maintenance: Refactor getPrincipal method logic into common class (#2718

) * maintenance: Refactor getPrincipal method logic into common class Signed-off-by: khatibtamal <[email protected]> * default auth made un authorized in AclSycnControllerServiceTest Signed-off-by: khatibtamal <[email protected]> * applied mvn spotless Signed-off-by: khatibtamal <[email protected]> --------- Signed-off-by: khatibtamal <[email protected]>
Aiven-Open · Dec 9, 2024 · 4689128 · 4689128
1 parent 913d1c5
commit 4689128
Show file tree

Hide file tree

Showing 35 changed files with 506 additions and 629 deletions.
diff --git a/core/src/main/java/io/aiven/klaw/service/AclControllerService.java b/core/src/main/java/io/aiven/klaw/service/AclControllerService.java
@@ -60,7 +60,6 @@
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 
 @Service
@@ -100,7 +99,7 @@ public ApiResponse createAcl(AclRequestsModel aclRequestsModel) throws KlawExcep
     aclRequestsModel.setRequestingteam(commonUtilsService.getTeamId(currentUserName));
 
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.REQUEST_CREATE_SUBSCRIPTIONS)) {
+        commonUtilsService.getPrincipal(), PermissionType.REQUEST_CREATE_SUBSCRIPTIONS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -454,7 +453,7 @@ public List<AclRequestsResponseModel> getAclRequestsForApprover(
 
     // get requests relevant to your teams or all teams
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.APPROVE_ALL_REQUESTS_TEAMS)) {
+        commonUtilsService.getPrincipal(), PermissionType.APPROVE_ALL_REQUESTS_TEAMS)) {
       createdAclReqs =
           manageDatabase
               .getHandleDbRequests()
@@ -521,7 +520,7 @@ private List<AclRequestsResponseModel> updateCreatAclReqsList(
   public ApiResponse deleteAclRequests(String req_no) throws KlawException {
     try {
       if (commonUtilsService.isNotAuthorizedUser(
-          getPrincipal(), PermissionType.REQUEST_CREATE_SUBSCRIPTIONS)) {
+          commonUtilsService.getPrincipal(), PermissionType.REQUEST_CREATE_SUBSCRIPTIONS)) {
         return ApiResponse.NOT_AUTHORIZED;
       }
       String userName = getCurrentUserName();
@@ -544,7 +543,7 @@ public ApiResponse claimAcl(int aclId) throws KlawException {
     log.info("claimAcl {}", aclId);
 
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.REQUEST_CREATE_SUBSCRIPTIONS)) {
+        commonUtilsService.getPrincipal(), PermissionType.REQUEST_CREATE_SUBSCRIPTIONS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -619,7 +618,7 @@ public ApiResponse createDeleteAclSubscriptionRequest(String req_no) throws Klaw
     log.info("createDeleteAclSubscriptionRequest {}", req_no);
     final String userName = getCurrentUserName();
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.REQUEST_DELETE_SUBSCRIPTIONS)) {
+        commonUtilsService.getPrincipal(), PermissionType.REQUEST_DELETE_SUBSCRIPTIONS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -677,7 +676,7 @@ public ApiResponse approveAclRequests(String req_no)
     final String userDetails = getCurrentUserName();
     int tenantId = commonUtilsService.getTenantId(userDetails);
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.APPROVE_SUBSCRIPTIONS)) {
+        commonUtilsService.getPrincipal(), PermissionType.APPROVE_SUBSCRIPTIONS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -1033,7 +1032,7 @@ public ApiResponse declineAclRequests(String req_no, String reasonToDecline)
 
     String userDetails = getCurrentUserName();
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.APPROVE_SUBSCRIPTIONS)) {
+        commonUtilsService.getPrincipal(), PermissionType.APPROVE_SUBSCRIPTIONS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -1111,10 +1110,6 @@ public List<OffsetDetails> getConsumerOffsets(
     return consumerOffsetInfoList;
   }
 
