From a8c5c676d8772403bcacc4aa3a7851e6824dc523 Mon Sep 17 00:00:00 2001 From: sudhakaropsmx Date: Mon, 4 Mar 2024 16:56:49 +0530 Subject: [PATCH] OP-21860: Bugfix for platform service to cache UserGroups. --- .../gate/security/basic/BasicAuthProvider.java | 6 ++++++ .../gate/services/DefaultProviderLookupService.groovy | 2 +- .../spinnaker/gate/config/RetrofitConfig.groovy | 10 +++++----- .../spinnaker/gate/controllers/AuthController.groovy | 9 +++++++-- .../spinnaker/gate/services/ApplicationService.groovy | 2 +- .../com/netflix/spinnaker/gate/config/CamelConfig.java | 2 +- .../spinnaker/gate/config/MessageBrokerProperties.java | 2 +- .../netflix/spinnaker/gate/config/RabbitMQConfig.java | 2 +- .../gate/config/UserActivityRouteBuilder.java | 2 +- .../spinnaker/gate/audit/AuditRestApiHandler.java | 5 +++-- .../gate/audit/AuthenticationAuditListener.java | 4 +++- .../gate/audit/UserActivityAuditListener.java | 2 ++ .../opsmx/spinnaker/gate/cache/OesCacheManager.java | 2 ++ .../gate/cache/dashboard/DatasourceCachingImpl.java | 2 ++ .../gate/controller/DatasourceCachingController.java | 2 ++ .../dashboard/DashboardCachingServiceBeanFactory.java | 2 ++ .../platform/PlatformCachingServiceBeanFactory.java | 2 ++ .../spinnaker/gate/feignclient/DashboardClient.java | 2 ++ .../opsmx/spinnaker/gate/service/AdminAuthService.java | 2 ++ .../gate/service/DatasourceCachingServiceImpl.java | 4 +++- .../gate/services/CredentialsServiceSpec.groovy | 2 +- 21 files changed, 50 insertions(+), 18 deletions(-) diff --git a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java index 029b939ac0..90d92c2aa3 100644 --- a/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java +++ b/gate-basic/src/main/java/com/netflix/spinnaker/gate/security/basic/BasicAuthProvider.java @@ -23,6 +23,7 @@ import java.util.List; import java.util.stream.Collectors; import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Value; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -37,6 +38,8 @@ public class BasicAuthProvider implements AuthenticationProvider { private final PermissionService permissionService; private final OesAuthorizationService oesAuthorizationService; + @Value("${services.platform.enabled:false}") + private boolean isPlatformEnabled; private List roles; private String name; private String password; @@ -71,8 +74,11 @@ public Authentication authenticate(Authentication authentication) throws Authent roles.stream().map(role -> new SimpleGrantedAuthority(role)).collect(Collectors.toList()); // Updating roles in fiat service permissionService.loginWithRoles(name, roles); + log.info("Platform service enabled value :{}",isPlatformEnabled); // Updating roles in platform service + if(isPlatformEnabled){ oesAuthorizationService.cacheUserGroups(roles, name); + } } return new UsernamePasswordAuthenticationToken(user, password, grantedAuthorities); diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/DefaultProviderLookupService.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/DefaultProviderLookupService.groovy index bcbf9411f8..12ec003e8f 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/DefaultProviderLookupService.groovy +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/DefaultProviderLookupService.groovy @@ -48,7 +48,7 @@ class DefaultProviderLookupService implements ProviderLookupService, AccountLook private final AtomicReference> accountsCache = new AtomicReference<>([]) - @Value('${gate.installation.mode}') + @Value('${gate.installation.mode:common}') GateInstallationModes gateInstallationMode @Autowired diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/RetrofitConfig.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/RetrofitConfig.groovy index 360d024638..8f6f75b54d 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/RetrofitConfig.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/RetrofitConfig.groovy @@ -33,11 +33,11 @@ import java.util.concurrent.TimeUnit @ConfigurationProperties(prefix = "retrofit") class RetrofitConfig { - Long connectTimeout - Long readTimeout - Long callTimeout - Long writeTimeout - Boolean retryOnConnectionFailure + Long connectTimeout = 60000 + Long readTimeout = 60000 + Long callTimeout = 60000 + Long writeTimeout = 60000 + Boolean retryOnConnectionFailure = true @Bean @Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE) diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy index 5eb316e41f..5ba2b09dc2 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AuthController.groovy @@ -22,6 +22,7 @@ import com.netflix.spinnaker.gate.services.UserInfoService