From ff44a9ca40ae776a686b924ec8a23acd71c98e86 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 8 May 2018 18:43:06 +0530 Subject: [PATCH 01/36] m2m token support --- config/custom-environment-variables.json | 4 ++-- package.json | 2 +- src/util.js | 6 ++++++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index 59ff0ddd..b1a48ec5 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -1,5 +1,5 @@ { - "authSecret": "AUTH_SECRET", + "AUTH_SECRET": "AUTH_SECRET", "logLevel": "LOG_LEVEL", "version": "APP_VERSION", "captureLogs": "CAPTURE_LOGS", @@ -37,7 +37,7 @@ "minPoolSize": "DB_MIN_POOL_SIZE" }, "analyticsKey": "ANALYTICS_KEY", - "validIssuers": "VALID_ISSUERS", + "VALID_ISSUERS": "VALID_ISSUERS", "jwksUri": "JWKS_URI", "busApiUrl": "BUS_API_URL", "busApiToken": "BUS_API_TOKEN" diff --git a/package.json b/package.json index b6234466..39665962 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "pg": "^4.5.5", "pg-native": "^1.10.0", "sequelize": "^3.23.0", - "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.2", + "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.3", "traverse": "^0.6.6", "urlencode": "^1.1.0" }, diff --git a/src/util.js b/src/util.js index 6371f726..0c4a1d1c 100644 --- a/src/util.js +++ b/src/util.js @@ -70,6 +70,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRole: (req, role) => { + let isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.indexOf(roles, role.toLowerCase()) >= 0; @@ -81,6 +83,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRoles: (req, roles) => { + let isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let authRoles = _.get(req, 'authUser.roles', []); authRoles = authRoles.map(s => s.toLowerCase()); return _.intersection(authRoles, roles.map(r => r.toLowerCase())).length > 0; @@ -101,6 +105,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasAdminRole: (req) => { + let isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.intersection(roles, ADMIN_ROLES.map(r => r.toLowerCase())).length > 0; From 33d6b1ce4c8b189ff96afcf8fc9333c8b032c5cf Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 14:08:17 +0530 Subject: [PATCH 02/36] fixing lint error. --- src/util.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/util.js b/src/util.js index 0c4a1d1c..399e119c 100644 --- a/src/util.js +++ b/src/util.js @@ -70,7 +70,7 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRole: (req, role) => { - let isMachineToken = _.get(req, 'authUser.isMachine', false); + const isMachineToken = _.get(req, 'authUser.isMachine', false); if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); @@ -83,7 +83,7 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRoles: (req, roles) => { - let isMachineToken = _.get(req, 'authUser.isMachine', false); + const isMachineToken = _.get(req, 'authUser.isMachine', false); if (isMachineToken) return true; let authRoles = _.get(req, 'authUser.roles', []); authRoles = authRoles.map(s => s.toLowerCase()); @@ -105,7 +105,7 @@ _.assignIn(util, { * @return {boolean} true/false */ hasAdminRole: (req) => { - let isMachineToken = _.get(req, 'authUser.isMachine', false); + const isMachineToken = _.get(req, 'authUser.isMachine', false); if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); From a6e7fecb865f86efcfe59ef51354547db2c25ed6 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 14:20:14 +0530 Subject: [PATCH 03/36] env variables name change and clean-up to tc-core v2.3 accordingly. --- config/default.json | 6 ++---- config/development.json | 1 - config/test.json | 3 +-- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/config/default.json b/config/default.json index dd753d8e..7ec4c742 100644 --- a/config/default.json +++ b/config/default.json @@ -1,6 +1,5 @@ { - "authSecret": "secret", - "authDomain": "topcoder-dev.com", + "AUTH_SECRET": "secret", "logLevel": "info", "version": "v4", "captureLogs": "false", @@ -42,8 +41,7 @@ "idleTimeout": 1000 }, "analyticsKey": "", - "validIssuers": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", - "jwksUri": "", + "VALID_ISSUERS": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", "busApiUrl": "http://api.topcoder-dev.com", "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE" } diff --git a/config/development.json b/config/development.json index b7de350a..7e8ce29d 100644 --- a/config/development.json +++ b/config/development.json @@ -1,5 +1,4 @@ { - "authDomain": "topcoder-dev.com", "pubsubQueueName": "dev.project.service", "pubsubExchangeName": "dev.projects", "attachmentsS3Bucket": "topcoder-dev-media" diff --git a/config/test.json b/config/test.json index 2b045431..26d22a7a 100644 --- a/config/test.json +++ b/config/test.json @@ -1,6 +1,5 @@ { - "authSecret": "secret", - "authDomain": "topcoder-dev.com", + "AUTH_SECRET": "secret", "logLevel": "debug", "captureLogs": "false", "logentriesToken": "", From ca54392416f596e4f9946c20a8d29bd60d491182 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 15:15:03 +0530 Subject: [PATCH 04/36] temp off for testing.. --- src/routes/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/index.js b/src/routes/index.js index 16018aef..6adf59e7 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -94,7 +94,7 @@ router.use((err, req, res, next) => { // eslint-disable-line no-unused-vars } const rerr = err; rerr.status = rerr.status || 500; - req.log.error(rerr); + //req.log.error(rerr); res.status(rerr.status).send(body); }); From 541cd13e971f6feed4403cc48de8645eb7bd1e15 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 15:19:47 +0530 Subject: [PATCH 05/36] fix lint issue. --- src/routes/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/index.js b/src/routes/index.js index 6adf59e7..7fe8de11 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -94,7 +94,7 @@ router.use((err, req, res, next) => { // eslint-disable-line no-unused-vars } const rerr = err; rerr.status = rerr.status || 500; - //req.log.error(rerr); + // req.log.error(rerr); res.status(rerr.status).send(body); }); From 94fb783ae26d008f668908c9f6ea575497d840de Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 15:39:07 +0530 Subject: [PATCH 06/36] reverting temp fix. --- src/routes/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/index.js b/src/routes/index.js index 7fe8de11..16018aef 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -94,7 +94,7 @@ router.use((err, req, res, next) => { // eslint-disable-line no-unused-vars } const rerr = err; rerr.status = rerr.status || 500; - // req.log.error(rerr); + req.log.error(rerr); res.status(rerr.status).send(body); }); From d93236e21c4e4d19974ca4b32dea2e3e3f008416 Mon Sep 17 00:00:00 2001 From: sachin-maheshwari Date: Wed, 9 May 2018 15:51:32 +0530 Subject: [PATCH 07/36] Revert "m2m token support " --- config/custom-environment-variables.json | 4 ++-- config/default.json | 6 ++++-- config/development.json | 1 + config/test.json | 3 ++- package.json | 2 +- src/util.js | 6 ------ 6 files changed, 10 insertions(+), 12 deletions(-) diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index b1a48ec5..59ff0ddd 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -1,5 +1,5 @@ { - "AUTH_SECRET": "AUTH_SECRET", + "authSecret": "AUTH_SECRET", "logLevel": "LOG_LEVEL", "version": "APP_VERSION", "captureLogs": "CAPTURE_LOGS", @@ -37,7 +37,7 @@ "minPoolSize": "DB_MIN_POOL_SIZE" }, "analyticsKey": "ANALYTICS_KEY", - "VALID_ISSUERS": "VALID_ISSUERS", + "validIssuers": "VALID_ISSUERS", "jwksUri": "JWKS_URI", "busApiUrl": "BUS_API_URL", "busApiToken": "BUS_API_TOKEN" diff --git a/config/default.json b/config/default.json index 7ec4c742..dd753d8e 100644 --- a/config/default.json +++ b/config/default.json @@ -1,5 +1,6 @@ { - "AUTH_SECRET": "secret", + "authSecret": "secret", + "authDomain": "topcoder-dev.com", "logLevel": "info", "version": "v4", "captureLogs": "false", @@ -41,7 +42,8 @@ "idleTimeout": 1000 }, "analyticsKey": "", - "VALID_ISSUERS": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", + "validIssuers": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", + "jwksUri": "", "busApiUrl": "http://api.topcoder-dev.com", "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE" } diff --git a/config/development.json b/config/development.json index 7e8ce29d..b7de350a 100644 --- a/config/development.json +++ b/config/development.json @@ -1,4 +1,5 @@ { + "authDomain": "topcoder-dev.com", "pubsubQueueName": "dev.project.service", "pubsubExchangeName": "dev.projects", "attachmentsS3Bucket": "topcoder-dev-media" diff --git a/config/test.json b/config/test.json index 26d22a7a..2b045431 100644 --- a/config/test.json +++ b/config/test.json @@ -1,5 +1,6 @@ { - "AUTH_SECRET": "secret", + "authSecret": "secret", + "authDomain": "topcoder-dev.com", "logLevel": "debug", "captureLogs": "false", "logentriesToken": "", diff --git a/package.json b/package.json index 39665962..b6234466 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "pg": "^4.5.5", "pg-native": "^1.10.0", "sequelize": "^3.23.0", - "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.3", + "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.2", "traverse": "^0.6.6", "urlencode": "^1.1.0" }, diff --git a/src/util.js b/src/util.js index 399e119c..6371f726 100644 --- a/src/util.js +++ b/src/util.js @@ -70,8 +70,6 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRole: (req, role) => { - const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.indexOf(roles, role.toLowerCase()) >= 0; @@ -83,8 +81,6 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRoles: (req, roles) => { - const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; let authRoles = _.get(req, 'authUser.roles', []); authRoles = authRoles.map(s => s.toLowerCase()); return _.intersection(authRoles, roles.map(r => r.toLowerCase())).length > 0; @@ -105,8 +101,6 @@ _.assignIn(util, { * @return {boolean} true/false */ hasAdminRole: (req) => { - const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.intersection(roles, ADMIN_ROLES.map(r => r.toLowerCase())).length > 0; From eef6233bdffa9f6b49ce0a3ddbc528da39493ab7 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 16:16:47 +0530 Subject: [PATCH 08/36] fixing middleware logger health check URL issue. --- config/default.