{
+ /**
+ * Applies this function to the given arguments.
+ *
+ * @param t the first function argument
+ * @param u the second function argument
+ * @param v the third function argument
+ * @return the function result
+ */
+ R apply(T t, U u, V v);
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/services/cache/CacheableTypeConfig.java b/api/src/main/java/org/apache/unomi/api/services/cache/CacheableTypeConfig.java
new file mode 100644
index 0000000000..3194305f7b
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/services/cache/CacheableTypeConfig.java
@@ -0,0 +1,620 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.services.cache;
+
+import org.apache.unomi.api.Item;
+import org.osgi.framework.BundleContext;
+import org.apache.unomi.api.services.TriFunction;
+
+import java.io.Serializable;
+import java.util.Comparator;
+import java.util.function.BiConsumer;
+import java.util.function.Consumer;
+import java.util.function.Function;
+import java.net.URL;
+import java.util.Map;
+import java.io.InputStream;
+
+/**
+ * Configuration for a cacheable item type in Unomi.
+ *
+ * This class defines how a specific type of item is cached, loaded, and processed within
+ * the Unomi caching system. It supports a comprehensive callback system for processing items
+ * at different stages of their lifecycle:
+ *
+ * Callback System Overview
+ *
+ * The callback system includes two major categories of callbacks:
+ *
+ * 1. Item-Level Processing Callbacks
+ * These callbacks operate on individual items during loading and are executed in the following
+ * order of precedence (only the first applicable callback is called):
+ *
+ * - urlAwareBundleItemProcessor: Most specific, gets item, bundle context, and resource URL
+ * - bundleItemProcessor: Gets item and bundle context
+ * - postProcessor: Most general, gets only the item
+ *
+ *
+ * 2. Cache Refresh Callbacks
+ * These callbacks operate after items are loaded and cached:
+ *
+ * - tenantRefreshCallback: Called for each tenant that has changes after refresh
+ * - postRefreshCallback: Called once after all tenants are processed if any changes occurred
+ *
+ *
+ * Example Usage
+ *
+ * {@code
+ * // Define a cacheable type for PropertyType
+ * CacheableTypeConfig.builder(PropertyType.class, "propertyType", "properties")
+ * .withInheritFromSystemTenant(true)
+ * .withRequiresRefresh(true)
+ * .withRefreshInterval(10000)
+ * .withIdExtractor(PropertyType::getItemId)
+ *
+ * // Simple post-processor example
+ * .withPostProcessor(propertyType -> {
+ * // Normalize or initialize fields
+ * if (propertyType.getPriority() == 0) {
+ * propertyType.setPriority(1);
+ * }
+ * })
+ *
+ * // URL-aware processor example
+ * .withUrlAwareBundleItemProcessor((bundleContext, propertyType, url) -> {
+ * // Extract information from the URL path
+ * if (url.getPath().contains("/profiles/")) {
+ * propertyType.setTarget("profiles");
+ * }
+ * })
+ *
+ * // Tenant-specific callback example
+ * .withTenantRefreshCallback((tenantId, oldState, newState) -> {
+ * // Process tenant-specific changes efficiently
+ * boolean hasChanges = !oldState.equals(newState);
+ * if (hasChanges) {
+ * System.out.println("Tenant " + tenantId + " property types updated");
+ * // Update tenant-specific caches or indices
+ * }
+ * })
+ *
+ * // Global callback example
+ * .withPostRefreshCallback((oldState, newState) -> {
+ * // Process cross-tenant relationships or global state
+ * System.out.println("All property types refreshed, updating type registry");
+ * // Update cross-tenant registries or perform global operations
+ * })
+ * .build();
+ * }
+ *
+ * @param the type of the cacheable item
+ */
+public class CacheableTypeConfig {
+ private final Class type;
+ private final String itemType;
+ private final String metaInfPath;
+ private final boolean inheritFromSystemTenant;
+ private final boolean requiresRefresh;
+ private final long refreshInterval;
+ private final Function idExtractor;
+ private final Consumer postProcessor;
+ private final boolean hasPredefinedItems;
+ private final BiConsumer bundleItemProcessor;
+ private final TriConsumer urlAwareBundleItemProcessor;
+ private final Comparator urlComparator;
+ private final BiConsumer>, Map>> postRefreshCallback;
+ private final TriConsumer, Map> tenantRefreshCallback;
+ private final TriFunction streamProcessor;
+
+ /**
+ * Private constructor used by the builder
+ */
+ private CacheableTypeConfig(Builder builder) {
+ this.type = builder.type;
+ this.itemType = builder.itemType;
+ this.metaInfPath = builder.metaInfPath;
+ this.inheritFromSystemTenant = builder.inheritFromSystemTenant;
+ this.requiresRefresh = builder.requiresRefresh;
+ this.refreshInterval = builder.refreshInterval;
+ this.idExtractor = builder.idExtractor;
+ this.postProcessor = builder.postProcessor;
+ this.hasPredefinedItems = builder.hasPredefinedItems;
+ this.bundleItemProcessor = builder.bundleItemProcessor;
+ this.urlAwareBundleItemProcessor = builder.urlAwareBundleItemProcessor;
+ this.urlComparator = builder.urlComparator;
+ this.postRefreshCallback = builder.postRefreshCallback;
+ this.tenantRefreshCallback = builder.tenantRefreshCallback;
+ this.streamProcessor = builder.streamProcessor;
+ }
+
+ /**
+ * Creates a new builder for the config
+ * @param type the class of the cacheable type
+ * @param itemType the string identifier for the type
+ * @param metaInfPath the predefined items path in META-INF/cxs
+ * @param the type parameter
+ * @return a new builder
+ */
+ public static Builder builder(Class type, String itemType, String metaInfPath) {
+ return new Builder<>(type, itemType, metaInfPath);
+ }
+
+ /**
+ * Get the class of the cacheable type.
+ *
+ * @return the class of the cacheable type
+ */
+ public Class getType() {
+ return type;
+ }
+
+ /**
+ * Get the item type identifier.
+ *
+ * @return the item type identifier
+ */
+ public String getItemType() {
+ return itemType;
+ }
+
+ /**
+ * Get the META-INF path for predefined items.
+ *
+ * @return the META-INF path for predefined items
+ */
+ public String getMetaInfPath() {
+ return metaInfPath;
+ }
+
+ /**
+ * Check if items should be inherited from the system tenant.
+ *
+ * @return true if items should be inherited from the system tenant
+ */
+ public boolean isInheritFromSystemTenant() {
+ return inheritFromSystemTenant;
+ }
+
+ /**
+ * Check if the cache requires periodic refresh.
+ *
+ * @return true if the cache requires periodic refresh
+ */
+ public boolean isRequiresRefresh() {
+ return requiresRefresh;
+ }
+
+ /**
+ * Get the refresh interval in milliseconds.
+ *
+ * @return the refresh interval in milliseconds
+ */
+ public long getRefreshInterval() {
+ return refreshInterval;
+ }
+
+ /**
+ * Check if the type has predefined items that should be loaded from bundles.
+ *
+ * @return true if the type has predefined items
+ */
+ public boolean hasPredefinedItems() {
+ return hasPredefinedItems;
+ }
+
+ /**
+ * Check if this configuration has a bundle item processor.
+ *
+ * @return true if there is a bundle item processor
+ */
+ public boolean hasBundleItemProcessor() {
+ return bundleItemProcessor != null;
+ }
+
+ /**
+ * Get the bundle item processor that handles bundle-specific processing.
+ *
+ * @return the bundle item processor
+ */
+ public BiConsumer getBundleItemProcessor() {
+ return bundleItemProcessor;
+ }
+
+ /**
+ * Get the ID extractor function.
+ *
+ * @return the ID extractor function
+ */
+ public Function getIdExtractor() {
+ return idExtractor;
+ }
+
+ /**
+ * Get the post-processor for items.
+ *
+ * @return the post-processor for items
+ */
+ public Consumer getPostProcessor() {
+ return postProcessor;
+ }
+
+ /**
+ * Check if items of this type are persistable.
+ * An item is persistable if it extends Item.
+ *
+ * @return true if items of this type are persistable
+ */
+ public boolean isPersistable() {
+ return Item.class.isAssignableFrom(type);
+ }
+
+ /**
+ * Get the URL comparator for sorting predefined items.
+ *
+ * @return the URL comparator, or null if none is defined
+ */
+ public Comparator getUrlComparator() {
+ return urlComparator;
+ }
+
+ /**
+ * Check if this type config has a custom URL comparator.
+ *
+ * @return true if a URL comparator is defined, false otherwise
+ */
+ public boolean hasUrlComparator() {
+ return urlComparator != null;
+ }
+
+ /**
+ * Check if this type config has a URL-aware bundle item processor.
+ *
+ * @return true if a URL-aware bundle item processor is defined, false otherwise
+ */
+ public boolean hasUrlAwareBundleItemProcessor() {
+ return urlAwareBundleItemProcessor != null;
+ }
+
+ /**
+ * Get the URL-aware bundle item processor that handles bundle-specific processing.
+ *
+ * @return the URL-aware bundle item processor
+ */
+ public TriConsumer getUrlAwareBundleItemProcessor() {
+ return urlAwareBundleItemProcessor;
+ }
+
+ /**
+ * Check if this type config has a post-refresh callback.
+ *
+ * @return true if a post-refresh callback is defined, false otherwise
+ */
+ public boolean hasPostRefreshCallback() {
+ return postRefreshCallback != null;
+ }
+
+ /**
+ * Get the post-refresh callback that is executed after all items across all tenants have been reloaded.
+ * The callback receives both old and new states for change detection.
+ *
+ * @return the post-refresh callback
+ */
+ public BiConsumer>, Map>> getPostRefreshCallback() {
+ return postRefreshCallback;
+ }
+
+ /**
+ * Check if this type config has a tenant-specific refresh callback.
+ *
+ * @return true if a tenant-specific refresh callback is defined, false otherwise
+ */
+ public boolean hasTenantRefreshCallback() {
+ return tenantRefreshCallback != null;
+ }
+
+ /**
+ * Get the tenant-specific refresh callback that is executed after each tenant's items have been reloaded.
+ * The callback receives the tenant ID, old state, and new state for that specific tenant.
+ *
+ * @return the tenant-specific refresh callback
+ */
+ public TriConsumer, Map> getTenantRefreshCallback() {
+ return tenantRefreshCallback;
+ }
+
+ /**
+ * Check if this configuration has a stream processor.
+ *
+ * @return true if there is a stream processor
+ */
+ public boolean hasStreamProcessor() {
+ return streamProcessor != null;
+ }
+
+ /**
+ * Get the stream processor that handles direct input stream processing.
+ *
+ * @return the stream processor
+ */
+ public TriFunction getStreamProcessor() {
+ return streamProcessor;
+ }
+
+ /**
+ * Builder for CacheableTypeConfig
+ * @param the type parameter for the cacheable type
+ */
+ public static class Builder {
+ private final Class type;
+ private final String itemType;
+ private final String metaInfPath;
+ private boolean inheritFromSystemTenant = false;
+ private boolean requiresRefresh = false;
+ private long refreshInterval = 0;
+ private Function idExtractor;
+ private Consumer postProcessor = null;
+ private boolean hasPredefinedItems = true;
+ private BiConsumer bundleItemProcessor = null;
+ private TriConsumer urlAwareBundleItemProcessor = null;
+ private Comparator urlComparator = null;
+ private BiConsumer>, Map>> postRefreshCallback = null;
+ private TriConsumer, Map> tenantRefreshCallback = null;
+ private TriFunction streamProcessor = null;
+
+ private Builder(Class type, String itemType, String metaInfPath) {
+ this.type = type;
+ this.itemType = itemType;
+ this.metaInfPath = metaInfPath;
+ }
+
+ /**
+ * Set whether items should be inherited from the system tenant.
+ *
+ * When set to true, items defined in the system tenant will be available to all tenants.
+ * This is useful for sharing base configurations across multiple tenants.
+ *
+ * @param inheritFromSystemTenant whether items should be inherited from the system tenant
+ * @return this builder for method chaining
+ */
+ public Builder withInheritFromSystemTenant(boolean inheritFromSystemTenant) {
+ this.inheritFromSystemTenant = inheritFromSystemTenant;
+ return this;
+ }
+
+ /**
+ * Set whether the cache requires periodic refresh.
+ *
+ * When set to true, the cache will be refreshed at regular intervals defined by
+ * {@link #withRefreshInterval(long)}. This is useful for items that change frequently
+ * or need to be synchronized with external systems.
+ *
+ * @param requiresRefresh whether the cache requires periodic refresh
+ * @return this builder for method chaining
+ */
+ public Builder withRequiresRefresh(boolean requiresRefresh) {
+ this.requiresRefresh = requiresRefresh;
+ return this;
+ }
+
+ /**
+ * Set the refresh interval in milliseconds.
+ *
+ * This setting is only used when {@link #withRequiresRefresh(boolean)} is set to true.
+ * The cache will be refreshed at this interval after the initial loading.
+ *
+ * @param refreshInterval the refresh interval in milliseconds
+ * @return this builder for method chaining
+ */
+ public Builder withRefreshInterval(long refreshInterval) {
+ this.refreshInterval = refreshInterval;
+ return this;
+ }
+
+ /**
+ * Set the ID extractor function.
+ *
+ * This function is called during item loading and caching to extract a unique identifier
+ * from each item. The extracted ID is used as the cache key for retrieving items.
+ *
+ * This function is invoked:
+ *
+ * - When loading predefined items from bundles
+ * - When adding new items to the cache
+ * - When retrieving items by their ID
+ *
+ *
+ * @param idExtractor the function that extracts a unique ID from an item of type T
+ * @return this builder for method chaining
+ */
+ public Builder withIdExtractor(Function idExtractor) {
+ this.idExtractor = idExtractor;
+ return this;
+ }
+
+ /**
+ * Set the post-processor for items.
+ *
+ * This consumer is called after an item is loaded but before it is cached. It allows
+ * for additional processing, validation, or enrichment of items.
+ *
+ * The post-processor is invoked:
+ *
+ * - After loading predefined items from bundles or JSON files
+ * - After deserializing items from persistence
+ * - Before adding new or updated items to the cache
+ *
+ *
+ * Note: Modifications made by the post-processor will be reflected in the cached item.
+ *
+ * @param postProcessor the consumer that processes items after loading but before caching
+ * @return this builder for method chaining
+ */
+ public Builder withPostProcessor(Consumer postProcessor) {
+ this.postProcessor = postProcessor;
+ return this;
+ }
+
+ /**
+ * Set whether the type has predefined items.
+ *
+ * When set to true, the cache service will look for predefined items in the META-INF
+ * path specified when creating the builder. When set to false, only programmatically
+ * added items will be available in the cache.
+ *
+ * @param hasPredefinedItems whether the type has predefined items to load from bundles
+ * @return this builder for method chaining
+ */
+ public Builder withPredefinedItems(boolean hasPredefinedItems) {
+ this.hasPredefinedItems = hasPredefinedItems;
+ return this;
+ }
+
+ /**
+ * Set the bundle item processor.
+ *
+ * This processor is called during the bundle scanning phase, when predefined items
+ * are being loaded from OSGi bundles. It provides access to the BundleContext along
+ * with each item being processed.
+ *
+ * The bundle item processor is invoked:
+ *
+ * - When a bundle is installed or updated and contains predefined items
+ * - During system initialization when scanning all active bundles
+ * - Before the post-processor (if defined) is called
+ *
+ *
+ * This processor is particularly useful for bundle-specific initialization that
+ * requires access to the bundle context, such as registering services or retrieving
+ * bundle-specific configuration.
+ *
+ * @param bundleItemProcessor the bi-consumer that processes items with the bundle context
+ * @return this builder for method chaining
+ */
+ public Builder withBundleItemProcessor(BiConsumer bundleItemProcessor) {
+ this.bundleItemProcessor = bundleItemProcessor;
+ return this;
+ }
+
+ /**
+ * Sets a URL-aware processor for bundle items that includes the resource URL.
+ * This is called after an item is loaded from a bundle but before it is persisted.
+ * This allows for customization based on both the item and its source URL.
+ * If both this and bundleItemProcessor are set, this one takes precedence.
+ *
+ * @param urlAwareBundleItemProcessor the TriConsumer that processes bundle items with URL access
+ * @return the builder
+ */
+ public Builder withUrlAwareBundleItemProcessor(TriConsumer urlAwareBundleItemProcessor) {
+ this.urlAwareBundleItemProcessor = urlAwareBundleItemProcessor;
+ return this;
+ }
+
+ /**
+ * Set a custom comparator for sorting URLs when loading predefined items.
+ *
+ * This comparator determines the order in which predefined items are loaded from bundles.
+ * When defined, the URLs of predefined items will be sorted using this comparator before
+ * loading the items.
+ *
+ * This is particularly useful for items that need to be processed in a specific order,
+ * such as patches or migrations that must be applied sequentially.
+ *
+ * @param urlComparator the comparator for sorting URLs
+ * @return this builder for method chaining
+ */
+ public Builder withUrlComparator(Comparator urlComparator) {
+ this.urlComparator = urlComparator;
+ return this;
+ }
+
+ /**
+ * Sets a post-refresh callback that is executed after all items across all tenants have been reloaded.
+ * This allows for comparing the old and new states to detect changes and perform additional operations.
+ * The first parameter is the old state (Map of tenant ID to a Map of item ID to item).
+ * The second parameter is the new state (same structure).
