Merge branch 'RED-7006-passwords' into 'main'
Red-7006 Hide passwords only for external controller See merge request fforesight/tenant-user-management-service!7
This commit is contained in:
commit
d5a14a5bf3
@ -6,6 +6,7 @@ import static com.knecon.fforesight.tenantusermanagement.permissions.UserManagem
|
||||
import static com.knecon.fforesight.tenantusermanagement.permissions.UserManagementPermissions.UPDATE_TENANT;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
@ -47,15 +48,16 @@ public class TenantsController implements TenantsResource, PublicResource {
|
||||
|
||||
@PreAuthorize("hasAuthority('" + GET_TENANTS + "')")
|
||||
public List<TenantResponse> getTenants() {
|
||||
|
||||
return tenantManagementService.getTenants();
|
||||
List<TenantResponse> tenants = tenantManagementService.getTenants();
|
||||
return tenants.stream().map(tenantManagementService::removePasswords).collect(Collectors.toList());
|
||||
}
|
||||
|
||||
|
||||
@PreAuthorize("hasAuthority('" + GET_TENANTS + "')")
|
||||
public TenantResponse getTenant(String tenantId) {
|
||||
|
||||
return tenantManagementService.getTenant(tenantId);
|
||||
TenantResponse tenantResponse = tenantManagementService.getTenant(tenantId);
|
||||
return tenantManagementService.removePasswords(tenantResponse);
|
||||
}
|
||||
|
||||
|
||||
@ -68,7 +70,8 @@ public class TenantsController implements TenantsResource, PublicResource {
|
||||
public TenantResponse updateTenant(String tenantId,
|
||||
@RequestBody TenantRequest tenantRequest) {
|
||||
|
||||
return tenantManagementService.updateTenant(tenantId, tenantRequest);
|
||||
TenantResponse tenantResponse = tenantManagementService.updateTenant(tenantId, tenantRequest);
|
||||
return tenantManagementService.removePasswords(tenantResponse);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -4,7 +4,6 @@ import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.sql.Connection;
|
||||
import java.sql.DriverManager;
|
||||
import java.sql.PreparedStatement;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
@ -14,7 +13,6 @@ import java.util.UUID;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
import javax.ws.rs.ClientErrorException;
|
||||
|
||||
import org.keycloak.representations.idm.ClientRepresentation;
|
||||
import org.keycloak.representations.idm.CredentialRepresentation;
|
||||
@ -26,7 +24,6 @@ import org.springframework.amqp.rabbit.core.RabbitTemplate;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
import org.springframework.jdbc.core.StatementCallback;
|
||||
import org.springframework.jdbc.datasource.SingleConnectionDataSource;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
@ -66,6 +63,7 @@ public class TenantManagementService implements TenantProvider {
|
||||
private static final Long MAX_WAIT_TIME = 60_000L; // 60 seconds
|
||||
private static final String FRONTEND_URL_PROPERTY = "frontendUrl";
|
||||
private static final Set<String> SUPPORTED_DATABASES = Set.of("postgresql");
|
||||
private static final String PASSWORD = "**********";
|
||||
|
||||
private final EncryptionDecryptionService encryptionService;
|
||||
private final TenantRepository tenantRepository;
|
||||
@ -447,6 +445,27 @@ public class TenantManagementService implements TenantProvider {
|
||||
return tenantRepository.findAll().stream().map(this::convert).collect(Collectors.toList());
|
||||
}
|
||||
|
||||
public TenantResponse removePasswords(TenantResponse tenantResponse) {
|
||||
|
||||
if (tenantResponse.getDatabaseConnection() != null) {
|
||||
tenantResponse.getDatabaseConnection().setPassword(PASSWORD);
|
||||
}
|
||||
|
||||
if (tenantResponse.getSearchConnection() != null) {
|
||||
tenantResponse.getSearchConnection().setPassword(PASSWORD);
|
||||
