Skip to content

Commit

Permalink
Merge pull request #187 from bci-oss/feature/implement-wildcard-defau…
Browse files Browse the repository at this point in the history
…lt-closed

feat: Visibility of specificAssetId with wildcard and default closed
  • Loading branch information
tunacicek authored Aug 23, 2023
2 parents b26e331 + 78174dc commit f97ee61
Show file tree
Hide file tree
Showing 24 changed files with 739 additions and 198 deletions.
35 changes: 19 additions & 16 deletions INSTALL.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,22 +31,25 @@ By default, authentication is deactivated, please adjust `registry.authenticatio
The Helm Chart can be configured using the following parameters (incomplete list). For a full overview, please see the [values.yaml](./backend/deployment/registry/values.yaml).

### Registry
| Parameter | Description | Default value |
| --- | --- | --- |
| `registry.image` | The image of the Registry | `registry:latest` |
| `registry.host` | This value is used by the `Ingress` object (if enabled) to route traffic. | `minikube` |
| `registry.authentication` | Enables OAuth2 based authentication/authorization. | `false` |
| `registry.idpIssuerUri` | The issuer URI of the OAuth2 identity provider. | `http://localhost:8080/auth/realms/catenax` |
| `registry.dataSource.driverClassName` | The driver class name for the database connection. | `org.postgresql.Driver` |
| `registry.dataSource.url` | The url of the relational database (ignored if `enablePostgres` is set to `true`) | `jdbc:postgresql://database:5432` |
| `registry.dataSource.user` (ignored if `enablePostgres` is set to `true`) | The database user | `user` |
| `registry.dataSource.password` (ignored if `enablePostgres` is set to `true`) | The database password | `org.postgresql.Driver` |
| `registry.ingress.enabled` | Configures if an `Ingress` resource is created. | `true` |
| `registry.ingress.tls` | Configures whether the `Ingress` should include TLS configuration. In that case, a separate `Secret` (as defined by `registry.ingress.tlsSecretName`) needs to be provided manually or by using [cert-manager](https://cert-manager.io/) | `true` |
| `registry.ingress.tlsSecretName` | The `Secret` name that contains a `tls.crt` and `tls.key` entry. Subject Alternative Name must match the `registry.host` | `registry-certificate-secret` |
| `registry.ingress.urlPrefix` | The url prefix that is used by the `Ingress` resource to route traffic | `/semantics/registry` |
| `registry.ingress.className` | The `Ingress` class name | `nginx` |
| `registry.ingress.annotations` | Annotations to further configure the `Ingress` resource, e.g. for using with `cert-manager`. | |
| Parameter | Description | Default value |
| --- |------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------|
| `registry.image` | The image of the Registry | `registry:latest` |
| `registry.host` | This value is used by the `Ingress` object (if enabled) to route traffic. | `minikube` |
| `registry.authentication` | Enables OAuth2 based authentication/authorization. | `false` |
| `registry.idpIssuerUri` | The issuer URI of the OAuth2 identity provider. | `http://localhost:8080/auth/realms/catenax` |
| `registry.dataSource.driverClassName` | The driver class name for the database connection. | `org.postgresql.Driver` |
| `registry.dataSource.url` | The url of the relational database (ignored if `enablePostgres` is set to `true`) | `jdbc:postgresql://database:5432` |
| `registry.dataSource.user` (ignored if `enablePostgres` is set to `true`) | The database user | `user` |
| `registry.dataSource.password` (ignored if `enablePostgres` is set to `true`) | The database password | `org.postgresql.Driver` |
| `registry.ingress.enabled` | Configures if an `Ingress` resource is created. | `true` |
| `registry.ingress.tls` | Configures whether the `Ingress` should include TLS configuration. In that case, a separate `Secret` (as defined by `registry.ingress.tlsSecretName`) needs to be provided manually or by using [cert-manager](https://cert-manager.io/) | `true` |
| `registry.ingress.tlsSecretName` | The `Secret` name that contains a `tls.crt` and `tls.key` entry. Subject Alternative Name must match the `registry.host` | `registry-certificate-secret` |
| `registry.ingress.urlPrefix` | The url prefix that is used by the `Ingress` resource to route traffic | `/semantics/registry` |
| `registry.ingress.className` | The `Ingress` class name | `nginx` |
| `registry.ingress.annotations` | Annotations to further configure the `Ingress` resource, e.g. for using with `cert-manager`. | |
| `registry.tenantId` | TenantId which is the owner of the DTR. | |
| `registry.externalSubjectIdWildcardPrefix` | WildcardPrefix to make a specificAssetId visible for everyone. | `PUBLIC_READABLE` |
| `registry.externalSubjectIdWildcardAllowedTypes` | List of allowed types that can be made visible to everyone. | `manufacturerPartId,assetLifecyclePhase` |

### PostgreSQL
| Parameter | Description | Default value |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@

package org.eclipse.tractusx.semantics;

import java.util.List;

import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.validation.annotation.Validated;
Expand All @@ -35,6 +37,18 @@ public class RegistryProperties {

private final Idm idm = new Idm();

