Merge branch 'main' into EW-619-DP-review-testing-part

hpi-schul-cloud · Oct 24, 2023 · b2c4c68 · b2c4c68
2 parents 01de770 + 88c6f4e
commit b2c4c68
Show file tree

Hide file tree

Showing 717 changed files with 8,826 additions and 3,988 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -83,8 +83,12 @@ jobs:
         run: |
           sudo apt-get install -y lcov
           find coverage -name *.info -exec echo -a {} \; | xargs lcov -o merged-lcov.info
+      - uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: '17'
       - name: SonarCloud upload coverage
-        uses: SonarSource/sonarcloud-github-action@v1.9
+        uses: SonarSource/sonarcloud-github-action@v2.0.2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}

diff --git a/ansible/roles/schulcloud-server-init/templates/configmap_file_init.yml.j2 b/ansible/roles/schulcloud-server-init/templates/configmap_file_init.yml.j2
@@ -25,6 +25,9 @@ data:
     else
         echo "gg, hacky mongo replicaset"
     fi
+    {% if KEDA_NAMESPACE_ACTIVATOR_ENABLED is defined %}
+    curl -XPUT -H 'Content-Type: application/json'  -Lv 'https://activate.cd.dbildungscloud.dev/namespace' -d '{"name" : "{{ NAMESPACE }}"}'
+    {% endif %}
     curl --retry 360 --retry-connrefused --retry-delay 10 -X POST 'http://mgmt-svc:3333/api/management/database/seed?with-indexes=true'
 
     # Below is a series of a MongoDB-data initializations, meant for the development and testing
@@ -177,7 +180,6 @@ data:
               "redirectUri": "https://{{ NAMESPACE }}.cd.dbildungscloud.dev/api/v3/sso/oauth",
               "authEndpoint": "https://auth.stage.niedersachsen-login.schule/realms/SANIS/protocol/openid-connect/auth",
               "provider": "sanis",
-              "logoutEndpoint": "https://auth.stage.niedersachsen-login.schule/realms/SANIS/protocol/openid-connect/logout",
               "jwksEndpoint": "https://auth.stage.niedersachsen-login.schule/realms/SANIS/protocol/openid-connect/certs",
               "issuer": "https://auth.stage.niedersachsen-login.schule/realms/SANIS"
             }

diff --git a/apps/server/src/apps/files-storage-consumer.app.ts b/apps/server/src/apps/files-storage-consumer.app.ts
@@ -3,7 +3,7 @@
 import { NestFactory } from '@nestjs/core';
 
 // register source-map-support for debugging
-import { FilesStorageAMQPModule } from '@src/modules/files-storage';
+import { FilesStorageAMQPModule } from '@modules/files-storage';
 import { install as sourceMapInstall } from 'source-map-support';
 
 async function bootstrap() {

diff --git a/apps/server/src/apps/files-storage.app.ts b/apps/server/src/apps/files-storage.app.ts
@@ -10,7 +10,7 @@ import { install as sourceMapInstall } from 'source-map-support';
 // application imports
 import { SwaggerDocumentOptions } from '@nestjs/swagger';
 import { LegacyLogger } from '@src/core/logger';
-import { API_VERSION_PATH, FilesStorageApiModule } from '@src/modules/files-storage';
+import { API_VERSION_PATH, FilesStorageApiModule } from '@modules/files-storage';
 import { enableOpenApiDocs } from '@src/shared/controller/swagger';
 
 async function bootstrap() {

diff --git a/apps/server/src/apps/fwu-learning-contents.app.ts b/apps/server/src/apps/fwu-learning-contents.app.ts
@@ -9,7 +9,7 @@ import { install as sourceMapInstall } from 'source-map-support';
 
 // application imports
 import { LegacyLogger } from '@src/core/logger';
-import { FwuLearningContentsModule } from '@src/modules/fwu-learning-contents';
+import { FwuLearningContentsModule } from '@modules/fwu-learning-contents';
 import { enableOpenApiDocs } from '@src/shared/controller/swagger';
 
 async function bootstrap() {

diff --git a/apps/server/src/apps/h5p-editor.app.ts b/apps/server/src/apps/h5p-editor.app.ts
@@ -9,7 +9,7 @@ import { install as sourceMapInstall } from 'source-map-support';
 
