Search in sources :

Example 1 with RequestEmailSubscriptionProperties

use of com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties in project notifications-backend by RedHatInsights.

the class EndpointResource method getOrCreateEmailSubscriptionEndpoint.

@POST
@Path("/system/email_subscription")
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
@RolesAllowed(ConsoleIdentityProvider.RBAC_READ_INTEGRATIONS_ENDPOINTS)
@Transactional
public Endpoint getOrCreateEmailSubscriptionEndpoint(@Context SecurityContext sec, @NotNull @Valid RequestEmailSubscriptionProperties requestProps) {
    RhIdPrincipal principal = (RhIdPrincipal) sec.getUserPrincipal();
    if (requestProps.getGroupId() != null && requestProps.isOnlyAdmins()) {
        throw new BadRequestException(String.format("Cannot use RBAC groups and only admins in the same endpoint"));
    }
    if (requestProps.getGroupId() != null) {
        boolean isValid = rbacGroupValidator.validate(requestProps.getGroupId(), principal.getIdentity().rawIdentity);
        if (!isValid) {
            throw new BadRequestException(String.format("Invalid RBAC group identified with id %s", requestProps.getGroupId()));
        }
    }
    // Prevent from creating not public facing properties
    EmailSubscriptionProperties properties = new EmailSubscriptionProperties();
    properties.setOnlyAdmins(requestProps.isOnlyAdmins());
    properties.setGroupId(requestProps.getGroupId());
    return endpointRepository.getOrCreateEmailSubscriptionEndpoint(principal.getAccount(), properties);
}
Also used : RequestEmailSubscriptionProperties(com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties) EmailSubscriptionProperties(com.redhat.cloud.notifications.models.EmailSubscriptionProperties) RhIdPrincipal(com.redhat.cloud.notifications.auth.principal.rhid.RhIdPrincipal) BadRequestException(javax.ws.rs.BadRequestException) Path(javax.ws.rs.Path) RolesAllowed(javax.annotation.security.RolesAllowed) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Transactional(javax.transaction.Transactional)

Example 2 with RequestEmailSubscriptionProperties

use of com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties in project notifications-backend by RedHatInsights.

the class EndpointResourceTest method testAddEndpointEmailSubscription.

@Test
void testAddEndpointEmailSubscription() {
    String tenant = "adding-email-subscription";
    String orgId = "adding-email-subscription2";
    String userName = "user";
    String identityHeaderValue = TestHelpers.encodeRHIdentityInfo(tenant, orgId, userName);
    Header identityHeader = TestHelpers.createRHIdentityHeader(identityHeaderValue);
    MockServerConfig.addMockRbacAccess(identityHeaderValue, MockServerConfig.RbacAccess.FULL_ACCESS);
    // EmailSubscription can't be created
    EmailSubscriptionProperties properties = new EmailSubscriptionProperties();
    Endpoint ep = new Endpoint();
    ep.setType(EndpointType.EMAIL_SUBSCRIPTION);
    ep.setName("Endpoint: EmailSubscription");
    ep.setDescription("Subscribe!");
    ep.setEnabled(true);
    ep.setProperties(properties);
    String stringResponse = given().header(identityHeader).when().contentType(JSON).body(Json.encode(ep)).post("/endpoints").then().statusCode(400).extract().asString();
    assertSystemEndpointTypeError(stringResponse, EndpointType.EMAIL_SUBSCRIPTION);
    RequestEmailSubscriptionProperties requestProps = new RequestEmailSubscriptionProperties();
    // EmailSubscription can be fetch from the properties
    Response response = given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(200).contentType(JSON).extract().response();
    JsonObject responsePoint = new JsonObject(response.getBody().asString());
    responsePoint.mapTo(Endpoint.class);
    assertNotNull(responsePoint.getString("id"));
    // It is always enabled
    assertEquals(true, responsePoint.getBoolean("enabled"));
    // Calling again yields the same endpoint id
    String defaultEndpointId = responsePoint.getString("id");
    response = given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(200).contentType(JSON).extract().response();
    responsePoint = new JsonObject(response.getBody().asString());
    responsePoint.mapTo(Endpoint.class);
    assertEquals(defaultEndpointId, responsePoint.getString("id"));
    // Different properties are different endpoints
    Set<String> endpointIds = new HashSet<>();
    endpointIds.add(defaultEndpointId);
    requestProps.setOnlyAdmins(true);
    response = given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(200).contentType(JSON).extract().response();
    responsePoint = new JsonObject(response.getBody().asString());
    responsePoint.mapTo(Endpoint.class);
    assertFalse(endpointIds.contains(responsePoint.getString("id")));
    endpointIds.add(responsePoint.getString("id"));
    response = given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(200).contentType(JSON).extract().response();
    responsePoint = new JsonObject(response.getBody().asString());
    responsePoint.mapTo(Endpoint.class);
    assertTrue(endpointIds.contains(responsePoint.getString("id")));
    // It is not possible to delete it
    stringResponse = given().header(identityHeader).when().delete("/endpoints/" + defaultEndpointId).then().statusCode(400).extract().asString();
    assertSystemEndpointTypeError(stringResponse, EndpointType.EMAIL_SUBSCRIPTION);
    // It is not possible to disable or enable it
    stringResponse = given().header(identityHeader).when().delete("/endpoints/" + defaultEndpointId + "/enable").then().statusCode(400).extract().asString();
    assertSystemEndpointTypeError(stringResponse, EndpointType.EMAIL_SUBSCRIPTION);
    stringResponse = given().header(identityHeader).when().put("/endpoints/" + defaultEndpointId + "/enable").then().statusCode(400).extract().asString();
    assertSystemEndpointTypeError(stringResponse, EndpointType.EMAIL_SUBSCRIPTION);
    // It is not possible to update it
    stringResponse = given().header(identityHeader).contentType(JSON).body(Json.encode(ep)).when().put("/endpoints/" + defaultEndpointId).then().statusCode(400).extract().asString();
    assertSystemEndpointTypeError(stringResponse, EndpointType.EMAIL_SUBSCRIPTION);
    // It is not possible to update it to other type
    ep.setType(EndpointType.WEBHOOK);
    WebhookProperties webhookProperties = new WebhookProperties();
    webhookProperties.setMethod(HttpType.POST);
    webhookProperties.setDisableSslVerification(false);
    webhookProperties.setSecretToken("my-super-secret-token");
    webhookProperties.setUrl(getMockServerUrl());
    ep.setProperties(webhookProperties);
    stringResponse = given().header(identityHeader).contentType(JSON).body(Json.encode(ep)).when().put("/endpoints/" + defaultEndpointId).then().statusCode(400).extract().asString();
    assertSystemEndpointTypeError(stringResponse, EndpointType.EMAIL_SUBSCRIPTION);
}
Also used : Response(io.restassured.response.Response) RequestEmailSubscriptionProperties(com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties) Header(io.restassured.http.Header) Endpoint(com.redhat.cloud.notifications.models.Endpoint) RequestEmailSubscriptionProperties(com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties) EmailSubscriptionProperties(com.redhat.cloud.notifications.models.EmailSubscriptionProperties) WebhookProperties(com.redhat.cloud.notifications.models.WebhookProperties) JsonObject(io.vertx.core.json.JsonObject) HashSet(java.util.HashSet) Test(org.junit.jupiter.api.Test) QuarkusTest(io.quarkus.test.junit.QuarkusTest) DbIsolatedTest(com.redhat.cloud.notifications.db.DbIsolatedTest) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 3 with RequestEmailSubscriptionProperties