/**
* This wildcard prefix is used to make specificAssetIds public for everyone.
* The default-value "PUBLIC_READABLE" is used by all catenaX participants.
*/
@NotEmpty(message = "externalSubjectIdWildcardPrefix must not be empty")
private String externalSubjectIdWildcardPrefix;

/**
* This wildcard-allowed-types is used to make only specificAssetIds public for defined types.
*/
private List<String> externalSubjectIdWildcardAllowedTypes;

/**
* Properties for Identity Management system
*/
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,8 @@ public ResponseEntity<Void> deleteAllAssetLinksById(byte[] aasIdentifier) {
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
@Override
public ResponseEntity<Void> deleteSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier ) {
shellService.deleteSubmodel(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( null ));
public ResponseEntity<Void> deleteSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier, @RequestHeader String externalSubjectId ) {
shellService.deleteSubmodel(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( externalSubjectId ));
return new ResponseEntity<>(HttpStatus.NO_CONTENT);

}
Expand All @@ -96,7 +96,7 @@ public ResponseEntity<GetAssetAdministrationShellDescriptorsResult> getAllAssetA
@Override
// new todo: correct implementation
public ResponseEntity<GetSubmodelDescriptorsResult> getAllSubmodelDescriptorsThroughSuperpath( byte[] aasIdentifier, Integer limit, String cursor, @RequestHeader String externalSubjectId ) {
Shell savedShell = shellService.findShellByExternalId(getDecodedId( aasIdentifier ),getExternalSubjectIdOrEmpty(externalSubjectId));
Shell savedShell = shellService.findShellByExternalIdAndExternalSubjectId(getDecodedId( aasIdentifier ),getExternalSubjectIdOrEmpty(externalSubjectId));
SubmodelCollectionDto dto = shellService.findAllSubmodel( limit,cursor, savedShell);
GetSubmodelDescriptorsResult result= submodelMapper.toApiDto( dto );
return new ResponseEntity<>(result, HttpStatus.OK);
Expand All @@ -105,13 +105,13 @@ public ResponseEntity<GetSubmodelDescriptorsResult> getAllSubmodelDescriptorsThr
@Override
public ResponseEntity<AssetAdministrationShellDescriptor> getAssetAdministrationShellDescriptorById( byte[] aasIdentifier, @RequestHeader String externalSubjectId ) {
String decodedAasIdentifier = getDecodedId( aasIdentifier );
Shell saved = shellService.findShellByExternalId(decodedAasIdentifier, getExternalSubjectIdOrEmpty(externalSubjectId));
Shell saved = shellService.findShellByExternalIdAndExternalSubjectId(decodedAasIdentifier, getExternalSubjectIdOrEmpty(externalSubjectId));
return new ResponseEntity<>(shellMapper.toApiDto(saved), HttpStatus.OK);
}

@Override
public ResponseEntity<SubmodelDescriptor> getSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier ) {
Submodel submodel = shellService.findSubmodelByExternalId(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( null ));
public ResponseEntity<SubmodelDescriptor> getSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier, @RequestHeader String externalSubjectId ) {
Submodel submodel = shellService.findSubmodelByExternalId(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( externalSubjectId ));
return new ResponseEntity<>(submodelMapper.toApiDto(submodel), HttpStatus.OK);
}

Expand All @@ -125,27 +125,27 @@ public ResponseEntity<AssetAdministrationShellDescriptor> postAssetAdministratio
}

@Override
public ResponseEntity<SubmodelDescriptor> postSubmodelDescriptorThroughSuperpath( byte[] aasIdentifier, SubmodelDescriptor submodelDescriptor ) {
public ResponseEntity<SubmodelDescriptor> postSubmodelDescriptorThroughSuperpath( byte[] aasIdentifier, @RequestHeader String externalSubjectId, SubmodelDescriptor submodelDescriptor ) {
Submodel toBeSaved = submodelMapper.fromApiDto(submodelDescriptor);
toBeSaved.setIdExternal( submodelDescriptor.getId() );
shellService.mapSubmodel( Set.of(toBeSaved) );
Submodel savedSubModel = shellService.save(getDecodedId( aasIdentifier ), toBeSaved, getExternalSubjectIdOrEmpty(null));
Submodel savedSubModel = shellService.save(getDecodedId( aasIdentifier ), toBeSaved, getExternalSubjectIdOrEmpty(externalSubjectId));
return new ResponseEntity<>(submodelMapper.toApiDto(savedSubModel), HttpStatus.CREATED);
}

