VALUE})
@ThrowsException(status = HttpStatus.CONFLICT, exception = ApplicationPermissionAlreadyExistsException.class)
@Permittable(groupId = io.mifos.identity.api.v1.PermittableGroupIds.APPLICATION_SELF_MANAGEMENT)
void createApplicationPermission(@PathVariable("applicationidentifier") String applicationIdentifier, Permission permission);
}
@@ -18,14 +18,14 @@
import io.mifos.anubis.api.v1.domain.AllowedOperation;
import io.mifos.core.api.context.AutoUserContext;
import io.mifos.core.api.util.ApiFactory;
import io.mifos.core.api.util.NotFoundException;
import io.mifos.core.lang.ApplicationName;
import io.mifos.core.lang.AutoTenantContext;
import io.mifos.core.lang.DateConverter;
import io.mifos.identity.api.v1.client.IdentityManager;
import io.mifos.identity.api.v1.client.ApplicationPermissionAlreadyExistsException;
import io.mifos.identity.api.v1.domain.Permission;
import io.mifos.permittedfeignclient.service.ApplicationAccessTokenService;
import io.mifos.rhythm.service.config.RhythmProperties;
import io.mifos.rhythm.service.internal.identity.ApplicationPermissionRequestCreator;
import io.mifos.rhythm.spi.v1.client.BeatListener;
import io.mifos.rhythm.spi.v1.domain.BeatPublish;
import org.slf4j.Logger;
@@ -49,7 +49,7 @@
@Service
public class BeatPublisherService {
private final DiscoveryClient discoveryClient;
private final IdentityManager identityManager;
private final ApplicationPermissionRequestCreator applicationPermissionRequestCreator;
private final ApplicationAccessTokenService applicationAccessTokenService;
private final ApplicationName rhythmApplicationName;
private final ApiFactory apiFactory;
@@ -59,14 +59,14 @@ public class BeatPublisherService {
@Autowired
public BeatPublisherService(
@SuppressWarnings("SpringJavaAutowiringInspection") final DiscoveryClient discoveryClient,
@SuppressWarnings("SpringJavaAutowiringInspection") final IdentityManager identityManager,
@SuppressWarnings("SpringJavaAutowiringInspection") final ApplicationPermissionRequestCreator applicationPermissionRequestCreator,
@SuppressWarnings("SpringJavaAutowiringInspection") final ApplicationAccessTokenService applicationAccessTokenService,
final ApplicationName rhythmApplicationName,
final ApiFactory apiFactory,
final RhythmProperties properties,
@Qualifier(LOGGER_NAME) final Logger logger) {
this.discoveryClient = discoveryClient;
this.identityManager = identityManager;
this.applicationPermissionRequestCreator = applicationPermissionRequestCreator;
this.applicationAccessTokenService = applicationAccessTokenService;
this.rhythmApplicationName = rhythmApplicationName;
this.apiFactory = apiFactory;
@@ -87,22 +87,17 @@ public BeatPublisherService(
@SuppressWarnings("WeakerAccess") //Access is public for mocking in component test.
public Optional<String> requestPermissionForBeats(final String tenantIdentifier, final String applicationName) {
try (final AutoTenantContext ignored = new AutoTenantContext(tenantIdentifier)) {
final String accessToken = applicationAccessTokenService.getAccessToken(
properties.getUser(), io.mifos.identity.api.v1.PermittableGroupIds.APPLICATION_SELF_MANAGEMENT);
try (final AutoUserContext ignored2 = new AutoUserContext(properties.getUser(), accessToken)) {
try (final AutoUserContext ignored2 = new AutoUserContext(properties.getUser(), "")) {
final String consumerPermittableGroupIdentifier = getPermittableGroupIdentifier(applicationName);
final Permission publishBeatPermission = new Permission();
publishBeatPermission.setAllowedOperations(Collections.singleton(AllowedOperation.CHANGE));
publishBeatPermission.setPermittableEndpointGroupIdentifier(consumerPermittableGroupIdentifier);
try {
final Permission applicationPermission = identityManager
.getApplicationPermission(rhythmApplicationName.toString(), consumerPermittableGroupIdentifier);
return Optional.of(applicationPermission.getPermittableEndpointGroupIdentifier());
}
catch (final NotFoundException e) {
identityManager.createApplicationPermission(rhythmApplicationName.toString(), publishBeatPermission);
return Optional.of(consumerPermittableGroupIdentifier);
applicationPermissionRequestCreator.createApplicationPermission(rhythmApplicationName.toString(), publishBeatPermission);
}
catch (final ApplicationPermissionAlreadyExistsException ignored3) { }

return Optional.of(consumerPermittableGroupIdentifier);
}
}
catch (final Throwable e) {

0 comments on commit 5cc7143

Please sign in to comment.