import com.netflix.spinnaker.gate.services.internal.OpsmxOesService import com.netflix.spinnaker.security.AuthenticatedRequest import com.netflix.spinnaker.security.User +import com.opsmx.spinnaker.gate.model.UserInfoDetailsModel import groovy.util.logging.Slf4j import io.swagger.annotations.ApiOperation import org.springframework.beans.factory.annotation.Autowired @@ -62,7 +63,7 @@ class AuthController { @Autowired UserInfoService userInfoService - @Autowired + @Autowired(required=false) OpsmxOesService opsmxOesService @Autowired @@ -171,15 +172,19 @@ class AuthController { @ApiOperation(value = "Get user Details with cloudAccounts") @RequestMapping(value = "/userInfo", method = RequestMethod.GET) Object userInfo(@ApiIgnore @SpinnakerUser User user) { + if (opsmxOesService != null) { if (!user) { throw new Exception("UnAuthorized User") } - def fiatRoles = permissionService.getRoles(user.username)?.collect{ it.name } + def fiatRoles = permissionService.getRoles(user.username)?.collect { it.name } if (fiatRoles) { user.roles = fiatRoles } def response = opsmxOesService.getOesResponse5( "accountsConfig", "v3", "spinnaker", "cloudProviderAccount", false, false) return userInfoService.getAllInfoOfUser(user, response) + } else{ + return new UserInfoDetailsModel(); + } } } diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/ApplicationService.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/ApplicationService.groovy index 2b3a979f28..bce6ca4d9b 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/ApplicationService.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/services/ApplicationService.groovy @@ -57,7 +57,7 @@ class ApplicationService { @Autowired ExecutorService executorService - @Value('${gate.installation.mode}') + @Value('${gate.installation.mode:common}') GateInstallationModes gateInstallationMode diff --git a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/CamelConfig.java b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/CamelConfig.java index 8b91b6c8df..cb0a2a4f33 100644 --- a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/CamelConfig.java +++ b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/CamelConfig.java @@ -28,7 +28,7 @@ @Slf4j @Configuration -@ConditionalOnExpression("${message-broker.enabled:true}") +@ConditionalOnExpression("${message-broker.enabled:false}") public class CamelConfig { @Autowired private UserActivityRouteBuilder userActivityRouteBuilder; diff --git a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/MessageBrokerProperties.java b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/MessageBrokerProperties.java index 00d01b9ba6..e09f1aada6 100644 --- a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/MessageBrokerProperties.java +++ b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/MessageBrokerProperties.java @@ -25,7 +25,7 @@ @Data @Configuration @ConfigurationProperties(prefix = "message-broker") -@ConditionalOnExpression("${message-broker.enabled:true}") +@ConditionalOnExpression("${message-broker.enabled:false}") @EnableConfigurationProperties({ MessageBrokerProperties.class, MessageBrokerProperties.Endpoint.class diff --git a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/RabbitMQConfig.java b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/RabbitMQConfig.java index f8b8c63155..bfe5673969 100644 --- a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/RabbitMQConfig.java +++ b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/RabbitMQConfig.java @@ -22,7 +22,7 @@ import org.springframework.context.annotation.Configuration; @Configuration -@ConditionalOnExpression("${message-broker.enabled:true}") +@ConditionalOnExpression("${message-broker.enabled:false}") @ConditionalOnProperty(value = "message-broker.endpoint.name", havingValue = "rabbitmq") public class RabbitMQConfig implements CamelRouteConfig { diff --git a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/UserActivityRouteBuilder.java b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/UserActivityRouteBuilder.java index bcf665c7aa..25e12419b1 100644 --- a/gate-web/src/main/java/com/netflix/spinnaker/gate/config/UserActivityRouteBuilder.java +++ b/gate-web/src/main/java/com/netflix/spinnaker/gate/config/UserActivityRouteBuilder.java @@ -24,7 +24,7 @@ import org.springframework.context.annotation.Configuration; @Configuration -@ConditionalOnExpression("${message-broker.enabled:true}") +@ConditionalOnExpression("${message-broker.enabled:false}") public class UserActivityRouteBuilder