 // application imports
 import { LegacyLogger } from '@src/core/logger';
-import { H5PEditorModule } from '@src/modules/h5p-editor';
+import { H5PEditorModule } from '@modules/h5p-editor';
 import { enableOpenApiDocs } from '@src/shared/controller/swagger';
 
 async function bootstrap() {

diff --git a/apps/server/src/apps/management.app.ts b/apps/server/src/apps/management.app.ts
@@ -9,7 +9,7 @@ import { install as sourceMapInstall } from 'source-map-support';
 
 // application imports
 import { LegacyLogger } from '@src/core/logger';
-import { ManagementServerModule } from '@src/modules/management';
+import { ManagementServerModule } from '@modules/management';
 import { enableOpenApiDocs } from '@src/shared/controller/swagger';
 
 async function bootstrap() {

diff --git a/apps/server/src/apps/server.app.ts b/apps/server/src/apps/server.app.ts
@@ -7,19 +7,20 @@ import { ExpressAdapter } from '@nestjs/platform-express';
 import { enableOpenApiDocs } from '@shared/controller/swagger';
 import { Mail, MailService } from '@shared/infra/mail';
 import { LegacyLogger, Logger } from '@src/core/logger';
-import { AccountService } from '@src/modules/account/services/account.service';
-import { TeamService } from '@src/modules/teams/service/team.service';
-import { AccountValidationService } from '@src/modules/account/services/account.validation.service';
-import { AccountUc } from '@src/modules/account/uc/account.uc';
-import { CollaborativeStorageUc } from '@src/modules/collaborative-storage/uc/collaborative-storage.uc';
-import { RocketChatService } from '@src/modules/rocketchat';
-import { ServerModule } from '@src/modules/server';
+import { AccountService } from '@modules/account/services/account.service';
+import { TeamService } from '@modules/teams/service/team.service';
+import { AccountValidationService } from '@modules/account/services/account.validation.service';
+import { AccountUc } from '@modules/account/uc/account.uc';
+import { CollaborativeStorageUc } from '@modules/collaborative-storage/uc/collaborative-storage.uc';
+import { GroupService } from '@modules/group';
+import { RocketChatService } from '@modules/rocketchat';
+import { ServerModule } from '@modules/server';
 import express from 'express';
 import { join } from 'path';
 
 // register source-map-support for debugging
 import { install as sourceMapInstall } from 'source-map-support';
-import { FeathersRosterService } from '@src/modules/pseudonym';
+import { FeathersRosterService } from '@modules/pseudonym';
 import legacyAppPromise = require('../../../../src/app');
 
 import { AppStartLoggable } from './helpers/app-start-loggable';
@@ -82,6 +83,8 @@ async function bootstrap() {
 	feathersExpress.services['nest-team-service'] = nestApp.get(TeamService);
 	// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access,@typescript-eslint/no-unsafe-assignment
 	feathersExpress.services['nest-feathers-roster-service'] = nestApp.get(FeathersRosterService);
+	// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment,@typescript-eslint/no-unsafe-member-access
+	feathersExpress.services['nest-group-service'] = nestApp.get(GroupService);
 	// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access,@typescript-eslint/no-unsafe-assignment
 	feathersExpress.services['nest-orm'] = orm;
 

diff --git a/apps/server/src/console/api-test/test-bootstrap.console.ts b/apps/server/src/console/api-test/test-bootstrap.console.ts
@@ -1,7 +1,7 @@
 import { createMock } from '@golevelup/ts-jest';
 import { Test, TestingModule } from '@nestjs/testing';
 import { ConsoleWriterService } from '@shared/infra/console';
-import { DatabaseManagementUc } from '@src/modules/management/uc/database-management.uc';
+import { DatabaseManagementUc } from '@modules/management/uc/database-management.uc';
 import { AbstractBootstrapConsole, BootstrapConsole } from 'nestjs-console';
 
 export class TestBootstrapConsole extends AbstractBootstrapConsole<TestingModule> {