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/config/default.json b/config/default.json index 7ec4c742..32a3a965 100644 --- a/config/default.json +++ b/config/default.json @@ -43,5 +43,6 @@ "analyticsKey": "", "VALID_ISSUERS": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", "busApiUrl": "http://api.topcoder-dev.com", - "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE" + "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE", + "HEALTH_CHECK_URL": "_health" } From af165c3b49b890506c3fd50f44f54dc9ddd5a71e Mon Sep 17 00:00:00 2001 From: sachin-maheshwari Date: Wed, 9 May 2018 16:29:04 +0530 Subject: [PATCH 09/36] Revert "Revert "m2m token support "" --- config/custom-environment-variables.json | 4 ++-- config/default.json | 6 ++---- config/development.json | 1 - config/test.json | 3 +-- package.json | 2 +- src/util.js | 6 ++++++ 6 files changed, 12 insertions(+), 10 deletions(-) diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index 59ff0ddd..b1a48ec5 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -1,5 +1,5 @@ { - "authSecret": "AUTH_SECRET", + "AUTH_SECRET": "AUTH_SECRET", "logLevel": "LOG_LEVEL", "version": "APP_VERSION", "captureLogs": "CAPTURE_LOGS", @@ -37,7 +37,7 @@ "minPoolSize": "DB_MIN_POOL_SIZE" }, "analyticsKey": "ANALYTICS_KEY", - "validIssuers": "VALID_ISSUERS", + "VALID_ISSUERS": "VALID_ISSUERS", "jwksUri": "JWKS_URI", "busApiUrl": "BUS_API_URL", "busApiToken": "BUS_API_TOKEN" diff --git a/config/default.json b/config/default.json index 167c89b5..32a3a965 100644 --- a/config/default.json +++ b/config/default.json @@ -1,6 +1,5 @@ { - "authSecret": "secret", - "authDomain": "topcoder-dev.com", + "AUTH_SECRET": "secret", "logLevel": "info", "version": "v4", "captureLogs": "false", @@ -42,8 +41,7 @@ "idleTimeout": 1000 }, "analyticsKey": "", - "validIssuers": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", - "jwksUri": "", + "VALID_ISSUERS": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", "busApiUrl": "http://api.topcoder-dev.com", "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE", "HEALTH_CHECK_URL": "_health" diff --git a/config/development.json b/config/development.json index b7de350a..7e8ce29d 100644 --- a/config/development.json +++ b/config/development.json @@ -1,5 +1,4 @@ { - "authDomain": "topcoder-dev.com", "pubsubQueueName": "dev.project.service", "pubsubExchangeName": "dev.projects", "attachmentsS3Bucket": "topcoder-dev-media" diff --git a/config/test.json b/config/test.json index 2b045431..26d22a7a 100644 --- a/config/test.json +++ b/config/test.json @@ -1,6 +1,5 @@ { - "authSecret": "secret", - "authDomain": "topcoder-dev.com", + "AUTH_SECRET": "secret", "logLevel": "debug", "captureLogs": "false", "logentriesToken": "", diff --git a/package.json b/package.json index b6234466..39665962 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "pg": "^4.5.5", "pg-native": "^1.10.0", "sequelize": "^3.23.0", - "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.2", + "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.3", "traverse": "^0.6.6", "urlencode": "^1.1.0" }, diff --git a/src/util.js b/src/util.js index 6371f726..399e119c 100644 --- a/src/util.js +++ b/src/util.js @@ -70,6 +70,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRole: (req, role) => { + const isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.indexOf(roles, role.toLowerCase()) >= 0; @@ -81,6 +83,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRoles: (req, roles) => { + const isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let authRoles = _.get(req, 'authUser.roles', []); authRoles = authRoles.map(s => s.toLowerCase()); return _.intersection(authRoles, roles.map(r => r.toLowerCase())).length > 0; @@ -101,6 +105,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasAdminRole: (req) => { + const isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.intersection(roles, ADMIN_ROLES.map(r => r.toLowerCase())).length > 0; From e7424db69d9216eefec6a9b5f08e8f7f1f85779c Mon Sep 17 00:00:00 2001 From: vikasrohit Date: Wed, 9 May 2018 17:13:28 +0530 Subject: [PATCH 10/36] Revert "Reapplying "m2m token support"" --- config/custom-environment-variables.json | 4 ++-- config/default.json | 6 ++++-- config/development.json | 1 + config/test.json | 3 ++- package.json | 2 +- src/util.js | 6 ------ 6 files changed, 10 insertions(+), 12 deletions(-) diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index b1a48ec5..59ff0ddd 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -1,5 +1,5 @@ { - "AUTH_SECRET": "AUTH_SECRET", + "authSecret": "AUTH_SECRET", "logLevel": "LOG_LEVEL", "version": "APP_VERSION", "captureLogs": "CAPTURE_LOGS", @@ -37,7 +37,7 @@ "minPoolSize": "DB_MIN_POOL_SIZE" }, "analyticsKey": "ANALYTICS_KEY", - "VALID_ISSUERS": "VALID_ISSUERS", + "validIssuers": "VALID_ISSUERS", "jwksUri": "JWKS_URI", "busApiUrl": "BUS_API_URL", "busApiToken": "BUS_API_TOKEN" diff --git a/config/default.json b/config/default.json index 32a3a965..167c89b5 100644 --- a/config/default.json +++ b/config/default.json @@ -1,5 +1,6 @@ { - "AUTH_SECRET": "secret", + "authSecret": "secret", + "authDomain": "topcoder-dev.com", "logLevel": "info", "version": "v4", "captureLogs": "false", @@ -41,7 +42,8 @@ "idleTimeout": 1000 }, "analyticsKey": "", - "VALID_ISSUERS": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", + "validIssuers": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", + "jwksUri": "", "busApiUrl": "http://api.topcoder-dev.com", "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE", "HEALTH_CHECK_URL": "_health" diff --git a/config/development.json b/config/development.json index 7e8ce29d..b7de350a 100644 --- a/config/development.json +++ b/config/development.json @@ -1,4 +1,5 @@ { + "authDomain": "topcoder-dev.com", "pubsubQueueName": "dev.project.service", "pubsubExchangeName": "dev.projects", "attachmentsS3Bucket": "topcoder-dev-media" diff --git a/config/test.json b/config/test.json index 26d22a7a..2b045431 100644 --- a/config/test.json +++ b/config/test.json @@ -1,5 +1,6 @@ { - "AUTH_SECRET": "secret", + "authSecret": "secret", + "authDomain": "topcoder-dev.com", "logLevel": "debug", "captureLogs": "false", "logentriesToken": "", diff --git a/package.json b/package.json index 39665962..b6234466 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "pg": "^4.5.5", "pg-native": "^1.10.0", "sequelize": "^3.23.0", - "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.3", + "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.2", "traverse": "^0.6.6", "urlencode": "^1.1.0" }, diff --git a/src/util.js b/src/util.js index 399e119c..6371f726 100644 --- a/src/util.js +++ b/src/util.js @@ -70,8 +70,6 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRole: (req, role) => { - const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.indexOf(roles, role.toLowerCase()) >= 0; @@ -83,8 +81,6 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRoles: (req, roles) => { - const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; let authRoles = _.get(req, 'authUser.roles', []); authRoles = authRoles.map(s => s.toLowerCase()); return _.intersection(authRoles, roles.map(r => r.toLowerCase())).length > 0; @@ -105,8 +101,6 @@ _.assignIn(util, { * @return {boolean} true/false */ hasAdminRole: (req) => { - const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.intersection(roles, ADMIN_ROLES.map(r => r.toLowerCase())).length > 0; From 38a5b613188ab974b3e9c79f3ab77c6ba61b7d67 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Wed, 9 May 2018 17:16:51 +0530 Subject: [PATCH 11/36] CircleCI 2.0 upgrade Moved from EBS to ECS for deployment --- .circleci/config.yml | 85 ++++++ .ebextensions/01-environment-variables.config | 24 -- Dockerfile | 12 - build.sh | 15 ++ circle.yml | 55 ---- config/custom-environment-variables.json | 13 +- config/default.json | 11 +- config/sample.local.js | 9 - deploy.sh | 243 ++++++++++++++++++ ebs_deploy.sh | 22 -- src/app.js | 15 ++ src/routes/index.js | 7 +- src/routes/projects/create.js | 5 +- src/routes/projects/list.js | 17 ++ src/services/topicService.js | 53 ---- src/util.js | 2 +- 16 files changed, 388 insertions(+), 200 deletions(-) create mode 100644 .circleci/config.yml create mode 100755 build.sh delete mode 100644 circle.yml create mode 100755 deploy.sh delete mode 100755 ebs_deploy.sh delete mode 100644 src/services/topicService.js diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000..4fea1158 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,85 @@ +version: 2 +jobs: + test: + docker: + - image: circleci/node:8.9.4 + - image: circleci/postgres:9.6.2-alpine + environment: + - POSTGRES_USER: circle_test + - POSTGRES_DB: circle_test + - image: elasticsearch:2.3 + environment: + DB_MASTER_URL: postgres://circle_test:@127.0.0.1:5432/circle_test + AUTH_SECRET: secret + AUTH_DOMAIN: topcoder-dev.com + LOG_LEVEL: debug + APP_VERSION: v4 + steps: + - checkout + - restore_cache: + key: test-node-modules-{{ checksum "package.json" }} + - run: npm install + - save_cache: + key: test-node-modules-{{ checksum "package.json" }} + paths: + - node_modules + - run: npm run lint + - run: npm run test + - run: npm run build + - persist_to_workspace: + root: . + paths: + - dist + deployDev: + docker: + - image: docker:17.06.1-ce-git + steps: + - checkout + - setup_remote_docker + - run: + name: Installation of build dependencies. + command: apk add --no-cache bash + - attach_workspace: + at: ./workspace + - run: + name: Installing AWS client + command: | + apk add --no-cache jq py-pip sudo + sudo pip install awscli --upgrade + - run: ./build.sh DEV + - run: ./deploy.sh DEV + deployProd: + docker: + - image: docker:17.06.1-ce-git + steps: + - checkout + - setup_remote_docker + - run: + name: Installation of build dependencies. + command: apk add --no-cache bash + - attach_workspace: + at: ./workspace + - run: + name: Installing AWS client + command: | + apk add --no-cache jq py-pip sudo + sudo pip install awscli --upgrade + - run: ./build.sh PROD + - run: ./deploy.sh PROD +workflows: + version: 2 + build: + jobs: + - test + - deployDev: + requires: + - test + filters: + branches: + only: dev + - deployProd: + requires: + - test + filters: + branches: + only: 'master' diff --git a/.ebextensions/01-environment-variables.config b/.ebextensions/01-environment-variables.config index ded02ed4..8d8d7ffc 100644 --- a/.ebextensions/01-environment-variables.config +++ b/.ebextensions/01-environment-variables.config @@ -32,9 +32,6 @@ option_settings: - namespace: aws:elasticbeanstalk:application:environment option_name: DIRECT_PROJECT_SERVICE_ENDPOINT value: TBD - - namespace: aws:elasticbeanstalk:application:environment - option_name: TOPIC_SERVICE_ENDPOINT - value: TBD - namespace: aws:elasticbeanstalk:application:environment option_name: FILE_SERVICE_ENDPOINT value: TBD @@ -53,27 +50,6 @@ option_settings: - namespace: aws:elasticbeanstalk:application:environment option_name: AWS_SECRET_ACCESS_KEY value: TBD - - namespace: aws:elasticbeanstalk:application:environment - option_name: SALESFORCE_WEB_TO_LEAD_URL - value: https://www.salesforce.com/servlet/servlet.WebToLead?encoding=UTF-8 - - namespace: aws:elasticbeanstalk:application:environment - option_name: SALESFORCE_ORG_ID - value: TBD - - namespace: aws:elasticbeanstalk:application:environment - option_name: SALESFORCE_LEAD_PROJECT_NAME - value: TBD - - namespace: aws:elasticbeanstalk:application:environment - option_name: SALESFORCE_LEAD_PROJECT_DESC - value: TBD - - namespace: aws:elasticbeanstalk:application:environment - option_name: SALESFORCE_LEAD_PROJECT_LINK - value: TBD - - namespace: aws:elasticbeanstalk:application:environment - option_name: SALESFORCE_LEAD_PROJECT_ID - value: TBD - namespace: aws:elasticbeanstalk:application:environment option_name: CONNECT_PROJECTS_URL value: TBD - - namespace: aws:elasticbeanstalk:application:environment - option_name: USER_SERVICE_URL - value: TBD diff --git a/Dockerfile b/Dockerfile index 2a7fe789..8c947c22 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,18 +2,6 @@ FROM node:6.9.4 LABEL version="1.0" LABEL description="Projects microservice" -RUN apt-get update && \ - apt-get upgrade -y - -# install aws -RUN apt-get install -y \ - ssh \ - python \ - python-dev \ - python-pip - -RUN pip install awscli - RUN apt-get install libpq-dev # Create app directory RUN mkdir -p /usr/src/app diff --git a/build.sh b/build.sh new file mode 100755 index 00000000..6e97ae07 --- /dev/null +++ b/build.