Merge pull request #916 from AtlasOfLivingAustralia/dev

Preparing 4.4

build.gradle

@@ -17,9 +17,10 @@ buildscript {
 plugins {
     id "com.github.node-gradle.node" version "3.4.0"
     id 'jacoco'
+    id "com.gorylenko.gradle-git-properties" version "2.4.1"
 }
 
-version "4.3.2"
+version "4.4-SNAPSHOT"
 group "au.org.ala"
 description "Ecodata"
 
@@ -143,7 +144,7 @@ dependencies {
     // Added due to previous reliance on transitive dependencies from plugins
     implementation 'au.com.bytecode:opencsv:2.4'
     implementation "com.bertramlabs.plugins:asset-pipeline-core:$assetPipelineVersion"
-    implementation 'au.org.ala.plugins:openapi:0.1.0-SNAPSHOT'
+    implementation 'au.org.ala.plugins:openapi:1.2.0-SNAPSHOT'
     implementation "org.hibernate:hibernate-validator:6.2.0.Final"
     testImplementation "org.grails:grails-gorm-testing-support"
     testImplementation "org.grails.plugins:geb"

gradle.properties

@@ -1,4 +1,4 @@
-grailsVersion=5.3.2
+grailsVersion=5.3.5
 grailsGradlePluginVersion=5.3.0
 groovyVersion=3.0.11
 gormVersion=7.3.2

grails-app/conf/application.groovy

@@ -529,7 +529,8 @@ if (!ecodata.use.uuids) {
 
 ecodata.documentation.exampleProjectUrl = 'http://ecodata-test.ala.org.au/ws/activitiesForProject/746cb3f2-1f76-3824-9e80-fa735ae5ff35'
 // Used by ParatooService to sync available protocols
-paratoo.core.baseUrl = 'https://merit-test.core-api.paratoo.tern.org.au'
+paratoo.core.baseUrl = 'https://dev.core-api.monitor.tern.org.au/api'
+paratoo.excludeInterventionProtocols = true
 
 auth.baseUrl = 'https://auth-test.ala.org.au'
 userDetails.web.url = "${auth.baseUrl}/userdetails/"
@@ -682,7 +683,8 @@ environments {
         security.cas.loginUrl="${security.cas.casServerUrlPrefix}/login"
         security.cas.casLoginUrl="${security.cas.casServerUrlPrefix}/login"
 
-        userDetails.url = "${casBaseUrl}/userdetails/"
+        userDetails.web.url = "${casBaseUrl}/userdetails/"
+        userDetails.api.url = "${casBaseUrl}/userdetails/"
         userDetails.admin.url = "${casBaseUrl}/userdetails/ws/admin"
         security.apikey.serviceUrl = "${casBaseUrl}/apikey/ws/check?apikey="
 
@@ -691,6 +693,8 @@ environments {
         // Schedule the audit thread frequently during functional tests to get less indexing errors because
         // the data was cleaned up before the audit ran
         audit.thread.schedule.interval = 500l;
+
+        paratoo.core.baseUrl = "http://localhost:${wiremock.port}/monitor"
     }
     production {
         grails.logging.jul.usebridge = false

grails-app/conf/application.yml

@@ -219,6 +219,7 @@ grails:
         allowedHeaders:
             - Content-Type
             - Authorization
+            - x-authentication
         mappings:
             '[/ws/paratoo/**]':
                 allowedOrigins:

grails-app/conf/org-interface.yml

@@ -286,8 +286,8 @@ paths:
                     time:
                       type: string
                       format: date-time
-                    randNum:
-                      type: integer
+                    uuid:
+                      type: string
             example:
               projectId: 10
               protocol:
@@ -296,7 +296,7 @@ paths:
               surveyId:
                 surveyType: bird-survey
                 time: '2021-10-13T01:16:47.225Z'
-                randNum: 79539331
+                uuid: 'f4465a57-bfa5-4987-89c1-65aa376bf173'
       summary: For creating an identifier which is based off the userId, project ID,
         protocol ID, protocol version, event time, and survey ID
   "/collection":