+ *
+ * @param postRefreshCallback the callback to execute after a full refresh
+ * @return the builder
+ */
+ public Builder withPostRefreshCallback(BiConsumer>, Map>> postRefreshCallback) {
+ this.postRefreshCallback = postRefreshCallback;
+ return this;
+ }
+
+ /**
+ * Sets a tenant-specific refresh callback that is executed after each tenant's items have been reloaded.
+ * This allows for efficient processing of changes on a per-tenant basis.
+ * The first parameter is the tenant ID.
+ * The second parameter is the old state for this tenant (Map of item ID to item).
+ * The third parameter is the new state for this tenant (same structure).
+ *
+ * @param tenantRefreshCallback the callback to execute after each tenant's refresh
+ * @return the builder
+ */
+ public Builder withTenantRefreshCallback(TriConsumer, Map> tenantRefreshCallback) {
+ this.tenantRefreshCallback = tenantRefreshCallback;
+ return this;
+ }
+
+ /**
+ * Set a stream processor that will directly process the input stream from a predefined item resource.
+ * This is an alternative to the standard deserialization process and allows for custom processing of the raw data.
+ * When this processor is defined, it takes precedence over the standard JSON deserialization.
+ *
+ * The processor is given the bundle context, the URL of the resource, and the input stream to read from.
+ * It must return a fully constructed item instance or null if processing fails.
+ *
+ * This is particularly useful for items that require special processing of the source data before
+ * they can be instantiated, such as JSON schemas that need to be validated, parsed, or transformed.
+ *
+ * @param streamProcessor the function to process the input stream
+ * @return the builder instance for method chaining
+ */
+ public Builder withStreamProcessor(TriFunction streamProcessor) {
+ this.streamProcessor = streamProcessor;
+ return this;
+ }
+
+ /**
+ * Build the config.
+ *
+ * Creates a new immutable CacheableTypeConfig instance with the current builder settings.
+ *
+ * @return a new CacheableTypeConfig instance
+ * @throws IllegalStateException if mandatory settings like idExtractor are missing
+ */
+ public CacheableTypeConfig build() {
+ if (idExtractor == null) {
+ throw new IllegalStateException("idExtractor is required for CacheableTypeConfig");
+ }
+ return new CacheableTypeConfig<>(this);
+ }
+ }
+
+ /**
+ * A functional interface for a consumer that accepts three arguments.
+ * Similar to BiConsumer but with a third argument.
+ *
+ * @param the type of the first argument
+ * @param the type of the second argument
+ * @param the type of the third argument
+ */
+ @FunctionalInterface
+ public interface TriConsumer {
+ void accept(T t, U u, V v);
+ }
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/services/cache/MultiTypeCacheService.java b/api/src/main/java/org/apache/unomi/api/services/cache/MultiTypeCacheService.java
new file mode 100644
index 0000000000..6dac7dfc4c
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/services/cache/MultiTypeCacheService.java
@@ -0,0 +1,170 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.services.cache;
+
+import java.io.Serializable;
+import java.util.Map;
+import java.util.Set;
+import java.util.function.Predicate;
+
+/**
+ * Service interface for managing multi-tenant type caching.
+ * Provides functionality for caching and retrieving different types of plugin data across tenants.
+ */
+public interface MultiTypeCacheService {
+
+ /**
+ * Statistics for all cache operations
+ */
+ interface CacheStatistics {
+ /**
+ * Gets all type statistics.
+ *
+ * @return a map of type IDs to their statistics
+ */
+ Map getAllStats();
+
+ /**
+ * Resets all statistics.
+ */
+ void reset();
+
+ /**
+ * Statistics for a specific type.
+ */
+ interface TypeStatistics {
+ /**
+ * Gets the number of cache hits.
+ *
+ * @return the number of hits
+ */
+ long getHits();
+
+ /**
+ * Gets the number of cache misses.
+ *
+ * @return the number of misses
+ */
+ long getMisses();
+
+ /**
+ * Gets the number of cache updates.
+ *
+ * @return the number of updates
+ */
+ long getUpdates();
+
+ /**
+ * Gets the number of validation failures.
+ *
+ * @return the number of validation failures
+ */
+ long getValidationFailures();
+
+ /**
+ * Gets the number of indexing errors.
+ *
+ * @return the number of indexing errors
+ */
+ long getIndexingErrors();
+ }
+ }
+
+ /**
+ * Gets the cache statistics.
+ *
+ * @return the cache statistics
+ */
+ CacheStatistics getStatistics();
+
+ /**
+ * Registers a new type configuration.
+ *
+ * @param config the configuration for the type to register
+ * @param the type of plugin to register
+ */
+ void registerType(CacheableTypeConfig config);
+
+ /**
+ * Puts a value in the cache for a specific type, ID, and tenant.
+ *
+ * @param itemType the type identifier
+ * @param id the item identifier
+ * @param tenantId the tenant identifier
+ * @param value the value to cache
+ * @param the type of the value
+ */
+ void put(String itemType, String id, String tenantId, T value);
+
+ /**
+ * Gets a value from the cache with inheritance support.
+ *
+ * @param id the item identifier
+ * @param tenantId the tenant identifier
+ * @param typeClass the class of the type to retrieve
+ * @param the type to retrieve
+ * @return the cached value, or null if not found
+ */
+ T getWithInheritance(String id, String tenantId, Class typeClass);
+
+ /**
+ * Gets all values for a tenant and type that match a predicate.
+ *
+ * @param tenantId the tenant identifier
+ * @param typeClass the class of the type to retrieve
+ * @param predicate the predicate to filter values
+ * @param the type to retrieve
+ * @return a set of matching values
+ */
+ Set getValuesByPredicateWithInheritance(String tenantId, Class typeClass, Predicate predicate);
+
+ /**
+ * Gets the tenant-specific cache for a type.
+ *
+ * @param tenantId the tenant identifier
+ * @param typeClass the class of the type to retrieve
+ * @param the type to retrieve
+ * @return a map of cached values for the tenant
+ */
+ Map getTenantCache(String tenantId, Class typeClass);
+
+ /**
+ * Removes a value from the cache.
+ *
+ * @param itemType the type identifier
+ * @param id the item identifier
+ * @param tenantId the tenant identifier
+ * @param typeClass the class of the type to remove
+ * @param the type to remove
+ */
+ void remove(String itemType, String id, String tenantId, Class typeClass);
+
+ /**
+ * Clears all cached values for a tenant.
+ *
+ * @param tenantId the tenant identifier
+ */
+ void clear(String tenantId);
+
+ /**
+ * Refreshes the cache for a specific type configuration.
+ *
+ * @param config the type configuration to refresh
+ * @param the type to refresh
+ */
+ void refreshTypeCache(CacheableTypeConfig config);
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tasks/ScheduledTask.java b/api/src/main/java/org/apache/unomi/api/tasks/ScheduledTask.java
new file mode 100644
index 0000000000..d377aea314
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tasks/ScheduledTask.java
@@ -0,0 +1,873 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tasks;
+
+import org.apache.unomi.api.Item;
+
+import java.io.Serializable;
+import java.util.Date;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.TimeUnit;
+import java.util.HashSet;
+
+/**
+ * Represents a persistent scheduled task that can be executed across a cluster.
+ * This class provides a comprehensive model for task scheduling and execution with features including:
+ *
+ * - Task lifecycle management through states (SCHEDULED, WAITING, RUNNING, etc.)
+ * - Lock management for cluster coordination
+ * - Execution history and checkpoint data for recovery
+ * - Support for one-shot and periodic execution
+ * - Task dependencies and parallel execution control
+ * - Cluster-wide task distribution
+ *
+ */
+public class ScheduledTask extends Item implements Serializable {
+
+ public static final String ITEM_TYPE = "scheduledTask";
+
+ /**
+ * Enumeration of possible task states in its lifecycle.
+ * Tasks transition between these states based on execution progress and cluster conditions.
+ */
+ public enum TaskStatus {
+ /** Task is scheduled but not yet running */
+ SCHEDULED,
+ /** Task is waiting for a lock to be released or dependencies to complete */
+ WAITING,
+ /** Task is currently executing */
+ RUNNING,
+ /** Task has completed successfully */
+ COMPLETED,
+ /** Task failed with an error */
+ FAILED,
+ /** Task was explicitly cancelled */
+ CANCELLED,
+ /** Task crashed due to node failure or other unexpected conditions */
+ CRASHED
+ }
+
+ private String taskType;
+ private Map parameters;
+ private String executingNodeId; // The ID of the node currently executing this task
+ /**
+ * The initial delay before first execution, in the specified time unit.
+ */
+ private long initialDelay;
+ private long period;
+ private TimeUnit timeUnit;
+ private boolean fixedRate;
+ /**
+ * Gets the date of the last execution attempt.
+ *
+ * @return the last execution date or null if never executed
+ */
+ private Date lastExecutionDate;
+ /**
+ * Gets the node ID that last executed this task.
+ *
+ * @return the ID of the last executing node
+ */
+ private String lastExecutedBy;
+ /**
+ * Gets the error message from the last failed execution.
+ *
+ * @return the last error message or null if no error
+ */
+ private String lastError;
+ private boolean enabled;
+ private String lockOwner;
+ /**
+ * Gets the date when the current lock was acquired.
+ *
+ * @return the lock acquisition date or null if unlocked
+ */
+ private Date lockDate;
+ private boolean oneShot;
+ private boolean allowParallelExecution;
+ /**
+ * Gets the current task status.
+ *
+ * @return the current status
+ */
+ private TaskStatus status;
+ private Map statusDetails;
+ /**
+ * Gets the next scheduled execution date for periodic tasks.
+ *
+ * @return the next scheduled execution date or null if not scheduled
+ */
+ private Date nextScheduledExecution;
+ /**
+ * Gets the number of consecutive execution failures.
+ *
+ * @return the failure count
+ */
+ private int failureCount;
+ /**
+ * Gets the number of successful executions.
+ *
+ * @return the success count
+ */
+ private int successCount;
+ /**
+ * Gets the maximum number of retry attempts after failures.
+ * For one-shot tasks:
+ * - When a task fails, it will be automatically retried up to this many times
+ * - Each retry attempt occurs after waiting for retryDelay
+ * - After reaching this limit, the task remains in FAILED state until manually retried
+ *
+ * For periodic tasks:
+ * - Retries only apply within a single scheduled execution
+ * - If retries are exhausted, the task will still attempt its next scheduled execution
+ * - The next scheduled execution resets the failure count
+ *
+ * A value of 0 means no automatic retries in either case.
+ *
+ * @return the maximum retry count
+ */
+ private int maxRetries;
+ /**
+ * Gets the delay between retry attempts.
+ * For one-shot tasks:
+ * - This delay is applied between each retry attempt after a failure
+ * - Helps prevent rapid-fire retries that could overload the system
+ *
+ * For periodic tasks:
+ * - This delay is used between retry attempts within a single scheduled execution
+ * - Does not affect the task's configured period/scheduling
+ *
+ * @return the retry delay in milliseconds
+ */
+ private long retryDelay;
+ /**
+ * Gets the name of the current execution step.
+ * This is used to track progress through multi-step tasks.
+ *
+ * @return the current step name or null if not set
+ */
+ private String currentStep;
+ /**
+ * Gets the checkpoint data for task resumption.
+ * This data allows a task to resume from where it left off after a crash.
+ *
+ * @return map of checkpoint data or null if no checkpoint
+ */
+ private Map checkpointData;
+ private boolean persistent = true; // By default tasks are persistent
+ private boolean runOnAllNodes = false; // By default tasks run on a single node
+ /**
+ * Indicates if this is a system task that should not be recreated on startup.
+ * System tasks are created by the system during initialization and should be
+ * preserved across restarts.
+ */
+ private boolean systemTask = false; // By default tasks are not system tasks
+ /**
+ * Gets the task type that this task is waiting for a lock on.
+ * This is used when tasks of the same type cannot run in parallel.
+ *
+ * @return the task type being waited on or null if not waiting
+ */
+ private String waitingForTaskType;
+ private Set dependsOn = new HashSet<>(); // Set of task IDs this task depends on
+ private Set waitingOnTasks = new HashSet<>(); // Set of task IDs this task is currently waiting on
+
+ public ScheduledTask() {
+ super();
+ this.status = TaskStatus.SCHEDULED;
+ this.failureCount = 0;
+ this.maxRetries = 3;
+ this.retryDelay = 60000; // 1 minute default retry delay
+ }
+
+ /**
+ * Gets the task type identifier.
+ * The task type determines which executor will handle this task.
+ *
+ * @return the task type identifier
+ */
+ public String getTaskType() {
+ return taskType;
+ }
+
+ /**
+ * Sets the task type identifier.
+ *
+ * @param taskType the task type identifier
+ */
+ public void setTaskType(String taskType) {
+ this.taskType = taskType;
+ }
+
+ /**
+ * Gets the task parameters.
+ * These parameters are passed to the task executor during execution.
+ *
+ * @return map of task parameters
+ */
+ public Map getParameters() {
+ return parameters;
+ }
+
+ /**
+ * Sets the task parameters.
+ *
+ * @param parameters map of task parameters
+ */
+ public void setParameters(Map parameters) {
+ this.parameters = parameters;
+ }
+
+ /**
+ * Gets the initial delay before first execution.
+ *
+ * @return the initial delay in the specified time unit
+ */
+ public long getInitialDelay() {
+ return initialDelay;
+ }
+
+ /**
+ * Sets the initial delay before first execution.
+ *
+ * @param initialDelay the initial delay in the specified time unit
+ */
+ public void setInitialDelay(long initialDelay) {
+ this.initialDelay = initialDelay;
+ }
+
+ /**
+ * Gets the period between successive task executions.
+ * A period of 0 indicates a one-time task and will automatically set oneShot=true.
+ *
+ * @return the period between executions in the specified time unit
+ */
+ public long getPeriod() {
+ return period;
+ }
+
+ /**
+ * Sets the period for task execution.
+ * A period of 0 indicates a one-time task and will automatically set oneShot=true.
+ * A positive period indicates a recurring task and is incompatible with oneShot=true.
+ *
+ * @param period the period between successive task executions
+ * @throws IllegalArgumentException if period is negative or if period > 0 and oneShot=true
+ */
+ public void setPeriod(long period) {
+ if (period < 0) {
+ throw new IllegalArgumentException("Period cannot be negative");
+ }
+ if (period > 0 && oneShot) {
+ throw new IllegalArgumentException("One-shot tasks cannot have a period");
+ }
+ this.period = period;
+ if (period == 0) {
+ this.oneShot = true;
+ }
+ }
+
+ /**
+ * Gets the time unit for delay and period values.
+ *
+ * @return the time unit used for scheduling
+ */
+ public TimeUnit getTimeUnit() {
+ return timeUnit;
+ }
+
+ /**
+ * Sets the time unit for delay and period values.
+ *
+ * @param timeUnit the time unit to use for scheduling
+ */
+ public void setTimeUnit(TimeUnit timeUnit) {
+ this.timeUnit = timeUnit;
+ }
+
+ /**
+ * Gets whether this task uses fixed-rate scheduling.
+ * If true, executions are scheduled at fixed intervals from the start time.
+ * If false, executions are scheduled at fixed delays from completion.
+ *
+ * @return true if using fixed-rate scheduling
+ */
+ public boolean isFixedRate() {
+ return fixedRate;
+ }
+
+ /**
+ * Sets whether this task uses fixed-rate scheduling.
+ *
+ * @param fixedRate true to use fixed-rate scheduling, false for fixed-delay
+ */
+ public void setFixedRate(boolean fixedRate) {
+ this.fixedRate = fixedRate;
+ }
+
+ /**
+ * Gets the date of the last execution attempt.
+ *
+ * @return the last execution date or null if never executed
+ */
+ public Date getLastExecutionDate() {
+ return lastExecutionDate;
+ }
+
+ /**
+ * Sets the date of the last execution attempt.
+ *
+ * @param lastExecutionDate the last execution date
+ */
+ public void setLastExecutionDate(Date lastExecutionDate) {
+ this.lastExecutionDate = lastExecutionDate;
+ }
+
+ /**
+ * Gets the node ID that last executed this task.
+ *
+ * @return the ID of the last executing node
+ */
+ public String getLastExecutedBy() {
+ return lastExecutedBy;
+ }
+
+ /**
+ * Sets the node ID that last executed this task.
+ *
+ * @param lastExecutedBy the ID of the executing node
+ */
+ public void setLastExecutedBy(String lastExecutedBy) {
+ this.lastExecutedBy = lastExecutedBy;
+ }
+
+ /**
+ * Gets the error message from the last failed execution.
+ *
+ * @return the last error message or null if no error
+ */
+ public String getLastError() {
+ return lastError;
+ }
+
+ /**
+ * Sets the error message from a failed execution.
+ *
+ * @param lastError the error message
+ */
+ public void setLastError(String lastError) {
+ this.lastError = lastError;
+ }
+
+ /**
+ * Gets whether this task is enabled.
+ * Disabled tasks will not be executed.
+ *
+ * @return true if the task is enabled
+ */
+ public boolean isEnabled() {
+ return enabled;
+ }
+
+ /**
+ * Sets whether this task is enabled.
+ *
+ * @param enabled true to enable the task, false to disable
+ */
+ public void setEnabled(boolean enabled) {
+ this.enabled = enabled;
+ }
+
+ /**
+ * Gets the ID of the node that currently holds the execution lock.
+ *
+ * @return the current lock owner's node ID or null if unlocked
+ */
+ public String getLockOwner() {
+ return lockOwner;
+ }
+
+ /**
+ * Sets the ID of the node that holds the execution lock.