-  private Object getPrincipal() {
-    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
-  }
-
   public ServiceAccountDetails getAivenServiceAccountDetails(
       String envId, String topicName, String serviceAccount, String aclReqNo) {
     String loggedInUser = getCurrentUserName();

diff --git a/core/src/main/java/io/aiven/klaw/service/AclSyncControllerService.java b/core/src/main/java/io/aiven/klaw/service/AclSyncControllerService.java
@@ -43,7 +43,6 @@
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 
 @Service
@@ -82,7 +81,8 @@ public ApiResponse updateSyncAcls(List<SyncAclUpdates> syncAclUpdates) throws Kl
     String userName = getUserName();
     int tenantId = commonUtilsService.getTenantId(userName);
 
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.SYNC_SUBSCRIPTIONS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.SYNC_SUBSCRIPTIONS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -179,7 +179,7 @@ public ApiResponse updateSyncBackAcls(SyncBackAcls syncBackAcls) throws KlawExce
     logArray.add("Type of Sync " + syncBackAcls.getTypeOfSync());
 
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.SYNC_BACK_SUBSCRIPTIONS)) {
+        commonUtilsService.getPrincipal(), PermissionType.SYNC_BACK_SUBSCRIPTIONS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -395,7 +395,8 @@ public List<AclInfo> getSyncAcls(
       topicNameSearch = topicNameSearch.trim();
     }
 
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.SYNC_SUBSCRIPTIONS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.SYNC_SUBSCRIPTIONS)) {
       return null;
     }
 
@@ -440,7 +441,7 @@ public List<AclInfo> getSyncBackAcls(
 
     int tenantId = commonUtilsService.getTenantId(userName);
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.SYNC_BACK_SUBSCRIPTIONS)) {
+        commonUtilsService.getPrincipal(), PermissionType.SYNC_BACK_SUBSCRIPTIONS)) {
       return null;
     }
 
@@ -698,7 +699,7 @@ private boolean verifyIfTopicExists(
 
   private List<String> tenantFiltering(List<String> teamList) {
     if (!commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(),
+        commonUtilsService.getPrincipal(),
         Set.of(
             PermissionType.SYNC_BACK_SUBSCRIPTIONS,
             PermissionType.SYNC_TOPICS,
@@ -726,7 +727,7 @@ private int counterIncrement() {
   }
 
   private String getUserName() {
-    return mailService.getUserName(getPrincipal());
+    return mailService.getUserName(commonUtilsService.getPrincipal());
   }
 
   public Env getEnvDetails(String envId, int tenantId) {
@@ -737,8 +738,4 @@ public Env getEnvDetails(String envId, int tenantId) {
             .findFirst();
     return envFound.orElse(null);
   }
-
-  private Object getPrincipal() {
-    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
-  }
 }
diff --git a/core/src/main/java/io/aiven/klaw/service/AnalyticsControllerService.java b/core/src/main/java/io/aiven/klaw/service/AnalyticsControllerService.java
@@ -36,7 +36,6 @@
 import org.apache.poi.xssf.usermodel.XSSFSheet;
 import org.apache.poi.xssf.usermodel.XSSFWorkbook;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 
 @Service
@@ -343,7 +342,8 @@ public List<TeamOverview> getTeamsOverview(String forTeam, int numberOfDays) {
     final String currentUserName = getCurrentUserName();
     Integer userTeamId = commonUtilsService.getTeamId(currentUserName);
 
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.ALL_TEAMS_REPORTS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.ALL_TEAMS_REPORTS)) {
       int tenantId = commonUtilsService.getTenantId(currentUserName);
 
       teamOverview.setProducerAclsPerTeamsOverview(
@@ -593,7 +593,8 @@ private Map<String, List<String>> getTopicNames(int tenantId) {
     final Set<String> allowedEnvIdSet = commonUtilsService.getEnvsFromUserId(getCurrentUserName());
 
     Map<String, List<String>> topicsPerEnv = new HashMap<>();
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.ALL_TEAMS_REPORTS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.ALL_TEAMS_REPORTS)) {
       // normal user
       Integer userTeamId = commonUtilsService.getTeamId(getCurrentUserName());
       List<Topic> topics =
@@ -630,7 +631,8 @@ private Map<String, List<String>> getConsumerGroups(int tenantId) {
     final Set<String> allowedEnvIdSet = commonUtilsService.getEnvsFromUserId(getCurrentUserName());
 
