Merge branch 'develop' into feature/3336

Signed-off-by: Stepan Kiryakov <[email protected]> # Conflicts: # common/src/database-modules/database-server.ts # guardian-service/src/app.ts
hashgraph · Oct 9, 2024 · 71266f2 · 71266f2
2 parents f93b1ef + 3711535
commit 71266f2
Show file tree

Hide file tree

Showing 41 changed files with 435 additions and 117 deletions.
diff --git a/api-gateway/src/api/service/schema.ts b/api-gateway/src/api/service/schema.ts
@@ -1,12 +1,12 @@
 import { ISchema, Permissions, SchemaCategory, SchemaEntity, SchemaHelper, SchemaStatus, StatusType, TaskAction } from '@guardian/interfaces';
 import { IAuthUser, PinoLogger, RunFunctionAsync, SchemaImportExport } from '@guardian/common';
-import { ApiParam, ApiQuery, ApiBody, ApiExtraModels, ApiInternalServerErrorResponse, ApiOkResponse, ApiOperation, ApiTags } from '@nestjs/swagger';
+import { ApiBody, ApiExtraModels, ApiInternalServerErrorResponse, ApiOkResponse, ApiOperation, ApiParam, ApiQuery, ApiTags } from '@nestjs/swagger';
 import { Body, Controller, Delete, Get, HttpCode, HttpException, HttpStatus, Param, Post, Put, Query, Req, Response, Version } from '@nestjs/common';
-import { AuthUser, Auth } from '#auth';
+import { Auth, AuthUser } from '#auth';
 import { Client, ClientProxy, Transport } from '@nestjs/microservices';
-import { ExportSchemaDTO, InternalServerErrorDTO, MessageSchemaDTO, SchemaDTO, SystemSchemaDTO, TaskDTO, VersionSchemaDTO, Examples, pageHeader } from '#middlewares';
+import { Examples, ExportSchemaDTO, InternalServerErrorDTO, MessageSchemaDTO, pageHeader, SchemaDTO, SystemSchemaDTO, TaskDTO, VersionSchemaDTO } from '#middlewares';
 import { CACHE, PREFIXES, SCHEMA_REQUIRED_PROPS } from '#constants';
-import { Guardians, TaskManager, ServiceError, SchemaUtils, UseCache, ONLY_SR, InternalException, EntityOwner, CacheService, getCacheKey } from '#helpers';
+import { CacheService, EntityOwner, getCacheKey, Guardians, InternalException, ONLY_SR, SchemaUtils, ServiceError, TaskManager, UseCache } from '#helpers';
 import process from 'process';
 
 @Controller('schema')
@@ -572,6 +572,64 @@ export class SchemaApi {
  }
  }
 
+ /**
+ * Get schema by type
+ */
+ @Get('/type-by-user/:schemaType')
+ @Auth()
+ @ApiOperation({
+ summary: 'Finds the schema using the json document type.',
+ description: 'Finds the schema using the json document type.',
+ })
+ @ApiParam({
+ name: 'schemaType',
+ type: String,
+ description: 'Type',
+ required: true
+ })
+ @ApiOkResponse({
+ description: 'Successful operation.',
+ type: SchemaDTO
+ })
+ @ApiInternalServerErrorResponse({
+ description: 'Internal server error.',
+ type: InternalServerErrorDTO
+ })
+ @ApiExtraModels(SchemaDTO, InternalServerErrorDTO)
+ @HttpCode(HttpStatus.OK)
+ async getSchemaByTypeAndUser(
+ @AuthUser() user: IAuthUser,
+ @Param('schemaType') schemaType: string
+ ): Promise<SchemaDTO> {
+ let schema: ISchema;
+ try {
+ const guardians = new Guardians();
+ const owner = new EntityOwner(user);
+ schema = await guardians.getSchemaByType(schemaType, user.did);
+ if (!schema) {
+ throw new HttpException(`Schema not found: ${schemaType}`, HttpStatus.NOT_FOUND);
+ }
+ if (schema.system && !schema.active && schema.owner !== owner.username && schema.owner !== owner.creator) {
+ throw new HttpException(`Schema not found: ${schemaType}`, HttpStatus.NOT_FOUND);
+ }
+ if (!schema.system && schema.status !== SchemaStatus.PUBLISHED && schema.owner !== owner.owner) {
+ throw new HttpException(`Schema not found: ${schemaType}`, HttpStatus.NOT_FOUND);
+ }
+ return {
+ uuid: schema.uuid,
+ iri: schema.iri,
+ name: schema.name,
+ version: schema.version,
+ document: schema.document,
+ documentURL: schema.documentURL,
+ context: schema.context,
+ contextURL: schema.contextURL,
+ };
+ } catch (error) {
+ await InternalException(error, this.logger);
+ }
+ }
+
  /**
  * Get all schemas
  */