+ *
+ * @param lockOwner the lock owner's node ID
+ */
+ public void setLockOwner(String lockOwner) {
+ this.lockOwner = lockOwner;
+ }
+
+ /**
+ * Gets the date when the current lock was acquired.
+ *
+ * @return the lock acquisition date or null if unlocked
+ */
+ public Date getLockDate() {
+ return lockDate;
+ }
+
+ /**
+ * Sets the date when the current lock was acquired.
+ *
+ * @param lockDate the lock acquisition date
+ */
+ public void setLockDate(Date lockDate) {
+ this.lockDate = lockDate;
+ }
+
+ /**
+ * Returns whether this task should execute only once.
+ * Tasks with period=0 are automatically marked as one-shot tasks.
+ *
+ * @return true if the task should execute only once
+ */
+ public boolean isOneShot() {
+ return oneShot;
+ }
+
+ /**
+ * Sets whether this task should execute only once.
+ * Setting oneShot=true is incompatible with a period > 0.
+ *
+ * @param oneShot true if the task should execute only once
+ * @throws IllegalArgumentException if oneShot=true and period > 0
+ */
+ public void setOneShot(boolean oneShot) {
+ if (oneShot && period > 0) {
+ throw new IllegalArgumentException("One-shot tasks cannot have a period");
+ }
+ this.oneShot = oneShot;
+ }
+
+ /**
+ * Gets whether parallel execution is allowed for this task.
+ * If true, multiple instances of this task can run simultaneously.
+ * If false, the task uses locking to ensure only one instance runs at a time.
+ *
+ * @return true if parallel execution is allowed
+ */
+ public boolean isAllowParallelExecution() {
+ return allowParallelExecution;
+ }
+
+ /**
+ * Sets whether parallel execution is allowed for this task.
+ *
+ * @param allowParallelExecution true to allow parallel execution
+ */
+ public void setAllowParallelExecution(boolean allowParallelExecution) {
+ this.allowParallelExecution = allowParallelExecution;
+ }
+
+ /**
+ * Gets the current task status.
+ *
+ * @return the current status
+ */
+ public TaskStatus getStatus() {
+ return status;
+ }
+
+ /**
+ * Sets the task status.
+ * Status transitions should be validated before setting.
+ *
+ * @param status the new status
+ */
+ public void setStatus(TaskStatus status) {
+ this.status = status;
+ }
+
+ /**
+ * Gets additional details about the task's current status.
+ * This may include execution progress, history, or other metadata.
+ *
+ * @return map of status details
+ */
+ public Map getStatusDetails() {
+ return statusDetails;
+ }
+
+ /**
+ * Sets additional details about the task's current status.
+ *
+ * @param statusDetails map of status details
+ */
+ public void setStatusDetails(Map statusDetails) {
+ this.statusDetails = statusDetails;
+ }
+
+ /**
+ * Gets the next scheduled execution date for periodic tasks.
+ *
+ * @return the next scheduled execution date or null if not scheduled
+ */
+ public Date getNextScheduledExecution() {
+ return nextScheduledExecution;
+ }
+
+ /**
+ * Sets the next scheduled execution date.
+ *
+ * @param nextScheduledExecution the next execution date
+ */
+ public void setNextScheduledExecution(Date nextScheduledExecution) {
+ this.nextScheduledExecution = nextScheduledExecution;
+ }
+
+ /**
+ * Gets the number of consecutive execution failures.
+ *
+ * @return the failure count
+ */
+ public int getFailureCount() {
+ return failureCount;
+ }
+
+ /**
+ * Sets the number of consecutive execution failures.
+ *
+ * @param failureCount the new failure count
+ */
+ public void setFailureCount(int failureCount) {
+ this.failureCount = failureCount;
+ }
+
+ /**
+ * Gets the number of successful executions.
+ *
+ * @return the success count
+ */
+ public int getSuccessCount() {
+ return successCount;
+ }
+
+ /**
+ * Sets the number of successful executions.
+ *
+ * @param successCount the new success count
+ */
+ public void setSuccessCount(int successCount) {
+ this.successCount = successCount;
+ }
+
+ /**
+ * Gets the maximum number of retry attempts after failures.
+ * For one-shot tasks:
+ * - When a task fails, it will be automatically retried up to this many times
+ * - Each retry attempt occurs after waiting for retryDelay
+ * - After reaching this limit, the task remains in FAILED state until manually retried
+ *
+ * For periodic tasks:
+ * - Retries only apply within a single scheduled execution
+ * - If retries are exhausted, the task will still attempt its next scheduled execution
+ * - The next scheduled execution resets the failure count
+ *
+ * A value of 0 means no automatic retries in either case.
+ *
+ * @return the maximum retry count
+ */
+ public int getMaxRetries() {
+ return maxRetries;
+ }
+
+ /**
+ * Sets the maximum number of retry attempts after failures.
+ *
+ * @param maxRetries the maximum retry count
+ */
+ public void setMaxRetries(int maxRetries) {
+ this.maxRetries = maxRetries;
+ }
+
+ /**
+ * Gets the delay between retry attempts.
+ * For one-shot tasks:
+ * - This delay is applied between each retry attempt after a failure
+ * - Helps prevent rapid-fire retries that could overload the system
+ *
+ * For periodic tasks:
+ * - This delay is used between retry attempts within a single scheduled execution
+ * - Does not affect the task's configured period/scheduling
+ *
+ * @return the retry delay in milliseconds
+ */
+ public long getRetryDelay() {
+ return retryDelay;
+ }
+
+ /**
+ * Sets the delay between retry attempts.
+ *
+ * @param retryDelay the retry delay in milliseconds
+ */
+ public void setRetryDelay(long retryDelay) {
+ this.retryDelay = retryDelay;
+ }
+
+ /**
+ * Gets the name of the current execution step.
+ * This is used to track progress through multi-step tasks.
+ *
+ * @return the current step name or null if not set
+ */
+ public String getCurrentStep() {
+ return currentStep;
+ }
+
+ /**
+ * Sets the name of the current execution step.
+ *
+ * @param currentStep the current step name
+ */
+ public void setCurrentStep(String currentStep) {
+ this.currentStep = currentStep;
+ }
+
+ /**
+ * Gets the checkpoint data for task resumption.
+ * This data allows a task to resume from where it left off after a crash.
+ *
+ * @return map of checkpoint data or null if no checkpoint
+ */
+ public Map getCheckpointData() {
+ return checkpointData;
+ }
+
+ /**
+ * Sets the checkpoint data for task resumption.
+ *
+ * @param checkpointData map of checkpoint data
+ */
+ public void setCheckpointData(Map checkpointData) {
+ this.checkpointData = checkpointData;
+ }
+
+ /**
+ * Gets whether this task is stored persistently.
+ * Persistent tasks survive system restarts and are visible across the cluster.
+ * Non-persistent tasks exist only in memory on a single node.
+ *
+ * @return true if the task is persistent
+ */
+ public boolean isPersistent() {
+ return persistent;
+ }
+
+ public void setPersistent(boolean persistent) {
+ this.persistent = persistent;
+ }
+
+ /**
+ * Gets whether this task should run on all cluster nodes.
+ * If false, the task runs only on executor nodes.
+ *
+ * @return true if the task should run on all nodes
+ */
+ public boolean isRunOnAllNodes() {
+ return runOnAllNodes;
+ }
+
+ /**
+ * Sets whether this task should run on all cluster nodes.
+ *
+ * @param runOnAllNodes true to run on all nodes, false for executor nodes only
+ */
+ public void setRunOnAllNodes(boolean runOnAllNodes) {
+ this.runOnAllNodes = runOnAllNodes;
+ }
+
+ /**
+ * Gets whether this task is a system task.
+ * System tasks are created by the system during initialization and should be
+ * preserved across restarts rather than being recreated.
+ *
+ * @return true if the task is a system task
+ */
+ public boolean isSystemTask() {
+ return systemTask;
+ }
+
+ /**
+ * Sets whether this task is a system task.
+ *
+ * @param systemTask true to mark the task as a system task
+ */
+ public void setSystemTask(boolean systemTask) {
+ this.systemTask = systemTask;
+ }
+
+ /**
+ * Gets the task type that this task is waiting for a lock on.
+ * This is used when tasks of the same type cannot run in parallel.
+ *
+ * @return the task type being waited on or null if not waiting
+ */
+ public String getWaitingForTaskType() {
+ return waitingForTaskType;
+ }
+
+ /**
+ * Sets the task type that this task is waiting for a lock on.
+ *
+ * @param waitingForTaskType the task type to wait for
+ */
+ public void setWaitingForTaskType(String waitingForTaskType) {
+ this.waitingForTaskType = waitingForTaskType;
+ }
+
+ /**
+ * Gets the set of task IDs that this task depends on.
+ * The task will not execute until all dependencies have completed.
+ *
+ * @return set of dependency task IDs
+ */
+ public Set getDependsOn() {
+ return dependsOn;
+ }
+
+ /**
+ * Sets the set of task IDs that this task depends on.
+ *
+ * @param dependsOn set of dependency task IDs
+ */
+ public void setDependsOn(Set dependsOn) {
+ this.dependsOn = dependsOn;
+ }
+
+ /**
+ * Gets the set of task IDs that this task is currently waiting on.
+ * This represents the subset of dependencies that have not yet completed.
+ *
+ * @return set of task IDs being waited on
+ */
+ public Set getWaitingOnTasks() {
+ return waitingOnTasks;
+ }
+
+ /**
+ * Sets the set of task IDs that this task is currently waiting on.
+ *
+ * @param waitingOnTasks set of task IDs to wait on
+ */
+ public void setWaitingOnTasks(Set waitingOnTasks) {
+ this.waitingOnTasks = waitingOnTasks;
+ }
+
+ /**
+ * Adds a task dependency.
+ * The task will not execute until all dependencies have completed.
+ *
+ * @param taskId ID of the task to depend on
+ */
+ public void addDependency(String taskId) {
+ if (dependsOn == null) {
+ dependsOn = new HashSet<>();
+ }
+ dependsOn.add(taskId);
+ }
+
+ /**
+ * Removes a task dependency.
+ *
+ * @param taskId ID of the task to remove from dependencies
+ */
+ public void removeDependency(String taskId) {
+ if (dependsOn != null) {
+ dependsOn.remove(taskId);
+ }
+ }
+
+ /**
+ * Adds a task to the set of tasks being waited on.
+ *
+ * @param taskId ID of the task to wait on
+ */
+ public void addWaitingOnTask(String taskId) {
+ if (waitingOnTasks == null) {
+ waitingOnTasks = new HashSet<>();
+ }
+ waitingOnTasks.add(taskId);
+ }
+
+ /**
+ * Removes a task from the set of tasks being waited on.
+ *
+ * @param taskId ID of the task to stop waiting on
+ */
+ public void removeWaitingOnTask(String taskId) {
+ if (waitingOnTasks != null) {
+ waitingOnTasks.remove(taskId);
+ }
+ }
+
+ /**
+ * Gets the ID of the node currently executing this task.
+ * This is different from lockOwner as it specifically indicates which node
+ * is actively executing the task, not just holding the lock.
+ *
+ * @return the ID of the executing node or null if not being executed
+ */
+ public String getExecutingNodeId() {
+ return executingNodeId;
+ }
+
+ /**
+ * Sets the ID of the node currently executing this task.
+ *
+ * @param executingNodeId the ID of the executing node
+ */
+ public void setExecutingNodeId(String executingNodeId) {
+ this.executingNodeId = executingNodeId;
+ }
+
+ @Override
+ public String toString() {
+ return "ScheduledTask{" +
+ "taskType='" + taskType + '\'' +
+ ", parameters=" + parameters +
+ ", executingNodeId='" + executingNodeId + '\'' +
+ ", initialDelay=" + initialDelay +
+ ", period=" + period +
+ ", timeUnit=" + timeUnit +
+ ", fixedRate=" + fixedRate +
+ ", lastExecutionDate=" + lastExecutionDate +
+ ", lastExecutedBy='" + lastExecutedBy + '\'' +
+ ", lastError='" + lastError + '\'' +
+ ", enabled=" + enabled +
+ ", lockOwner='" + lockOwner + '\'' +
+ ", lockDate=" + lockDate +
+ ", oneShot=" + oneShot +
+ ", allowParallelExecution=" + allowParallelExecution +
+ ", status=" + status +
+ ", statusDetails=" + statusDetails +
+ ", nextScheduledExecution=" + nextScheduledExecution +
+ ", failureCount=" + failureCount +
+ ", successCount=" + successCount +
+ ", maxRetries=" + maxRetries +
+ ", retryDelay=" + retryDelay +
+ ", currentStep='" + currentStep + '\'' +
+ ", checkpointData=" + checkpointData +
+ ", persistent=" + persistent +
+ ", runOnAllNodes=" + runOnAllNodes +
+ ", systemTask=" + systemTask +
+ ", waitingForTaskType='" + waitingForTaskType + '\'' +
+ ", dependsOn=" + dependsOn +
+ ", waitingOnTasks=" + waitingOnTasks +
+ '}';
+ }
+}
diff --git a/api/src/main/java/org/apache/unomi/api/tasks/TaskExecutor.java b/api/src/main/java/org/apache/unomi/api/tasks/TaskExecutor.java
new file mode 100644
index 0000000000..370784f850
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tasks/TaskExecutor.java
@@ -0,0 +1,139 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tasks;
+
+import java.util.Map;
+
+/**
+ * Interface for task executors that can execute scheduled tasks.
+ * Task executors are responsible for the actual execution of tasks and provide:
+ *
+ * - Task type identification
+ * - Task execution logic
+ * - Optional task resumption capabilities
+ * - Progress and status reporting through callbacks
+ *
+ *
+ * Implementations should be thread-safe as they may be called concurrently
+ * from multiple threads to execute different tasks of the same type.
+ */
+public interface TaskExecutor {
+
+ /**
+ * Gets the type of tasks this executor can handle.
+ * The task type is used to match tasks with their appropriate executor.
+ * Each executor must have a unique task type.
+ *
+ * @return the task type string identifier
+ */
+ String getTaskType();
+
+ /**
+ * Executes a scheduled task.
+ * This method contains the core execution logic for the task.
+ * The implementation should:
+ *
+ * - Use the task parameters to perform the required work
+ * - Report progress through the status callback
+ * - Handle errors appropriately
+ * - Call callback.complete() on successful completion
+ * - Call callback.fail() if execution fails
+ *
+ *
+ * @param task the task to execute
+ * @param statusCallback callback to update task status during execution
+ * @throws Exception if task execution fails
+ */
+ void execute(ScheduledTask task, TaskStatusCallback statusCallback) throws Exception;
+
+ /**
+ * Checks if this executor can resume a crashed task from its checkpoint.
+ * Implementations should examine the task's checkpoint data to determine
+ * if resumption is possible.
+ *
+ * @param task the crashed task
+ * @return true if the task can be resumed from its checkpoint
+ */
+ default boolean canResume(ScheduledTask task) {
+ return false;
+ }
+
+ /**
+ * Resumes a crashed task from its checkpoint.
+ * This method is called instead of execute() when resuming a crashed task.
+ * The default implementation simply calls execute(), but implementations
+ * can override this to provide custom resumption logic.
+ *
+ * @param task the crashed task
+ * @param statusCallback callback to update task status
+ * @throws Exception if task resumption fails
+ */
+ default void resume(ScheduledTask task, TaskStatusCallback statusCallback) throws Exception {
+ execute(task, statusCallback);
+ }
+
+ /**
+ * Callback interface for task status updates.
+ * This interface allows executors to report progress and status changes
+ * during task execution.
+ */
+ interface TaskStatusCallback {
+ /**
+ * Updates the current step of the task.
+ * Use this to indicate progress through different phases of execution.
+ *
+ * @param step the current step name
+ * @param details optional step details as key-value pairs
+ */
+ void updateStep(String step, Map details);
+
+ /**
+ * Saves a checkpoint for the task.
+ * Checkpoints allow long-running tasks to be resumed after crashes.
+ * The checkpoint data should contain sufficient information to
+ * resume execution from this point.
+ *
+ * @param checkpointData the checkpoint data as key-value pairs
+ */
+ void checkpoint(Map checkpointData);
+
+ /**
+ * Updates task status details.
+ * Use this to provide additional information about the task's
+ * current state or progress.
+ *
+ * @param details the status details as key-value pairs
+ */
+ void updateStatusDetails(Map details);
+
+ /**
+ * Marks task as completed.
+ * This should be called when the task has successfully finished
+ * all its work.
+ */
+ void complete();
+
+ /**
+ * Marks task as failed.
+ * This should be called when the task encounters an error that
+ * prevents successful completion.
+ *
+ * @param error the error message describing the failure
+ */
+ void fail(String error);
+ }
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/ApiKey.java b/api/src/main/java/org/apache/unomi/api/tenants/ApiKey.java
new file mode 100644
index 0000000000..0d05dc5cc3
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/ApiKey.java
@@ -0,0 +1,204 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import org.apache.unomi.api.Item;
+
+import java.util.Date;
+
+/**
+ * Represents an API key for tenant authentication and authorization.
+ * This class extends the base Item class and provides functionality for managing
+ * API keys including their lifecycle (creation, expiration, revocation) and metadata.
+ */
+public class ApiKey extends Item {
+ /**
+ * The item type for an API key.
+ */
+ public static final String ITEM_TYPE = "apiKey";
+
+ /**
+ * Enum defining the types of API keys.