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash + +# more bash-friendly output for jq +JQ="jq --raw-output --exit-status" + +ENV=$1 +AWS_REGION=$(eval "echo \$${ENV}_AWS_REGION") +ACCOUNT_ID=$(eval "echo \$${ENV}_AWS_ACCOUNT_ID") +AWS_REPOSITORY=$(eval "echo \$${ENV}_AWS_REPOSITORY") + +build() { + docker build -t $ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$AWS_REPOSITORY:$CIRCLE_SHA1 . +} + +build \ No newline at end of file diff --git a/circle.yml b/circle.yml deleted file mode 100644 index ddc060f3..00000000 --- a/circle.yml +++ /dev/null @@ -1,55 +0,0 @@ -machine: - - node: - version: v6.9.4 - environment: - DB_MASTER_URL: postgres://ubuntu:@127.0.0.1:5432/circle_test - #RABBITMQ_URL: amqp://localhost:5672 - AUTH_SECRET: secret - AUTH_DOMAIN: topcoder-dev.com - LOG_LEVEL: debug - APP_VERSION: v4 - -dependencies: - pre: - - pip install awsebcli - override: - - npm install - - wget https://download.elastic.co/elasticsearch/release/org/elasticsearch/distribution/tar/elasticsearch/2.3.5/elasticsearch-2.3.5.tar.gz - - tar -xvf elasticsearch-2.3.5.tar.gz - - elasticsearch-2.3.5/bin/elasticsearch: {background: true} - # Make sure that Elasticsearch is up before running tests: - - sleep 10 && wget --waitretry=5 --retry-connrefused -v http://127.0.0.1:9200/ - - -deployment: - development: - branch: [dev, 'feature/admin-endpoints'] - commands: - - ./ebs_deploy.sh tc-project-service DEV $CIRCLE_BUILD_NUM - - - production: - branch: master - commands: - - ./ebs_deploy.sh tc-project-service PROD $CIRCLE_BUILD_NUM - - # tag: /v[0-9]+(\.[0-9]+)*/ - # owner: appirio-tech - # commands: - # - ./ebs_deploy.sh tc-project-service PROD $CIRCLE_TAG - -general: - artifacts: - - ./coverage - -notify: - webhooks: - # slack - product-dev - - url: https://hooks.slack.com/services/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 - -experimental: - notify: - branches: - only: - - master diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index 59ff0ddd..40b5c6b8 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -1,4 +1,5 @@ { + "apiVersion": "API_VERSION", "authSecret": "AUTH_SECRET", "logLevel": "LOG_LEVEL", "version": "APP_VERSION", @@ -17,26 +18,16 @@ "directProjectServiceTimeout": "DIRECT_PROJECT_SERVICE_TIMEOUt", "fileServiceEndpoint": "FILE_SERVICE_ENDPOINT", "identityServiceEndpoint": "IDENTITY_SERVICE_ENDPOINT", - "topicServiceEndpoint": "TOPIC_SERVICE_ENDPOINT", "memberServiceEndpoint": "MEMBER_SERVICE_ENDPOINT", "systemUserClientId": "SYSTEM_USER_CLIENT_ID", "systemUserClientSecret": "SYSTEM_USER_CLIENT_SECRET", - "userServiceUrl": "USER_SERVICE_URL", "connectProjectsUrl": "CONNECT_PROJECTS_URL", - "salesforceLead" : { - "webToLeadUrl": "SALESFORCE_WEB_TO_LEAD_URL", - "orgId" : "SALESFORCE_ORG_ID", - "projectNameFieldId": "SALESFORCE_LEAD_PROJECT_NAME", - "projectDescFieldId": "SALESFORCE_LEAD_PROJECT_DESC", - "projectLinkFieldId": "SALESFORCE_LEAD_PROJECT_LINK", - "projectIdFieldId" : "SALESFORCE_LEAD_PROJECT_ID" - }, "dbConfig": { "masterUrl": "DB_MASTER_URL", "maxPoolSize": "DB_MAX_POOL_SIZE", "minPoolSize": "DB_MIN_POOL_SIZE" }, - "analyticsKey": "ANALYTICS_KEY", + "analyticsKey": "SEGMENT_ANALYTICS_KEY", "validIssuers": "VALID_ISSUERS", "jwksUri": "JWKS_URI", "busApiUrl": "BUS_API_URL", diff --git a/config/default.json b/config/default.json index 167c89b5..2358f4a0 100644 --- a/config/default.json +++ b/config/default.json @@ -1,4 +1,5 @@ { + "apiVersion": "v4", "authSecret": "secret", "authDomain": "topcoder-dev.com", "logLevel": "info", @@ -9,7 +10,6 @@ "pubsubQueueName": "project.service", "pubsubExchangeName": "projects", "fileServiceEndpoint": "", - "topicServiceEndpoint": "", "identityServiceEndpoint": "", "memberServiceEndpoint": "", "directProjectServiceEndpoint": "", @@ -25,16 +25,7 @@ }, "systemUserClientId": "", "systemUserClientSecret": "", - "userServiceUrl": "", "connectProjectUrl":"", - "salesforceLead" : { - "webToLeadUrl": "https://www.salesforce.com/servlet/servlet.WebToLead?encoding=UTF-8", - "orgId": "", - "projectNameFieldId": "", - "projectDescFieldId": "", - "projectLinkFieldId": "", - "projectIdFieldId" : "" - }, "dbConfig": { "masterUrl": "", "maxPoolSize": 50, diff --git a/config/sample.local.js b/config/sample.local.js index 47dbc0bd..058f9089 100644 --- a/config/sample.local.js +++ b/config/sample.local.js @@ -12,18 +12,9 @@ if (process.env.NODE_ENV === 'test') { logentriesToken: '', rabbitmqURL: 'amqp://dockerhost:5672', fileServiceEndpoint: 'https://api.topcoder-dev.com/v3/files/', - topicServiceEndpoint: 'https://api.topcoder-dev.com/v4/topics/', directProjectServiceEndpoint: 'https://api.topcoder-dev.com/v3/direct', connectProjectsUrl: 'https://connect.topcoder-dev.com/projects/', memberServiceEndpoint: 'http://dockerhost:3001/members', - salesforceLead: { - webToLeadUrl: 'https://www.salesforce.com/servlet/servlet.WebToLead?encoding=UTF-8', - orgId: '00D2C0000000dO6', - projectNameFieldId: 'title', - projectDescFieldId: 'description', - projectLinkFieldId: 'URL', - projectIdFieldId: '00N2C000000Vxxx', - }, dbConfig: { masterUrl: 'postgres://coder:mysecretpassword@dockerhost:54321/projectsdb', maxPoolSize: 50, diff --git a/deploy.sh b/deploy.sh new file mode 100755 index 00000000..628a634e --- /dev/null +++ b/deploy.sh @@ -0,0 +1,243 @@ +#!/usr/bin/env bash + +# more bash-friendly output for jq +JQ="jq --raw-output --exit-status" + +ENV=$1 +COUNTER_LIMIT=20 +ACCOUNT_ID=$(eval "echo \$${ENV}_AWS_ACCOUNT_ID") +AWS_REGION=$(eval "echo \$${ENV}_AWS_REGION") +AWS_ECS_CONTAINER_NAME="tc-project-service" +AWS_REPOSITORY=$(eval "echo \$${ENV}_AWS_REPOSITORY") +AWS_ECS_CLUSTER=$(eval "echo \$${ENV}_AWS_ECS_CLUSTER") +AWS_ECS_SERVICE=$(eval "echo \$${ENV}_AWS_ECS_SERVICE") +AUTH_DOMAIN=$(eval "echo \$${ENV}_AUTH_DOMAIN") +AUTH_SECRET=$(eval "echo \$${ENV}_AUTH_SECRET") +VALID_ISSUERS=$(eval "echo \$${ENV}_VALID_ISSUERS") +PORT=3000 +family="tc-project-service" + +# configures aws cli for further usage +configure_aws_cli() { + export AWS_ACCESS_KEY_ID=$(eval "echo \$${ENV}_AWS_ACCESS_KEY_ID") + export AWS_SECRET_ACCESS_KEY=$(eval "echo \$${ENV}_AWS_SECRET_ACCESS_KEY") + aws --version + aws configure set default.region $AWS_REGION + aws configure set default.output json +} + +# deploys the app to the ecs cluster +deploy_cluster() { + + make_task_def + register_definition + if [[ $(aws ecs update-service --cluster $AWS_ECS_CLUSTER --service $AWS_ECS_SERVICE --task-definition $revision | \ + $JQ '.service.taskDefinition') != $revision ]]; then + echo "Error updating service." + return 1 + fi + + echo "Deployed!" + return 0 +} + +make_task_def(){ + task_template='{ + "family": "%s", + "requiresCompatibilities": ["EC2", "FARGATE"], + "networkMode": "awsvpc", + "executionRoleArn": "arn:aws:iam::%s:role/ecsTaskExecutionRole", + "cpu": "1024", + "memory": "2048", + "containerDefinitions": [ + { + "name": "%s", + "image": "%s.dkr.ecr.%s.amazonaws.com/%s:%s", + "essential": true, + "memory": 200, + "cpu": 10, + "environment": [ + { + "name": "NODE_ENV", + "value": "%s" + }, + { + "name": "LOG_LEVEL", + "value": "%s" + }, + { + "name": "CAPTURE_LOGS", + "value": "%s" + }, + { + "name": "LOGENTRIES_TOKEN", + "value": "%s" + }, + { + "name": "API_VERSION", + "value": "%s" + }, + { + "name": "AWS_REGION", + "value": "%s" + }, + { + "name": "AWS_ACCESS_KEY_ID", + "value": "%s" + }, + { + "name": "AWS_SECRET_ACCESS_KEY", + "value": "%s" + }, + { + "name": "AUTH_DOMAIN", + "value": "%s" + }, + { + "name": "AUTH_SECRET", + "value": "%s" + }, + { + "name": "VALID_ISSUERS", + "value": "%s" + }, + { + "name": "DB_MASTER_URL", + "value": "%s" + }, + { + "name": "MEMBER_SERVICE_ENDPOINT", + "value": "%s" + }, + { + "name": "IDENTITY_SERVICE_ENDPOINT", + "value": "%s" + }, + { + "name": "BUS_API_URL", + "value": "%s" + }, + { + "name": "BUS_API_TOKEN", + "value": "%s" + }, + { + "name": "SYSTEM_USER_CLIENT_ID", + "value": "%s" + }, + { + "name": "SYSTEM_USER_CLIENT_SECRET", + "value": "%s" + }, + { + "name": "PROJECTS_ES_URL", + "value": "%s" + }, + { + "name": "PROJECTS_ES_INDEX_NAME", + "value": "%s" + }, + { + "name": "RABBITMQ_URL", + "value": "%s" + }, + { + "name": "DIRECT_PROJECT_SERVICE_ENDPOINT", + "value": "%s" + }, + { + "name": "FILE_SERVICE_ENDPOINT", + "value": "%s" + }, + { + "name": "CONNECT_PROJECTS_URL", + "value": "%s" + }, + { + "name": "SEGMENT_ANALYTICS_KEY", + "value": "%s" + } + ], + "portMappings": [ + { + "hostPort": %s, + "protocol": "tcp", + "containerPort": %s + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/aws/ecs/%s", + "awslogs-region": "%s", + "awslogs-stream-prefix": "%s" + } + } + } + ]}' + API_VERSION=$(eval "echo \$${ENV}_API_VERSION") + DB_MASTER_URL=$(eval "echo \$${ENV}_DB_MASTER_URL") + MEMBER_SERVICE_ENDPOINT=$(eval "echo \$${ENV}_MEMBER_SERVICE_ENDPOINT") + IDENTITY_SERVICE_ENDPOINT=$(eval "echo \$${ENV}_IDENTITY_SERVICE_ENDPOINT") + BUS_API_URL=$(eval "echo \$${ENV}_BUS_API_URL") + BUS_API_TOKEN=$(eval "echo \$${ENV}_BUS_API_TOKEN") + SYSTEM_USER_CLIENT_ID=$(eval "echo \$${ENV}_SYSTEM_USER_CLIENT_ID") + SYSTEM_USER_CLIENT_SECRET=$(eval "echo \$${ENV}_SYSTEM_USER_CLIENT_SECRET") + CAPTURE_LOGS=$(eval "echo \$${ENV}_CAPTURE_LOGS") + LOGENTRIES_TOKEN=$(eval "echo \$${ENV}_LOGENTRIES_TOKEN") + LOG_LEVEL=$(eval "echo \$${ENV}_LOG_LEVEL") + PROJECTS_ES_URL=$(eval "echo \$${ENV}_PROJECTS_ES_URL") + PROJECTS_ES_INDEX_NAME=$(eval "echo \$${ENV}_PROJECTS_ES_INDEX_NAME") + RABBITMQ_URL=$(eval "echo \$${ENV}_RABBITMQ_URL") + DIRECT_PROJECT_SERVICE_ENDPOINT=$(eval "echo \$${ENV}_DIRECT_PROJECT_SERVICE_ENDPOINT") + FILE_SERVICE_ENDPOINT=$(eval "echo \$${ENV}_FILE_SERVICE_ENDPOINT") + CONNECT_PROJECTS_URL=$(eval "echo \$${ENV}_CONNECT_PROJECTS_URL") + SEGMENT_ANALYTICS_KEY=$(eval "echo \$${ENV}_SEGMENT_ANALYTICS_KEY") + if [ "$ENV" = "PROD" ]; then + NODE_ENV=production + elif [ "$ENV" = "DEV" ]; then + NODE_ENV=development + fi + echo "NODE_ENV" + echo $NODE_ENV + + task_def=$(printf "$task_template" $family $ACCOUNT_ID $AWS_ECS_CONTAINER_NAME $ACCOUNT_ID $AWS_REGION $AWS_REPOSITORY $CIRCLE_SHA1 $NODE_ENV $LOG_LEVEL $CAPTURE_LOGS $LOGENTRIES_TOKEN $API_VERSION $AWS_REGION $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY $AUTH_DOMAIN $AUTH_SECRET $VALID_ISSUERS $DB_MASTER_URL $MEMBER_SERVICE_ENDPOINT $IDENTITY_SERVICE_ENDPOINT $BUS_API_URL $BUS_API_TOKEN $SYSTEM_USER_CLIENT_ID $SYSTEM_USER_CLIENT_SECRET $PROJECTS_ES_URL $PROJECTS_ES_INDEX_NAME $RABBITMQ_URL $DIRECT_PROJECT_SERVICE_ENDPOINT $FILE_SERVICE_ENDPOINT $CONNECT_PROJECTS_URL $SEGMENT_ANALYTICS_KEY $PORT $PORT $AWS_ECS_CLUSTER $AWS_REGION $NODE_ENV) +} + +push_ecr_image(){ + eval $(aws ecr get-login --region $AWS_REGION --no-include-email) + docker push $ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$AWS_REPOSITORY:$CIRCLE_SHA1 +} + +register_definition() { + if revision=$(aws ecs register-task-definition --cli-input-json "$task_def" 2> /dev/null | $JQ '.taskDefinition.taskDefinitionArn'); then + echo "Revision: $revision" + else + echo "Failed to register task definition" + return 1 + fi +} + +check_service_status() { + counter=0 + sleep 60 + servicestatus=`aws ecs describe-services --service $AWS_ECS_SERVICE --cluster $AWS_ECS_CLUSTER | $JQ '.services[].events[0].message'` + while [[ $servicestatus != *"steady state"* ]] + do + echo "Current event message : $servicestatus" + echo "Waiting for 30 seconds to check the service status...." + sleep 30 + servicestatus=`aws ecs describe-services --service $AWS_ECS_SERVICE --cluster $AWS_ECS_CLUSTER | $JQ '.services[].events[0].message'` + counter=`expr $counter + 1` + if [[ $counter -gt $COUNTER_LIMIT ]] ; then + echo "Service does not reach steady state within 10 minutes. Please check" + exit 1 + fi + done + echo "$servicestatus" +} + +configure_aws_cli +push_ecr_image +deploy_cluster +check_service_status \ No newline at end of file diff --git a/ebs_deploy.sh b/ebs_deploy.sh deleted file mode 100755 index 94e9af47..00000000 --- a/ebs_deploy.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -SERVICE=$1 -ENV=$2 -TAG_SUFFIX=$3 -TAG="$ENV.$TAG_SUFFIX" -ENV_LOWER=`echo "$ENV" | awk '{print tolower($0)}'` - -echo "Deploying to Elasticbeanstalk" -echo "############################" -export AWS_ACCESS_KEY_ID=$(eval "echo \$${ENV}_AWS_ACCESS_KEY_ID") -export AWS_SECRET_ACCESS_KEY=$(eval "echo \$${ENV}_AWS_SECRET_ACCESS_KEY") - -# eb deploy -# eb init -r us-east-1 $SERVICE -EB_OUTPUT="$(eb deploy tc-project-api-v4-${ENV_LOWER} -l $TAG -r us-east-1)" - -echo $EB_OUTPUT -if echo $EB_OUTPUT | grep -iq error; then - exit 1 -fi -exit 0 diff --git a/src/app.js b/src/app.js index dbb693ca..864fb0e6 100644 --- a/src/app.js +++ b/src/app.js @@ -4,6 +4,7 @@ import _ from 'lodash'; import bodyParser from 'body-parser'; import expressSanitizer from 'express-sanitizer'; import config from 'config'; +import cors from 'cors'; import coreLib from 'tc-core-library-js'; import expressRequestId from 'express-request-id'; import router from './routes'; @@ -63,6 +64,20 @@ const logger = coreLib.logger({ app.use(coreLib.middleware.logger(null, logger)); app.logger = logger; +// ======================= +// CORS ================ +// ======================= +// const whitelist = [`*.${domain}`]; +// const corsOptions = { +// origin: (origin, callback) => { +// const originIsWhitelisted = whitelist.indexOf(origin) !== -1; +// callback(null, originIsWhitelisted); +// }, +// }; +// app.use(cors(corsOptions)); +// app.options('*', cors()); +app.use(cors()); + // ======================= // Database ========= // ======================= diff --git a/src/routes/index.js b/src/routes/index.js index 16018aef..47a51502 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -1,10 +1,13 @@ import _ from 'lodash'; +import config from 'config'; import validate from 'express-validation'; import { Router } from 'express'; const router = Router(); +const apiVersion = config.apiVersion; + validate.options({ status: 422, flatten: true, @@ -12,7 +15,7 @@ validate.options({ }); // health check -router.get('/_health', (req, res) => { +router.get(`/${apiVersion}/projects/health`, (req, res) => { // TODO more checks res.status(200).send({ message: 'All-is-well', @@ -23,7 +26,7 @@ router.get('/_health', (req, res) => { // All project service endpoints need authentication const jwtAuth = require('tc-core-library-js').middleware.jwtAuthenticator; -router.all('/v4/projects*', jwtAuth()); +router.all(RegExp(`\\/${apiVersion}\\/projects(?!\\/health).*`), jwtAuth()); // Register all the routes router.route('/v4/projects') diff --git a/src/routes/projects/create.js b/src/routes/projects/create.js index 684ef859..23ddaccd 100644 --- a/src/routes/projects/create.js +++ b/src/routes/projects/create.js @@ -118,6 +118,7 @@ module.exports = [ if (newProject.billingAccountId) { body.billingAccountId = newProject.billingAccountId; } + req.log.debug('creating project history for project %d', newProject.id); // add to project history models.ProjectHistory.create({ projectId: _newProject.id, @@ -125,6 +126,7 @@ module.exports = [ cancelReason: null, updatedBy: req.authUser.userId, }); + req.log.debug('creating direct project for project %d', newProject.id); return directProject.createDirectProject(req, body) .then((resp) => { newProject.directProjectId = resp.data.result.content.projectId; @@ -139,17 +141,18 @@ module.exports = [ }); // return Promise.resolve(); }) - .then(() => { newProject = newProject.get({ plain: true }); // remove utm details & deletedAt field newProject = _.omit(newProject, ['deletedAt', 'utm']); // add an empty attachments array newProject.attachments = []; + req.log.debug('Sending event to RabbitMQ bus for project %d', newProject.id); req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, newProject, { correlationId: req.id }, ); + req.log.debug('Sending event to Kafka bus for project %d', newProject.id); // emit event req.app.emit(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, { req, project: newProject }); res.status(201).json(util.wrapResponse(req.id, newProject, 1, 201)); diff --git a/src/routes/projects/list.js b/src/routes/projects/list.js index f1cd2c9a..d2ffa319 100755 --- a/src/routes/projects/list.js +++ b/src/routes/projects/list.js @@ -133,6 +133,23 @@ const parseElasticSearchCriteria = (criteria, fields, order) => { }, }, }, + { + nested: { + path: 'details', + query: { + nested: { + path: 'details.utm', + query: { + query_string: { + query: `*${keyword}*`, + analyze_wildcard: true, + fields: ['details.utm.code'], + }, + }, + }, + }, + }, + }, ], }, }; diff --git a/src/services/topicService.js b/src/services/topicService.js deleted file mode 100644 index 204f07bf..00000000 --- a/src/services/topicService.js +++ /dev/null @@ -1,53 +0,0 @@ -import config from 'config'; -import util from '../util'; -/** - * Service methods to handle creating topics - */ - -/** - * Build custom http client for request - * @param {Object} req request - * @returns {Promise} custom http client - * @private - */ -function getHttpClient(req) { - const httpClient = util.getHttpClient(req); - httpClient.defaults.headers.common.Authorization = req.headers.authorization; - httpClient.defaults.baseURL = config.get('topicServiceEndpoint'); - httpClient.defaults.timeout = 30000; - httpClient.interceptors.response.use((resp) => { - // req.log.debug('resp: ', JSON.stringify(resp.data, null, 2)) - if (resp.status !== 200 || resp.data.result.status !== 200) { - // req.log.error('error resp: ', JSON.stringify(resp.data, null, 2)) - return Promise.reject(new Error(resp.data.result.content.message)); - } - return Promise.resolve(resp); - }); - return httpClient; -} - - -/** - * Create topics in topic service - * @param {Object} req request object - * @param {integer} projectId project id - * @param {String} title title of the post - * @param {String} message message to be posted - * @param {String} tag tag, defaults to PRIMARY - * @return {Promise} returned Promise - */ -function createTopic(req, projectId, title, message, tag = 'PRIMARY') { - return getHttpClient(req) - .post('', { - reference: 'project', - referenceId: projectId.toString(), - tag, - title, - body: message, - }); -} - - -export default { - createTopic, -}; diff --git a/src/util.js b/src/util.js index 6371f726..86386add 100644 --- a/src/util.js +++ b/src/util.js @@ -264,7 +264,7 @@ _.assignIn(util, { httpClient.defaults.headers.common.Accept = 'application/json'; httpClient.defaults.headers.common['Content-Type'] = 'application/json'; httpClient.defaults.headers.common.Authorization = `Bearer ${jwtToken}`; - return httpClient.get(`${config.userServiceUrl}/${userId}`).then((response) => { + return httpClient.get(`${config.identityServiceEndpoint}users/${userId}`).then((response) => { if (response.data && response.data.result && response.data.result.status === 200 && response.data.result.content) { return response.data.result.content; From da1b42f17eba05c46b531d3238bc68e295f9ad36 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 19:25:57 +0530 Subject: [PATCH 12/36] m2m support --- config/default.json | 3 +-- config/development.json | 1 - config/test.json | 3 +-- package.json | 2 +- src/util.js | 6 ++++++ 5 files changed, 9 insertions(+), 6 deletions(-) diff --git a/config/default.json b/config/default.json index 2358f4a0..2b704a2e 100644 --- a/config/default.json +++ b/config/default.json @@ -33,8 +33,7 @@ "idleTimeout": 1000 }, "analyticsKey": "", - "validIssuers": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", - "jwksUri": "", + "VALID_ISSUERS": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", "busApiUrl": "http://api.topcoder-dev.com", "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE", "HEALTH_CHECK_URL": "_health" diff --git a/config/development.json b/config/development.json index b7de350a..7e8ce29d 100644 --- a/config/development.json +++ b/config/development.json @@ -1,5 +1,4 @@ { - "authDomain": "topcoder-dev.com", "pubsubQueueName": "dev.project.service", "pubsubExchangeName": "dev.projects", "attachmentsS3Bucket": "topcoder-dev-media" diff --git a/config/test.json b/config/test.json index 2b045431..26d22a7a 100644 --- a/config/test.json +++ b/config/test.json @@ -1,6 +1,5 @@ { - "authSecret": "secret", - "authDomain": "topcoder-dev.com", + "AUTH_SECRET": "secret", "logLevel": "debug", "captureLogs": "false", "logentriesToken": "", diff --git a/package.json b/package.json index b6234466..39665962 100644 --- a/package.json +++ b/package.json @@ -55,7 +55,7 @@ "pg": "^4.5.5", "pg-native": "^1.10.0", "sequelize": "^3.23.0", - "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.2", + "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.3", "traverse": "^0.6.6", "urlencode": "^1.1.0" }, diff --git a/src/util.js b/src/util.js index 86386add..2bc91526 100644 --- a/src/util.js +++ b/src/util.js @@ -70,6 +70,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRole: (req, role) => { + const isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.indexOf(roles, role.toLowerCase()) >= 0; @@ -81,6 +83,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasRoles: (req, roles) => { + const isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let authRoles = _.get(req, 'authUser.roles', []); authRoles = authRoles.map(s => s.toLowerCase()); return _.intersection(authRoles, roles.map(r => r.toLowerCase())).length > 0; @@ -101,6 +105,8 @@ _.assignIn(util, { * @return {boolean} true/false */ hasAdminRole: (req) => { + const isMachineToken = _.get(req, 'authUser.isMachine', false); + if (isMachineToken) return true; let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.intersection(roles, ADMIN_ROLES.map(r => r.toLowerCase())).length > 0; From f37f55de2c612ba360f43be4b799e6555f09afd6 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 9 May 2018 19:33:50 +0530 Subject: [PATCH 13/36] deploying for testing. --- .circleci/config.yml | 2 +- deploy.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 4fea1158..01317b88 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -76,7 +76,7 @@ workflows: - test filters: branches: - only: dev + only: 'feature/m2m-support' - deployProd: requires: - test diff --git a/deploy.sh b/deploy.sh index 628a634e..882e914c 100755 --- a/deploy.sh +++ b/deploy.sh @@ -239,5 +239,5 @@ check_service_status() { configure_aws_cli push_ecr_image -deploy_cluster -check_service_status \ No newline at end of file +#deploy_cluster +#check_service_status From 684d0a39e6ce8e1164394c2b5738221c70089537 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 11:18:54 +0530 Subject: [PATCH 14/36] More logging for debugging database lock issue --- .circleci/config.yml | 2 +- src/routes/projects/create.js | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 4fea1158..cfc1f527 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -76,7 +76,7 @@ workflows: - test filters: branches: - only: dev + only: [dev, 'feature/db-lock-issue'] - deployProd: requires: - test diff --git a/src/routes/projects/create.js b/src/routes/projects/create.js index 23ddaccd..93bc7d7e 100644 --- a/src/routes/projects/create.js +++ b/src/routes/projects/create.js @@ -125,7 +125,8 @@ module.exports = [ status: PROJECT_STATUS.DRAFT, cancelReason: null, updatedBy: req.authUser.userId, - }); + }).then(() => req.log.debug('project history created for project %d', newProject.id)) + .catch(error => req.log.error('project history failed for project %d', newProject.id)); req.log.debug('creating direct project for project %d', newProject.id); return directProject.createDirectProject(req, body) .then((resp) => { From 6cf4336b8376ed240c6b0cb6f12ea5290905a306 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 12:00:26 +0530 Subject: [PATCH 15/36] More logging for debugging database lock issue --- src/routes/projects/create.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/routes/projects/create.js b/src/routes/projects/create.js index 93bc7d7e..393ffbf6 100644 --- a/src/routes/projects/create.js +++ b/src/routes/projects/create.js @@ -126,7 +126,7 @@ module.exports = [ cancelReason: null, updatedBy: req.authUser.userId, }).then(() => req.log.debug('project history created for project %d', newProject.id)) - .catch(error => req.log.error('project history failed for project %d', newProject.id)); + .catch(() => req.log.error('project history failed for project %d', newProject.id)); req.log.debug('creating direct project for project %d', newProject.id); return directProject.createDirectProject(req, body) .then((resp) => { From 7f8af80574bdc7b1861079a2793176abf9e180b8 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 12:13:01 +0530 Subject: [PATCH 16/36] Trying with updated docker file --- Dockerfile | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Dockerfile b/Dockerfile index 8c947c22..2a7fe789 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,6 +2,18 @@ FROM node:6.9.4 LABEL version="1.0" LABEL description="Projects microservice" +RUN apt-get update && \ + apt-get upgrade -y + +# install aws +RUN apt-get install -y \ + ssh \ + python \ + python-dev \ + python-pip + +RUN pip install awscli + RUN apt-get install libpq-dev # Create app directory RUN mkdir -p /usr/src/app From bc363f6707aa8aec05ac59de77490d4fd9de2958 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 12:35:56 +0530 Subject: [PATCH 17/36] Trying without rabbitmq --- src/routes/projects/create.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/routes/projects/create.js b/src/routes/projects/create.js index 393ffbf6..2e64f5b9 100644 --- a/src/routes/projects/create.js +++ b/src/routes/projects/create.js @@ -149,10 +149,10 @@ module.exports = [ // add an empty attachments array newProject.attachments = []; req.log.debug('Sending event to RabbitMQ bus for project %d', newProject.id); - req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, - newProject, - { correlationId: req.id }, - ); + // req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, + // newProject, + // { correlationId: req.id }, + // ); req.log.debug('Sending event to Kafka bus for project %d', newProject.id); // emit event req.app.emit(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, { req, project: newProject }); From e9f387bc480f47f429e20accb0212185de25d0fd Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 12:42:23 +0530 Subject: [PATCH 18/36] Revert "Trying without rabbitmq" This reverts commit bc363f6707aa8aec05ac59de77490d4fd9de2958. --- src/routes/projects/create.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/routes/projects/create.js b/src/routes/projects/create.js index 2e64f5b9..393ffbf6 100644 --- a/src/routes/projects/create.js +++ b/src/routes/projects/create.js @@ -149,10 +149,10 @@ module.exports = [ // add an empty attachments array newProject.attachments = []; req.log.debug('Sending event to RabbitMQ bus for project %d', newProject.id); - // req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, - // newProject, - // { correlationId: req.id }, - // ); + req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, + newProject, + { correlationId: req.id }, + ); req.log.debug('Sending event to Kafka bus for project %d', newProject.id); // emit event req.app.emit(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, { req, project: newProject }); From 09ce588ace9da956cd51609a4ad76c2d1df6fc31 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 13:53:18 +0530 Subject: [PATCH 19/36] trying without rabbitmq --- src/routes/projects/create.js | 8 ++++---- src/routes/projects/create.spec.js | 2 +- src/services/index.js | 28 ++++++++++++++-------------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/src/routes/projects/create.js b/src/routes/projects/create.js index 393ffbf6..2e64f5b9 100644 --- a/src/routes/projects/create.js +++ b/src/routes/projects/create.js @@ -149,10 +149,10 @@ module.exports = [ // add an empty attachments array newProject.attachments = []; req.log.debug('Sending event to RabbitMQ bus for project %d', newProject.id); - req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, - newProject, - { correlationId: req.id }, - ); + // req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, + // newProject, + // { correlationId: req.id }, + // ); req.log.debug('Sending event to Kafka bus for project %d', newProject.id); // emit event req.app.emit(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, { req, project: newProject }); diff --git a/src/routes/projects/create.spec.js b/src/routes/projects/create.spec.js index 9e9cb0dc..2adad8a9 100644 --- a/src/routes/projects/create.spec.js +++ b/src/routes/projects/create.spec.js @@ -14,7 +14,7 @@ const should = chai.should(); sinon.stub(RabbitMQService.prototype, 'init', () => {}); sinon.stub(RabbitMQService.prototype, 'publish', () => {}); -describe('Project create', () => { +xdescribe('Project create', () => { before((done) => { testUtil.clearDb(done); }); diff --git a/src/services/index.js b/src/services/index.js index c7b9f37a..6abe27a6 100644 --- a/src/services/index.js +++ b/src/services/index.js @@ -19,20 +19,20 @@ module.exports = (fapp, logger) => { require('../tests/serviceMocks')(app); // eslint-disable-line global-require } else { // RabbitMQ Initialization - app.services.pubsub = new RabbitMQService(logger); + // app.services.pubsub = new RabbitMQService(logger); - // initialize RabbitMQ - app.services.pubsub.init( - config.get('rabbitmqURL'), - config.get('pubsubExchangeName'), - config.get('pubsubQueueName'), - ) - .then(() => { - logger.info('RabbitMQ service initialized'); - }) - .catch((err) => { - logger.error('Error initializing services', err); - // gracefulShutdown() - }); + // // initialize RabbitMQ + // app.services.pubsub.init( + // config.get('rabbitmqURL'), + // config.get('pubsubExchangeName'), + // config.get('pubsubQueueName'), + // ) + // .then(() => { + // logger.info('RabbitMQ service initialized'); + // }) + // .catch((err) => { + // logger.error('Error initializing services', err); + // // gracefulShutdown() + // }); } }; From 4dfc0d98789faa736e6341c3bdd01f10da22fc34 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 13:57:16 +0530 Subject: [PATCH 20/36] lint fix --- src/services/index.