extends RouteBuilder { private final String userActivity = "userActivity"; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java index eb525825dd..7aa557a947 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuditRestApiHandler.java @@ -27,13 +27,14 @@ import org.springframework.cloud.openfeign.EnableFeignClients; import org.springframework.stereotype.Component; + +@ConditionalOnExpression("${services.auditservice.enabled:false}") @Component @EnableFeignClients(basePackageClasses = AuditService.class) -@ConditionalOnExpression("${services.auditservice.enabled:true}") @Slf4j public class AuditRestApiHandler implements AuditHandler { - @Autowired private AuditService auditService; + @Autowired(required = false) private AuditService auditService; Gson gson = new Gson(); @Override diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java index c60938d6d2..ab2e3b3f12 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java @@ -27,6 +27,7 @@ import org.apache.camel.ProducerTemplate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.actuate.security.AbstractAuthenticationAuditListener; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.context.annotation.Lazy; import org.springframework.scheduling.annotation.Async; import org.springframework.scheduling.annotation.EnableAsync; @@ -37,10 +38,11 @@ @Slf4j @Component +@ConditionalOnExpression("${services.auditservice.enabled:false}") @EnableAsync public class AuthenticationAuditListener extends AbstractAuthenticationAuditListener { - @Autowired private AuditHandler auditHandler; + @Autowired(required = false) private AuditHandler auditHandler; @Autowired @Lazy private ProducerTemplate template; Gson gson = new Gson(); diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/UserActivityAuditListener.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/UserActivityAuditListener.java index 91ffaedc73..9b1e8cea7f 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/UserActivityAuditListener.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/UserActivityAuditListener.java @@ -27,6 +27,7 @@ import lombok.extern.slf4j.Slf4j; import org.apache.camel.ProducerTemplate; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.context.ApplicationEvent; import org.springframework.context.ApplicationListener; import org.springframework.context.annotation.Lazy; @@ -37,6 +38,7 @@ @Slf4j @Component +@ConditionalOnExpression("${services.auditservice.enabled:false}") @EnableAsync public class UserActivityAuditListener implements ApplicationListener { diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/OesCacheManager.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/OesCacheManager.java index 90653b699d..9b9190326d 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/OesCacheManager.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/OesCacheManager.java @@ -20,6 +20,7 @@ import java.util.concurrent.TimeUnit; import lombok.Getter; import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.cache.CacheManager; import org.springframework.cache.caffeine.CaffeineCacheManager; import org.springframework.cache.concurrent.ConcurrentMapCacheManager; @@ -28,6 +29,7 @@ import org.springframework.context.annotation.Primary; @Configuration +@ConditionalOnExpression("${services.dashboard.enabled:false}") public class OesCacheManager { @Getter private CacheManager concurrentMapCacheManager; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/dashboard/DatasourceCachingImpl.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/dashboard/DatasourceCachingImpl.java index 29f3350201..8ef8edad57 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/dashboard/DatasourceCachingImpl.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/cache/dashboard/DatasourceCachingImpl.java @@ -18,9 +18,11 @@ import java.util.Map; import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.stereotype.Component; @Slf4j +@ConditionalOnExpression("${services.dashboard.enabled:false}") @Component public class DatasourceCachingImpl implements DatasourceCaching { diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/controller/DatasourceCachingController.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/controller/DatasourceCachingController.java index 51d62c4aaa..223dc5a123 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/controller/DatasourceCachingController.