+ */
+ public enum ApiKeyType {
+ /**
+ * Public API key for context.json, event collector and other public-facing endpoints
+ */
+ PUBLIC,
+
+ /**
+ * Private API key for protected endpoints including login and updateProperties
+ */
+ PRIVATE
+ }
+
+ /**
+ * The API key value.
+ */
+ private String key;
+
+ /**
+ * The type of API key (public or private).
+ */
+ private ApiKeyType keyType;
+
+ /**
+ * The name or identifier of the API key.
+ */
+ private String name;
+
+ /**
+ * A description of the API key's purpose or usage.
+ */
+ private String description;
+
+ /**
+ * The date when the API key was created.
+ */
+ private Date creationDate;
+
+ /**
+ * The date when the API key expires.
+ */
+ private Date expirationDate;
+
+ /**
+ * Whether the API key has been revoked.
+ */
+ private boolean revoked;
+
+ /**
+ * Default constructor that initializes the API key as an Item.
+ */
+ public ApiKey() {
+ super();
+ setItemType(ITEM_TYPE);
+ }
+
+ /**
+ * Gets the API key value.
+ * @return the API key value
+ */
+ public String getKey() {
+ return key;
+ }
+
+ /**
+ * Sets the API key value.
+ * @param key the API key value to set
+ */
+ public void setKey(String key) {
+ this.key = key;
+ }
+
+ /**
+ * Gets the name or identifier of the API key.
+ * @return the API key name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Sets the name or identifier of the API key.
+ * @param name the API key name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * Gets the description of the API key's purpose or usage.
+ * @return the API key description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * Sets the description of the API key's purpose or usage.
+ * @param description the API key description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * Gets the creation date of the API key.
+ * @return the creation date
+ */
+ @Override
+ public Date getCreationDate() {
+ return creationDate;
+ }
+
+ /**
+ * Sets the creation date of the API key.
+ * @param creationDate the creation date to set
+ */
+ public void setCreationDate(Date creationDate) {
+ this.creationDate = creationDate;
+ }
+
+ /**
+ * Gets the expiration date of the API key.
+ * @return the expiration date
+ */
+ public Date getExpirationDate() {
+ return expirationDate;
+ }
+
+ /**
+ * Sets the expiration date of the API key.
+ * @param expirationDate the expiration date to set
+ */
+ public void setExpirationDate(Date expirationDate) {
+ this.expirationDate = expirationDate;
+ }
+
+ /**
+ * Checks if the API key has been revoked.
+ * @return true if the API key is revoked, false otherwise
+ */
+ public boolean isRevoked() {
+ return revoked;
+ }
+
+ /**
+ * Sets the revocation status of the API key.
+ * @param revoked true to revoke the API key, false to reinstate
+ */
+ public void setRevoked(boolean revoked) {
+ this.revoked = revoked;
+ }
+
+ /**
+ * Gets the type of the API key.
+ * @return the API key type
+ */
+ public ApiKeyType getKeyType() {
+ return keyType;
+ }
+
+ /**
+ * Sets the type of the API key.
+ * @param keyType the API key type to set
+ */
+ public void setKeyType(ApiKeyType keyType) {
+ this.keyType = keyType;
+ }
+}
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/ApiKeyConfig.java b/api/src/main/java/org/apache/unomi/api/tenants/ApiKeyConfig.java
new file mode 100644
index 0000000000..aada3c21ba
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/ApiKeyConfig.java
@@ -0,0 +1,164 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Configuration settings for API keys.
+ * This class defines the configuration parameters for API key management,
+ * including validation rules and usage limits.
+ */
+public class ApiKeyConfig {
+ private int minLength;
+ private int maxLength;
+ private String pattern;
+ private int maxActiveKeys;
+ private int defaultExpirationDays;
+ private List allowedScopes;
+ private Map rateLimits;
+ private Map additionalSettings;
+
+ /**
+ * Gets the minimum length required for API keys.
+ * @return the minimum length
+ */
+ public int getMinLength() {
+ return minLength;
+ }
+
+ /**
+ * Sets the minimum length required for API keys.
+ * @param minLength the minimum length to set
+ */
+ public void setMinLength(int minLength) {
+ this.minLength = minLength;
+ }
+
+ /**
+ * Gets the maximum length allowed for API keys.
+ * @return the maximum length
+ */
+ public int getMaxLength() {
+ return maxLength;
+ }
+
+ /**
+ * Sets the maximum length allowed for API keys.
+ * @param maxLength the maximum length to set
+ */
+ public void setMaxLength(int maxLength) {
+ this.maxLength = maxLength;
+ }
+
+ /**
+ * Gets the regex pattern for API key validation.
+ * @return the validation pattern
+ */
+ public String getPattern() {
+ return pattern;
+ }
+
+ /**
+ * Sets the regex pattern for API key validation.
+ * @param pattern the validation pattern to set
+ */
+ public void setPattern(String pattern) {
+ this.pattern = pattern;
+ }
+
+ /**
+ * Gets the maximum number of active API keys allowed.
+ * @return the maximum number of active keys
+ */
+ public int getMaxActiveKeys() {
+ return maxActiveKeys;
+ }
+
+ /**
+ * Sets the maximum number of active API keys allowed.
+ * @param maxActiveKeys the maximum number to set
+ */
+ public void setMaxActiveKeys(int maxActiveKeys) {
+ this.maxActiveKeys = maxActiveKeys;
+ }
+
+ /**
+ * Gets the default expiration period in days for new API keys.
+ * @return the default expiration period in days
+ */
+ public int getDefaultExpirationDays() {
+ return defaultExpirationDays;
+ }
+
+ /**
+ * Sets the default expiration period in days for new API keys.
+ * @param defaultExpirationDays the default expiration period to set
+ */
+ public void setDefaultExpirationDays(int defaultExpirationDays) {
+ this.defaultExpirationDays = defaultExpirationDays;
+ }
+
+ /**
+ * Gets the list of allowed scopes for API keys.
+ * @return list of allowed scopes
+ */
+ public List getAllowedScopes() {
+ return allowedScopes;
+ }
+
+ /**
+ * Sets the list of allowed scopes for API keys.
+ * @param allowedScopes list of allowed scopes to set
+ */
+ public void setAllowedScopes(List allowedScopes) {
+ this.allowedScopes = allowedScopes;
+ }
+
+ /**
+ * Gets the rate limits for different operations.
+ * @return map of operation names to their rate limits
+ */
+ public Map getRateLimits() {
+ return rateLimits;
+ }
+
+ /**
+ * Sets the rate limits for different operations.
+ * @param rateLimits map of operation names to their rate limits
+ */
+ public void setRateLimits(Map rateLimits) {
+ this.rateLimits = rateLimits;
+ }
+
+ /**
+ * Gets additional configuration settings.
+ * @return map of additional settings
+ */
+ public Map getAdditionalSettings() {
+ return additionalSettings;
+ }
+
+ /**
+ * Sets additional configuration settings.
+ * @param additionalSettings map of additional settings to set
+ */
+ public void setAdditionalSettings(Map additionalSettings) {
+ this.additionalSettings = additionalSettings;
+ }
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/AuditService.java b/api/src/main/java/org/apache/unomi/api/tenants/AuditService.java
new file mode 100644
index 0000000000..6fb6460afb
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/AuditService.java
@@ -0,0 +1,92 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import org.apache.unomi.api.Item;
+
+import java.util.Date;
+import java.util.List;
+
+/**
+ * Combined service interface for both item and tenant auditing operations.
+ */
+public interface AuditService extends ItemAuditService, TenantAuditService {
+ /**
+ * Records the creation of an item.
+ *
+ * @param item the item being created
+ * @param userId the user performing the creation
+ */
+ void auditCreate(Item item, String userId);
+
+ /**
+ * Records the update of an item.
+ *
+ * @param item the item being updated
+ * @param userId the user performing the update
+ */
+ void auditUpdate(Item item, String userId);
+
+ /**
+ * Records the deletion of an item.
+ *
+ * @param item the item being deleted
+ * @param userId the user performing the deletion
+ */
+ void auditDelete(Item item, String userId);
+
+ /**
+ * Retrieves items modified since a specific date.
+ *
+ * @param tenantId the tenant ID to filter by
+ * @param since the date to check modifications from
+ * @return a list of modified items
+ */
+ List- getModifiedItems(String tenantId, Date since);
+
+ /**
+ * Retrieves items modified since the last synchronization.
+ *
+ * @param tenantId the tenant ID to filter by
+ * @param sourceInstanceId the source instance ID
+ * @return a list of modified items
+ */
+ List
- getModifiedItemsSinceLastSync(String tenantId, String sourceInstanceId);
+
+ /**
+ * Updates the last synchronization date.
+ *
+ * @param tenantId the tenant ID
+ * @param sourceInstanceId the source instance ID
+ * @param syncDate the synchronization date to set
+ */
+ void updateLastSyncDate(String tenantId, String sourceInstanceId, Date syncDate);
+
+ /**
+ * Retrieves the last synchronization date.
+ *
+ * @param tenantId the tenant ID
+ * @param sourceInstanceId the source instance ID
+ * @return the last synchronization date
+ */
+ Date getLastSyncDate(String tenantId, String sourceInstanceId);
+
+ default void updateModificationMetadata(Item item, String userId) {
+ item.setLastModifiedBy(userId);
+ item.setLastModificationDate(new Date());
+ }
+}
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/ItemAuditService.java b/api/src/main/java/org/apache/unomi/api/tenants/ItemAuditService.java
new file mode 100644
index 0000000000..77b5bb2c29
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/ItemAuditService.java
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import org.apache.unomi.api.Item;
+
+import java.util.Date;
+import java.util.List;
+
+/**
+ * A service to track and audit changes to items.
+ */
+public interface ItemAuditService {
+ /**
+ * Records the creation of an item.
+ *
+ * @param item the item being created
+ * @param userId the user performing the creation
+ */
+ void auditCreate(Item item, String userId);
+
+ /**
+ * Records the update of an item.
+ *
+ * @param item the item being updated
+ * @param userId the user performing the update
+ */
+ void auditUpdate(Item item, String userId);
+
+ /**
+ * Records the deletion of an item.
+ *
+ * @param item the item being deleted
+ * @param userId the user performing the deletion
+ */
+ void auditDelete(Item item, String userId);
+
+ /**
+ * Retrieves items modified since a specific date.
+ *
+ * @param tenantId the tenant ID to filter by
+ * @param since the date to check modifications from
+ * @return a list of modified items
+ */
+ List
- getModifiedItems(String tenantId, Date since);
+
+ /**
+ * Retrieves items modified since the last synchronization.
+ *
+ * @param tenantId the tenant ID to filter by
+ * @param sourceInstanceId the source instance ID
+ * @return a list of modified items
+ */
+ List
- getModifiedItemsSinceLastSync(String tenantId, String sourceInstanceId);
+
+ /**
+ * Updates the last synchronization date.
+ *
+ * @param tenantId the tenant ID
+ * @param sourceInstanceId the source instance ID
+ * @param syncDate the synchronization date to set
+ */
+ void updateLastSyncDate(String tenantId, String sourceInstanceId, Date syncDate);
+
+ /**
+ * Retrieves the last synchronization date.
+ *
+ * @param tenantId the tenant ID
+ * @param sourceInstanceId the source instance ID
+ * @return the last synchronization date
+ */
+ Date getLastSyncDate(String tenantId, String sourceInstanceId);
+
+ /**
+ * Updates the modification metadata of an item.
+ *
+ * @param item the item to update
+ * @param userId the user performing the modification
+ */
+ default void updateModificationMetadata(Item item, String userId) {
+ item.setLastModifiedBy(userId);
+ item.setLastModificationDate(new Date());
+ }
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/ResourceQuota.java b/api/src/main/java/org/apache/unomi/api/tenants/ResourceQuota.java
new file mode 100644
index 0000000000..6d9e3359cb
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/ResourceQuota.java
@@ -0,0 +1,258 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Defines resource quotas and limits for a tenant.
+ * This class manages various resource constraints to ensure fair usage and prevent abuse.
+ * Each quota represents a maximum limit that the tenant cannot exceed.
+ * When a quota is reached, the system will prevent further resource allocation until
+ * resources are freed or the quota is increased.
+ */
+public class ResourceQuota {
+ /**
+ * The maximum number of profiles that can be stored for this tenant.
+ * When this limit is reached, attempts to create new profiles will be rejected.
+ */
+ private long maxProfiles;
+
+ /**
+ * The maximum number of events that can be processed per time period for this tenant.
+ * Events beyond this limit will be rejected until the next period begins.
+ */
+ private long maxEvents;
+
+ /**
+ * The maximum number of rules that can be defined for this tenant.
+ * Attempts to create rules beyond this limit will be rejected.
+ */
+ private long maxRules;
+
+ /**
+ * The maximum number of segments that can be defined for this tenant.
+ * Attempts to create segments beyond this limit will be rejected.
+ */
+ private long maxSegments;
+
+ /**
+ * The maximum storage size in bytes that this tenant can use.
+ * This includes all data associated with the tenant including profiles,
+ * events, rules, and other stored data.
+ */
+ private long maxStorageSize;
+
+ /**
+ * The maximum number of concurrent API requests that can be processed
+ * for this tenant. Additional requests will be rejected with a 429 status
+ * until ongoing requests complete.
+ */
+ private int maxConcurrentRequests;
+
+ /**
+ * The maximum number of API keys (both public and private) that can be
+ * generated for this tenant. This includes both active and historical keys
+ * stored for auditing purposes.
+ */
+ private int maxApiKeys;
+
+ /**
+ * The maximum number of days that data will be retained for this tenant.
+ * Data older than this period will be automatically purged from the system.
+ * A value of 0 indicates no automatic purging.
+ */
+ private long maxDataRetentionDays;
+
+ /**
+ * The maximum number of API requests that can be made per time period
+ * for this tenant. Requests beyond this limit will be rejected with
+ * a 429 status until the next period begins.
+ */
+ private long maxRequests;
+
+ /**
+ * Custom quota limits that can be defined for tenant-specific needs.
+ * The map keys represent the quota type and the values represent the limits.
+ * These quotas can be used to limit custom resources or actions specific
+ * to certain tenant use cases.
+ */
+ private Map customQuotas = new HashMap<>();
+
+ /**
+ * Gets the maximum number of profiles allowed for the tenant.
+ * @return the maximum number of profiles
+ */
+ public long getMaxProfiles() {
+ return maxProfiles;
+ }
+
+ /**
+ * Sets the maximum number of profiles allowed for the tenant.
+ * @param maxProfiles the maximum number of profiles to set (must be >= 0)
+ */
+ public void setMaxProfiles(long maxProfiles) {
+ this.maxProfiles = maxProfiles;
+ }
+
+ /**
+ * Gets the maximum number of events allowed for the tenant per time period.
+ * @return the maximum number of events
+ */
+ public long getMaxEvents() {
+ return maxEvents;
+ }
+
+ /**
+ * Sets the maximum number of events allowed for the tenant per time period.
+ * @param maxEvents the maximum number of events to set (must be >= 0)
+ */
+ public void setMaxEvents(long maxEvents) {
+ this.maxEvents = maxEvents;
+ }
+
+ /**
+ * Gets the maximum number of rules allowed for the tenant.
+ * @return the maximum number of rules
+ */
+ public long getMaxRules() {
+ return maxRules;
+ }
+
+ /**
+ * Sets the maximum number of rules allowed for the tenant.
+ * @param maxRules the maximum number of rules to set (must be >= 0)
+ */
+ public void setMaxRules(long maxRules) {
+ this.maxRules = maxRules;
+ }
+
+ /**
+ * Gets the maximum number of segments allowed for the tenant.
+ * @return the maximum number of segments
+ */
+ public long getMaxSegments() {
+ return maxSegments;
+ }
+
+ /**
+ * Sets the maximum number of segments allowed for the tenant.
+ * @param maxSegments the maximum number of segments to set (must be >= 0)
+ */
+ public void setMaxSegments(long maxSegments) {
+ this.maxSegments = maxSegments;
+ }
+
+ /**
+ * Gets the maximum storage size in bytes allowed for the tenant.
+ * @return the maximum storage size in bytes
+ */
+ public long getMaxStorageSize() {
+ return maxStorageSize;
+ }
+
+ /**
+ * Sets the maximum storage size in bytes allowed for the tenant.
+ * @param maxStorageSize the maximum storage size in bytes to set (must be >= 0)
+ */
+ public void setMaxStorageSize(long maxStorageSize) {
+ this.maxStorageSize = maxStorageSize;
+ }
+
+ /**
+ * Gets the maximum number of concurrent requests allowed for the tenant.
+ * @return the maximum number of concurrent requests
+ */
+ public int getMaxConcurrentRequests() {
+ return maxConcurrentRequests;
+ }
+
+ /**
+ * Sets the maximum number of concurrent requests allowed for the tenant.
+ * @param maxConcurrentRequests the maximum number of concurrent requests to set (must be >= 0)
+ */
+ public void setMaxConcurrentRequests(int maxConcurrentRequests) {
+ this.maxConcurrentRequests = maxConcurrentRequests;
+ }
+
+ /**
+ * Gets the maximum number of API keys allowed for the tenant.
+ * @return the maximum number of API keys
+ */
+ public int getMaxApiKeys() {
+ return maxApiKeys;
+ }
+
+ /**
+ * Sets the maximum number of API keys allowed for the tenant.