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/services/index.js b/src/services/index.js index 6abe27a6..23802b72 100644 --- a/src/services/index.js +++ b/src/services/index.js @@ -1,7 +1,7 @@ -import config from 'config'; -import RabbitMQService from './rabbitmq'; +// import config from 'config'; +// import RabbitMQService from './rabbitmq'; /** * Responsible for establishing connections to all external services @@ -18,6 +18,7 @@ module.exports = (fapp, logger) => { if (process.env.NODE_ENV.toLowerCase() === 'test') { require('../tests/serviceMocks')(app); // eslint-disable-line global-require } else { + logger.info('initializing RabbitMQ service'); // RabbitMQ Initialization // app.services.pubsub = new RabbitMQService(logger); From b3af48e4219c8f9125a7398de1b7ba8c1a9dffb4 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Thu, 10 May 2018 14:11:39 +0530 Subject: [PATCH 21/36] deployiny... --- deploy.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy.sh b/deploy.sh index 882e914c..e776348d 100755 --- a/deploy.sh +++ b/deploy.sh @@ -239,5 +239,5 @@ check_service_status() { configure_aws_cli push_ecr_image -#deploy_cluster -#check_service_status +deploy_cluster +check_service_status From 82ef3f5329a842b2809b3a62a552fa64296b834a Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 14:15:08 +0530 Subject: [PATCH 22/36] enabled logging in sequelize models for debugging database lock issue --- src/models/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/models/index.js b/src/models/index.js index 59c8c9d2..4a64ec85 100644 --- a/src/models/index.js +++ b/src/models/index.js @@ -13,7 +13,7 @@ delete pg.native; Sequelize.cls = cls.createNamespace('tc.micro.service'); const sequelize = new Sequelize(config.get('dbConfig.masterUrl'), { - logging: false, + logging: true, dialectOptions: { ssl: false, }, From 853e378ef952260ec5cdc879ffd48d6d42147166 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 14:50:03 +0530 Subject: [PATCH 23/36] disabled sequelize logging again --- src/models/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/models/index.js b/src/models/index.js index 4a64ec85..59c8c9d2 100644 --- a/src/models/index.js +++ b/src/models/index.js @@ -13,7 +13,7 @@ delete pg.native; Sequelize.cls = cls.createNamespace('tc.micro.service'); const sequelize = new Sequelize(config.get('dbConfig.masterUrl'), { - logging: true, + logging: false, dialectOptions: { ssl: false, }, From cf7425214985423d21a270f758fae63236ee912c Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 15:04:41 +0530 Subject: [PATCH 24/36] added back rabbitmq fixed error in accessing kafka bus api --- src/routes/projects/create.js | 8 ++++---- src/services/busApi.js | 2 +- src/services/index.js | 28 ++++++++++++++-------------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/src/routes/projects/create.js b/src/routes/projects/create.js index 2e64f5b9..393ffbf6 100644 --- a/src/routes/projects/create.js +++ b/src/routes/projects/create.js @@ -149,10 +149,10 @@ module.exports = [ // add an empty attachments array newProject.attachments = []; req.log.debug('Sending event to RabbitMQ bus for project %d', newProject.id); - // req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, - // newProject, - // { correlationId: req.id }, - // ); + req.app.services.pubsub.publish(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, + newProject, + { correlationId: req.id }, + ); req.log.debug('Sending event to Kafka bus for project %d', newProject.id); // emit event req.app.emit(EVENT.ROUTING_KEY.PROJECT_DRAFT_CREATED, { req, project: newProject }); diff --git a/src/services/busApi.js b/src/services/busApi.js index ee297e9e..da9a9949 100644 --- a/src/services/busApi.js +++ b/src/services/busApi.js @@ -42,7 +42,7 @@ function getClient() { function createEvent(type, message, logger) { const body = JSON.stringify(message); logger.debug(`Sending message: ${JSON.stringify(message)}`); - return getClient().post('/v5/bus/events', { + return getClient().post('/bus/events', { type, message: body, }) diff --git a/src/services/index.js b/src/services/index.js index 23802b72..a8ba7066 100644 --- a/src/services/index.js +++ b/src/services/index.js @@ -20,20 +20,20 @@ module.exports = (fapp, logger) => { } else { logger.info('initializing RabbitMQ service'); // RabbitMQ Initialization - // app.services.pubsub = new RabbitMQService(logger); + app.services.pubsub = new RabbitMQService(logger); - // // initialize RabbitMQ - // app.services.pubsub.init( - // config.get('rabbitmqURL'), - // config.get('pubsubExchangeName'), - // config.get('pubsubQueueName'), - // ) - // .then(() => { - // logger.info('RabbitMQ service initialized'); - // }) - // .catch((err) => { - // logger.error('Error initializing services', err); - // // gracefulShutdown() - // }); + // initialize RabbitMQ + app.services.pubsub.init( + config.get('rabbitmqURL'), + config.get('pubsubExchangeName'), + config.get('pubsubQueueName'), + ) + .then(() => { + logger.info('RabbitMQ service initialized'); + }) + .catch((err) => { + logger.error('Error initializing services', err); + // gracefulShutdown() + }); } }; From 5166c9ad44085a363bf0e1644e4134317984e3cc Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 15:09:27 +0530 Subject: [PATCH 25/36] bringing back changes for rabbitmq --- src/routes/projects/create.spec.js | 2 +- src/services/index.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/routes/projects/create.spec.js b/src/routes/projects/create.spec.js index 2adad8a9..9e9cb0dc 100644 --- a/src/routes/projects/create.spec.js +++ b/src/routes/projects/create.spec.js @@ -14,7 +14,7 @@ const should = chai.should(); sinon.stub(RabbitMQService.prototype, 'init', () => {}); sinon.stub(RabbitMQService.prototype, 'publish', () => {}); -xdescribe('Project create', () => { +describe('Project create', () => { before((done) => { testUtil.clearDb(done); }); diff --git a/src/services/index.js b/src/services/index.js index a8ba7066..a1d84c12 100644 --- a/src/services/index.js +++ b/src/services/index.js @@ -1,7 +1,7 @@ -// import config from 'config'; -// import RabbitMQService from './rabbitmq'; +import config from 'config'; +import RabbitMQService from './rabbitmq'; /** * Responsible for establishing connections to all external services From 35734dd23abe75f2cfe73464a171c811ec49c269 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Thu, 10 May 2018 15:38:17 +0530 Subject: [PATCH 26/36] changes in config var name. --- config/custom-environment-variables.json | 4 ++-- config/default.json | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index 40b5c6b8..7ba088b5 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -1,6 +1,6 @@ { "apiVersion": "API_VERSION", - "authSecret": "AUTH_SECRET", + "AUTH_SECRET": "AUTH_SECRET", "logLevel": "LOG_LEVEL", "version": "APP_VERSION", "captureLogs": "CAPTURE_LOGS", @@ -28,7 +28,7 @@ "minPoolSize": "DB_MIN_POOL_SIZE" }, "analyticsKey": "SEGMENT_ANALYTICS_KEY", - "validIssuers": "VALID_ISSUERS", + "VALID_ISSUERS": "VALID_ISSUERS", "jwksUri": "JWKS_URI", "busApiUrl": "BUS_API_URL", "busApiToken": "BUS_API_TOKEN" diff --git a/config/default.json b/config/default.json index 2b704a2e..67549110 100644 --- a/config/default.json +++ b/config/default.json @@ -1,7 +1,6 @@ { "apiVersion": "v4", - "authSecret": "secret", - "authDomain": "topcoder-dev.com", + "AUTH_SECRET": "secret", "logLevel": "info", "version": "v4", "captureLogs": "false", From 52e70b0e1413aff102c9d59789e29d2f4291477b Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Thu, 10 May 2018 15:44:29 +0530 Subject: [PATCH 27/36] removed temp branch from deployment --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index cfc1f527..4fea1158 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -76,7 +76,7 @@ workflows: - test filters: branches: - only: [dev, 'feature/db-lock-issue'] + only: dev - deployProd: requires: - test From ea66a2fecb81395473c250d61231a536d44f8d0a Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 15 May 2018 22:42:34 +0530 Subject: [PATCH 28/36] cut-off bus token --- Dockerfile | 2 +- config/custom-environment-variables.json | 6 +- config/default.json | 8 +- deploy.sh | 34 +++++++-- src/services/busApi.js | 96 +++++++++++++----------- 5 files changed, 92 insertions(+), 54 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2a7fe789..e2410dbf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM node:6.9.4 +FROM node:8.2.1 LABEL version="1.0" LABEL description="Projects microservice" diff --git a/config/custom-environment-variables.json b/config/custom-environment-variables.json index 7ba088b5..07c7936f 100644 --- a/config/custom-environment-variables.json +++ b/config/custom-environment-variables.json @@ -31,5 +31,9 @@ "VALID_ISSUERS": "VALID_ISSUERS", "jwksUri": "JWKS_URI", "busApiUrl": "BUS_API_URL", - "busApiToken": "BUS_API_TOKEN" + "AUTH0_URL" : "AUTH0_URL", + "AUTH0_CLIENT_ID": "AUTH0_CLIENT_ID", + "AUTH0_CLIENT_SECRET": "AUTH0_CLIENT_SECRET", + "AUTH0_AUDIENCE": "AUTH0_AUDIENCE", + "TOKEN_CACHE_TIME" : "TOKEN_CACHE_TIME" } diff --git a/config/default.json b/config/default.json index 67549110..1db936d4 100644 --- a/config/default.json +++ b/config/default.json @@ -34,6 +34,10 @@ "analyticsKey": "", "VALID_ISSUERS": "[\"https:\/\/topcoder-newauth.auth0.com\/\",\"https:\/\/api.topcoder-dev.com\"]", "busApiUrl": "http://api.topcoder-dev.com", - "busApiToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoicHJvamVjdC1zZXJ2aWNlIiwiaWF0IjoxNTEyNzQ3MDgyLCJleHAiOjE1MjEzODcwODJ9.PHuNcFDaotGAL8RhQXQMdpL8yOKXxjB5DbBIodmt7RE", - "HEALTH_CHECK_URL": "_health" + "HEALTH_CHECK_URL": "_health", + "AUTH0_CLIENT_ID": "", + "AUTH0_CLIENT_SECRET": "", + "AUTH0_AUDIENCE": "", + "AUTH0_URL": "", + "TOKEN_CACHE_TIME": "" } diff --git a/deploy.sh b/deploy.sh index e776348d..9f95a6e2 100755 --- a/deploy.sh +++ b/deploy.sh @@ -117,10 +117,6 @@ make_task_def(){ "name": "BUS_API_URL", "value": "%s" }, - { - "name": "BUS_API_TOKEN", - "value": "%s" - }, { "name": "SYSTEM_USER_CLIENT_ID", "value": "%s" @@ -156,6 +152,26 @@ make_task_def(){ { "name": "SEGMENT_ANALYTICS_KEY", "value": "%s" + }, + { + "name": "AUTH0_URL", + "value": "%s" + }, + { + "name": "AUTH0_AUDIENCE", + "value": "%s" + }, + { + "name": "AUTH0_CLIENT_ID", + "value": "%s" + }, + { + "name": "AUTH0_CLIENT_SECRET", + "value": "%s" + }, + { + "name": "TOKEN_CACHE_TIME", + "value": "%s" } ], "portMappings": [ @@ -180,7 +196,6 @@ make_task_def(){ MEMBER_SERVICE_ENDPOINT=$(eval "echo \$${ENV}_MEMBER_SERVICE_ENDPOINT") IDENTITY_SERVICE_ENDPOINT=$(eval "echo \$${ENV}_IDENTITY_SERVICE_ENDPOINT") BUS_API_URL=$(eval "echo \$${ENV}_BUS_API_URL") - BUS_API_TOKEN=$(eval "echo \$${ENV}_BUS_API_TOKEN") SYSTEM_USER_CLIENT_ID=$(eval "echo \$${ENV}_SYSTEM_USER_CLIENT_ID") SYSTEM_USER_CLIENT_SECRET=$(eval "echo \$${ENV}_SYSTEM_USER_CLIENT_SECRET") CAPTURE_LOGS=$(eval "echo \$${ENV}_CAPTURE_LOGS") @@ -201,7 +216,14 @@ make_task_def(){ echo "NODE_ENV" echo $NODE_ENV - task_def=$(printf "$task_template" $family $ACCOUNT_ID $AWS_ECS_CONTAINER_NAME $ACCOUNT_ID $AWS_REGION $AWS_REPOSITORY $CIRCLE_SHA1 $NODE_ENV $LOG_LEVEL $CAPTURE_LOGS $LOGENTRIES_TOKEN $API_VERSION $AWS_REGION $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY $AUTH_DOMAIN $AUTH_SECRET $VALID_ISSUERS $DB_MASTER_URL $MEMBER_SERVICE_ENDPOINT $IDENTITY_SERVICE_ENDPOINT $BUS_API_URL $BUS_API_TOKEN $SYSTEM_USER_CLIENT_ID $SYSTEM_USER_CLIENT_SECRET $PROJECTS_ES_URL $PROJECTS_ES_INDEX_NAME $RABBITMQ_URL $DIRECT_PROJECT_SERVICE_ENDPOINT $FILE_SERVICE_ENDPOINT $CONNECT_PROJECTS_URL $SEGMENT_ANALYTICS_KEY $PORT $PORT $AWS_ECS_CLUSTER $AWS_REGION $NODE_ENV) + AUTH0_URL=$(eval "echo \$${ENV}_AUTH0_URL") + AUTH0_AUDIENCE=$(eval "echo \$${ENV}_AUTH0_AUDIENCE") + AUTH0_CLIENT_ID=$(eval "echo \$${ENV}_AUTH0_CLIENT_ID") + AUTH0_CLIENT_SECRET=$(eval "echo \$${ENV}_AUTH0_CLIENT_SECRET") + TOKEN_CACHE_TIME=$(eval "echo \$${ENV}_TOKEN_CACHE_TIME") + + + task_def=$(printf "$task_template" $family $ACCOUNT_ID $AWS_ECS_CONTAINER_NAME $ACCOUNT_ID $AWS_REGION $AWS_REPOSITORY $CIRCLE_SHA1 $NODE_ENV $LOG_LEVEL $CAPTURE_LOGS $LOGENTRIES_TOKEN $API_VERSION $AWS_REGION $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY $AUTH_DOMAIN $AUTH_SECRET $VALID_ISSUERS $DB_MASTER_URL $MEMBER_SERVICE_ENDPOINT $IDENTITY_SERVICE_ENDPOINT $BUS_API_URL $SYSTEM_USER_CLIENT_ID $SYSTEM_USER_CLIENT_SECRET $PROJECTS_ES_URL $PROJECTS_ES_INDEX_NAME $RABBITMQ_URL $DIRECT_PROJECT_SERVICE_ENDPOINT $FILE_SERVICE_ENDPOINT $CONNECT_PROJECTS_URL $SEGMENT_ANALYTICS_KEY "$AUTH0_URL" "$AUTH0_AUDIENCE" $AUTH0_CLIENT_ID "$AUTH0_CLIENT_SECRET" $TOKEN_CACHE_TIME $PORT $PORT $AWS_ECS_CLUSTER $AWS_REGION $NODE_ENV) } push_ecr_image(){ diff --git a/src/services/busApi.js b/src/services/busApi.js index da9a9949..5639d25a 100644 --- a/src/services/busApi.js +++ b/src/services/busApi.js @@ -2,7 +2,9 @@ import config from 'config'; const Promise = require('bluebird'); const axios = require('axios'); +const tcCoreLibAuth = require('tc-core-library-js').auth; +const m2m = tcCoreLibAuth.m2m(config); let client = null; @@ -10,25 +12,28 @@ let client = null; * Get Http client to bus api * @return {Object} Http Client to bus api */ -function getClient() { +async function getClient() { if (client) return client; const apiBusUrl = config.get('busApiUrl'); - const apiBusToken = config.get('busApiToken'); + try { + const token = await m2m.getMachineToken(config.AUTH0_CLIENT_ID, config.AUTH0_CLIENT_SECRET); + client = axios.create({ baseURL: apiBusUrl }); - client = axios.create({ baseURL: apiBusUrl }); + // Alter defaults after instance has been created + client.defaults.headers.common.Authorization = `Bearer ${token}`; - // Alter defaults after instance has been created - client.defaults.headers.common.Authorization = `Bearer ${apiBusToken}`; + // Add a response interceptor + client.interceptors.response.use(function (res) { // eslint-disable-line + return res; + }, function (error) { // eslint-disable-line + // Ingore response errors + return Promise.resolve(); + }); - // Add a response interceptor - client.interceptors.response.use(function (res) { // eslint-disable-line - return res; - }, function (error) { // eslint-disable-line - // Ingore response errors - return Promise.resolve(); - }); - - return client; + return client; + } catch (err) { + return Promise.reject(`Bus api calling - Error in genearting m2m token : ${err.message}`); + } } /** @@ -42,39 +47,42 @@ function getClient() { function createEvent(type, message, logger) { const body = JSON.stringify(message); logger.debug(`Sending message: ${JSON.stringify(message)}`); - return getClient().post('/bus/events', { - type, - message: body, - }) - .then((resp) => { - logger.debug('Sent event to bus-api'); - logger.debug(`Sent event to bus-api [data]: ${resp.data}`); - logger.debug(`Sent event to bus-api [status]: ${resp.status}`); - }) - .catch((error) => { - logger.debug('Error sending event to bus-api'); - if (error.response) { - // The request was made and the server responded with a status code - // that falls out of the range of 2xx - logger.debug(error.response.data); - logger.debug(error.response.status); - logger.debug(error.response.headers); - } else if (error.request) { - // The request was made but no response was received - // `error.request` is an instance of XMLHttpRequest in the browser and an instance of - // http.ClientRequest in node.js - logger.debug(error.request); - } else { - // Something happened in setting up the request that triggered an Error - logger.debug(error.message); - } - logger.debug(error.config); - - Promise.resolve(); // eslint-disable-line + return getClient().then((busClient) => { + logger.debug('calling bus-api'); + busClient.post('/bus/events', { + type, + message: body, + }) + .then((resp) => { + logger.debug('Sent event to bus-api'); + logger.debug(`Sent event to bus-api [data]: ${resp.data}`); + logger.debug(`Sent event to bus-api [status]: ${resp.status}`); + }) + .catch((error) => { + logger.debug('Error sending event to bus-api'); + if (error.response) { + // The request was made and the server responded with a status code + // that falls out of the range of 2xx + logger.debug(error.response.data); + logger.debug(error.response.status); + logger.debug(error.response.headers); + } else if (error.request) { + // The request was made but no response was received + // `error.request` is an instance of XMLHttpRequest in the browser and an instance of + // http.ClientRequest in node.js + logger.debug(error.request); + } else { + // Something happened in setting up the request that triggered an Error + logger.debug(error.message); + } + logger.debug(error.config); + Promise.resolve(); // eslint-disable-line + }); + }).catch((errMessage) => { + logger.debug(errMessage); }); } - module.exports = { createEvent, }; From 7539fa0c9daed989545e238aae8d4df04b2f1b59 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Thu, 17 May 2018 16:48:14 +0530 Subject: [PATCH 29/36] implementing scope checking. --- src/constants.js | 4 ++++ src/util.js | 20 ++++++++++++++++---- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/src/constants.js b/src/constants.js index e642eb66..c0457916 100644 --- a/src/constants.js +++ b/src/constants.js @@ -77,3 +77,7 @@ export const BUS_API_EVENT = { export const REGEX = { URL: /^(http(s?):\/\/)?(www\.)?[a-zA-Z0-9\.\-\_]+(\.[a-zA-Z]{2,15})+(\:[0-9]{2,5})?(\/[a-zA-Z0-9\_\-\s\.\/\?\%\#\&\=;]*)?$/, // eslint-disable-line }; + +export const TOKEN_SCOPES = { + CONNECT_PROJECT_ADMIN: "all:connect_project" +}; diff --git a/src/util.js b/src/util.js index 2bc91526..0afbdfb0 100644 --- a/src/util.js +++ b/src/util.js @@ -17,7 +17,7 @@ import urlencode from 'urlencode'; import elasticsearch from 'elasticsearch'; import Promise from 'bluebird'; import AWS from 'aws-sdk'; -import { ADMIN_ROLES } from './constants'; +import { ADMIN_ROLES, TOKEN_SCOPES } from './constants'; const exec = require('child_process').exec; const models = require('./models').default; @@ -71,7 +71,11 @@ _.assignIn(util, { */ hasRole: (req, role) => { const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; + const tokenScopes = _.get(req, 'authUser.scopes', []); + if (isMachineToken) { + if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; + return false; + } let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.indexOf(roles, role.toLowerCase()) >= 0; @@ -84,7 +88,11 @@ _.assignIn(util, { */ hasRoles: (req, roles) => { const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; + const tokenScopes = _.get(req, 'authUser.scopes', []); + if (isMachineToken) { + if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; + return false; + } let authRoles = _.get(req, 'authUser.roles', []); authRoles = authRoles.map(s => s.toLowerCase()); return _.intersection(authRoles, roles.map(r => r.toLowerCase())).length > 0; @@ -106,7 +114,11 @@ _.assignIn(util, { */ hasAdminRole: (req) => { const isMachineToken = _.get(req, 'authUser.isMachine', false); - if (isMachineToken) return true; + const tokenScopes = _.get(req, 'authUser.scopes', []); + if (isMachineToken) { + if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; + return false; + } let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); return _.intersection(roles, ADMIN_ROLES.map(r => r.toLowerCase())).length > 0; From 87b13c1e078ba6e6be2c06ac8aa3b40f343f8963 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Thu, 17 May 2018 16:53:31 +0530 Subject: [PATCH 30/36] fixing lint issue. --- src/constants.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/constants.js b/src/constants.js index c0457916..39b0b398 100644 --- a/src/constants.js +++ b/src/constants.js @@ -79,5 +79,5 @@ export const REGEX = { }; export const TOKEN_SCOPES = { - CONNECT_PROJECT_ADMIN: "all:connect_project" + CONNECT_PROJECT_ADMIN: 'all:connect_project', }; From 15779183b758ac97c8cea49773bf055c51eb48c5 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 22 May 2018 17:01:24 +0530 Subject: [PATCH 31/36] debugging scope issue. --- src/util.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/util.js b/src/util.js index 0afbdfb0..4b0e0f58 100644 --- a/src/util.js +++ b/src/util.js @@ -116,8 +116,8 @@ _.assignIn(util, { const isMachineToken = _.get(req, 'authUser.isMachine', false); const tokenScopes = _.get(req, 'authUser.scopes', []); if (isMachineToken) { - if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; - return false; + // if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; + return true; } let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); From 2c7138301352d21c01be36a229cb981135dca8d8 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 22 May 2018 17:04:55 +0530 Subject: [PATCH 32/36] fixing lint issue. --- src/util.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util.js b/src/util.js index 4b0e0f58..eeb0e6f1 100644 --- a/src/util.js +++ b/src/util.js @@ -114,7 +114,7 @@ _.assignIn(util, { */ hasAdminRole: (req) => { const isMachineToken = _.get(req, 'authUser.isMachine', false); - const tokenScopes = _.get(req, 'authUser.scopes', []); + // const tokenScopes = _.get(req, 'authUser.scopes', []); if (isMachineToken) { // if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; return true; From 0a319e797b13cd61a9e3e4936da91b5e9dfed3ca Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 23 May 2018 13:55:56 +0530 Subject: [PATCH 33/36] debugging done. --- .circleci/config.yml | 2 +- src/.util.js.swp | Bin 0 -> 20480 bytes src/util.js | 4 ++-- 3 files changed, 3 insertions(+), 3 deletions(-) create mode 100644 src/.util.js.swp diff --git a/.circleci/config.yml b/.circleci/config.yml index 01317b88..83db606d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -76,7 +76,7 @@ workflows: - test filters: branches: - only: 'feature/m2m-support' + only: 'dev' - deployProd: requires: - test diff --git a/src/.util.js.swp b/src/.util.js.swp new file mode 100644 index 0000000000000000000000000000000000000000..4c75e8ae09ee730226f8ea37d55ef5eec0944f8e GIT binary patch literal 20480 zcmeI3e~cu@RmU6R9|^G&z{Ch7l(KX2%&cc-cYQHA*6iW)-kxrW@AlYT9}!lv+dEUU z+j~9TbKO0=w>NCSQj$ON13@5&I6){tL?lPX${!Yg1Oig{1EL575ne!QxB_3G7ouWC1Et}b0tXPPq}&-Z)YZ9j19<6qqQ zckdIg_q^0^Z3mHLoc!2wjjKVD_5JXX_{K5C-(d?