     Map<String, List<String>> aclsPerEnv = new HashMap<>();
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.ALL_TEAMS_REPORTS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.ALL_TEAMS_REPORTS)) {
       // normal user
       Integer userTeamId = commonUtilsService.getTeamId(getCurrentUserName());
       List<Acl> acls =
@@ -665,8 +667,4 @@ private Map<String, List<String>> getConsumerGroups(int tenantId) {
 
     return aclsPerEnv;
   }
-
-  private Object getPrincipal() {
-    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
-  }
 }
diff --git a/core/src/main/java/io/aiven/klaw/service/BaseOverviewService.java b/core/src/main/java/io/aiven/klaw/service/BaseOverviewService.java
@@ -31,7 +31,6 @@
 import java.util.stream.Collectors;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 
 @Slf4j
@@ -333,11 +332,7 @@ protected void generatePromotionDetails(
   }
 
   protected String getUserName() {
-    return mailService.getUserName(getPrincipal());
-  }
-
-  protected Object getPrincipal() {
-    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+    return mailService.getUserName(commonUtilsService.getPrincipal());
   }
 
   protected Env getEnvDetails(String envId, int tenantId) {

diff --git a/core/src/main/java/io/aiven/klaw/service/EnvsClustersTenantsControllerService.java b/core/src/main/java/io/aiven/klaw/service/EnvsClustersTenantsControllerService.java
@@ -107,7 +107,7 @@ public void setServices(ClusterApiService clusterApiService, MailUtils mailServi
   }
 
   private boolean isAuthorizedFor(PermissionType type) {
-    return !commonUtilsService.isNotAuthorizedUser(getPrincipal(), type);
+    return !commonUtilsService.isNotAuthorizedUser(commonUtilsService.getPrincipal(), type);
   }
 
   public synchronized EnvModelResponse getEnvDetails(String envSelected, String clusterType) {
@@ -392,7 +392,8 @@ public List<EnvModelResponse> getKafkaConnectEnvs() {
     int tenantId = getUserDetails(userName).getTenantId();
     List<Env> listEnvs = manageDatabase.getKafkaConnectEnvList(tenantId);
 
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), ADD_EDIT_DELETE_ENVS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), ADD_EDIT_DELETE_ENVS)) {
       final Set<String> allowedEnvIdSet = commonUtilsService.getEnvsFromUserId(userName);
       listEnvs =
           listEnvs.stream().filter(env -> allowedEnvIdSet.contains(env.getId())).collect(toList());
@@ -730,7 +731,7 @@ private void associateWithKafkaEnv(EnvTag envTag, String envId, String envName,
   }
 
   private String getUserName() {
-    return mailService.getUserName(getPrincipal());
+    return mailService.getUserName(commonUtilsService.getPrincipal());
   }
 
   private Boolean isUserSuperAdmin() {
@@ -858,10 +859,6 @@ public KwTenantModel getMyTenantInfo() {
     return kwTenantModel;
   }
 
-  private Object getPrincipal() {
-    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
-  }
-
   public ApiResponse deleteTenant() throws KlawException {
     if (!isAuthorizedFor(UPDATE_DELETE_MY_TENANT)) {
       return ApiResponse.NOT_AUTHORIZED;
@@ -907,7 +904,7 @@ public ApiResponse deleteTenant() throws KlawException {
 
   public ApiResponse updateTenant(KwTenantModel kwTenantModel) throws KlawException {
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.UPDATE_DELETE_MY_TENANT)) {
+        commonUtilsService.getPrincipal(), PermissionType.UPDATE_DELETE_MY_TENANT)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 

diff --git a/core/src/main/java/io/aiven/klaw/service/KafkaConnectControllerService.java b/core/src/main/java/io/aiven/klaw/service/KafkaConnectControllerService.java
@@ -72,7 +72,6 @@
 import org.jasypt.util.text.BasicTextEncryptor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 import org.springframework.web.client.HttpClientErrorException;
 import org.springframework.web.client.HttpServerErrorException;
@@ -111,7 +110,7 @@ public ApiResponse createConnectorRequest(KafkaConnectorRequestModel connectorRe
     String userName = getUserName();
 
