From caf0b63daaade0d307b5095753d7affebca3ed01 Mon Sep 17 00:00:00 2001 From: devplant Date: Tue, 28 Mar 2023 13:09:57 +0300 Subject: [PATCH 1/2] RED-6265 - Bulk dossier stats endpoint does not return dossier stats of dossiers, for which the current dossier does not have access permissions - update to VIEW_ACCESS - remove deprecated --- .../v1/external/api/impl/controller/DossierStatsController.java | 2 +- .../service/v1/api/external/resource/DossierStatsResource.java | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/DossierStatsController.java b/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/DossierStatsController.java index f880671e2..cad6c04b0 100644 --- a/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/DossierStatsController.java +++ b/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/DossierStatsController.java @@ -38,7 +38,7 @@ public class DossierStatsController implements DossierStatsResource { @Override @PreAuthorize("hasAuthority('" + READ_DOSSIER + "')") - @PreFilter("hasPermission(filterObject, 'Dossier', 'ACCESS_OBJECT')") + @PreFilter("hasPermission(filterObject, 'Dossier', 'VIEW_OBJECT')") public List getDossierStats(@RequestBody Set dossierIds) { return dossierIds.stream().map(dossierStatsService::getDossierStats).collect(Collectors.toList()); diff --git a/persistence-service-v1/persistence-service-external-api-v1/src/main/java/com/iqser/red/service/persistence/service/v1/api/external/resource/DossierStatsResource.java b/persistence-service-v1/persistence-service-external-api-v1/src/main/java/com/iqser/red/service/persistence/service/v1/api/external/resource/DossierStatsResource.java index c624f8778..edf7af2c4 100644 --- a/persistence-service-v1/persistence-service-external-api-v1/src/main/java/com/iqser/red/service/persistence/service/v1/api/external/resource/DossierStatsResource.java +++ b/persistence-service-v1/persistence-service-external-api-v1/src/main/java/com/iqser/red/service/persistence/service/v1/api/external/resource/DossierStatsResource.java @@ -26,7 +26,6 @@ public interface DossierStatsResource { String DOSSIER_ID_PATH_PARAM = "/{" + DOSSIER_ID_PARAM + "}"; - @Deprecated @ResponseBody @ResponseStatus(value = HttpStatus.OK) @GetMapping(value = DOSSIER_STATS_REST_PATH + DOSSIER_ID_PATH_PARAM, produces = MediaType.APPLICATION_JSON_VALUE) @@ -35,7 +34,6 @@ public interface DossierStatsResource { DossierStats getDossierStats(@PathVariable(DOSSIER_ID_PARAM) String dossierId); - @Deprecated @ResponseBody @ResponseStatus(value = HttpStatus.OK) @PostMapping(value = DOSSIER_STATS_REST_PATH, produces = MediaType.APPLICATION_JSON_VALUE) From 0e4112645d01b9a9d66cb37b22639fab0f2a61d0 Mon Sep 17 00:00:00 2001 From: devplant Date: Tue, 28 Mar 2023 15:31:13 +0300 Subject: [PATCH 2/2] RED-6265 - Bulk dossier stats endpoint does not return dossier stats of dossiers, for which the current dossier does not have access permissions - fix pmd rules --- .../api/impl/multitenacy/HeaderBasedKeycloakRealmResolver.java | 3 +++ .../v1/processor/service/TenantManagementService.java | 1 + 2 files changed, 4 insertions(+) diff --git a/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/multitenacy/HeaderBasedKeycloakRealmResolver.java b/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/multitenacy/HeaderBasedKeycloakRealmResolver.java index a7df36a1f..dded9ac7c 100644 --- a/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/multitenacy/HeaderBasedKeycloakRealmResolver.java +++ b/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/multitenacy/HeaderBasedKeycloakRealmResolver.java @@ -57,6 +57,9 @@ public class HeaderBasedKeycloakRealmResolver implements KeycloakConfigResolver } + // PMD marks this as unused, although it is clearly used. + // This seems to be a bug in PMD. + @SuppressWarnings("PMD.UnusedPrivateMethod") @SneakyThrows private String getTenantFromBearerToken(HttpFacade.Request request) { diff --git a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/TenantManagementService.java b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/TenantManagementService.java index 7da315907..7991b42a8 100644 --- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/TenantManagementService.java +++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/TenantManagementService.java @@ -87,6 +87,7 @@ public class TenantManagementService { private final GeneralConfigurationService generalConfigurationService; private final KeyCloakRoleManagerService keyCloakRoleManagerService; private final KeyCloakAdminClientService keycloak; + @SuppressWarnings("PMD.UnusedPrivateField") private final KeyCloakSettings keyCloakSettings;