+ * @param maxApiKeys the maximum number of API keys to set (must be >= 0)
+ */
+ public void setMaxApiKeys(int maxApiKeys) {
+ this.maxApiKeys = maxApiKeys;
+ }
+
+ /**
+ * Gets the maximum number of days to retain data for the tenant.
+ * @return the maximum data retention period in days (0 for no limit)
+ */
+ public long getMaxDataRetentionDays() {
+ return maxDataRetentionDays;
+ }
+
+ /**
+ * Sets the maximum number of days to retain data for the tenant.
+ * @param maxDataRetentionDays the maximum data retention period in days to set (0 for no limit, must be >= 0)
+ */
+ public void setMaxDataRetentionDays(long maxDataRetentionDays) {
+ this.maxDataRetentionDays = maxDataRetentionDays;
+ }
+
+ /**
+ * Gets the maximum number of API requests allowed per time period.
+ * @return the maximum number of requests per time period
+ */
+ public long getMaxRequests() {
+ return maxRequests;
+ }
+
+ /**
+ * Sets the maximum number of API requests allowed per time period.
+ * @param maxRequests the maximum number of requests to set (must be >= 0)
+ */
+ public void setMaxRequests(long maxRequests) {
+ this.maxRequests = maxRequests;
+ }
+
+ /**
+ * Gets the custom quotas map. Custom quotas can be used to define
+ * tenant-specific resource limits beyond the standard quotas.
+ * @return map of custom quota types to their limits
+ */
+ public Map getCustomQuotas() {
+ return customQuotas;
+ }
+
+ /**
+ * Sets the custom quotas map. Custom quotas can be used to define
+ * tenant-specific resource limits beyond the standard quotas.
+ * @param customQuotas map of custom quota types to their limits (values must be >= 0)
+ */
+ public void setCustomQuotas(Map customQuotas) {
+ this.customQuotas = customQuotas;
+ }
+}
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/Tenant.java b/api/src/main/java/org/apache/unomi/api/tenants/Tenant.java
new file mode 100644
index 0000000000..f38b9b8d76
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/Tenant.java
@@ -0,0 +1,367 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import org.apache.unomi.api.Item;
+
+import java.util.*;
+import java.util.stream.Collectors;
+
+import javax.xml.bind.annotation.XmlTransient;
+
+/**
+ * Represents a tenant in the system.
+ * A tenant is an isolated entity within the system with its own users, data, and configuration.
+ * Each tenant has its own set of API keys (public and private) for authentication and authorization,
+ * resource quotas to limit usage, and event permissions to control access to specific event types.
+ * This class extends the base Item class and provides functionality for managing tenant
+ * settings, resource quotas, and lifecycle.
+ */
+public class Tenant extends Item {
+ /**
+ * The item type for a tenant.
+ */
+ public static final String ITEM_TYPE = "tenant";
+
+ /**
+ * The display name of the tenant.
+ */
+ private String name;
+
+ /**
+ * A description of the tenant's purpose or usage.
+ */
+ private String description;
+
+ /**
+ * The current operational status of the tenant.
+ */
+ private TenantStatus status;
+
+ /**
+ * The date when the tenant was created.
+ */
+ private Date creationDate;
+
+ /**
+ * The date when the tenant was last modified.
+ */
+ private Date lastModificationDate;
+
+ /**
+ * The resource quota limits for the tenant.
+ * This includes limits on profiles, events, and requests.
+ */
+ private ResourceQuota resourceQuota;
+
+ /**
+ * The list of all API keys (both active and historical) associated with the tenant.
+ * This list maintains a history of all API keys that have been generated for the tenant,
+ * including both public and private keys, for auditing purposes.
+ */
+ private List apiKeys;
+
+ /**
+ * Additional custom properties for the tenant.
+ */
+ private Map properties;
+
+ /**
+ * The set of event types that are restricted for this tenant.
+ * Events of these types will require IP validation before being processed.
+ * This is used to control which event types require additional validation
+ * at the tenant level.
+ */
+ private Set restrictedEventTypes = new HashSet<>();
+
+ /**
+ * The set of IP addresses or CIDR ranges that are authorized to make requests
+ * for this tenant. Requests from IP addresses not in this set will be rejected.
+ */
+ private Set authorizedIPs = new HashSet<>();
+
+ /**
+ * Default constructor that initializes the tenant as an Item.
+ * Sets the item type to TENANT and initializes empty collections.
+ */
+ public Tenant() {
+ super();
+ setItemType(ITEM_TYPE);
+ }
+
+ /**
+ * Gets the tenant's display name.
+ * @return the tenant name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * Sets the tenant's display name.
+ * @param name the tenant name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * Gets the tenant's description.
+ * @return the tenant description
+ */
+ public String getDescription() {
+ return description;
+ }
+
+ /**
+ * Sets the tenant's description.
+ * @param description the tenant description to set
+ */
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ /**
+ * Gets the tenant's current status.
+ * @return the tenant status
+ */
+ public TenantStatus getStatus() {
+ return status;
+ }
+
+ /**
+ * Sets the tenant's status.
+ * @param status the tenant status to set
+ */
+ public void setStatus(TenantStatus status) {
+ this.status = status;
+ }
+
+ /**
+ * Gets the tenant's creation date.
+ * @return the creation date
+ */
+ @Override
+ public Date getCreationDate() {
+ return creationDate;
+ }
+
+ /**
+ * Sets the tenant's creation date.
+ * @param creationDate the creation date to set
+ */
+ public void setCreationDate(Date creationDate) {
+ this.creationDate = creationDate;
+ }
+
+ /**
+ * Gets the tenant's last modification date.
+ * @return the last modification date
+ */
+ @Override
+ public Date getLastModificationDate() {
+ return lastModificationDate;
+ }
+
+ /**
+ * Sets the tenant's last modification date.
+ * @param lastModificationDate the last modification date to set
+ */
+ public void setLastModificationDate(Date lastModificationDate) {
+ this.lastModificationDate = lastModificationDate;
+ }
+
+ /**
+ * Gets the tenant's resource quota settings.
+ * @return the resource quota settings
+ */
+ public ResourceQuota getResourceQuota() {
+ return resourceQuota;
+ }
+
+ /**
+ * Sets the tenant's resource quota settings.
+ * @param resourceQuota the resource quota settings to set
+ */
+ public void setResourceQuota(ResourceQuota resourceQuota) {
+ this.resourceQuota = resourceQuota;
+ }
+
+ /**
+ * Gets the list of all API keys associated with the tenant.
+ * This includes both active and historical keys for auditing purposes.
+ * @return the list of API keys
+ */
+ public List getApiKeys() {
+ return apiKeys;
+ }
+
+ /**
+ * Sets the list of API keys associated with the tenant.
+ * @param apiKeys the list of API keys to set
+ */
+ public void setApiKeys(List apiKeys) {
+ this.apiKeys = apiKeys;
+ }
+
+ /**
+ * Gets additional tenant properties as key-value pairs.
+ * @return map of additional properties
+ */
+ public Map getProperties() {
+ return properties;
+ }
+
+ /**
+ * Sets additional tenant properties as key-value pairs.
+ * @param properties map of additional properties to set
+ */
+ public void setProperties(Map properties) {
+ this.properties = properties;
+ }
+
+ /**
+ * Gets the set of event types that are restricted for this tenant.
+ * Events of these types will require IP validation before being processed.
+ * @return the set of restricted event types
+ */
+ public Set getRestrictedEventTypes() {
+ return restrictedEventTypes;
+ }
+
+ /**
+ * Sets the event types that are restricted for this tenant.
+ * Events of these types will require IP validation before being processed.
+ * @param restrictedEventTypes the set of restricted event types to set
+ */
+ public void setRestrictedEventTypes(Set restrictedEventTypes) {
+ this.restrictedEventTypes = restrictedEventTypes;
+ }
+
+ /**
+ * Gets the set of authorized IP addresses or CIDR ranges for this tenant.
+ * @return the set of authorized IP addresses/ranges
+ */
+ public Set getAuthorizedIPs() {
+ return authorizedIPs;
+ }
+
+ /**
+ * Sets the authorized IP addresses or CIDR ranges for this tenant.
+ * @param authorizedIPs the set of authorized IP addresses/ranges to set
+ */
+ public void setAuthorizedIPs(Set authorizedIPs) {
+ this.authorizedIPs = authorizedIPs;
+ }
+
+ /**
+ * Gets the currently active private API key for the tenant.
+ * This method resolves the active private API key from the API keys list.
+ * It returns the most recently created, non-revoked, non-expired private key.
+ * This key should be used for secure operations and administrative tasks.
+ * @return the active private API key, or null if no valid private key exists
+ */
+ @XmlTransient
+ public String getPrivateApiKey() {
+ if (apiKeys == null) {
+ return null;
+ }
+
+ return apiKeys.stream()
+ .filter(key -> key.getKeyType() == ApiKey.ApiKeyType.PRIVATE)
+ .filter(key -> !key.isRevoked())
+ .filter(key -> key.getExpirationDate() == null || key.getExpirationDate().after(new Date()))
+ .max(Comparator.comparing(ApiKey::getCreationDate))
+ .map(ApiKey::getKey)
+ .orElse(null);
+ }
+
+ /**
+ * Gets the currently active public API key for the tenant.
+ * This method resolves the active public API key from the API keys list.
+ * It returns the most recently created, non-revoked, non-expired public key.
+ * This key can be safely used in client-side applications.
+ * @return the active public API key, or null if no valid public key exists
+ */
+ @XmlTransient
+ public String getPublicApiKey() {
+ if (apiKeys == null) {
+ return null;
+ }
+
+ return apiKeys.stream()
+ .filter(key -> key.getKeyType() == ApiKey.ApiKeyType.PUBLIC)
+ .filter(key -> !key.isRevoked())
+ .filter(key -> key.getExpirationDate() == null || key.getExpirationDate().after(new Date()))
+ .max(Comparator.comparing(ApiKey::getCreationDate))
+ .map(ApiKey::getKey)
+ .orElse(null);
+ }
+
+ /**
+ * Gets all active private API keys for the tenant.
+ * This method returns all non-revoked, non-expired private keys.
+ * @return list of active private API keys, or empty list if none exist
+ */
+ @XmlTransient
+ public List getActivePrivateApiKeys() {
+ if (apiKeys == null) {
+ return new ArrayList<>();
+ }
+
+ return apiKeys.stream()
+ .filter(key -> key.getKeyType() == ApiKey.ApiKeyType.PRIVATE)
+ .filter(key -> !key.isRevoked())
+ .filter(key -> key.getExpirationDate() == null || key.getExpirationDate().after(new Date()))
+ .collect(Collectors.toList());
+ }
+
+ /**
+ * Gets all active public API keys for the tenant.
+ * This method returns all non-revoked, non-expired public keys.
+ * @return list of active public API keys, or empty list if none exist
+ */
+ @XmlTransient
+ public List getActivePublicApiKeys() {
+ if (apiKeys == null) {
+ return new ArrayList<>();
+ }
+
+ return apiKeys.stream()
+ .filter(key -> key.getKeyType() == ApiKey.ApiKeyType.PUBLIC)
+ .filter(key -> !key.isRevoked())
+ .filter(key -> key.getExpirationDate() == null || key.getExpirationDate().after(new Date()))
+ .collect(Collectors.toList());
+ }
+
+ /**
+ * Gets all active API keys for the tenant.
+ * This method returns all non-revoked, non-expired keys regardless of type.
+ * @return list of all active API keys, or empty list if none exist
+ */
+ @XmlTransient
+ public List getActiveApiKeys() {
+ if (apiKeys == null) {
+ return new ArrayList<>();
+ }
+
+ return apiKeys.stream()
+ .filter(key -> !key.isRevoked())
+ .filter(key -> key.getExpirationDate() == null || key.getExpirationDate().after(new Date()))
+ .collect(Collectors.toList());
+ }
+}
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/TenantAuditService.java b/api/src/main/java/org/apache/unomi/api/tenants/TenantAuditService.java
new file mode 100644
index 0000000000..261a36e233
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/TenantAuditService.java
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+/**
+ * A service to audit tenant-related operations.
+ */
+public interface TenantAuditService {
+ /**
+ * Logs a tenant operation for auditing purposes.
+ *
+ * @param tenantId the ID of the tenant
+ * @param operation the operation being performed
+ */
+ void logTenantOperation(String tenantId, String operation);
+}
\ No newline at end of file
diff --git a/services/src/test/java/org/apache/unomi/services/impl/scheduler/SchedulerServiceImplTest.java b/api/src/main/java/org/apache/unomi/api/tenants/TenantBackupMetadata.java
similarity index 52%
rename from services/src/test/java/org/apache/unomi/services/impl/scheduler/SchedulerServiceImplTest.java
rename to api/src/main/java/org/apache/unomi/api/tenants/TenantBackupMetadata.java
index 5ba37d5e5d..4cae6cfbac 100644
--- a/services/src/test/java/org/apache/unomi/services/impl/scheduler/SchedulerServiceImplTest.java
+++ b/api/src/main/java/org/apache/unomi/api/tenants/TenantBackupMetadata.java
@@ -14,27 +14,25 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.unomi.services.impl.scheduler;
+package org.apache.unomi.api.tenants;
-import org.junit.Test;
+public class TenantBackupMetadata {
+ private String tenantId;
+ private long timestamp;
-import java.time.LocalDateTime;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
+ public String getTenantId() {
+ return tenantId;
+ }
-import static org.junit.Assert.*;
+ public void setTenantId(String tenantId) {
+ this.tenantId = tenantId;
+ }
-public class SchedulerServiceImplTest {
+ public long getTimestamp() {
+ return timestamp;
+ }
- @Test
- public void getTimeDiffInSeconds_whenGiveHourOfDay_shouldReturnDifferenceInSeconds(){
- //Arrange
- SchedulerServiceImpl service = new SchedulerServiceImpl();
- int hourToRunInUtc = 11;
- ZonedDateTime timeNowInUtc = ZonedDateTime.of(LocalDateTime.parse("2020-01-13T10:00:00"), ZoneOffset.UTC);
- //Act
- long seconds = service.getTimeDiffInSeconds(hourToRunInUtc, timeNowInUtc);
- //Assert
- assertEquals(3600, seconds);
+ public void setTimestamp(long timestamp) {
+ this.timestamp = timestamp;
}
-}
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/TenantService.java b/api/src/main/java/org/apache/unomi/api/tenants/TenantService.java
new file mode 100644
index 0000000000..a730b99b08
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/TenantService.java
@@ -0,0 +1,145 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Service interface for managing multi-tenant functionality in Apache Unomi.
+ * This service provides methods for creating, retrieving, and managing tenants,
+ * as well as handling tenant-specific API keys and tenant context management.
+ * It ensures proper isolation between different tenants' data and configurations.
+ */
+public interface TenantService {
+
+ /**
+ * The ID of the system tenant, which is used for system-wide configurations and data.
+ * The system tenant is special and cannot be removed.
+ */
+ String SYSTEM_TENANT = "system";
+
+ /**
+ * Creates a new tenant in the system with the specified ID and properties.
+ *
+ * @param requestedId the requested ID for the tenant
+ * @param properties additional properties to associate with the tenant
+ * @return the newly created Tenant object
+ * @throws IllegalArgumentException if the requestedId is invalid, already exists, or is a reserved ID
+ */
+ Tenant createTenant(String requestedId, Map properties);
+
+ /**
+ * Generates a new API key for the specified tenant with an optional validity period.
+ *
+ * @param tenantId the ID of the tenant for which to generate the API key
+ * @param validityPeriod the period (in milliseconds) for which the API key should be valid, null for no expiration
+ * @return the generated ApiKey object containing the key and associated metadata
+ * @throws IllegalArgumentException if tenantId is null or does not exist
+ */
+ ApiKey generateApiKey(String tenantId, Long validityPeriod);
+
+ /**
+ * Retrieves a tenant by its ID.
+ *
+ * @param tenantId the ID of the tenant to retrieve
+ * @return the Tenant object if found, null otherwise
+ */
+ Tenant getTenant(String tenantId);
+
+ /**
+ * Retrieves all tenants registered in the system.
+ * This method provides access to all tenant configurations and metadata,
+ * and should be used with appropriate access controls.
+ *
+ * @return a List of all Tenant objects in the system
+ */
+ List getAllTenants();
+
+ /**
+ * Updates an existing tenant's information.
+ *
+ * @param tenant the tenant with updated information
+ * @throws IllegalArgumentException if tenant is null or does not exist
+ */
+ void saveTenant(Tenant tenant);
+
+ /**
+ * Deletes a tenant and all associated data from the system.
+ *
+ * @param tenantId the ID of the tenant to delete
+ * @throws IllegalArgumentException if tenantId is null or does not exist
+ */
+ void deleteTenant(String tenantId);
+
+ /**
+ * Validates an API key for a given tenant.
+ *
+ * @param tenantId the ID of the tenant
+ * @param key the API key to validate
+ * @return true if the key is valid, false otherwise
+ */
+ boolean validateApiKey(String tenantId, String key);
+
+ /**
+ * Generates a new API key of the specified type for the tenant.
+ *
+ * @param tenantId the ID of the tenant for which to generate the API key
+ * @param keyType the type of API key to generate (PUBLIC or PRIVATE)
+ * @param validityPeriod the period (in milliseconds) for which the API key should be valid, null for no expiration
+ * @return the generated ApiKey object containing the key and associated metadata
+ * @throws IllegalArgumentException if tenantId is null or does not exist
+ */
+ ApiKey generateApiKeyWithType(String tenantId, ApiKey.ApiKeyType keyType, Long validityPeriod);
+
+ /**
+ * Validates an API key for a given tenant and checks if it has the required type.