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.REQUEST_CREATE_CONNECTORS)) {
+        commonUtilsService.getPrincipal(), PermissionType.REQUEST_CREATE_CONNECTORS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -504,7 +503,7 @@ public ApiResponse restartConnector(KafkaConnectorRestartModel kafkaConnectorRes
     int tenantId = commonUtilsService.getTenantId(getUserName());
     try {
       if (commonUtilsService.isNotAuthorizedUser(
-          getPrincipal(), PermissionType.MANAGE_CONNECTORS)) {
+          commonUtilsService.getPrincipal(), PermissionType.MANAGE_CONNECTORS)) {
         return ApiResponse.NOT_AUTHORIZED;
       }
       return clusterApiService.restartConnector(kafkaConnectorRestartModel, tenantId);
@@ -528,7 +527,7 @@ public List<KafkaConnectorRequestsResponseModel> getCreatedConnectorRequests(
 
     // get requests relevant to your teams or all teams
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.APPROVE_ALL_REQUESTS_TEAMS))
+        commonUtilsService.getPrincipal(), PermissionType.APPROVE_ALL_REQUESTS_TEAMS))
       createdTopicReqList =
           manageDatabase
               .getHandleDbRequests()
@@ -637,7 +636,8 @@ public ApiResponse approveConnectorRequests(String connectorId)
     String userDetails = getUserName();
     int tenantId = commonUtilsService.getTenantId(getUserName());
 
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.APPROVE_CONNECTORS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.APPROVE_CONNECTORS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -788,7 +788,8 @@ public ApiResponse declineConnectorRequests(String connectorId, String reasonFor
       throws KlawException {
     log.info("declineConnectorRequests {} {}", connectorId, reasonForDecline);
     String userDetails = getUserName();
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.APPROVE_CONNECTORS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.APPROVE_CONNECTORS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -837,7 +838,7 @@ public ApiResponse createConnectorDeleteRequest(String connectorName, String env
     String userDetails = getUserName();
 
     if (commonUtilsService.isNotAuthorizedUser(
-        getPrincipal(), PermissionType.REQUEST_DELETE_CONNECTORS)) {
+        commonUtilsService.getPrincipal(), PermissionType.REQUEST_DELETE_CONNECTORS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -1553,11 +1554,7 @@ private List<KwKafkaConnector> getFilteredConnectorsForTenant(
   }
 
   private String getUserName() {
-    return mailService.getUserName(getPrincipal());
-  }
-
-  private Object getPrincipal() {
-    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+    return mailService.getUserName(commonUtilsService.getPrincipal());
   }
 
   public Env getKafkaConnectEnvDetails(String envId) {

diff --git a/core/src/main/java/io/aiven/klaw/service/KafkaConnectSyncControllerService.java b/core/src/main/java/io/aiven/klaw/service/KafkaConnectSyncControllerService.java
@@ -34,7 +34,6 @@
 import java.util.stream.Collectors;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 
 @Service
@@ -81,7 +80,8 @@ public ApiResponse updateSyncConnectors(List<SyncConnectorUpdates> updatedSyncTo
     log.info("updateSyncConnectors {}", updatedSyncTopics);
     String userName = getUserName();
 
-    if (commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.SYNC_CONNECTORS)) {
+    if (commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.SYNC_CONNECTORS)) {
       return ApiResponse.NOT_AUTHORIZED;
     }
 
@@ -477,7 +477,8 @@ private List<KafkaConnectorModelResponse> getSyncConnectorsList(
   }
 
   private List<String> tenantFilterTeams(List<String> teamList) {
-    if (!commonUtilsService.isNotAuthorizedUser(getPrincipal(), PermissionType.SYNC_CONNECTORS)) {
+    if (!commonUtilsService.isNotAuthorizedUser(
+        commonUtilsService.getPrincipal(), PermissionType.SYNC_CONNECTORS)) {
       // tenant filtering
       int tenantId = commonUtilsService.getTenantId(getUserName());
       List<Team> teams = manageDatabase.getHandleDbRequests().getAllTeams(tenantId);
@@ -492,11 +493,7 @@ private List<String> tenantFilterTeams(List<String> teamList) {
   }
 
   private String getUserName() {
-    return mailService.getUserName(getPrincipal());
-  }
-
-  private Object getPrincipal() {
-    return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+    return mailService.getUserName(commonUtilsService.getPrincipal());
   }
 
   public Env getKafkaConnectorEnvDetails(String envId) {