use of com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties in project notifications-backend by RedHatInsights.

the class EndpointResourceTest method testAddEndpointEmailSubscriptionRbac.

@Test
void testAddEndpointEmailSubscriptionRbac() {
    String tenant = "adding-email-subscription";
    String orgId = "adding-email-subscription2";
    String userName = "user";
    String validGroupId = "f85517d0-063b-4eed-a501-e79ffc1f5ad3";
    String unknownGroupId = "f44f50d5-acab-482c-a3cf-087faf2c709c";
    String identityHeaderValue = TestHelpers.encodeRHIdentityInfo(tenant, orgId, userName);
    Header identityHeader = TestHelpers.createRHIdentityHeader(identityHeaderValue);
    MockServerConfig.addMockRbacAccess(identityHeaderValue, MockServerConfig.RbacAccess.FULL_ACCESS);
    MockServerConfig.addGroupResponse(identityHeaderValue, validGroupId, 200);
    MockServerConfig.addGroupResponse(identityHeaderValue, unknownGroupId, 404);
    // valid group id
    RequestEmailSubscriptionProperties requestProps = new RequestEmailSubscriptionProperties();
    requestProps.setGroupId(UUID.fromString(validGroupId));
    Response response = given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(200).contentType(JSON).extract().response();
    JsonObject responsePoint = new JsonObject(response.getBody().asString());
    responsePoint.mapTo(Endpoint.class);
    String endpointId = responsePoint.getString("id");
    assertNotNull(endpointId);
    // Same group again yields the same endpoint id
    response = given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(200).contentType(JSON).extract().response();
    responsePoint = new JsonObject(response.getBody().asString());
    responsePoint.mapTo(Endpoint.class);
    assertEquals(endpointId, responsePoint.getString("id"));
    // Invalid group is a bad request (i.e. group does not exist)
    requestProps.setGroupId(UUID.fromString(unknownGroupId));
    given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(400).contentType(JSON).extract().response();
    // Can't specify admin and group - bad request
    requestProps.setGroupId(UUID.fromString(validGroupId));
    requestProps.setOnlyAdmins(true);
    given().header(identityHeader).when().contentType(JSON).body(Json.encode(requestProps)).post("/endpoints/system/email_subscription").then().statusCode(400).contentType(JSON).extract().response();
}
Also used : Response(io.restassured.response.Response) RequestEmailSubscriptionProperties(com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties) Header(io.restassured.http.Header) JsonObject(io.vertx.core.json.JsonObject) Test(org.junit.jupiter.api.Test) QuarkusTest(io.quarkus.test.junit.QuarkusTest) DbIsolatedTest(com.redhat.cloud.notifications.db.DbIsolatedTest) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Aggregations

RequestEmailSubscriptionProperties (com.redhat.cloud.notifications.routers.models.RequestEmailSubscriptionProperties)3 DbIsolatedTest (com.redhat.cloud.notifications.db.DbIsolatedTest)2 EmailSubscriptionProperties (com.redhat.cloud.notifications.models.EmailSubscriptionProperties)2 QuarkusTest (io.quarkus.test.junit.QuarkusTest)2 Header (io.restassured.http.Header)2 Response (io.restassured.response.Response)2 JsonObject (io.vertx.core.json.JsonObject)2 Test (org.junit.jupiter.api.Test)2 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)2 RhIdPrincipal (com.redhat.cloud.notifications.auth.principal.rhid.RhIdPrincipal)1 Endpoint (com.redhat.cloud.notifications.models.Endpoint)1 WebhookProperties (com.redhat.cloud.notifications.models.WebhookProperties)1 HashSet (java.util.HashSet)1 RolesAllowed (javax.annotation.security.RolesAllowed)1 Transactional (javax.transaction.Transactional)1 BadRequestException (javax.ws.rs.BadRequestException)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1 Path (javax.ws.rs.Path)1 Produces (javax.ws.rs.Produces)1