+ *
+ * @param tenantId the ID of the tenant
+ * @param key the API key to validate
+ * @param requiredType the required type of the API key
+ * @return true if the key is valid and matches the required type, false otherwise
+ */
+ boolean validateApiKeyWithType(String tenantId, String key, ApiKey.ApiKeyType requiredType);
+
+ /**
+ * Gets the API key of the specified type for a tenant.
+ *
+ * @param tenantId the ID of the tenant
+ * @param keyType the type of API key to retrieve
+ * @return the API key of the specified type, or null if not found
+ */
+ ApiKey getApiKey(String tenantId, ApiKey.ApiKeyType keyType);
+
+ /**
+ * Retrieves a tenant by its API key.
+ *
+ * @param key the API key to look up
+ * @return the Tenant object if found, null otherwise
+ */
+ Tenant getTenantByApiKey(String key);
+
+ /**
+ * Retrieves a tenant by its API key, ensuring it matches the required type.
+ *
+ * @param key the API key to look up
+ * @param requiredType the required type of the API key (PUBLIC or PRIVATE)
+ * @return the Tenant object if found and key type matches, null otherwise
+ */
+ Tenant getTenantByApiKey(String key, ApiKey.ApiKeyType requiredType);
+
+}
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/TenantStatus.java b/api/src/main/java/org/apache/unomi/api/tenants/TenantStatus.java
new file mode 100644
index 0000000000..aad2399181
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/TenantStatus.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+/**
+ * Enumeration of possible tenant statuses.
+ * This enum defines the various states a tenant can be in within the system.
+ */
+public enum TenantStatus {
+ /**
+ * Tenant is active and fully operational
+ */
+ ACTIVE,
+
+ /**
+ * Tenant is disabled and cannot perform any operations
+ */
+ DISABLED,
+
+ /**
+ * Tenant is temporarily suspended, typically due to policy violations or maintenance
+ */
+ SUSPENDED,
+
+ /**
+ * Tenant is created but waiting for activation process to complete
+ */
+ PENDING_ACTIVATION,
+
+ /**
+ * Tenant is undergoing scheduled maintenance
+ */
+ MAINTENANCE
+}
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/TenantTransformationListener.java b/api/src/main/java/org/apache/unomi/api/tenants/TenantTransformationListener.java
new file mode 100644
index 0000000000..eb80735374
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/TenantTransformationListener.java
@@ -0,0 +1,72 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import org.apache.unomi.api.Item;
+
+/**
+ * Interface for item-specific data transformations that can be implemented by Unomi extensions.
+ * Transformations can include data masking, format conversion, or other data modifications.
+ * Multiple listeners can be registered and will be called in order of priority.
+ */
+public interface TenantTransformationListener {
+
+ /**
+ * Gets the priority of this listener. Listeners with higher priority values will be executed first.
+ * @return the priority value (default is 0)
+ */
+ default int getPriority() {
+ return 0;
+ }
+
+ /**
+ * Applies forward transformation to data in an item for a specific tenant
+ * @param item The item containing data to transform
+ * @param tenantId The ID of the tenant
+ * @return transformed item if transformation was successful, null otherwise
+ */
+ Item transformItem(Item item, String tenantId);
+
+ /**
+ * Checks if transformation is available and enabled
+ * @return true if transformation is available and enabled
+ */
+ boolean isTransformationEnabled();
+
+ /**
+ * Reverses the transformation of data in an item for a specific tenant
+ * @param item The item containing data to reverse transform
+ * @param tenantId The ID of the tenant
+ * @return transformed item if reverse transformation was successful, null otherwise
+ */
+ Item reverseTransformItem(Item item, String tenantId);
+
+ /**
+ * Checks if an item contains transformed data
+ * @param item The item to check
+ * @return true if the item contains transformed data
+ */
+ default boolean isItemTransformed(Item item) {
+ return item != null && Boolean.TRUE.equals(item.getSystemMetadata("transformed"));
+ }
+
+ /**
+ * Gets the transformation type identifier
+ * @return String identifying the type of transformation
+ */
+ String getTransformationType();
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/security/SecurityAuditReport.java b/api/src/main/java/org/apache/unomi/api/tenants/security/SecurityAuditReport.java
new file mode 100644
index 0000000000..eb1215bfc5
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/security/SecurityAuditReport.java
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants.security;
+
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Represents a security audit report for a tenant.
+ * This class contains information about security-related events and statistics
+ * within a specified time period.
+ */
+public class SecurityAuditReport {
+ private String tenantId;
+ private Date startDate;
+ private Date endDate;
+ private List events;
+ private Map eventCounts;
+ private Map statistics;
+
+ /**
+ * Gets the tenant ID associated with this report.
+ * @return the tenant ID
+ */
+ public String getTenantId() {
+ return tenantId;
+ }
+
+ /**
+ * Sets the tenant ID associated with this report.
+ * @param tenantId the tenant ID to set
+ */
+ public void setTenantId(String tenantId) {
+ this.tenantId = tenantId;
+ }
+
+ /**
+ * Gets the start date of the audit period.
+ * @return the start date
+ */
+ public Date getStartDate() {
+ return startDate;
+ }
+
+ /**
+ * Sets the start date of the audit period.
+ * @param startDate the start date to set
+ */
+ public void setStartDate(Date startDate) {
+ this.startDate = startDate;
+ }
+
+ /**
+ * Gets the end date of the audit period.
+ * @return the end date
+ */
+ public Date getEndDate() {
+ return endDate;
+ }
+
+ /**
+ * Sets the end date of the audit period.
+ * @param endDate the end date to set
+ */
+ public void setEndDate(Date endDate) {
+ this.endDate = endDate;
+ }
+
+ /**
+ * Gets the list of security events.
+ * @return list of security events
+ */
+ public List getEvents() {
+ return events;
+ }
+
+ /**
+ * Sets the list of security events.
+ * @param events list of security events to set
+ */
+ public void setEvents(List events) {
+ this.events = events;
+ }
+
+ /**
+ * Gets the count of events by type.
+ * @return map of event types to their counts
+ */
+ public Map getEventCounts() {
+ return eventCounts;
+ }
+
+ /**
+ * Sets the count of events by type.
+ * @param eventCounts map of event types to their counts
+ */
+ public void setEventCounts(Map eventCounts) {
+ this.eventCounts = eventCounts;
+ }
+
+ /**
+ * Gets additional statistics about the audit period.
+ * @return map of statistics
+ */
+ public Map getStatistics() {
+ return statistics;
+ }
+
+ /**
+ * Sets additional statistics about the audit period.
+ * @param statistics map of statistics to set
+ */
+ public void setStatistics(Map statistics) {
+ this.statistics = statistics;
+ }
+
+ /**
+ * Represents a security-related event.
+ */
+ public static class SecurityEvent {
+ private String type;
+ private Date timestamp;
+ private String description;
+ private String userId;
+ private String ipAddress;
+ private Map details;
+
+ public String getType() {
+ return type;
+ }
+
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ public Date getTimestamp() {
+ return timestamp;
+ }
+
+ public void setTimestamp(Date timestamp) {
+ this.timestamp = timestamp;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ public String getUserId() {
+ return userId;
+ }
+
+ public void setUserId(String userId) {
+ this.userId = userId;
+ }
+
+ public String getIpAddress() {
+ return ipAddress;
+ }
+
+ public void setIpAddress(String ipAddress) {
+ this.ipAddress = ipAddress;
+ }
+
+ public Map getDetails() {
+ return details;
+ }
+
+ public void setDetails(Map details) {
+ this.details = details;
+ }
+ }
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/security/SecuritySettings.java b/api/src/main/java/org/apache/unomi/api/tenants/security/SecuritySettings.java
new file mode 100644
index 0000000000..ade4913db7
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/security/SecuritySettings.java
@@ -0,0 +1,171 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants.security;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Represents security settings for a tenant.
+ * This class contains configuration for various security aspects including
+ * authentication, authorization, and API access.
+ */
+public class SecuritySettings {
+ private boolean enabled;
+ private AuthenticationConfig authentication;
+ private AuthorizationConfig authorization;
+ private Map additionalSettings;
+
+ /**
+ * Gets whether security is enabled for the tenant.
+ * @return true if security is enabled, false otherwise
+ */
+ public boolean isEnabled() {
+ return enabled;
+ }
+
+ /**
+ * Sets whether security is enabled for the tenant.
+ * @param enabled true to enable security, false to disable
+ */
+ public void setEnabled(boolean enabled) {
+ this.enabled = enabled;
+ }
+
+ /**
+ * Gets the authentication configuration.
+ * @return the authentication configuration
+ */
+ public AuthenticationConfig getAuthentication() {
+ return authentication;
+ }
+
+ /**
+ * Sets the authentication configuration.
+ * @param authentication the authentication configuration to set
+ */
+ public void setAuthentication(AuthenticationConfig authentication) {
+ this.authentication = authentication;
+ }
+
+ /**
+ * Gets the authorization configuration.
+ * @return the authorization configuration
+ */
+ public AuthorizationConfig getAuthorization() {
+ return authorization;
+ }
+
+ /**
+ * Sets the authorization configuration.
+ * @param authorization the authorization configuration to set
+ */
+ public void setAuthorization(AuthorizationConfig authorization) {
+ this.authorization = authorization;
+ }
+
+ /**
+ * Gets additional security settings as key-value pairs.
+ * @return map of additional settings
+ */
+ public Map getAdditionalSettings() {
+ return additionalSettings;
+ }
+
+ /**
+ * Sets additional security settings as key-value pairs.
+ * @param additionalSettings map of additional settings to set
+ */
+ public void setAdditionalSettings(Map additionalSettings) {
+ this.additionalSettings = additionalSettings;
+ }
+
+ /**
+ * Configuration for authentication settings.
+ */
+ public static class AuthenticationConfig {
+ private List allowedAuthMethods;
+ private int maxLoginAttempts;
+ private int lockoutDurationMinutes;
+ private boolean requireMfa;
+
+ public List getAllowedAuthMethods() {
+ return allowedAuthMethods;
+ }
+
+ public void setAllowedAuthMethods(List allowedAuthMethods) {
+ this.allowedAuthMethods = allowedAuthMethods;
+ }
+
+ public int getMaxLoginAttempts() {
+ return maxLoginAttempts;
+ }
+
+ public void setMaxLoginAttempts(int maxLoginAttempts) {
+ this.maxLoginAttempts = maxLoginAttempts;
+ }
+
+ public int getLockoutDurationMinutes() {
+ return lockoutDurationMinutes;
+ }
+
+ public void setLockoutDurationMinutes(int lockoutDurationMinutes) {
+ this.lockoutDurationMinutes = lockoutDurationMinutes;
+ }
+
+ public boolean isRequireMfa() {
+ return requireMfa;
+ }
+
+ public void setRequireMfa(boolean requireMfa) {
+ this.requireMfa = requireMfa;
+ }
+ }
+
+ /**
+ * Configuration for authorization settings.
+ */
+ public static class AuthorizationConfig {
+ private List roles;
+ private List permissions;
+ private Map> rolePermissions;
+
+ public List getRoles() {
+ return roles;
+ }
+
+ public void setRoles(List roles) {
+ this.roles = roles;
+ }
+
+ public List getPermissions() {
+ return permissions;
+ }
+
+ public void setPermissions(List permissions) {
+ this.permissions = permissions;
+ }
+
+ public Map> getRolePermissions() {
+ return rolePermissions;
+ }
+
+ public void setRolePermissions(Map> rolePermissions) {
+ this.rolePermissions = rolePermissions;
+ }
+ }
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/security/SecurityValidationResult.java b/api/src/main/java/org/apache/unomi/api/tenants/security/SecurityValidationResult.java
new file mode 100644
index 0000000000..88ed71ca1a
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/security/SecurityValidationResult.java
@@ -0,0 +1,96 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants.security;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Represents the result of a security validation operation.
+ * This class contains information about whether the validation was successful,
+ * and if not, what errors were encountered.
+ */
+public class SecurityValidationResult {
+ private boolean valid;
+ private List errors;
+ private String message;
+
+ /**
+ * Default constructor that initializes a valid result with no errors.
+ */
+ public SecurityValidationResult() {
+ this.valid = true;
+ this.errors = new ArrayList<>();
+ }
+
+ /**
+ * Gets whether the validation was successful.
+ * @return true if validation passed, false otherwise
+ */
+ public boolean isValid() {
+ return valid;
+ }
+
+ /**
+ * Sets the validation status.
+ * @param valid true if validation passed, false otherwise
+ */
+ public void setValid(boolean valid) {
+ this.valid = valid;
+ }
+
+ /**
+ * Gets the list of validation errors.
+ * @return list of error messages
+ */
+ public List getErrors() {
+ return errors;
+ }
+
+ /**
+ * Sets the list of validation errors.
+ * @param errors list of error messages
+ */
+ public void setErrors(List errors) {
+ this.errors = errors;
+ }
+
+ /**
+ * Adds an error message to the result.
+ * @param error the error message to add
+ */
+ public void addError(String error) {
+ this.valid = false;
+ this.errors.add(error);
+ }
+
+ /**
+ * Gets the general message associated with the validation result.
+ * @return the message
+ */
+ public String getMessage() {
+ return message;
+ }
+
+ /**
+ * Sets the general message associated with the validation result.
+ * @param message the message to set
+ */
+ public void setMessage(String message) {
+ this.message = message;
+ }
+}
\ No newline at end of file
diff --git a/api/src/main/java/org/apache/unomi/api/tenants/security/TenantSecurityService.java b/api/src/main/java/org/apache/unomi/api/tenants/security/TenantSecurityService.java
new file mode 100644
index 0000000000..0e5a803977
--- /dev/null
+++ b/api/src/main/java/org/apache/unomi/api/tenants/security/TenantSecurityService.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants.security;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Service interface for managing tenants-level security operations and validations.
+ * This service provides comprehensive security features including authentication,
+ * authorization, rate limiting, and security auditing for tenants-specific operations.
+ */
+public interface TenantSecurityService {
+
+ /**
+ * Validates a request against all configured security measures for a tenants.
+ *
+ * @param request the HTTP request to validate
+ * @param tenantId the ID of the tenants making the request
+ * @return a SecurityValidationResult containing the validation outcome and any errors
+ * @throws SecurityException if a critical security violation is detected
+ */
+ SecurityValidationResult validateRequest(HttpServletRequest request, String tenantId);
+
+ /**
+ * Configures security settings for a specific tenants.
+ *
+ * @param tenantId the ID of the tenants to configure
+ * @param settings the security settings to apply
+ * @throws ConfigurationException if the settings are invalid or cannot be applied
+ */
+ void configureSecuritySettings(String tenantId, SecuritySettings settings);
+
+ /**
+ * Generates a security audit report for a tenants within a specified time range.
+ *
+ * @param tenantId the ID of the tenants
+ * @param startTime the start time for the audit period
+ * @param endTime the end time for the audit period
+ * @return a SecurityAuditReport containing security-related events and statistics
+ */
+ SecurityAuditReport generateSecurityAudit(String tenantId, long startTime, long endTime);
+}
diff --git a/api/src/main/java/org/apache/unomi/api/utils/ConditionBuilder.java b/api/src/main/java/org/apache/unomi/api/utils/ConditionBuilder.java
index aceb1ffe58..9871d6a199 100644
--- a/api/src/main/java/org/apache/unomi/api/utils/ConditionBuilder.java
+++ b/api/src/main/java/org/apache/unomi/api/utils/ConditionBuilder.java
@@ -17,13 +17,30 @@
package org.apache.unomi.api.utils;
import org.apache.unomi.api.conditions.Condition;
+import org.apache.unomi.api.conditions.ConditionType;
import org.apache.unomi.api.services.DefinitionsService;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
/**
* Utility class for creating various types of {@link Condition} objects.
* This class provides methods to easily construct conditions used for querying data based on specific criteria.
+ *
+ * The ConditionBuilder supports building complex queries with logical operators (AND, OR, NOT),
+ * property comparisons, nested conditions, and special condition types. The fluent API style
+ * makes it easier to construct readable and maintainable conditions.
+ *
+ * Example usage:
+ *
+ * ConditionBuilder builder = new ConditionBuilder(definitionsService);
+ * Condition condition = builder.and(
+ * builder.profileProperty("age").greaterThan(18),
+ * builder.profileProperty("gender").equalTo("male")
+ * ).build();
+ *
*/
public class ConditionBuilder {
@@ -38,276 +55,776 @@ public ConditionBuilder(DefinitionsService definitionsService) {
this.definitionsService = definitionsService;
}
+ /**
+ * Sets the definitions service to use for resolving condition types.
+ *
+ * @param definitionsService the definitions service
+ */
public void setDefinitionsService(DefinitionsService definitionsService) {
this.definitionsService = definitionsService;
}
+ /**
+ * Creates an AND condition that combines two sub-conditions, requiring both to be true.
+ *
+ * @param condition1 the first condition to include in the AND operation
+ * @param condition2 the second condition to include in the AND operation
+ * @return a compound condition representing the logical AND of the two conditions
+ */
public CompoundCondition and(ConditionItem condition1, ConditionItem condition2) {
return new CompoundCondition(condition1, condition2, "and");
}
+ /**
+ * Creates an AND condition that combines multiple sub-conditions, requiring all to be true.