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/controller/DatasourceCachingController.java @@ -19,11 +19,13 @@ import com.opsmx.spinnaker.gate.model.DatasourceRequestModel; import com.opsmx.spinnaker.gate.service.DatasourceCachingServiceImpl; import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; @Slf4j +@ConditionalOnExpression("${services.dashboard.enabled:false}") @RestController @RequestMapping(value = "/datasource/cache") public class DatasourceCachingController { diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/dashboard/DashboardCachingServiceBeanFactory.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/dashboard/DashboardCachingServiceBeanFactory.java index b92573760f..ce11eec55c 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/dashboard/DashboardCachingServiceBeanFactory.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/dashboard/DashboardCachingServiceBeanFactory.java @@ -20,9 +20,11 @@ import com.opsmx.spinnaker.gate.service.DashboardCachingService; import com.opsmx.spinnaker.gate.service.DatasourceCachingServiceImpl; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.stereotype.Component; @Component +@ConditionalOnExpression("${services.dashboard.enabled:false}") public class DashboardCachingServiceBeanFactory { @Autowired private DatasourceCachingServiceImpl datasourceCachingService; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/platform/PlatformCachingServiceBeanFactory.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/platform/PlatformCachingServiceBeanFactory.java index 3d7093e903..0cd643567e 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/platform/PlatformCachingServiceBeanFactory.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/factory/platform/PlatformCachingServiceBeanFactory.java @@ -21,9 +21,11 @@ import com.opsmx.spinnaker.gate.service.PlatformCachingService; import com.opsmx.spinnaker.gate.util.CacheUtil; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.stereotype.Component; @Component +@ConditionalOnExpression("${services.platform.enabled:false}") public class PlatformCachingServiceBeanFactory { @Autowired private AdminAuthService adminAuthService; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java index 2a935e32cd..65f29167b1 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/feignclient/DashboardClient.java @@ -18,6 +18,8 @@ import com.opsmx.spinnaker.gate.cache.Constants; import java.util.Map; + +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/AdminAuthService.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/AdminAuthService.java index e3a878758b..9fc28ada94 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/AdminAuthService.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/AdminAuthService.java @@ -23,12 +23,14 @@ import java.util.Set; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.cache.CacheManager; import org.springframework.cache.caffeine.CaffeineCache; import org.springframework.stereotype.Service; @Slf4j @Service +@ConditionalOnExpression("${services.platform.enabled:false}") public class AdminAuthService implements PlatformCachingService { private Gson gson = new Gson(); diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java index ec0e4ad7c1..a8c5377ffc 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/service/DatasourceCachingServiceImpl.java @@ -27,11 +27,13 @@ import java.util.stream.Collectors; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.cache.CacheManager; import org.springframework.cache.concurrent.ConcurrentMapCache; import org.springframework.stereotype.Service; @Slf4j +@ConditionalOnExpression("${services.dashboard.enabled:false}") @Service public class DatasourceCachingServiceImpl implements DashboardCachingService { @@ -41,7 +43,7 @@ public class DatasourceCachingServiceImpl implements DashboardCachingService { @Autowired private DatasourceCaching datasourceCaching; - @Autowired private DashboardClient dashboardClient; + @Autowired(required = false) private DashboardClient dashboardClient; @Override public void cacheResponse(Object response, String userName) { diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/CredentialsServiceSpec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/CredentialsServiceSpec.groovy index e9c4aa0735..dd6e3039f5 100644 --- a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/CredentialsServiceSpec.groovy +++ b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/services/CredentialsServiceSpec.groovy @@ -18,7 +18,7 @@ package com.netflix.spinnaker.gate.services import com.netflix.spinnaker.fiat.shared.FiatStatus - +import com.netflix.spinnaker.gate.services.internal.ClouddriverService import spock.lang.Specification import spock.lang.Subject import spock.lang.Unroll