SDMEXT:1871:Delete Flow with authorities(to support user email logged in audit log)

[rashmiangadi11]

Describe your changes

Any documentation

Currently we only have technical credentials flow for delete in our plugin. With this in audit log service it says deleted by clientId but what if a actual user has deleted it. To solve that we generate token by passing authorities as below to the auth url.

authorities=%7B%22az_attr%22%3A%7B%22X-EcmUserEnc%22%3A%22rtest.test%40sapworkspace.com%22%2C%22X-EcmAddPrincipals%22%3A%testUser%22%7D%7D

This is done using a concept from cloud sdk called Oauth2PropertySupplier where the authorities node is formed and passed as options to the destination.

Now when a user deletes the attachment, the user email is captured added to authorities and then the same user email appears in the auditlog for delete folder/document.

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Checklist before requesting a review

• I follow Java Development Guidelines for SAP
• I have tested the functionality on my cloud environment.
• I have provided sufficient automated/ unit tests for the code.
• I have increased or maintained the test coverage.
• I have ran integration tests on my cloud environment.
• I have validated blackduck portal for any vulnerability after my commit.

Upload Screenshots/lists of the scenarios tested

• I have Uploaded Screenshots or added lists of the scenarios tested in description

Below is the screenshot attached for auditlog email logged