+ *
+ * @param conditions the conditions to include in the AND operation
+ * @return a compound condition representing the logical AND of all the conditions
+ */
+ public CompoundCondition and(ConditionItem... conditions) {
+ if (conditions == null || conditions.length == 0) {
+ throw new IllegalArgumentException("At least one condition must be provided");
+ }
+
+ List subConditions = new ArrayList<>(conditions.length);
+ for (ConditionItem condition : conditions) {
+ subConditions.add(condition.build());
+ }
+
+ ConditionItem conditionItem = new ConditionItem("booleanCondition", definitionsService);
+ conditionItem.parameter("operator", "and");
+ conditionItem.parameter("subConditions", subConditions);
+
+ return (CompoundCondition) conditionItem;
+ }
+
+ /**
+ * Creates a NOT condition that negates the provided sub-condition.
+ *
+ * @param subCondition the condition to negate
+ * @return a NOT condition that evaluates to true when the sub-condition is false
+ */
public NotCondition not(ConditionItem subCondition) {
return new NotCondition(subCondition);
}
+ /**
+ * Creates an OR condition that combines two sub-conditions, requiring at least one to be true.
+ *
+ * @param condition1 the first condition to include in the OR operation
+ * @param condition2 the second condition to include in the OR operation
+ * @return a compound condition representing the logical OR of the two conditions
+ */
public CompoundCondition or(ConditionItem condition1, ConditionItem condition2) {
return new CompoundCondition(condition1, condition2, "or");
}
+ /**
+ * Creates an OR condition that combines multiple sub-conditions, requiring at least one to be true.
+ *
+ * @param conditions the conditions to include in the OR operation
+ * @return a compound condition representing the logical OR of all the conditions
+ */
+ public CompoundCondition or(ConditionItem... conditions) {
+ if (conditions == null || conditions.length == 0) {
+ throw new IllegalArgumentException("At least one condition must be provided");
+ }
+
+ List subConditions = new ArrayList<>(conditions.length);
+ for (ConditionItem condition : conditions) {
+ subConditions.add(condition.build());
+ }
+
+ ConditionItem conditionItem = new ConditionItem("booleanCondition", definitionsService);
+ conditionItem.parameter("operator", "or");
+ conditionItem.parameter("subConditions", subConditions);
+
+ return (CompoundCondition) conditionItem;
+ }
+
+ /**
+ * Creates a matchAll condition that will match all items regardless of other criteria.
+ * This is useful for creating queries that need to return all records.
+ *
+ * @return a condition that matches all items
+ */
+ public ConditionItem matchAll() {
+ ConditionItem conditionItem = new ConditionItem("matchAllCondition", definitionsService);
+ return conditionItem;
+ }
+
+ /**
+ * Creates a nested condition for querying nested objects or nested fields.
+ *
+ * @param subCondition the condition to apply on the nested object or field
+ * @param path the path to the nested object or field
+ * @return a nested condition for the specified path and sub-condition
+ */
public NestedCondition nested(ConditionItem subCondition, String path) {
return new NestedCondition(subCondition, path);
}
+ /**
+ * Creates a condition for comparing a profile property value.
+ * This is a convenience method for creating conditions on profile properties.
+ *
+ * @param propertyName the name of the profile property to use in the condition
+ * @return a property condition configured for the specified profile property
+ */
public PropertyCondition profileProperty(String propertyName) {
return new PropertyCondition("profilePropertyCondition", propertyName, definitionsService);
}
+ /**
+ * Creates a condition for comparing a session property value.
+ *
+ * @param propertyName the name of the session property to use in the condition
+ * @return a property condition configured for the specified session property
+ */
+ public PropertyCondition sessionProperty(String propertyName) {
+ return new PropertyCondition("sessionPropertyCondition", propertyName, definitionsService);
+ }
+
+ /**
+ * Creates a condition for comparing an event property value.
+ *
+ * @param propertyName the name of the event property to use in the condition
+ * @return a property condition configured for the specified event property
+ */
+ public PropertyCondition eventProperty(String propertyName) {
+ return new PropertyCondition("eventPropertyCondition", propertyName, definitionsService);
+ }
+
+ /**
+ * Creates a condition for comparing any property value based on the specified condition type.
+ *
+ * @param conditionTypeId the ID of the condition type to use
+ * @param propertyName the name of the property to use in the condition
+ * @return a property condition for the specified property and condition type
+ */
public PropertyCondition property(String conditionTypeId, String propertyName) {
return new PropertyCondition(conditionTypeId, propertyName, definitionsService);
}
+ /**
+ * Creates a custom condition of the specified type.
+ *
+ * @param conditionTypeId the ID of the condition type to create
+ * @return a new condition item of the specified type
+ */
public ConditionItem condition(String conditionTypeId) {
return new ConditionItem(conditionTypeId, definitionsService);
}
public abstract class ComparisonCondition extends ConditionItem {
+ /**
+ * Constructs a new comparison condition of the specified type.
+ *
+ * @param conditionTypeId the ID of the condition type
+ * @param definitionsService the definitions service to resolve condition types
+ */
ComparisonCondition(String conditionTypeId, DefinitionsService definitionsService) {
super(conditionTypeId, definitionsService);
}
+ /**
+ * Checks if all values match the compared property.
+ *
+ * @param values the string values to check
+ * @return the condition with the all comparison operator and string values
+ */
public ComparisonCondition all(String... values) {
return op("all").stringValues(values);
}
+ /**
+ * Checks if all date values match the compared property.
+ *
+ * @param values the date values to check
+ * @return the condition with the all comparison operator and date values
+ */
public ComparisonCondition all(Date... values) {
return op("all").dateValues(values);
}
+ /**
+ * Checks if all integer values match the compared property.
+ *
+ * @param values the integer values to check
+ * @return the condition with the all comparison operator and integer values
+ */
public ComparisonCondition all(Integer... values) {
return op("all").integerValues(values);
}
+ /**
+ * Checks if the property contains the specified string value.
+ *
+ * @param value the string value to check for
+ * @return the condition with the contains comparison operator
+ */
public ComparisonCondition contains(String value) {
return op("contains").stringValue(value);
}
+ /**
+ * Checks if the property ends with the specified string value.
+ *
+ * @param value the string value to check against
+ * @return the condition with the endsWith comparison operator
+ */
public ComparisonCondition endsWith(String value) {
return op("endsWith").stringValue(value);
}
+ /**
+ * Checks if the property equals the specified string value.
+ *
+ * @param value the string value to compare with
+ * @return the condition with the equals comparison operator
+ */
public ComparisonCondition equalTo(String value) {
return op("equals").stringValue(value);
}
+ /**
+ * Checks if the property equals the specified date value.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the equals comparison operator
+ */
public ComparisonCondition equalTo(Date value) {
return op("equals").dateValue(value);
}
+ /**
+ * Checks if the property equals the specified integer value.
+ *
+ * @param value the integer value to compare with
+ * @return the condition with the equals comparison operator
+ */
public ComparisonCondition equalTo(Integer value) {
return op("equals").integerValue(value);
}
+ /**
+ * Checks if the property equals the specified double value.
+ *
+ * @param value the double value to compare with
+ * @return the condition with the equals comparison operator
+ */
public ComparisonCondition equalTo(Double value) {
return op("equals").doubleValue(value);
}
+ /**
+ * Checks if the property exists (is not null).
+ *
+ * @return the condition with the exists comparison operator
+ */
public ComparisonCondition exists() {
return op("exists");
}
+ /**
+ * Checks if the property is greater than the specified date value.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the greaterThan comparison operator
+ */
public ComparisonCondition greaterThan(Date value) {
return op("greaterThan").dateValue(value);
}
+ /**
+ * Checks if the property is greater than the specified integer value.
+ *
+ * @param value the integer value to compare with
+ * @return the condition with the greaterThan comparison operator
+ */
public ComparisonCondition greaterThan(Integer value) {
return op("greaterThan").integerValue(value);
}
+ /**
+ * Checks if the property is greater than the specified double value.
+ *
+ * @param value the double value to compare with
+ * @return the condition with the greaterThan comparison operator
+ */
public ComparisonCondition greaterThan(Double value) {
return op("greaterThan").doubleValue(value);
}
+ /**
+ * Checks if the property is greater than or equal to the specified date value.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the greaterThanOrEqualTo comparison operator
+ */
public ComparisonCondition greaterThanOrEqualTo(Date value) {
return op("greaterThanOrEqualTo").dateValue(value);
}
+ /**
+ * Checks if the property is greater than or equal to the specified integer value.
+ *
+ * @param value the integer value to compare with
+ * @return the condition with the greaterThanOrEqualTo comparison operator
+ */
public ComparisonCondition greaterThanOrEqualTo(Integer value) {
return op("greaterThanOrEqualTo").integerValue(value);
}
+ /**
+ * Checks if the property is greater than or equal to the specified double value.
+ *
+ * @param value the double value to compare with
+ * @return the condition with the greaterThanOrEqualTo comparison operator
+ */
public ComparisonCondition greaterThanOrEqualTo(Double value) {
return op("greaterThanOrEqualTo").doubleValue(value);
}
+ /**
+ * Checks if the property is in the set of specified string values.
+ *
+ * @param values the string values to check against
+ * @return the condition with the in comparison operator
+ */
public ComparisonCondition in(String... values) {
return op("in").stringValues(values);
}
+ /**
+ * Checks if the property is in the date range specified by expressions.
+ *
+ * @param values the date expression values to check against
+ * @return the condition with the in comparison operator
+ */
public ComparisonCondition inDateExpr(String... values) {
return op("in").dateExprValues(values);
}
+ /**
+ * Checks if the property is in the set of specified date values.
+ *
+ * @param values the date values to check against
+ * @return the condition with the in comparison operator
+ */
public ComparisonCondition in(Date... values) {
return op("in").dateValues(values);
}
+ /**
+ * Checks if the property is the same day as the specified date.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the isDay comparison operator
+ */
public ComparisonCondition isDay(Date value) {
return op("isDay").dateValue(value);
}
+ /**
+ * Checks if the property is the same day as the date specified by the expression.
+ *
+ * @param expression the date expression to compare with
+ * @return the condition with the isDay comparison operator
+ */
public ComparisonCondition isDay(String expression) {
return op("isDay").dateValueExpr(expression);
}
+ /**
+ * Checks if the property is not the same day as the specified date.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the isNotDay comparison operator
+ */
public ComparisonCondition isNotDay(Date value) {
return op("isNotDay").dateValue(value);
}
+ /**
+ * Checks if the property is not the same day as the date specified by the expression.
+ *
+ * @param expression the date expression to compare with
+ * @return the condition with the isNotDay comparison operator
+ */
public ComparisonCondition isNotDay(String expression) {
return op("isNotDay").dateValueExpr(expression);
}
+ /**
+ * Checks if the property is in the set of specified integer values.
+ *
+ * @param values the integer values to check against
+ * @return the condition with the in comparison operator
+ */
public ComparisonCondition in(Integer... values) {
return op("in").integerValues(values);
}
+ /**
+ * Checks if the property is in the set of specified double values.
+ *
+ * @param values the double values to check against
+ * @return the condition with the in comparison operator
+ */
public ComparisonCondition in(Double... values) {
return op("in").doubleValues(values);
}
+ /**
+ * Checks if the property is less than the specified date value.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the lessThan comparison operator
+ */
public ComparisonCondition lessThan(Date value) {
return op("lessThan").dateValue(value);
}
+ /**
+ * Checks if the property is less than the specified integer value.
+ *
+ * @param value the integer value to compare with
+ * @return the condition with the lessThan comparison operator
+ */
public ComparisonCondition lessThan(Integer value) {
return op("lessThan").integerValue(value);
}
+ /**
+ * Checks if the property is less than the specified double value.
+ *
+ * @param value the double value to compare with
+ * @return the condition with the lessThan comparison operator
+ */
public ComparisonCondition lessThan(Double value) {
return op("lessThan").doubleValue(value);
}
+ /**
+ * Checks if the property is less than or equal to the specified date value.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the lessThanOrEqualTo comparison operator
+ */
public ComparisonCondition lessThanOrEqualTo(Date value) {
return op("lessThanOrEqualTo").dateValue(value);
}
+ /**
+ * Checks if the property is less than or equal to the specified integer value.
+ *
+ * @param value the integer value to compare with
+ * @return the condition with the lessThanOrEqualTo comparison operator
+ */
public ComparisonCondition lessThanOrEqualTo(Integer value) {
return op("lessThanOrEqualTo").integerValue(value);
}
+ /**
+ * Checks if the property is between the specified date bounds (inclusive).
+ *
+ * @param lowerBound the lower bound date (inclusive)
+ * @param upperBound the upper bound date (inclusive)
+ * @return the condition with the between comparison operator
+ */
public ComparisonCondition between(Date lowerBound, Date upperBound) {
return op("between").dateValues(lowerBound, upperBound);
}
+ /**
+ * Checks if the property is between the specified integer bounds (inclusive).
+ *
+ * @param lowerBound the lower bound integer (inclusive)
+ * @param upperBound the upper bound integer (inclusive)
+ * @return the condition with the between comparison operator
+ */
public ComparisonCondition between(Integer lowerBound, Integer upperBound) {
return op("between").integerValues(lowerBound, upperBound);
}
+ /**
+ * Checks if the property is between the specified double bounds (inclusive).
+ *
+ * @param lowerBound the lower bound double (inclusive)
+ * @param upperBound the upper bound double (inclusive)
+ * @return the condition with the between comparison operator
+ */
+ public ComparisonCondition between(Double lowerBound, Double upperBound) {
+ return op("between").doubleValues(lowerBound, upperBound);
+ }
+
+ /**
+ * Checks if the property matches the specified regular expression.
+ *
+ * @param value the regular expression to match against
+ * @return the condition with the matchesRegex comparison operator
+ */
public ComparisonCondition matchesRegex(String value) {
return op("matchesRegex").stringValue(value);
}
+ /**
+ * Checks if the property is missing (null).
+ *
+ * @return the condition with the missing comparison operator
+ */
public ComparisonCondition missing() {
return op("missing");
}
+ /**
+ * Checks if the property is not equal to the specified string value.
+ *
+ * @param value the string value to compare with
+ * @return the condition with the notEquals comparison operator
+ */
public ComparisonCondition notEqualTo(String value) {
return op("notEquals").stringValue(value);
}
+ /**
+ * Checks if the property is not equal to the specified date value.
+ *
+ * @param value the date value to compare with
+ * @return the condition with the notEquals comparison operator
+ */
public ComparisonCondition notEqualTo(Date value) {
return op("notEquals").dateValue(value);
}
+ /**
+ * Checks if the property is not equal to the specified integer value.
+ *
+ * @param value the integer value to compare with
+ * @return the condition with the notEquals comparison operator
+ */
public ComparisonCondition notEqualTo(Integer value) {
return op("notEquals").integerValue(value);
}
+ /**
+ * Checks if the property is not equal to the specified double value.
+ *
+ * @param value the double value to compare with
+ * @return the condition with the notEquals comparison operator
+ */
public ComparisonCondition notEqualTo(Double value) {
return op("notEquals").doubleValue(value);
}
+ /**
+ * Checks if the property is not in the set of specified string values.
+ *
+ * @param values the string values to check against
+ * @return the condition with the notIn comparison operator
+ */
public ComparisonCondition notIn(String... values) {
return op("notIn").stringValues(values);
}
+ /**
+ * Checks if the property is not in the set of specified date values.
+ *
+ * @param values the date values to check against
+ * @return the condition with the notIn comparison operator
+ */
public ComparisonCondition notIn(Date... values) {
return op("notIn").dateValues(values);
}
+ /**
+ * Checks if the property is not in the date range specified by expressions.
+ *
+ * @param values the date expression values to check against
+ * @return the condition with the notIn comparison operator
+ */
public ComparisonCondition notInDateExpr(String... values) {
return op("notIn").dateExprValues(values);
}
+ /**
+ * Checks if the property is not in the set of specified integer values.
+ *
+ * @param values the integer values to check against
+ * @return the condition with the notIn comparison operator
+ */
public ComparisonCondition notIn(Integer... values) {
return op("notIn").integerValues(values);
}
+ /**
+ * Checks if the property is not in the set of specified double values.
+ *
+ * @param values the double values to check against
+ * @return the condition with the notIn comparison operator
+ */
public ComparisonCondition notIn(Double... values) {
return op("notIn").doubleValues(values);
}
+ /**
+ * Sets the comparison operator for this condition.
+ *
+ * @param op the comparison operator to set
+ * @return the condition with the specified operator
+ */
private ComparisonCondition op(String op) {
return parameter("comparisonOperator", op);
}
+ /**
+ * Sets a parameter value for this condition.
+ *
+ * @param name the parameter name
+ * @param value the parameter value
+ * @return the condition with the parameter set
+ */
@Override
public ComparisonCondition parameter(String name, Object value) {
return (ComparisonCondition) super.parameter(name, value);
}
+ /**
+ * Sets a parameter with multiple values for this condition.
+ *
+ * @param name the parameter name
+ * @param values the parameter values
+ * @return the condition with the parameter set
+ */
public ComparisonCondition parameter(String name, Object... values) {
return (ComparisonCondition) super.parameter(name, values);
}
+ /**
+ * Checks if the property starts with the specified string value.
+ *
+ * @param value the string value to check against
+ * @return the condition with the startsWith comparison operator
+ */
public ComparisonCondition startsWith(String value) {
return op("startsWith").stringValue(value);
}
+ /**
+ * Sets a string value for the property comparison.