grails-app/controllers/au/org/ala/ecodata/ApiKeyInterceptor.groovy

@@ -21,7 +21,7 @@ class ApiKeyInterceptor {
 
     public ApiKeyInterceptor() {
         // These controllers use JWT authorization instead
-        matchAll().excludes(controller: 'graphql').excludes(controller: 'paratoo').excludes(controller: 'harvest')
+        matchAll().excludes(controller: 'graphql').excludes(controller: 'paratoo').excludes(controller: 'harvest').excludes(controller:'graphqlWs')
     }
 
     boolean before() {

grails-app/controllers/au/org/ala/ecodata/GraphqlInterceptor.groovy

@@ -9,7 +9,9 @@ import org.apache.http.HttpStatus
 class GraphqlInterceptor {
 
     GraphqlInterceptor() {
-        match uri: '/ws/graphql/**' // Web services - uses the supplied JWT bearer token to authorize
+        //match uri: '/ws/graphql/**' // Web services - uses the supplied JWT bearer token to authorize.
+        // WS endpoints now use the GraphSQLWsController which decodes the JWT then forwards on.
+
         match uri: '/graphql/**'  // Admin UI - uses the jee session state to authorize
     }
 

grails-app/controllers/au/org/ala/ecodata/GraphqlWsController.groovy

@@ -0,0 +1,12 @@
+package au.org.ala.ecodata
+
+@au.ala.org.ws.security.RequireApiKey(scopes=["profile", "email", "openid"])
+/**
+ * This class exists to allow the RequireApiKey annotation to be applied to the path around the GraphQL endpoint
+ * so we can decode the JWT before forwarding the request on.
+ */
+class GraphqlWsController {
+    def index() {
+        forward(uri:'/graphql/index')
+    }
+}

grails-app/controllers/au/org/ala/ecodata/ManagementUnitController.groovy

@@ -1,13 +1,5 @@
 package au.org.ala.ecodata
 
-import au.org.ala.ecodata.reporting.ManagementUnitXlsExporter
-import au.org.ala.ecodata.reporting.XlsExporter
-import org.apache.http.HttpStatus
-
-import java.text.ParseException
-import java.time.Instant
-
-
 @RequireApiKey
 class ManagementUnitController {
 
@@ -98,24 +90,6 @@ class ManagementUnitController {
         respond managementUnitService.managementUnitSiteMap(ids)
     }
 
-
-    /**
-     * startDate and endDate need to be ISO 8601
-     *
-     * Get reports of all management units in a given period
-     */
-    def generateReportsInPeriod(){
-        try{
-            Map message = managementUnitService.generateReportsInPeriods(params.startDate, params.endDate, params.reportDownloadBaseUrl, params.senderEmail, params.systemEmail,params.email,params.getBoolean("summaryFlag", false))
-            respond(message, status:200)
-       }catch ( ParseException e){
-            def message = [message: 'Error: You need to provide startDate and endDate in the format of ISO 8601']
-            respond(message, status:HttpStatus.SC_NOT_ACCEPTABLE)
-       }catch(Exception e){
-            def message = [message: 'Fatal: ' + e.message]
-            respond(message, status:HttpStatus.SC_NOT_ACCEPTABLE)
-        }
-    }
     /**
      * Get financial years of managment unit reports cover
      * @return

grails-app/controllers/au/org/ala/ecodata/OrganisationController.groovy

@@ -3,12 +3,11 @@ package au.org.ala.ecodata
 import grails.converters.JSON
 
 import static au.org.ala.ecodata.ElasticIndex.DEFAULT_INDEX
-
 /**
  * Exposes web services to perform CRUD operations on an organisation.
  */
 class OrganisationController {
-
+    static responseFormats = ['json', 'xml']
     OrganisationService organisationService
     ElasticSearchService elasticSearchService
 
@@ -101,7 +100,6 @@ class OrganisationController {
         }
     }
 
-
     private Map buildParams(Map params) {
 
         Map values = [:]