SEBSLI-9 code clean-up and improvements

This commit is contained in:
Nadim Ritter 2024-03-26 16:39:33 +01:00
parent a1660de341
commit 0b00724b26
7 changed files with 48 additions and 37 deletions

View file

@ -102,6 +102,8 @@ public final class Constants {
public static final String DEFAULT_DATE_FORMAT = "yyyy-MM-dd"; public static final String DEFAULT_DATE_FORMAT = "yyyy-MM-dd";
public static final String DEFAULT_TIME_FORMAT = "HH:mm:ss"; public static final String DEFAULT_TIME_FORMAT = "HH:mm:ss";
public static final Long LIGHT_ADMIN_USER_ID = 1L;
public static final DateTimeFormatter STANDARD_DATE_TIME_MILLIS_FORMATTER = DateTimeFormat public static final DateTimeFormatter STANDARD_DATE_TIME_MILLIS_FORMATTER = DateTimeFormat
.forPattern(DEFAULT_DATE_TIME_MILLIS_FORMAT) .forPattern(DEFAULT_DATE_TIME_MILLIS_FORMAT)
.withZoneUTC(); .withZoneUTC();

View file

@ -12,6 +12,7 @@ import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.EnumSet; import java.util.EnumSet;
import java.util.List; import java.util.List;
import java.util.stream.Collectors;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
@ -61,11 +62,9 @@ public enum UserRole implements Entity, GrantedAuthority {
} }
public static List<String> getNamesForAllRoles(){ public static List<String> getNamesForAllRoles(){
return List.of( return Arrays.stream(UserRole.values())
SEB_SERVER_ADMIN.getName(), .map(UserRole::getName)
INSTITUTIONAL_ADMIN.getName(), .toList();
EXAM_ADMIN.getName(),
EXAM_SUPPORTER.getName());
} }
} }

View file

@ -14,6 +14,7 @@ import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import ch.ethz.seb.sebserver.gbl.Constants;
import ch.ethz.seb.sebserver.gbl.api.EntityType; import ch.ethz.seb.sebserver.gbl.api.EntityType;
import ch.ethz.seb.sebserver.gbl.model.Domain; import ch.ethz.seb.sebserver.gbl.model.Domain;
import ch.ethz.seb.sebserver.webservice.servicelayer.dao.AdditionalAttributesDAO; import ch.ethz.seb.sebserver.webservice.servicelayer.dao.AdditionalAttributesDAO;
@ -151,7 +152,9 @@ class AdminUserInitializer {
.flatMap(account -> this.userDAO.setActive(account, true)) .flatMap(account -> this.userDAO.setActive(account, true))
.map(account -> { .map(account -> {
printAdminCredentials(this.adminName, generateAdminPassword); printAdminCredentials(this.adminName, generateAdminPassword);
if(this.webserviceInfo.isLightSetup()) writeInitialAdminCredentialsIntoDB(this.adminName, generateAdminPassword); if(this.webserviceInfo.isLightSetup()) {
writeInitialAdminCredentialsIntoDB(this.adminName, generateAdminPassword);
}
return account; return account;
}) })
.getOrThrow(); .getOrThrow();
@ -179,7 +182,7 @@ class AdminUserInitializer {
} }
private void writeInitialAdminCredentialsIntoDB(final String name, final CharSequence pwd){ private void writeInitialAdminCredentialsIntoDB(final String name, final CharSequence pwd){
Result.tryCatch(() -> { try {
final Map<String, String> attributes = new HashMap<>(); final Map<String, String> attributes = new HashMap<>();
attributes.put( attributes.put(
Domain.USER.ATTR_USERNAME, Domain.USER.ATTR_USERNAME,
@ -188,11 +191,11 @@ class AdminUserInitializer {
Domain.USER.ATTR_PASSWORD, Domain.USER.ATTR_PASSWORD,
String.valueOf(pwd)); String.valueOf(pwd));
this.additionalAttributesDAO.saveAdditionalAttributes( this.additionalAttributesDAO.saveAdditionalAttributes(EntityType.USER, Constants.LIGHT_ADMIN_USER_ID, attributes);
EntityType.USER,
2L, } catch (final Exception e) {
attributes); log.error("Unable to write initial admin credentials into the additional attributes table: ", e);
}); }
} }
private CharSequence generateAdminPassword() { private CharSequence generateAdminPassword() {