diff --git a/api-gateway/src/app.module.ts b/api-gateway/src/app.module.ts
@@ -27,7 +27,7 @@ import { ThemesApi } from './api/service/themes.js';
 import { BrandingApi } from './api/service/branding.js';
 import { SuggestionsApi } from './api/service/suggestions.js';
 import { MatchConstraint } from './helpers/decorators/match.validator.js';
-import { NotificationService } from '@guardian/common';
+import { GenerateTLSOptionsNats, NotificationService } from '@guardian/common';
 import { NotificationsApi } from './api/service/notifications.js';
 import { ApplicationEnvironment } from './environment.js';
 import { AuthGuard } from './auth/auth-guard.js';
@@ -56,6 +56,7 @@ import { loggerMongoProvider, pinoLoggerProvider } from './helpers/providers/ind
  servers: [
  `nats://${process.env.MQ_ADDRESS}:4222`
  ],
+ tls: GenerateTLSOptionsNats()
  // serializer: new LogClientSerializer(),
  // deserializer: new LogClientDeserializer()
  }

diff --git a/api-gateway/src/app.ts b/api-gateway/src/app.ts
@@ -4,7 +4,7 @@ import { PolicyEngine } from './helpers/policy-engine.js';
 import { WebSocketsService } from './api/service/websockets.js';
 import { Users } from './helpers/users.js';
 import { Wallet } from './helpers/wallet.js';
-import { LargePayloadContainer, MessageBrokerChannel, PinoLogger } from '@guardian/common';
+import { GenerateTLSOptionsNats, LargePayloadContainer, MessageBrokerChannel, PinoLogger } from '@guardian/common';
 import { TaskManager } from './helpers/task-manager.js';
 import { AppModule } from './app.module.js';
 import { NestFactory } from '@nestjs/core';
@@ -39,7 +39,8 @@ Promise.all([
  name: `${process.env.SERVICE_CHANNEL}`,
  servers: [
  `nats://${process.env.MQ_ADDRESS}:4222`
- ]
+ ],
+ tls: GenerateTLSOptionsNats()
  },
  });
  app.enableVersioning({

diff --git a/api-gateway/src/helpers/guardians.ts b/api-gateway/src/helpers/guardians.ts
@@ -586,10 +586,15 @@ export class Guardians extends NatsService {
  *
  * @param {string} type - schema type
  *
+ * @param owner
  * @returns {ISchema} - schema
  */
- public async getSchemaByType(type: string): Promise<ISchema> {
- return await this.sendMessage(MessageAPI.GET_SCHEMA, { type });
+ public async getSchemaByType(type: string, owner?: string): Promise<ISchema> {
+ if (owner) {
+ return await this.sendMessage(MessageAPI.GET_SCHEMA, {type, owner});
+ } else {
+ return await this.sendMessage(MessageAPI.GET_SCHEMA, {type});
+ }
  }
 
  /**

diff --git a/auth-service/src/app.ts b/auth-service/src/app.ts
@@ -1,6 +1,6 @@
 import { AccountService } from './api/account-service.js';
 import { WalletService } from './api/wallet-service.js';
-import { ApplicationState, COMMON_CONNECTION_CONFIG, DatabaseServer, LargePayloadContainer, MessageBrokerChannel, Migration, mongoForLoggingInitialization, OldSecretManager, PinoLogger, pinoLoggerInitialization, SecretManager, ValidateConfiguration, } from '@guardian/common';
+import { ApplicationState, COMMON_CONNECTION_CONFIG, DatabaseServer, GenerateTLSOptionsNats, LargePayloadContainer, MessageBrokerChannel, Migration, mongoForLoggingInitialization, OldSecretManager, PinoLogger, pinoLoggerInitialization, SecretManager, ValidateConfiguration, } from '@guardian/common';
 import { ApplicationStates } from '@guardian/interfaces';
 import { MikroORM } from '@mikro-orm/core';
 import { MongoDriver } from '@mikro-orm/mongodb';
@@ -41,6 +41,7 @@ Promise.all([
  servers: [
  `nats://${process.env.MQ_ADDRESS}:4222`,
  ],
+ tls: GenerateTLSOptionsNats()
  },
  }),
  InitializeVault(process.env.VAULT_PROVIDER),