@Override
public ResponseEntity<Void> putAssetAdministrationShellDescriptorById( byte[] aasIdentifier, AssetAdministrationShellDescriptor assetAdministrationShellDescriptor ) {
public ResponseEntity<Void> putAssetAdministrationShellDescriptorById( byte[] aasIdentifier, AssetAdministrationShellDescriptor assetAdministrationShellDescriptor, @RequestHeader String externalSubjectId ) {
Shell shell = shellMapper.fromApiDto( assetAdministrationShellDescriptor );
Shell shellFromDb = shellService.findShellByExternalId( getDecodedId( aasIdentifier),getExternalSubjectIdOrEmpty(null) );
Shell shellFromDb = shellService.findShellByExternalId( getDecodedId( aasIdentifier),getExternalSubjectIdOrEmpty(externalSubjectId) );
shellService.update( shell.withId( shellFromDb.getId() ).withIdExternal(getDecodedId(aasIdentifier) ),getDecodedId(aasIdentifier));
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}

@Override
public ResponseEntity<Void> putSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier, SubmodelDescriptor submodelDescriptor ) {
shellService.deleteSubmodel(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( null ));
public ResponseEntity<Void> putSubmodelDescriptorByIdThroughSuperpath( byte[] aasIdentifier, byte[] submodelIdentifier, @RequestHeader String externalSubjectId, SubmodelDescriptor submodelDescriptor ) {
shellService.deleteSubmodel(getDecodedId( aasIdentifier ), getDecodedId( submodelIdentifier ),getExternalSubjectIdOrEmpty( externalSubjectId ));
submodelDescriptor.setId( getDecodedId( submodelIdentifier ));
postSubmodelDescriptorThroughSuperpath(aasIdentifier,submodelDescriptor);
postSubmodelDescriptorThroughSuperpath(aasIdentifier,externalSubjectId,submodelDescriptor);
return new ResponseEntity<>( HttpStatus.NO_CONTENT );
}

Expand All @@ -161,14 +161,14 @@ public ResponseEntity<GetAllAssetAdministrationShellIdsByAssetLink200Response> g
}

@Override
public ResponseEntity<List<SpecificAssetId>> getAllAssetLinksById(byte[] aasIdentifier,@RequestHeader String externalSubjectId) {
public ResponseEntity<List<SpecificAssetId>> getAllAssetLinksById(byte[] aasIdentifier,@RequestHeader String externalSubjectId) {
Set<ShellIdentifier> identifiers = shellService.findShellIdentifiersByExternalShellId(getDecodedId( aasIdentifier ),getExternalSubjectIdOrEmpty(externalSubjectId));
return new ResponseEntity<>(shellMapper.toApiDto(identifiers), HttpStatus.OK);
}

@Override
public ResponseEntity<List<SpecificAssetId>> postAllAssetLinksById(byte[] aasIdentifier, List<SpecificAssetId> specificAssetId) {
Set<ShellIdentifier> shellIdentifiers = shellService.save(getDecodedId( aasIdentifier ), shellMapper.fromApiDto(specificAssetId),getExternalSubjectIdOrEmpty( null ));
@Override
public ResponseEntity<List<SpecificAssetId>> postAllAssetLinksById(byte[] aasIdentifier, List<SpecificAssetId> specificAssetId, @RequestHeader String externalSubjectId ) {
Set<ShellIdentifier> shellIdentifiers = shellService.save(getDecodedId( aasIdentifier ), shellMapper.fromApiDto(specificAssetId),getExternalSubjectIdOrEmpty( externalSubjectId ));
List<SpecificAssetId> list = shellMapper.toApiDto(shellIdentifiers);
return new ResponseEntity<>(list, HttpStatus.CREATED);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@
import com.fasterxml.jackson.annotation.ObjectIdGenerators;
import jakarta.persistence.*;
import lombok.*;
import lombok.experimental.FieldNameConstants;

@Entity
@Getter
@Setter
Expand All @@ -40,6 +42,7 @@
@JsonIdentityInfo(
generator = ObjectIdGenerators.PropertyGenerator.class,
property = "id")
@FieldNameConstants
public class Shell {

@Id
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import com.fasterxml.jackson.annotation.ObjectIdGenerators;
import jakarta.persistence.*;
import lombok.*;
import lombok.experimental.FieldNameConstants;

@Entity
@Getter
Expand All @@ -36,6 +37,7 @@
@AllArgsConstructor
@With
@JsonIdentityInfo( generator = ObjectIdGenerators.PropertyGenerator.class, property = "id")
@FieldNameConstants
public class ShellIdentifier {
public static final String GLOBAL_ASSET_ID_KEY = "globalAssetId";

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import com.fasterxml.jackson.annotation.JsonManagedReference;
import jakarta.persistence.*;
import lombok.*;
import lombok.experimental.FieldNameConstants;

@Entity
@Getter
Expand All @@ -33,6 +34,7 @@
@NoArgsConstructor
@AllArgsConstructor
@With
@FieldNameConstants
public class ShellIdentifierExternalSubjectReference {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
import com.fasterxml.jackson.annotation.JsonBackReference;
import jakarta.persistence.*;
import lombok.*;
import lombok.experimental.FieldNameConstants;

@Entity
@Getter
Expand All @@ -31,6 +32,7 @@
@NoArgsConstructor
@AllArgsConstructor
@With
@FieldNameConstants
public class ShellIdentifierExternalSubjectReferenceKey {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
Expand Down
Loading

0 comments on commit f97ee61

Please sign in to comment.