}
|
||||
|
||||
if (tenantResponse.getAzureStorageConnection() != null) {
|
||||
tenantResponse.getAzureStorageConnection().setConnectionString(PASSWORD);
|
||||
}
|
||||
|
||||
if (tenantResponse.getS3StorageConnection() != null){
|
||||
tenantResponse.getS3StorageConnection().setSecret(PASSWORD);
|
||||
}
|
||||
|
||||
return tenantResponse;
|
||||
}
|
||||
|
||||
|
||||
private TenantResponse convert(TenantEntity entity) {
|
||||
|
||||
@ -469,6 +488,7 @@ public class TenantManagementService implements TenantProvider {
|
||||
.schema(entity.getDatabaseConnection().getSchema())
|
||||
.username(entity.getDatabaseConnection().getUsername())
|
||||
.params(entity.getDatabaseConnection().getParams())
|
||||
.password(entity.getDatabaseConnection().getPassword())
|
||||
.build())
|
||||
.searchConnection(SearchConnection.builder()
|
||||
.hosts(entity.getSearchConnection().getHosts())
|
||||
@ -477,6 +497,7 @@ public class TenantManagementService implements TenantProvider {
|
||||
.username(entity.getSearchConnection().getUsername())
|
||||
.numberOfShards(entity.getSearchConnection().getNumberOfShards())
|
||||
.numberOfReplicas(entity.getSearchConnection().getNumberOfReplicas())
|
||||
.password(entity.getSearchConnection().getPassword())
|
||||
.build())
|
||||
.build();
|
||||
|
||||
|
||||
@ -33,6 +33,8 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest {
|
||||
@Autowired
|
||||
private EncryptionDecryptionService encryptionService;
|
||||
|
||||
private static final String PASSWORD = "**********";
|
||||
|
||||
|
||||
@Test
|
||||
public void testCreateNewTenant() {
|
||||
@ -89,8 +91,8 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest {
|
||||
|
||||
var updatedTenant = tenantsClient.updateTenant("new_tenant", tenantRequest);
|
||||
|
||||
tenantRequest.getSearchConnection().setPassword(null);
|
||||
tenantRequest.getDatabaseConnection().setPassword(null);
|
||||
tenantRequest.getSearchConnection().setPassword(PASSWORD);
|
||||
tenantRequest.getDatabaseConnection().setPassword(PASSWORD);
|
||||
|
||||
assertThat(updatedTenant.getDisplayName()).isEqualTo(tenantRequest.getDisplayName());
|
||||
assertThat(updatedTenant.getSearchConnection()).isEqualTo(tenantRequest.getSearchConnection());
|
||||
@ -103,6 +105,7 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest {
|
||||
assertThat(tenantEntity.getSearchConnection()).isEqualTo(tenantRequest.getSearchConnection());
|
||||
assertThat(tenantEntity.getDatabaseConnection()).isEqualTo(tenantRequest.getDatabaseConnection());
|
||||
assertThat(tenantEntity.getS3StorageConnection().getBucketName()).isEqualTo("redaction2");
|
||||
assertThat(tenantEntity.getS3StorageConnection().getSecret()).isEqualTo(PASSWORD);
|
||||
|
||||
tenantRequest.setS3StorageConnection(null);
|
||||
|
||||
@ -174,4 +177,21 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest {
|
||||
TenantContext.clear();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRemovePasswords() {
|
||||
testTenantService.createTestTenantIfNotExists("new_tenant_passwords", minioPort);
|
||||
|
||||
TenantContext.setTenantId("new_tenant_passwords");
|
||||
|
||||
var tenant = tenantsClient.getTenant("new_tenant_passwords");
|
||||
assertThat(tenant.getDatabaseConnection()).isNotNull();
|
||||
assertThat(tenant.getDatabaseConnection().getPassword()).isEqualTo(PASSWORD);
|
||||
assertThat(tenant.getSearchConnection()).isNotNull();
|
||||
assertThat(tenant.getSearchConnection().getPassword()).isEqualTo(PASSWORD);
|
||||
assertThat(tenant.getS3StorageConnection()).isNotNull();
|
||||
assertThat(tenant.getS3StorageConnection().getSecret()).isEqualTo(PASSWORD);
|
||||
|
||||
TenantContext.clear();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user