diff --git a/common/src/database-modules/database-server.ts b/common/src/database-modules/database-server.ts
@@ -47,7 +47,8 @@ import {
  GenerateUUIDv4,
  IVC,
  MintTransactionStatus,
- PolicyTestStatus, PolicyType,
+ PolicyTestStatus,
+ PolicyType,
  SchemaEntity,
  TokenType,
  TopicType,
@@ -2804,7 +2805,10 @@ export class DatabaseServer extends AbstractDatabaseServer {
  'username',
  'hederaAccountId',
  'active'
- ] as unknown as PopulatePath.ALL[]
+ ] as unknown as PopulatePath.ALL[],
+ orderBy: {
+ createDate: 1
+ }
  }));
  }
 

diff --git a/common/src/helpers/generate-tls-options.ts b/common/src/helpers/generate-tls-options.ts
@@ -0,0 +1,10 @@
+export function GenerateTLSOptionsNats() {
+ if (process.env.TLS_CERT && process.env.TLS_KEY) {
+ return {
+ cert: process.env.TLS_CERT,
+ key: process.env.TLS_KEY,
+ ca: process.env.TLS_CA
+ }
+ }
+ return undefined;
+}
diff --git a/common/src/helpers/index.ts b/common/src/helpers/index.ts
@@ -30,3 +30,4 @@ export * from './mongo-logging-initialization.js';
 export * from './pino-logger.js';
 export * from './pino-logger-initialization.js';
 export * from './insert-variables.js';
+export * from './generate-tls-options.js';
diff --git a/common/src/helpers/notification.service.ts b/common/src/helpers/notification.service.ts
@@ -1,11 +1,8 @@
-import {
- NotificationAction,
- NotificationType,
- NotifyAPI,
-} from '@guardian/interfaces';
+import { NotificationAction, NotificationType, NotifyAPI, } from '@guardian/interfaces';
 import { Injectable } from '@nestjs/common';
 import { CommonVariables } from './common-variables.js';
 import { Client, ClientProxy, Transport } from '@nestjs/microservices';
+import { GenerateTLSOptionsNats } from './generate-tls-options.js';
 
 /**
  * Notification service
@@ -19,6 +16,7 @@ export class NotificationService {
  transport: Transport.NATS,
  options: {
  servers: [`nats://${process.env.MQ_ADDRESS}:4222`],
+ tls: GenerateTLSOptionsNats()
  },
  })
  client: ClientProxy;

diff --git a/common/src/mq/large-payload-container.ts b/common/src/mq/large-payload-container.ts
@@ -1,4 +1,6 @@
 import express from 'express'
+import http from 'http'
+import https from 'https'
 import { hostname } from 'os';
 import { GenerateUUIDv4 } from '@guardian/interfaces';
 import { Singleton } from '../decorators/singleton.js';
@@ -51,7 +53,39 @@ export class LargePayloadContainer {
  */
  private readonly DOMAIN: string;
 
+ /**
+ * Enable TLS
+ * @private
+ */
+ public enableTLS: boolean;
+
+ /**
+ * TLS cert
+ * @private
+ */
+ private readonly tlsCert: string;
+
+ /**
+ * TLS key
+ */
+ private readonly tlsKey: string;
+
+ /**
+ * TLS CA
+ * @private
+ */
+ private readonly tlsCA: string;
+
  constructor() {
+ this.enableTLS = false;
+
+ if (process.env.TLS_SERVER_CERT && process.env.TLS_SERVER_KEY) {
+ this.enableTLS = true;
+ this.tlsCert = process.env.TLS_SERVER_CERT;
+ this.tlsKey = process.env.TLS_SERVER_KEY;
+ this.tlsCA = process.env.TLS_SERVER_CA
+ }
+
  if (process.env.DIRECT_MESSAGE_PORT) {
  this.PORT = parseInt(process.env.DIRECT_MESSAGE_PORT, 10);
  this._portGenerated = false;
@@ -60,7 +94,8 @@ export class LargePayloadContainer {
  this.PORT = this.generateRandom(50000, 59999);
  }
  this.DOMAIN = (process.env.DIRECT_MESSAGE_HOST) ? process.env.DIRECT_MESSAGE_HOST : hostname();
- this.PROTOCOL = (process.env.DIRECT_MESSAGE_PROTOCOL) ? process.env.DIRECT_MESSAGE_PROTOCOL as any : 'http';
+ const defaultProtocol = this.enableTLS ? 'https' : 'http';
+ this.PROTOCOL = (process.env.DIRECT_MESSAGE_PROTOCOL) ? process.env.DIRECT_MESSAGE_PROTOCOL as any : defaultProtocol;
 
  this.objectsMap = new Map();
  this._started = false;
@@ -85,7 +120,19 @@ export class LargePayloadContainer {
  res.send(buf);
  })
 