View file

@ -653,16 +653,20 @@ public class SEBClientConnectionServiceImpl implements SEBClientConnectionServic
response.setStatus(HttpStatus.OK.value()); response.setStatus(HttpStatus.OK.value());
outputStream.flush();
}catch(Exception e){ }catch(Exception e){
final APIMessage errorMessage = APIMessage.ErrorMessage.GENERIC.of(e.getMessage()); final APIMessage errorMessage = APIMessage.ErrorMessage.GENERIC.of(e.getMessage());
outputStream.write(Utils.toByteArray(this.jsonMapper.writeValueAsString(errorMessage))); outputStream.write(Utils.toByteArray(this.jsonMapper.writeValueAsString(errorMessage)));
response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
} finally { } finally {
outputStream.flush();
outputStream.close(); try {
outputStream.flush();
outputStream.close();
} catch (IOException e) {
log.error("error while flushing / closing output stream", e);
}
} }
} }

View file

@ -8,6 +8,7 @@
package ch.ethz.seb.sebserver.webservice.weblayer.api; package ch.ethz.seb.sebserver.webservice.weblayer.api;
import ch.ethz.seb.sebserver.gbl.Constants;
import ch.ethz.seb.sebserver.gbl.api.API; import ch.ethz.seb.sebserver.gbl.api.API;
import ch.ethz.seb.sebserver.gbl.api.EntityType; import ch.ethz.seb.sebserver.gbl.api.EntityType;
import ch.ethz.seb.sebserver.gbl.async.AsyncServiceSpringConfig; import ch.ethz.seb.sebserver.gbl.async.AsyncServiceSpringConfig;
@ -55,8 +56,6 @@ public class LightController {
this.executor = executor; this.executor = executor;
} }
//this.examAPI_V1_Endpoint + API.EXAM_API_CONFIGURATION_LIGHT_ENDPOINT
//http://localhost:8080/exam-api/discovery/light-config
@RequestMapping( @RequestMapping(
path = API.EXAM_API_CONFIGURATION_LIGHT_ENDPOINT, path = API.EXAM_API_CONFIGURATION_LIGHT_ENDPOINT,
method = RequestMethod.GET, method = RequestMethod.GET,
@ -65,14 +64,10 @@ public class LightController {
final HttpServletRequest request, final HttpServletRequest request,
final HttpServletResponse response){ final HttpServletResponse response){
//temp solution: get first active seb client config we can get -->
//in a light setup there should be only one setup so this step is not necessary and we can just use the first and only item in the db
String modelId = getSebClientConfigId();
return CompletableFuture.runAsync( return CompletableFuture.runAsync(
() -> { () -> {
try { try {
this.sebClientConnectionService.streamLightExamConfig(modelId, response); this.sebClientConnectionService.streamLightExamConfig("1", response);
} catch (IOException e) { } catch (IOException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} }
@ -91,11 +86,11 @@ public class LightController {
final HttpServletResponse response){ final HttpServletResponse response){
try { try {
final String username = this.additionalAttributesDAO.getAdditionalAttribute(EntityType.USER, 2L, Domain.USER.ATTR_USERNAME) final String username = this.additionalAttributesDAO.getAdditionalAttribute(EntityType.USER, Constants.LIGHT_ADMIN_USER_ID, Domain.USER.ATTR_USERNAME)
.getOrThrow() .getOrThrow()
.getValue(); .getValue();
final String password = this.additionalAttributesDAO.getAdditionalAttribute(EntityType.USER, 2L, Domain.USER.ATTR_PASSWORD) final String password = this.additionalAttributesDAO.getAdditionalAttribute(EntityType.USER, Constants.LIGHT_ADMIN_USER_ID, Domain.USER.ATTR_PASSWORD)
.getOrThrow() .getOrThrow()
.getValue(); .getValue();