diff --git a/apps/server/src/console/console.module.ts b/apps/server/src/console/console.module.ts
@@ -7,11 +7,11 @@ import { ALL_ENTITIES } from '@shared/domain';
 import { ConsoleWriterModule } from '@shared/infra/console/console-writer/console-writer.module';
 import { KeycloakModule } from '@shared/infra/identity-management/keycloak/keycloak.module';
 import { DB_PASSWORD, DB_URL, DB_USERNAME, createConfigModuleOptions } from '@src/config';
-import { FilesModule } from '@src/modules/files';
-import { FileEntity } from '@src/modules/files/entity';
-import { FileRecord } from '@src/modules/files-storage/entity';
-import { ManagementModule } from '@src/modules/management/management.module';
-import { serverConfig } from '@src/modules/server';
+import { FilesModule } from '@modules/files';
+import { FileEntity } from '@modules/files/entity';
+import { FileRecord } from '@modules/files-storage/entity';
+import { ManagementModule } from '@modules/management/management.module';
+import { serverConfig } from '@modules/server';
 import { ConsoleModule } from 'nestjs-console';
 import { ServerConsole } from './server.console';
 

diff --git a/apps/server/src/modules/account/index.ts b/apps/server/src/modules/account/index.ts
@@ -1,2 +1,3 @@
 export * from './account.module';
 export * from './account-config';
+export { AccountService } from './services';
diff --git a/apps/server/src/modules/account/mapper/account-response.mapper.spec.ts b/apps/server/src/modules/account/mapper/account-response.mapper.spec.ts
@@ -1,5 +1,5 @@
 import { Account } from '@shared/domain';
-import { AccountDto } from '@src/modules/account/services/dto/account.dto';
+import { AccountDto } from '@modules/account/services/dto/account.dto';
 import { accountDtoFactory, accountFactory } from '@shared/testing';
 import { AccountResponseMapper } from '.';
 

diff --git a/apps/server/src/modules/account/mapper/account-response.mapper.ts b/apps/server/src/modules/account/mapper/account-response.mapper.ts
@@ -1,5 +1,5 @@
 import { Account } from '@shared/domain';
-import { AccountDto } from '@src/modules/account/services/dto/account.dto';
+import { AccountDto } from '@modules/account/services/dto/account.dto';
 import { AccountResponse } from '../controller/dto';
 
 export class AccountResponseMapper {

diff --git a/apps/server/src/modules/account/services/account-db.service.spec.ts b/apps/server/src/modules/account/services/account-db.service.spec.ts
@@ -6,9 +6,9 @@ import { EntityNotFoundError } from '@shared/common';
 import { Account, EntityId } from '@shared/domain';
 import { IdentityManagementService } from '@shared/infra/identity-management/identity-management.service';
 import { accountFactory, setupEntities, userFactory } from '@shared/testing';
-import { AccountEntityToDtoMapper } from '@src/modules/account/mapper';
-import { AccountDto } from '@src/modules/account/services/dto';
-import { IServerConfig } from '@src/modules/server';
+import { AccountEntityToDtoMapper } from '@modules/account/mapper';
+import { AccountDto } from '@modules/account/services/dto';
+import { IServerConfig } from '@modules/server';
 import bcrypt from 'bcryptjs';
 import { LegacyLogger } from '../../../core/logger';
 import { AccountRepo } from '../repo/account.repo';

diff --git a/apps/server/src/modules/account/services/account-idm.service.integration.spec.ts b/apps/server/src/modules/account/services/account-idm.service.integration.spec.ts
@@ -5,7 +5,7 @@ import { ConfigModule } from '@nestjs/config';
 import { Test, TestingModule } from '@nestjs/testing';
 import { IdmAccount } from '@shared/domain';
 import { KeycloakAdministrationService } from '@shared/infra/identity-management/keycloak-administration/service/keycloak-administration.service';
-import { AccountSaveDto } from '@src/modules/account/services/dto';
+import { AccountSaveDto } from '@modules/account/services/dto';
 import { LoggerModule } from '@src/core/logger';
 import { IdentityManagementModule } from '@shared/infra/identity-management';
 import { IdentityManagementService } from '../../../shared/infra/identity-management/identity-management.service';

diff --git a/apps/server/src/modules/account/services/account-lookup.service.ts b/apps/server/src/modules/account/services/account-lookup.service.ts
@@ -2,7 +2,7 @@ import { Injectable } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import { EntityId } from '@shared/domain';
 import { IdentityManagementService } from '@shared/infra/identity-management';
-import { IServerConfig } from '@src/modules/server/server.config';
+import { IServerConfig } from '@modules/server/server.config';
 import { ObjectId } from 'bson';
 