- const server = app.listen(this.PORT, () => {
+ let s: http.Server | https.Server;
+
+ if (this.enableTLS) {
+ s = https.createServer({
+ key: this.tlsKey,
+ cert: this.tlsCert,
+ ca: this.tlsCA
+ }, app);
+ } else {
+ s = http.createServer(app);
+ }
+
+ const server = s.listen(this.PORT, () => {
  this._started = true;
  try {
  // this.logger.info(`Large objects server starts on ${this.PORT} port`, [process.env.SERVICE_CHANNEL?.toUpperCase()]);

diff --git a/common/src/mq/message-broker-channel.ts b/common/src/mq/message-broker-channel.ts
@@ -1,8 +1,9 @@
 import assert from 'assert';
-import { Subscription, NatsConnection, StringCodec, connect, headers } from 'nats';
+import { connect, headers, NatsConnection, StringCodec, Subscription } from 'nats';
 import { IMessageResponse, MessageError } from '../models/index.js';
 import { GenerateUUIDv4 } from '@guardian/interfaces';
 import { ZipCodec } from './zip-codec.js';
+import { GenerateTLSOptionsNats } from '../helpers/index.js';
 
 const MQ_TIMEOUT = 300000;
 /**
@@ -306,6 +307,7 @@ export class MessageBrokerChannel {
  public static async connect(connectionName: string) {
  assert(process.env.MQ_ADDRESS, 'Missing MQ_ADDRESS environment variable');
  return connect({
+ tls: GenerateTLSOptionsNats(),
  servers: [process.env.MQ_ADDRESS],
  name: connectionName,
  reconnectDelayHandler: () => 2000,

diff --git a/common/src/mq/zip-codec.ts b/common/src/mq/zip-codec.ts
@@ -3,6 +3,7 @@ import { ErrorCode, JSONCodec, NatsError } from 'nats';
 // import { gzip, unzip } from 'zlib';
 import { LargePayloadContainer } from './large-payload-container.js';
 import axios from 'axios';
+import https from 'https';
 
 /**
  * Zip Codec
@@ -42,6 +43,14 @@ export function ZipCodec() {
  // const parsed = JSON.parse(decompressed.toString());
  if (parsed?.hasOwnProperty('directLink')) {
  const directLink = parsed.directLink;
+ if (process.env.TLS_CERT && process.env.TLS_KEY) {
+ const httpsAgent = new https.Agent({
+ cert: process.env.TLS_CERT,
+ key: process.env.TLS_KEY,
+ ca: process.env.TLS_CA
+ });
+ axios.defaults.httpsAgent = httpsAgent;
+ }
  const response = await axios.get(directLink, {
  responseType: 'arraybuffer'
  });

diff --git a/configs/nats.conf b/configs/nats.conf
@@ -26,4 +26,10 @@ cluster {
  routes = []
 }
 
+#tls {
+# cert_file: "/certs/server-cert.pem"
+# key_file: "/certs/server-key.pem"
+# ca_file: "/certs/rootCA.pem"
+#}
+
 max_payload: 64MB
diff --git a/docs/.gitbook/assets/0 (21).png b/docs/.gitbook/assets/0 (21).png
diff --git a/docs/.gitbook/assets/1 (23).png b/docs/.gitbook/assets/1 (23).png
diff --git a/docs/.gitbook/assets/2 (25).png b/docs/.gitbook/assets/2 (25).png
diff --git a/docs/.gitbook/assets/3 (21).png b/docs/.gitbook/assets/3 (21).png
diff --git a/docs/.gitbook/assets/4 (19).png b/docs/.gitbook/assets/4 (19).png
diff --git a/docs/.gitbook/assets/5 (22).png b/docs/.gitbook/assets/5 (22).png
diff --git a/docs/.gitbook/assets/6 (21).png b/docs/.gitbook/assets/6 (21).png
diff --git a/docs/.gitbook/assets/7 (21).png b/docs/.gitbook/assets/7 (21).png
diff --git a/docs/SUMMARY.md b/docs/SUMMARY.md
@@ -150,6 +150,7 @@
  * [Updating Schema Tag](guardian/standard-registry/schemas/tag-schema/schema-tags-apis/updating-schema-tag.md)
  * [Publishing Schema](guardian/standard-registry/schemas/tag-schema/schema-tags-apis/publishing-schema.md)
  * [Returning list of published schemas](guardian/standard-registry/schemas/tag-schema/schema-tags-apis/returning-list-of-published-schemas.md)
+ * [Schema Predefined Values using UI](guardian/standard-registry/schemas/schema-predefined-values-using-ui.md)
  * [🛠️ Policies](guardian/standard-registry/policies/README.md)
  * [🎓 Policy Glossary](guardian/standard-registry/policies/policy-glossary.md)
  * [📁 Versioning and Deprecation Policy](guardian/standard-registry/policies/versioning-and-deprecation-policy/README.md)