View file

@ -9,6 +9,7 @@
package ch.ethz.seb.sebserver.webservice.weblayer.api; package ch.ethz.seb.sebserver.webservice.weblayer.api;
import ch.ethz.seb.sebserver.WebSecurityConfig; import ch.ethz.seb.sebserver.WebSecurityConfig;
import ch.ethz.seb.sebserver.gbl.Constants;
import ch.ethz.seb.sebserver.gbl.api.API; import ch.ethz.seb.sebserver.gbl.api.API;
import ch.ethz.seb.sebserver.gbl.api.APIMessage; import ch.ethz.seb.sebserver.gbl.api.APIMessage;
import ch.ethz.seb.sebserver.gbl.api.APIMessage.APIMessageException; import ch.ethz.seb.sebserver.gbl.api.APIMessage.APIMessageException;
@ -42,6 +43,8 @@ import ch.ethz.seb.sebserver.webservice.servicelayer.session.ScreenProctoringSer
import ch.ethz.seb.sebserver.webservice.servicelayer.validation.BeanValidationService; import ch.ethz.seb.sebserver.webservice.servicelayer.validation.BeanValidationService;
import ch.ethz.seb.sebserver.webservice.weblayer.oauth.RevokeTokenEndpoint; import ch.ethz.seb.sebserver.webservice.weblayer.oauth.RevokeTokenEndpoint;
import org.mybatis.dynamic.sql.SqlTable; import org.mybatis.dynamic.sql.SqlTable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.ApplicationEventPublisher; import org.springframework.context.ApplicationEventPublisher;
import org.springframework.http.MediaType; import org.springframework.http.MediaType;
@ -64,6 +67,8 @@ import java.util.List;
@RequestMapping("${sebserver.webservice.api.admin.endpoint}" + API.USER_ACCOUNT_ENDPOINT) @RequestMapping("${sebserver.webservice.api.admin.endpoint}" + API.USER_ACCOUNT_ENDPOINT)
public class UserAccountController extends ActivatableEntityController<UserInfo, UserMod> { public class UserAccountController extends ActivatableEntityController<UserInfo, UserMod> {
private static final Logger log = LoggerFactory.getLogger(UserAccountController.class);
private final ApplicationEventPublisher applicationEventPublisher; private final ApplicationEventPublisher applicationEventPublisher;
private final UserDAO userDAO; private final UserDAO userDAO;
private final PasswordEncoder userPasswordEncoder; private final PasswordEncoder userPasswordEncoder;
@ -201,12 +206,7 @@ public class UserAccountController extends ActivatableEntityController<UserInfo,
.flatMap(this::revokeAccessToken) .flatMap(this::revokeAccessToken)
.flatMap(e -> this.userActivityLogDAO.log(UserLogActivityType.PASSWORD_CHANGE, e)) .flatMap(e -> this.userActivityLogDAO.log(UserLogActivityType.PASSWORD_CHANGE, e))
.map(this::synchronizeUserWithSPS) .map(this::synchronizeUserWithSPS)
.map(userInfo -> { .map(this::removeInitialAdminPasswordFromDB)
if(this.webserviceInfo.isLightSetup()){
return removeInitialAdminPasswordFromDB(userInfo);
}
return userInfo;
})
.getOrThrow(); .getOrThrow();
} }
@ -314,10 +314,18 @@ public class UserAccountController extends ActivatableEntityController<UserInfo,
} }
private UserInfo removeInitialAdminPasswordFromDB(final UserInfo userInfo){ private UserInfo removeInitialAdminPasswordFromDB(final UserInfo userInfo){
Result.tryCatch(() -> { if(!this.webserviceInfo.isLightSetup()){
this.additionalAttributesDAO.delete(EntityType.USER, 2L, Domain.USER.ATTR_USERNAME); return userInfo;
this.additionalAttributesDAO.delete(EntityType.USER, 2L, Domain.USER.ATTR_PASSWORD); }
});
try{
this.additionalAttributesDAO.delete(EntityType.USER, Constants.LIGHT_ADMIN_USER_ID, Domain.USER.ATTR_USERNAME);
this.additionalAttributesDAO.delete(EntityType.USER, Constants.LIGHT_ADMIN_USER_ID, Domain.USER.ATTR_PASSWORD);
}catch(final Exception e){
log.error("Unable to delete initial admin credentials from the additional attributes table: ", e);
}
return userInfo; return userInfo;
} }

View file

@ -27,7 +27,7 @@ sebserver.init.database.integrity.try-fix=true
# webservice setup configuration # webservice setup configuration
sebserver.init.adminaccount.gen-on-init=false sebserver.init.adminaccount.gen-on-init=false
sebserver.webservice.light.setup=false sebserver.webservice.light.setup=true
sebserver.webservice.distributed=false sebserver.webservice.distributed=false
#sebserver.webservice.master.delay.threshold=10000 #sebserver.webservice.master.delay.threshold=10000
sebserver.webservice.http.external.scheme=http sebserver.webservice.http.external.scheme=http