 /**

diff --git a/apps/server/src/modules/account/services/account.service.spec.ts b/apps/server/src/modules/account/services/account.service.spec.ts
@@ -1,7 +1,7 @@
 import { createMock, DeepMocked } from '@golevelup/ts-jest';
 import { ConfigService } from '@nestjs/config';
 import { Test, TestingModule } from '@nestjs/testing';
-import { IServerConfig } from '@src/modules/server';
+import { IServerConfig } from '@modules/server';
 import { LegacyLogger } from '../../../core/logger';
 import { AccountServiceDb } from './account-db.service';
 import { AccountServiceIdm } from './account-idm.service';

diff --git a/apps/server/src/modules/account/services/index.ts b/apps/server/src/modules/account/services/index.ts
@@ -0,0 +1 @@
+export * from './account.service';
diff --git a/apps/server/src/modules/account/uc/account.uc.spec.ts b/apps/server/src/modules/account/uc/account.uc.spec.ts
@@ -16,10 +16,10 @@ import {
 import { UserRepo } from '@shared/repo';
 import { accountFactory, schoolFactory, setupEntities, systemFactory, userFactory } from '@shared/testing';
 import { BruteForcePrevention } from '@src/imports-from-feathers';
-import { AccountService } from '@src/modules/account/services/account.service';
-import { AccountSaveDto } from '@src/modules/account/services/dto';
-import { AccountDto } from '@src/modules/account/services/dto/account.dto';
-import { ICurrentUser } from '@src/modules/authentication';
+import { AccountService } from '@modules/account/services/account.service';
+import { AccountSaveDto } from '@modules/account/services/dto';
+import { AccountDto } from '@modules/account/services/dto/account.dto';
+import { ICurrentUser } from '@modules/authentication';
 import { ObjectId } from 'bson';
 import {
 	AccountByIdBodyParams,

diff --git a/apps/server/src/modules/account/uc/account.uc.ts b/apps/server/src/modules/account/uc/account.uc.ts
@@ -9,11 +9,11 @@ import {
 import { Account, EntityId, Permission, PermissionService, Role, RoleName, SchoolEntity, User } from '@shared/domain';
 import { UserRepo } from '@shared/repo';
 // TODO: module internals should be imported with relative paths
-import { AccountService } from '@src/modules/account/services/account.service';
-import { AccountDto } from '@src/modules/account/services/dto/account.dto';
+import { AccountService } from '@modules/account/services/account.service';
+import { AccountDto } from '@modules/account/services/dto/account.dto';
 
 import { BruteForcePrevention } from '@src/imports-from-feathers';
-import { ICurrentUser } from '@src/modules/authentication';
+import { ICurrentUser } from '@modules/authentication';
 import { ObjectId } from 'bson';
 import { IAccountConfig } from '../account-config';
 import {

diff --git a/apps/server/src/modules/authentication/authentication.module.ts b/apps/server/src/modules/authentication/authentication.module.ts
@@ -5,10 +5,10 @@ import { CacheWrapperModule } from '@shared/infra/cache';
 import { IdentityManagementModule } from '@shared/infra/identity-management';
 import { LegacySchoolRepo, SystemRepo, UserRepo } from '@shared/repo';
 import { LoggerModule } from '@src/core/logger';
-import { AccountModule } from '@src/modules/account';
-import { OauthModule } from '@src/modules/oauth/oauth.module';
-import { RoleModule } from '@src/modules/role';
-import { SystemModule } from '@src/modules/system';
+import { AccountModule } from '@modules/account';
+import { OauthModule } from '@modules/oauth/oauth.module';
+import { RoleModule } from '@modules/role';
+import { SystemModule } from '@modules/system';
 import { Algorithm, SignOptions } from 'jsonwebtoken';
 import { jwtConstants } from './constants';
 import { AuthenticationService } from './services/authentication.service';