*@5RZr>8#c0CGn1KWsOuPyFp7& zr%7wNp9NuaCq0HjnOt(9wee0zh~loi~HSn?>sD!m;0ZW?DKY) z|5p?BU*Uewx%Z5#nAdm7<*VdC$$^psB?n3llpH8IP;#K;K*@oU10@Ga4wM}DKj46m zL;p(X{+&4Dod4(k|4Xm+ycfVfgHM2ugWm=32fLsHHh~W|z(sHmxCK1_8qa$c{5lwb zN5DDoI`G1sp7$@{x4}oj8u%%27Tgcs2<`%(yTkK71bpxY@Z78EBX}A-3EmAd5P~J} z0C*L6?)yCNZ@?ddKLDQuzXVpm-QY8?^1MF+zXAr}D!3QC8oUDh7tDA8d=WecJ_g# zTfup77Q7PtH35?+z|VtSPyt^dNb|?wL*Q4z4wwc1$lS^N{cRzbqSQg%Q#^^z`bnhL zn?aQ6B;~$E5J%N8-qT6TPj$Pl{3P-BA82;{UNuqkXI0Y7;zuQaf&6N%R%?bj+RC=o zSvB*Jq1lR~G*crQYTgo=HAGS&l1>njirap=ROrNZw$G{}NoT~nJn+tZrzd$A=fJ(!-F z;`78g^84BL3d2t8Dv{UMGeg6=GBr7!lV?Y%P&4wpFcsIETRN*I`g&beB>gci>NHJP zDs}bv+iF%A4uqdPZmP_**c_#Tj;e~}we^kVPBn|K>1eeT_hd+G%Wqk{yuP}yd}VR9 zxv+fs^5VkU`jwUCpO*Kz^Ou$`*VNg0HB-w8%cNVnLN!P)ncGQvO^DX4*eENQg?5e` zMQVCc9EPnrPWHIk!%`41<29^6yv=kW*M?_?Q{OU~Hq=zw)2*Nr=(ZIJ555<~Ki-u4 zR0nYEx>76pdS4^UHc@5Uex}mxxF5EKO_?7=X0l~cEt$jOy{nU;voEvQri#^DGF=g37z$( zMnj?guIc@>+6hA0ert7ArC7et8I_y2mn*m+g<#OWU}`W|u4-Ks8XJ*#nXS@{$bCoy zvX~t~HY06msyN%$$zH(Db=0nEc0;rE7J6W4+OAuALJBr`WE`QA)UZ|8nOraJ1y~lY zN4D-&8NHwB^vJ$a=BPQ1^o^|Q_kzVF$@it<)V4L+E==d#hNhE*4b3H@!Mo{J&Du%| z6T#2=6D4gL1s|N5aRt|#ewqebk!!I&w*A;%AV87cQ}icJs?x-yz|oC3nN!jm88=T? zr>VcC=cGru@pio###>EOwkmS9?MLlU8>)zg6f_h><=1KOMs}=Zq-t=X9~tw{nNgQ;-Ci0Zi^z>>{7f(kJKhrwk?m; zVm&ir+i!X`s$#xLJyIv@tQvdIRDw}Q)M@LE-w!jX8z(vYEtQLg&o+k?5xIQQm!hiN zQkF^g#AMRxLKx^MlNs-a;X~f^wBbX`rgr1D?AWPIi=$4kIO40_w>{4qCeorYM@;T{tufZ&RFLRug{#!9IMIzT*i8Inzp;~6YE7w7r7q3Y zkUd9+&ghWM)v(!AZcf`YsyKE$YR6W$>`Q&ZX@Za!PT@hj7sC#Yv_H${20y zE6a~Au8x~`>OggpxT`A7X)_o<%F@b1dBt--yXvz2y|j_GuZ^;8{V(Tt5 zjN5*?O}gh9X9iKmm`cTMnB}g$h_+bNNZs1P`NgY?k75R|Nb=ftfZj`$OkXN`Q8zuK z??lf}sfD<=p9EXmnW`?-)B`iKKd#o|-U8!F)Kb)H*44Q%R4Y;<#R8O@^|~z-_)}Y9 zyouAKa<)R!6aW7SeAsv4*NXq2pU;c${{iq0unxqxzZ={EUc!%m3VaOwGI%d|4|pf| zIj{ykj}QNs;Dg{IcnKf=-@wx#0b5`V+y`F7Z~qc_27CnE1mfFApbNIZJa{wsEI$07 zfOmtR0AI#u{{naxJOzFO?0~c2GA<*52hQcn{c{&)bT&*g(Gv2iV!`JQmTLJK)}Tppei`0< zt%+$JVKbY^QXV(LX|LdF`jAO+1e#cV8J0Z09^uVmyj6l5m;J65Q#yAfT=3TZJZG%A z;HEF3;W@SO2sSA;*{OjEMjmYBKAx1WEZAlmYx_N2nIpK`>xBW`rt0)g8b_5;>22*} z+u@Pgpn_B%Yu9?tG??~{XSH;G{?tICbxZAHqb5LJpyIf=on<}iyqHk$#;Jj|dz(QU zHU!!Js{Pl@#i-qjiE|&Az}rUd?<$ET5@H;Y!C%O*V1?SnA?@lw1?{=qvs>cG0iSkG zKDJ}DfN_6>h%RZ6T#w0tf%bD7j6 zMx-KL&ArhpxPfo`;m?Ay3F@~D?NvdrTuE^x-;kta_@Lr8pW%-wHV zT}I4x6eV#AZLHkFFf1Yz4q7CWrAJQMU~VmT1B- z_2aaa_4XUCmM49XXFExJ|A~+PS+EBZa2;F&XTVqS@jnHA5!?hz;77rKtam3w-!L10MxDU>W=f_zH22-v@G5|3UD6kb+roKe!9L z2HXj52mio1{WIWQ;H}^^Xn^NAr~gy%N${KCJs<);I1RqadHtus?|=+k1((4a!Hr!5Q#+AanCV;cVYc(bxI1)6b{fX2EsOdZrJc~xI&&iwV}-mB%F`;qA>Q`j3_@V8}C)C!P{jKUodRiuNE%BqYqd8(pGfZgSrv~<0 zf$GcG#B_8u`8KR6eXX{-Z6=QsJ<~6u`B|GX=1t1zAV$3nGeqTbi~Zj~E6Z-cvHIj* zuyOCHL7VfBgL{WAgCwPKKWXVgVg>!L($lKD>$VZQs%@88MC;ZbdYqY@WQV<-U@6uy zS5tdtBrC=(qN?~wGRd;_%hZj=a!BfXHb!rcW)xb&gzRayDC6h^Zr&W2#>kO25mR%E z=J0~B2OkFwqvmpcv_r<)gbYk*hb%7g90rFa*g&nzT!K;Woyd8g0|ib{~3*Z7Sb zV`U;t9Nk)-k&AXA17E3mipvzjbGbuxIIB($4p^$W{Z!CB;|23$H&C=ZCnv8?^TOroX>(GXU)pM@*;+HjzeJnX(Z&ZkFwZSgU+hfCk$ADp@HG99Y!=m|jA#521#4)#D`FnmN9yHbYdHz2Y&s#Lg?PBjWtPSj znQWuLi$#XobyCVW9mEeB7qHP(+uSA#OIG5#^+n_e58cfzJ?;re?aBP&EFVoF7m#_> z>5Lk?)!?`*bkSU{#R=Jv1O1~KHiA;T5{HR!R5>pFoz(xK-bb1e-DMFgKiaqFv5}7Z zvZRHqFr4S;HgcgowhJARolarxoXL#?6vD7!$AG4oK%L-*XIea|Nh=chBC%|AO$}FD zP87D985j1?Lt(uZ7yDS}C?<7XT4C^o%A+eT zL#-#%W_l0?a*M7rT<*EpO)0a^)3FSsw5_%XIQ7hde^<$k(M)1Uboaa)M#CV6QufU dyu6$XzcFT3#!MLm_*-&&)0aLEua1g1{x4WO;+p^f literal 0 HcmV?d00001 diff --git a/src/util.js b/src/util.js index eeb0e6f1..5ac8b269 100644 --- a/src/util.js +++ b/src/util.js @@ -114,9 +114,9 @@ _.assignIn(util, { */ hasAdminRole: (req) => { const isMachineToken = _.get(req, 'authUser.isMachine', false); - // const tokenScopes = _.get(req, 'authUser.scopes', []); + const tokenScopes = _.get(req, 'authUser.scopes', []); if (isMachineToken) { - // if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; + if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; return true; } let roles = _.get(req, 'authUser.roles', []); From 04ee4f292e2889506de1d1d4c4187961c6dde0ba Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 23 May 2018 14:08:05 +0530 Subject: [PATCH 34/36] fixing typo --- src/.util.js.swp | Bin 20480 -> 0 bytes src/util.js | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) delete mode 100644 src/.util.js.swp diff --git a/src/.util.js.swp b/src/.util.js.swp deleted file mode 100644 index 4c75e8ae09ee730226f8ea37d55ef5eec0944f8e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 20480 zcmeI3e~cu@RmU6R9|^G&z{Ch7l(KX2%&cc-cYQHA*6iW)-kxrW@AlYT9}!lv+dEUU z+j~9TbKO0=w>NCSQj$ON13@5&I6){tL?lPX${!Yg1Oig{1EL575ne!QxB_3G7ouWC1Et}b0tXPPq}&-Z)YZ9j19<6qqQ zckdIg_q^0^Z3mHLoc!2wjjKVD_5JXX_{K5C-(d?*@5RZr>8#c0CGn1KWsOuPyFp7& zr%7wNp9NuaCq0HjnOt(9wee0zh~loi~HSn?>sD!m;0ZW?DKY) z|5p?BU*Uewx%Z5#nAdm7<*VdC$$^psB?n3llpH8IP;#K;K*@oU10@Ga4wM}DKj46m zL;p(X{+&4Dod4(k|4Xm+ycfVfgHM2ugWm=32fLsHHh~W|z(sHmxCK1_8qa$c{5lwb zN5DDoI`G1sp7$@{x4}oj8u%%27Tgcs2<`%(yTkK71bpxY@Z78EBX}A-3EmAd5P~J} z0C*L6?)yCNZ@?ddKLDQuzXVpm-QY8?^1MF+zXAr}D!3QC8oUDh7tDA8d=WecJ_g# zTfup77Q7PtH35?+z|VtSPyt^dNb|?wL*Q4z4wwc1$lS^N{cRzbqSQg%Q#^^z`bnhL zn?aQ6B;~$E5J%N8-qT6TPj$Pl{3P-BA82;{UNuqkXI0Y7;zuQaf&6N%R%?bj+RC=o zSvB*Jq1lR~G*crQYTgo=HAGS&l1>njirap=ROrNZw$G{}NoT~nJn+tZrzd$A=fJ(!-F z;`78g^84BL3d2t8Dv{UMGeg6=GBr7!lV?Y%P&4wpFcsIETRN*I`g&beB>gci>NHJP zDs}bv+iF%A4uqdPZmP_**c_#Tj;e~}we^kVPBn|K>1eeT_hd+G%Wqk{yuP}yd}VR9 zxv+fs^5VkU`jwUCpO*Kz^Ou$`*VNg0HB-w8%cNVnLN!P)ncGQvO^DX4*eENQg?5e` zMQVCc9EPnrPWHIk!%`41<29^6yv=kW*M?_?Q{OU~Hq=zw)2*Nr=(ZIJ555<~Ki-u4 zR0nYEx>76pdS4^UHc@5Uex}mxxF5EKO_?7=X0l~cEt$jOy{nU;voEvQri#^DGF=g37z$( zMnj?guIc@>+6hA0ert7ArC7et8I_y2mn*m+g<#OWU}`W|u4-Ks8XJ*#nXS@{$bCoy zvX~t~HY06msyN%$$zH(Db=0nEc0;rE7J6W4+OAuALJBr`WE`QA)UZ|8nOraJ1y~lY zN4D-&8NHwB^vJ$a=BPQ1^o^|Q_kzVF$@it<)V4L+E==d#hNhE*4b3H@!Mo{J&Du%| z6T#2=6D4gL1s|N5aRt|#ewqebk!!I&w*A;%AV87cQ}icJs?x-yz|oC3nN!jm88=T? zr>VcC=cGru@pio###>EOwkmS9?MLlU8>)zg6f_h><=1KOMs}=Zq-t=X9~tw{nNgQ;-Ci0Zi^z>>{7f(kJKhrwk?m; zVm&ir+i!X`s$#xLJyIv@tQvdIRDw}Q)M@LE-w!jX8z(vYEtQLg&o+k?5xIQQm!hiN zQkF^g#AMRxLKx^MlNs-a;X~f^wBbX`rgr1D?AWPIi=$4kIO40_w>{4qCeorYM@;T{tufZ&RFLRug{#!9IMIzT*i8Inzp;~6YE7w7r7q3Y zkUd9+&ghWM)v(!AZcf`YsyKE$YR6W$>`Q&ZX@Za!PT@hj7sC#Yv_H${20y zE6a~Au8x~`>OggpxT`A7X)_o<%F@b1dBt--yXvz2y|j_GuZ^;8{V(Tt5 zjN5*?O}gh9X9iKmm`cTMnB}g$h_+bNNZs1P`NgY?k75R|Nb=ftfZj`$OkXN`Q8zuK z??lf}sfD<=p9EXmnW`?-)B`iKKd#o|-U8!F)Kb)H*44Q%R4Y;<#R8O@^|~z-_)}Y9 zyouAKa<)R!6aW7SeAsv4*NXq2pU;c${{iq0unxqxzZ={EUc!%m3VaOwGI%d|4|pf| zIj{ykj}QNs;Dg{IcnKf=-@wx#0b5`V+y`F7Z~qc_27CnE1mfFApbNIZJa{wsEI$07 zfOmtR0AI#u{{naxJOzFO?0~c2GA<*52hQcn{c{&)bT&*g(Gv2iV!`JQmTLJK)}Tppei`0< zt%+$JVKbY^QXV(LX|LdF`jAO+1e#cV8J0Z09^uVmyj6l5m;J65Q#yAfT=3TZJZG%A z;HEF3;W@SO2sSA;*{OjEMjmYBKAx1WEZAlmYx_N2nIpK`>xBW`rt0)g8b_5;>22*} z+u@Pgpn_B%Yu9?tG??~{XSH;G{?tICbxZAHqb5LJpyIf=on<}iyqHk$#;Jj|dz(QU zHU!!Js{Pl@#i-qjiE|&Az}rUd?<$ET5@H;Y!C%O*V1?SnA?@lw1?{=qvs>cG0iSkG zKDJ}DfN_6>h%RZ6T#w0tf%bD7j6 zMx-KL&ArhpxPfo`;m?Ay3F@~D?NvdrTuE^x-;kta_@Lr8pW%-wHV zT}I4x6eV#AZLHkFFf1Yz4q7CWrAJQMU~VmT1B- z_2aaa_4XUCmM49XXFExJ|A~+PS+EBZa2;F&XTVqS@jnHA5!?hz;77rKtam3w-!L10MxDU>W=f_zH22-v@G5|3UD6kb+roKe!9L z2HXj52mio1{WIWQ;H}^^Xn^NAr~gy%N${KCJs<);I1RqadHtus?|=+k1((4a!Hr!5Q#+AanCV;cVYc(bxI1)6b{fX2EsOdZrJc~xI&&iwV}-mB%F`;qA>Q`j3_@V8}C)C!P{jKUodRiuNE%BqYqd8(pGfZgSrv~<0 zf$GcG#B_8u`8KR6eXX{-Z6=QsJ<~6u`B|GX=1t1zAV$3nGeqTbi~Zj~E6Z-cvHIj* zuyOCHL7VfBgL{WAgCwPKKWXVgVg>!L($lKD>$VZQs%@88MC;ZbdYqY@WQV<-U@6uy zS5tdtBrC=(qN?~wGRd;_%hZj=a!BfXHb!rcW)xb&gzRayDC6h^Zr&W2#>kO25mR%E z=J0~B2OkFwqvmpcv_r<)gbYk*hb%7g90rFa*g&nzT!K;Woyd8g0|ib{~3*Z7Sb zV`U;t9Nk)-k&AXA17E3mipvzjbGbuxIIB($4p^$W{Z!CB;|23$H&C=ZCnv8?^TOroX>(GXU)pM@*;+HjzeJnX(Z&ZkFwZSgU+hfCk$ADp@HG99Y!=m|jA#521#4)#D`FnmN9yHbYdHz2Y&s#Lg?PBjWtPSj znQWuLi$#XobyCVW9mEeB7qHP(+uSA#OIG5#^+n_e58cfzJ?;re?aBP&EFVoF7m#_> z>5Lk?)!?`*bkSU{#R=Jv1O1~KHiA;T5{HR!R5>pFoz(xK-bb1e-DMFgKiaqFv5}7Z zvZRHqFr4S;HgcgowhJARolarxoXL#?6vD7!$AG4oK%L-*XIea|Nh=chBC%|AO$}FD zP87D985j1?Lt(uZ7yDS}C?<7XT4C^o%A+eT zL#-#%W_l0?a*M7rT<*EpO)0a^)3FSsw5_%XIQ7hde^<$k(M)1Uboaa)M#CV6QufU dyu6$XzcFT3#!MLm_*-&&)0aLEua1g1{x4WO;+p^f diff --git a/src/util.js b/src/util.js index 5ac8b269..0afbdfb0 100644 --- a/src/util.js +++ b/src/util.js @@ -117,7 +117,7 @@ _.assignIn(util, { const tokenScopes = _.get(req, 'authUser.scopes', []); if (isMachineToken) { if (_.indexOf(tokenScopes, TOKEN_SCOPES.CONNECT_PROJECT_ADMIN) >= 0) return true; - return true; + return false; } let roles = _.get(req, 'authUser.roles', []); roles = roles.map(s => s.toLowerCase()); From 4554420eb12a86c4462325cce8206bcadf862062 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 12 Jun 2018 13:33:14 +0530 Subject: [PATCH 35/36] trigger dev build. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e2410dbf..a59f1239 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM node:8.2.1 -LABEL version="1.0" +LABEL version="1.2" LABEL description="Projects microservice" RUN apt-get update && \ From 11a6f164e554fdcd7781d76d06ac96c3f68511e2 Mon Sep 17 00:00:00 2001 From: Vikas Agarwal Date: Tue, 12 Jun 2018 14:02:14 +0530 Subject: [PATCH 36/36] Applying the test case failure fix in dev as well to promote the m2m changes to the production --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 39665962..7d8dd65e 100644 --- a/package.json +++ b/package.json @@ -16,7 +16,7 @@ "prestart": "npm run -s build", "start": "node dist", "start:dev": "NODE_ENV=development PORT=8001 nodemon -w src --exec \"babel-node src --presets es2015\" | ./node_modules/.bin/bunyan", - "test": "NODE_ENV=test npm run lint && NODE_ENV=test npm run sync:es && NODE_ENV=test ./node_modules/.bin/istanbul cover ./node_modules/mocha/bin/_mocha -- --compilers js:babel-core/register $(find src -path '*spec.js*')", + "test": "NODE_ENV=test npm run lint && NODE_ENV=test npm run sync:es && NODE_ENV=test npm run sync:db && NODE_ENV=test ./node_modules/.bin/istanbul cover ./node_modules/mocha/bin/_mocha -- --timeout 5000 --compilers js:babel-core/register $(find src -path '*spec.js*')", "test:watch": "NODE_ENV=test ./node_modules/.bin/mocha -w --compilers js:babel-core/register $(find src -path '*spec.js*')", "seed": "babel-node src/tests/seed.js --presets es2015" },