Workaround jwt filter ignoring urlPattern, add graphql associations #907

AtlasOfLivingAustralia · Feb 1, 2024 · 7d64314 · 7d64314
1 parent fc96bbe
commit 7d64314
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 2 deletions.
diff --git a/grails-app/controllers/au/org/ala/ecodata/GraphqlInterceptor.groovy b/grails-app/controllers/au/org/ala/ecodata/GraphqlInterceptor.groovy
@@ -9,7 +9,9 @@ import org.apache.http.HttpStatus
 class GraphqlInterceptor {
 
     GraphqlInterceptor() {
-        match uri: '/ws/graphql/**' // Web services - uses the supplied JWT bearer token to authorize
+        //match uri: '/ws/graphql/**' // Web services - uses the supplied JWT bearer token to authorize.
+        // WS endpoints now use the GraphSQLWsController which decodes the JWT then forwards on.
+
         match uri: '/graphql/**'  // Admin UI - uses the jee session state to authorize
     }
 

diff --git a/grails-app/controllers/au/org/ala/ecodata/GraphqlWsController.groovy b/grails-app/controllers/au/org/ala/ecodata/GraphqlWsController.groovy
@@ -0,0 +1,12 @@
+package au.org.ala.ecodata
+
+@au.ala.org.ws.security.RequireApiKey(scopes=["profile", "email", "openid"])
+/**
+ * This class exists to allow the RequireApiKey annotation to be applied to the path around the GraphQL endpoint
+ * so we can decode the JWT before forwarding the request on.
+ */
+class GraphqlWsController {
+    def index() {
+        forward(uri:'/graphql/index')
+    }
+}
diff --git a/grails-app/controllers/au/org/ala/ecodata/UrlMappings.groovy b/grails-app/controllers/au/org/ala/ecodata/UrlMappings.groovy
@@ -212,7 +212,7 @@ class UrlMappings {
         }
 
         "/ws/graphql" {
-            controller = 'graphql'
+            controller = 'graphqlWs'
         }
 
         "/ws/paratoo/user-projects" {

diff --git a/src/main/groovy/au/org/ala/ecodata/graphql/mappers/ProjectGraphQLMapper.groovy b/src/main/groovy/au/org/ala/ecodata/graphql/mappers/ProjectGraphQLMapper.groovy
@@ -2,6 +2,8 @@ package au.org.ala.ecodata.graphql.mappers
 
 import au.org.ala.ecodata.Activity
 import au.org.ala.ecodata.Document
+import au.org.ala.ecodata.Organisation
+import au.org.ala.ecodata.Program
 import au.org.ala.ecodata.Project
 import au.org.ala.ecodata.ProjectActivity
 import au.org.ala.ecodata.Report
@@ -78,6 +80,18 @@ class ProjectGraphQLMapper {
                 }
             }
 
+            add('program', [Program]) {
+                dataFetcher { Program program ->
+                    Program.findByProgramIdAndStatusNotEqual(project.programId, Status.DELETED)
+                }
+            }
+
+            add('organisation', [Organisation]) {
+                dataFetcher { Organisation organisation ->
+                    Organisation.findByOrganisationIdAndStatusNotEqual(project.organisationId, Status.DELETED)
+                }
+            }
+
             add('sites', [Site]) {
                 dataFetcher { Project project ->
                     Site.findAllByProjectsAndStatusNotEqual(project.projectId, Status.DELETED)