diff --git a/apps/server/src/modules/authentication/controllers/api-test/login.api.spec.ts b/apps/server/src/modules/authentication/controllers/api-test/login.api.spec.ts
@@ -3,15 +3,15 @@ import { HttpStatus, INestApplication } from '@nestjs/common';
 import { Test, TestingModule } from '@nestjs/testing';
 import { Account, RoleName, SchoolEntity, SystemEntity, User } from '@shared/domain';
 import { accountFactory, roleFactory, schoolFactory, systemFactory, userFactory } from '@shared/testing';
-import { SSOErrorCode } from '@src/modules/oauth/error/sso-error-code.enum';
-import { OauthTokenResponse } from '@src/modules/oauth/service/dto';
-import { ServerTestModule } from '@src/modules/server/server.module';
+import { SSOErrorCode } from '@modules/oauth/loggable';
+import { OauthTokenResponse } from '@modules/oauth/service/dto';
+import { ServerTestModule } from '@modules/server/server.module';
 import axios from 'axios';
 import MockAdapter from 'axios-mock-adapter';
 import crypto, { KeyPairKeyObjectResult } from 'crypto';
 import jwt from 'jsonwebtoken';
 import request, { Response } from 'supertest';
-import { LdapAuthorizationBodyParams, LocalAuthorizationBodyParams } from '../dto';
+import { LdapAuthorizationBodyParams, LocalAuthorizationBodyParams, OauthLoginResponse } from '../dto';
 
 const ldapAccountUserName = 'ldapAccountUserName';
 const mockUserLdapDN = 'mockUserLdapDN';
@@ -129,6 +129,7 @@ describe('Login Controller (api)', () => {
 				expect(decodedToken).toHaveProperty('accountId');
 				expect(decodedToken).toHaveProperty('schoolId');
 				expect(decodedToken).toHaveProperty('roles');
+				expect(decodedToken).not.toHaveProperty('externalIdToken');
 			});
 		});
 
@@ -193,6 +194,7 @@ describe('Login Controller (api)', () => {
 				expect(decodedToken).toHaveProperty('accountId');
 				expect(decodedToken).toHaveProperty('schoolId');
 				expect(decodedToken).toHaveProperty('roles');
+				expect(decodedToken).not.toHaveProperty('externalIdToken');
 			});
 		});
 
@@ -253,10 +255,30 @@ describe('Login Controller (api)', () => {
 
 				return {
 					system,
+					idToken,
 				};
 			};
 
-			it('should return jwt', async () => {
+			it('should return oauth login response', async () => {
+				const { system, idToken } = await setup();
+
+				const response: Response = await request(app.getHttpServer())
+					.post(`${basePath}/oauth2`)
+					.send({
+						redirectUri: 'redirectUri',
+						code: 'code',
+						systemId: system.id,
+					})
+					.expect(HttpStatus.OK);
+
+				// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+				expect(response.body).toEqual<OauthLoginResponse>({
+					accessToken: expect.any(String),
+					externalIdToken: idToken,
+				});
+			});
+
+			it('should return a valid jwt as access token', async () => {
 				const { system } = await setup();
 
 				const response: Response = await request(app.getHttpServer())
@@ -268,8 +290,15 @@ describe('Login Controller (api)', () => {
 					})
 					.expect(HttpStatus.OK);
 
+				// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access,@typescript-eslint/no-unsafe-argument
+				const decodedToken = jwt.decode(response.body.accessToken);
 				// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
 				expect(response.body.accessToken).toBeDefined();
+				expect(decodedToken).toHaveProperty('userId');
+				expect(decodedToken).toHaveProperty('accountId');
+				expect(decodedToken).toHaveProperty('schoolId');
+				expect(decodedToken).toHaveProperty('roles');
+				expect(decodedToken).not.toHaveProperty('externalIdToken');
 			});
 		});
 

diff --git a/apps/server/src/modules/authentication/controllers/dto/index.ts b/apps/server/src/modules/authentication/controllers/dto/index.ts
@@ -2,3 +2,4 @@ export * from './oauth2-authorization.body.params';
 export * from './login.response';
 export * from './ldap-authorization.body.params';
 export * from './local-authorization.body.params';
+export * from './oauth-login.response';
diff --git a/apps/server/src/modules/authentication/controllers/dto/oauth-login.response.ts b/apps/server/src/modules/authentication/controllers/dto/oauth-login.response.ts
@@ -0,0 +1,15 @@
+import { ApiPropertyOptional } from '@nestjs/swagger';
+import { LoginResponse } from './login.response';
+
+export class OauthLoginResponse extends LoginResponse {
+	@ApiPropertyOptional({
+		description:
+			'The external id token which is from the external oauth system and set when scope openid is available.',
+	})
+	externalIdToken?: string;
+
+	constructor(props: OauthLoginResponse) {
+		super(props);
+		this.externalIdToken = props.externalIdToken;
+	}
+}