+ *
+ * @param value the string value to set
+ * @return the condition with the string value set
+ */
private ComparisonCondition stringValue(String value) {
return parameter("propertyValue", value);
}
+ /**
+ * Sets an integer value for the property comparison.
+ *
+ * @param value the integer value to set
+ * @return the condition with the integer value set
+ */
private ComparisonCondition integerValue(Integer value) {
return parameter("propertyValueInteger", value);
}
+ /**
+ * Sets a double value for the property comparison.
+ *
+ * @param value the double value to set
+ * @return the condition with the double value set
+ */
private ComparisonCondition doubleValue(Double value) {
return parameter("propertyValueDouble", value);
}
+ /**
+ * Sets a date value for the property comparison.
+ *
+ * @param value the date value to set
+ * @return the condition with the date value set
+ */
private ComparisonCondition dateValue(Date value) {
return parameter("propertyValueDate", value);
}
+ /**
+ * Sets a date expression value for the property comparison.
+ *
+ * @param value the date expression value to set
+ * @return the condition with the date expression value set
+ */
private ComparisonCondition dateValueExpr(String value) {
return parameter("propertyValueDateExpr", value);
}
+ /**
+ * Sets multiple string values for the property comparison.
+ *
+ * @param values the string values to set
+ * @return the condition with the string values set
+ */
private ComparisonCondition stringValues(String... values) {
return parameter("propertyValues", values != null ? Arrays.asList(values) : null);
}
+ /**
+ * Sets multiple integer values for the property comparison.
+ *
+ * @param values the integer values to set
+ * @return the condition with the integer values set
+ */
private ComparisonCondition integerValues(Integer... values) {
return parameter("propertyValuesInteger", values != null ? Arrays.asList(values) : null);
}
+ /**
+ * Sets multiple double values for the property comparison.
+ *
+ * @param values the double values to set
+ * @return the condition with the double values set
+ */
private ComparisonCondition doubleValues(Double... values) {
return parameter("propertyValuesDouble", values != null ? Arrays.asList(values) : null);
}
+ /**
+ * Sets multiple date values for the property comparison.
+ *
+ * @param values the date values to set
+ * @return the condition with the date values set
+ */
private ComparisonCondition dateValues(Date... values) {
return parameter("propertyValuesDate", values != null ? Arrays.asList(values) : null);
}
+ /**
+ * Sets multiple date expression values for the property comparison.
+ *
+ * @param values the date expression values to set
+ * @return the condition with the date expression values set
+ */
private ComparisonCondition dateExprValues(String... values) {
return parameter("propertyValuesDateExpr", values != null ? Arrays.asList(values) : null);
}
}
+ /**
+ * Represents a compound condition combining multiple sub-conditions with a logical operator.
+ */
public class CompoundCondition extends ConditionItem {
+ /**
+ * Creates a compound condition with two sub-conditions and the specified logical operator.
+ *
+ * @param condition1 the first condition
+ * @param condition2 the second condition
+ * @param operator the logical operator to combine the conditions ("and", "or")
+ */
CompoundCondition(ConditionItem condition1, ConditionItem condition2, String operator) {
super("booleanCondition", condition1.definitionsService);
parameter("operator", operator);
@@ -318,7 +835,16 @@ public class CompoundCondition extends ConditionItem {
}
}
+ /**
+ * Represents a nested condition for querying nested objects or fields.
+ */
public class NestedCondition extends ConditionItem {
+ /**
+ * Creates a nested condition for the specified path with the given sub-condition.
+ *
+ * @param subCondition the condition to apply on the nested path
+ * @param path the path to the nested field
+ */
NestedCondition(ConditionItem subCondition, String path) {
super("nestedCondition", subCondition.definitionsService);
parameter("path", path);
@@ -326,27 +852,59 @@ public class NestedCondition extends ConditionItem {
}
}
+ /**
+ * Base class for all condition items. Provides methods to build conditions and set parameters.
+ */
public class ConditionItem {
protected Condition condition;
-
- private DefinitionsService definitionsService;
-
+ protected DefinitionsService definitionsService;
+
+ /**
+ * Creates a new condition item of the specified type.
+ *
+ * @param conditionTypeId the ID of the condition type to create
+ * @param definitionsService the definitions service to resolve condition types
+ * @throws IllegalArgumentException if the condition type is not found
+ */
ConditionItem(String conditionTypeId, DefinitionsService definitionsService) {
this.definitionsService = definitionsService;
+ ConditionType conditionType = definitionsService.getConditionType(conditionTypeId);
+ if (conditionType == null) {
+ throw new IllegalArgumentException("ConditionType not found: " + conditionTypeId);
+ }
condition = new Condition(
this.definitionsService.getConditionType(conditionTypeId));
}
+ /**
+ * Builds and returns the final condition object.
+ *
+ * @return the built condition
+ */
public Condition build() {
return condition;
}
+ /**
+ * Sets a parameter value for this condition.
+ *
+ * @param name the parameter name
+ * @param value the parameter value
+ * @return this condition item for method chaining
+ */
public ConditionItem parameter(String name, Object value) {
condition.setParameter(name, value);
return this;
}
+ /**
+ * Sets a parameter with multiple values for this condition.
+ *
+ * @param name the parameter name
+ * @param values the parameter values
+ * @return this condition item for method chaining
+ */
public ConditionItem parameter(String name, Object... values) {
condition.setParameter(name, values != null ? Arrays.asList(values) : null);
return this;
@@ -354,16 +912,34 @@ public ConditionItem parameter(String name, Object... values) {
}
+ /**
+ * Represents a NOT condition that negates the result of a sub-condition.
+ */
public class NotCondition extends ConditionItem {
+ /**
+ * Creates a NOT condition with the specified sub-condition.
+ *
+ * @param subCondition the condition to negate
+ */
NotCondition(ConditionItem subCondition) {
super("notCondition", subCondition.definitionsService);
parameter("subCondition", subCondition.build());
}
}
+ /**
+ * Represents a condition that compares a property value.
+ */
public class PropertyCondition extends ComparisonCondition {
+ /**
+ * Creates a property condition of the specified type for the given property name.
+ *
+ * @param conditionTypeId the ID of the condition type
+ * @param propertyName the name of the property to compare
+ * @param definitionsService the definitions service to resolve condition types
+ */
PropertyCondition(String conditionTypeId, String propertyName, DefinitionsService definitionsService) {
super(conditionTypeId, definitionsService);
condition.setParameter("propertyName", propertyName);
diff --git a/api/src/test/java/org/apache/unomi/api/tenants/TenantTest.java b/api/src/test/java/org/apache/unomi/api/tenants/TenantTest.java
new file mode 100644
index 0000000000..d5cd9cc236
--- /dev/null
+++ b/api/src/test/java/org/apache/unomi/api/tenants/TenantTest.java
@@ -0,0 +1,526 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.unomi.api.tenants;
+
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+import java.util.*;
+
+/**
+ * Unit tests for the Tenant class, specifically testing the API key resolution functionality.
+ */
+public class TenantTest {
+
+ @Test
+ public void testGetPrivateApiKeyWithNoApiKeys() {
+ Tenant tenant = new Tenant();
+ tenant.setApiKeys(null);
+
+ assertNull("Private API key should be null when no API keys exist", tenant.getPrivateApiKey());
+ }
+
+ @Test
+ public void testGetPrivateApiKeyWithEmptyApiKeys() {
+ Tenant tenant = new Tenant();
+ tenant.setApiKeys(new ArrayList<>());
+
+ assertNull("Private API key should be null when API keys list is empty", tenant.getPrivateApiKey());
+ }
+
+ @Test
+ public void testGetPrivateApiKeyWithOnlyPublicKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey publicKey = new ApiKey();
+ publicKey.setKey("public-key-1");
+ publicKey.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ publicKey.setRevoked(false);
+ publicKey.setCreationDate(new Date());
+ apiKeys.add(publicKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ assertNull("Private API key should be null when only public keys exist", tenant.getPrivateApiKey());
+ }
+
+ @Test
+ public void testGetPrivateApiKeyWithRevokedKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey revokedKey = new ApiKey();
+ revokedKey.setKey("private-key-1");
+ revokedKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ revokedKey.setRevoked(true);
+ revokedKey.setCreationDate(new Date());
+ apiKeys.add(revokedKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ assertNull("Private API key should be null when all private keys are revoked", tenant.getPrivateApiKey());
+ }
+
+ @Test
+ public void testGetPrivateApiKeyWithExpiredKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey expiredKey = new ApiKey();
+ expiredKey.setKey("private-key-1");
+ expiredKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ expiredKey.setRevoked(false);
+ expiredKey.setExpirationDate(new Date(System.currentTimeMillis() - 1000)); // Expired
+ expiredKey.setCreationDate(new Date());
+ apiKeys.add(expiredKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ assertNull("Private API key should be null when all private keys are expired", tenant.getPrivateApiKey());
+ }
+
+ @Test
+ public void testGetPrivateApiKeyWithValidKey() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey validKey = new ApiKey();
+ validKey.setKey("private-key-1");
+ validKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ validKey.setRevoked(false);
+ validKey.setCreationDate(new Date());
+ apiKeys.add(validKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ assertEquals("Private API key should be resolved from API keys", "private-key-1", tenant.getPrivateApiKey());
+ }
+
+ @Test
+ public void testGetPrivateApiKeyWithMultipleKeysReturnsLatest() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ Date oldDate = new Date(System.currentTimeMillis() - 10000);
+ Date newDate = new Date();
+
+ ApiKey oldKey = new ApiKey();
+ oldKey.setKey("private-key-old");
+ oldKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ oldKey.setRevoked(false);
+ oldKey.setCreationDate(oldDate);
+ apiKeys.add(oldKey);
+
+ ApiKey newKey = new ApiKey();
+ newKey.setKey("private-key-new");
+ newKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ newKey.setRevoked(false);
+ newKey.setCreationDate(newDate);
+ apiKeys.add(newKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ assertEquals("Private API key should return the most recently created key", "private-key-new", tenant.getPrivateApiKey());
+ }
+
+ @Test
+ public void testGetPrivateApiKeyAlwaysResolvesFromApiKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey validKey = new ApiKey();
+ validKey.setKey("private-key-1");
+ validKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ validKey.setRevoked(false);
+ validKey.setCreationDate(new Date());
+ apiKeys.add(validKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ // First call should resolve
+ String firstCall = tenant.getPrivateApiKey();
+ assertEquals("First call should return correct key", "private-key-1", firstCall);
+
+ // Modify the API key to be revoked
+ validKey.setRevoked(true);
+
+ // Second call should return null since key is now revoked
+ String secondCall = tenant.getPrivateApiKey();
+ assertNull("Second call should return null after key is revoked", secondCall);
+
+ // Reactivate the key
+ validKey.setRevoked(false);
+
+ // Third call should return the key again
+ String thirdCall = tenant.getPrivateApiKey();
+ assertEquals("Third call should return key again after reactivation", "private-key-1", thirdCall);
+ }
+
+ @Test
+ public void testGetPublicApiKeyWithNoApiKeys() {
+ Tenant tenant = new Tenant();
+ tenant.setApiKeys(null);
+
+ assertNull("Public API key should be null when no API keys exist", tenant.getPublicApiKey());
+ }
+
+ @Test
+ public void testGetPublicApiKeyWithEmptyApiKeys() {
+ Tenant tenant = new Tenant();
+ tenant.setApiKeys(new ArrayList<>());
+
+ assertNull("Public API key should be null when API keys list is empty", tenant.getPublicApiKey());
+ }
+
+ @Test
+ public void testGetPublicApiKeyWithOnlyPrivateKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey privateKey = new ApiKey();
+ privateKey.setKey("private-key-1");
+ privateKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ privateKey.setRevoked(false);
+ privateKey.setCreationDate(new Date());
+ apiKeys.add(privateKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ assertNull("Public API key should be null when only private keys exist", tenant.getPublicApiKey());
+ }
+
+ @Test
+ public void testGetPublicApiKeyWithValidKey() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey validKey = new ApiKey();
+ validKey.setKey("public-key-1");
+ validKey.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ validKey.setRevoked(false);
+ validKey.setCreationDate(new Date());
+ apiKeys.add(validKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ assertEquals("Public API key should be resolved from API keys", "public-key-1", tenant.getPublicApiKey());
+ }
+
+ @Test
+ public void testGetPublicApiKeyAlwaysResolvesFromApiKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ ApiKey validKey = new ApiKey();
+ validKey.setKey("public-key-1");
+ validKey.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ validKey.setRevoked(false);
+ validKey.setCreationDate(new Date());
+ apiKeys.add(validKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ // First call should resolve
+ String firstCall = tenant.getPublicApiKey();
+ assertEquals("First call should return correct key", "public-key-1", firstCall);
+
+ // Modify the API key to be revoked
+ validKey.setRevoked(true);
+
+ // Second call should return null since key is now revoked
+ String secondCall = tenant.getPublicApiKey();
+ assertNull("Second call should return null after key is revoked", secondCall);
+
+ // Reactivate the key
+ validKey.setRevoked(false);
+
+ // Third call should return the key again
+ String thirdCall = tenant.getPublicApiKey();
+ assertEquals("Third call should return key again after reactivation", "public-key-1", thirdCall);
+ }
+
+ @Test
+ public void testGetActivePrivateApiKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ // Add various private keys
+ ApiKey revokedKey = new ApiKey();
+ revokedKey.setKey("revoked-private");
+ revokedKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ revokedKey.setRevoked(true);
+ apiKeys.add(revokedKey);
+
+ ApiKey expiredKey = new ApiKey();
+ expiredKey.setKey("expired-private");
+ expiredKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ expiredKey.setRevoked(false);
+ expiredKey.setExpirationDate(new Date(System.currentTimeMillis() - 1000));
+ apiKeys.add(expiredKey);
+
+ ApiKey validKey1 = new ApiKey();
+ validKey1.setKey("valid-private-1");
+ validKey1.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ validKey1.setRevoked(false);
+ apiKeys.add(validKey1);
+
+ ApiKey validKey2 = new ApiKey();
+ validKey2.setKey("valid-private-2");
+ validKey2.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ validKey2.setRevoked(false);
+ apiKeys.add(validKey2);
+
+ tenant.setApiKeys(apiKeys);
+
+ List activeKeys = tenant.getActivePrivateApiKeys();
+ assertEquals("Should return 2 active private keys", 2, activeKeys.size());
+ assertTrue("Should contain valid-private-1", activeKeys.stream().anyMatch(key -> "valid-private-1".equals(key.getKey())));
+ assertTrue("Should contain valid-private-2", activeKeys.stream().anyMatch(key -> "valid-private-2".equals(key.getKey())));
+ }
+
+ @Test
+ public void testGetActivePublicApiKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ // Add various public keys
+ ApiKey revokedKey = new ApiKey();
+ revokedKey.setKey("revoked-public");
+ revokedKey.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ revokedKey.setRevoked(true);
+ apiKeys.add(revokedKey);
+
+ ApiKey expiredKey = new ApiKey();
+ expiredKey.setKey("expired-public");
+ expiredKey.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ expiredKey.setRevoked(false);
+ expiredKey.setExpirationDate(new Date(System.currentTimeMillis() - 1000));
+ apiKeys.add(expiredKey);
+
+ ApiKey validKey1 = new ApiKey();
+ validKey1.setKey("valid-public-1");
+ validKey1.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ validKey1.setRevoked(false);
+ apiKeys.add(validKey1);
+
+ ApiKey validKey2 = new ApiKey();
+ validKey2.setKey("valid-public-2");
+ validKey2.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ validKey2.setRevoked(false);
+ apiKeys.add(validKey2);
+
+ tenant.setApiKeys(apiKeys);
+
+ List activeKeys = tenant.getActivePublicApiKeys();
+ assertEquals("Should return 2 active public keys", 2, activeKeys.size());
+ assertTrue("Should contain valid-public-1", activeKeys.stream().anyMatch(key -> "valid-public-1".equals(key.getKey())));
+ assertTrue("Should contain valid-public-2", activeKeys.stream().anyMatch(key -> "valid-public-2".equals(key.getKey())));
+ }
+
+ @Test
+ public void testGetActiveApiKeys() {
+ Tenant tenant = new Tenant();
+ List apiKeys = new ArrayList<>();
+
+ // Add various keys
+ ApiKey revokedPrivateKey = new ApiKey();
+ revokedPrivateKey.setKey("revoked-private");
+ revokedPrivateKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ revokedPrivateKey.setRevoked(true);
+ apiKeys.add(revokedPrivateKey);
+
+ ApiKey expiredPublicKey = new ApiKey();
+ expiredPublicKey.setKey("expired-public");
+ expiredPublicKey.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ expiredPublicKey.setRevoked(false);
+ expiredPublicKey.setExpirationDate(new Date(System.currentTimeMillis() - 1000));
+ apiKeys.add(expiredPublicKey);
+
+ ApiKey validPrivateKey = new ApiKey();
+ validPrivateKey.setKey("valid-private");
+ validPrivateKey.setKeyType(ApiKey.ApiKeyType.PRIVATE);
+ validPrivateKey.setRevoked(false);
+ apiKeys.add(validPrivateKey);
+
+ ApiKey validPublicKey = new ApiKey();
+ validPublicKey.setKey("valid-public");
+ validPublicKey.setKeyType(ApiKey.ApiKeyType.PUBLIC);
+ validPublicKey.setRevoked(false);
+ apiKeys.add(validPublicKey);
+
+ tenant.setApiKeys(apiKeys);
+
+ List