-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* endpoints preparation * auth startegy impl * api impl * some changes * some fixes need in KNL module * changes in uc and register entities * Pr fixes and minor changes * rename file * some fixes * add exposing admin API port from the api-svc * add server test module + delete FileEntity from allEntities * change module * admin api server module test impl * add some tests * add some test for API * add some test * x-api-key.strategy tests * x-api-key-strategy-tests impl * remove test for api-setup-helper, remove unused imports * remove test file * add info for the Admin API port * add test for controller * add test for deletionRequestResponse * remove not needed parameter from constructor * add test for deletionRequestLogResponse * add test for executionParams and requestbodyParams * replace hard-coded Admin API server port value with the one taken from the var * change creation of API method location * change default json * fix import in server module * fixes soma issues * fixes after review * add admin api object * default json chnages * Revert "default json chnages" This reverts commit 6764f95. * Revert "add admin api object" This reverts commit aba6e1a. * Revert "fixes after review" This reverts commit 4fc4c70. * Revert "fixes soma issues" This reverts commit 3b58d13. * fixes after review * Revert "small fixes" This reverts commit ccf0aef, reversing changes made to 011b0f7. * Revert "Revert "small fixes"" This reverts commit 30ab3f4. * default ADMIN_API_KEY * fix some imports * small change in x-api-key.strategy * Update apps/server/src/modules/deletion/uc/builder/deletion-log-statistic.builder.spec.ts Co-authored-by: Bartosz Nowicki <[email protected]> * change default.schema.json * new changes to default.schema.json * fix after review * add logger for error in deeltionRequestUC * fix problem with fileentity * fix imports * add logger to test in uc of deletionModule * change module config * hard-coded Admin API server port after the discussion with Paul * fixes bug during deletion uders data from lessons * fix pipeline * fix pipeline #2 * fix pipeline * fix lint * fix modules imports * fix providers in exports in deletion module * split deletion module and deletion-api.module * move setup sessions to server config * try to fix test coverage * Revert "try to fix test coverage" This reverts commit e336196. * Revert "move setup sessions to server config" This reverts commit 86b176d. * remove api key from default.json * changes to server module * use timers in tests * revert last commit * add testXApiKeyClient * deployment impl * add newlines * add test * change character length * fix imports * fix deployment in PR * PR fixes part 1 * fix build and push * fix prettier * default schema changes * small fixes * fix lint * add registration pins module * change sorting of code lines * small fixes after review * add enabled in admiApiServer * add process.exit * test revert enabled (testing purposes) * Revert "test revert enabled (testing purposes)" This reverts commit b2fa12f. * add default for testers * Revert "add default for testers" This reverts commit d589435. * fix with elsson entity * fix lint * changes in main.yml * fix enabled --------- Co-authored-by: WojciechGrancow <[email protected]> Co-authored-by: Bartosz Nowicki <[email protected]> Co-authored-by: WojciechGrancow <[email protected]> Co-authored-by: Cedric Evers <[email protected]>
- Loading branch information
1 parent
90e62c7
commit e3a1aca
Showing
101 changed files
with
1,469 additions
and
218 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
64 changes: 64 additions & 0 deletions
64
ansible/roles/schulcloud-server-core/templates/admin-api-server-deployment.yml.j2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: admin-api-deployment | ||
namespace: {{ NAMESPACE }} | ||
labels: | ||
app: api-admin | ||
app.kubernetes.io/part-of: schulcloud-verbund | ||
app.kubernetes.io/version: {{ SCHULCLOUD_SERVER_IMAGE_TAG }} | ||
app.kubernetes.io/name: api-admin | ||
app.kubernetes.io/component: server | ||
app.kubernetes.io/managed-by: ansible | ||
git.branch: {{ SCHULCLOUD_SERVER_BRANCH_NAME }} | ||
git.repo: {{ SCHULCLOUD_SERVER_REPO_NAME }} | ||
spec: | ||
replicas: {{ ADMIN_API_SERVER_REPLICAS|default("1", true) }} | ||
strategy: | ||
type: RollingUpdate | ||
rollingUpdate: | ||
maxSurge: 1 | ||
#maxUnavailable: 1 | ||
revisionHistoryLimit: 4 | ||
paused: false | ||
selector: | ||
matchLabels: | ||
app: api-admin | ||
template: | ||
metadata: | ||
labels: | ||
app: api-admin | ||
app.kubernetes.io/part-of: schulcloud-verbund | ||
app.kubernetes.io/version: {{ SCHULCLOUD_SERVER_IMAGE_TAG }} | ||
app.kubernetes.io/name: api-admin | ||
app.kubernetes.io/component: server | ||
app.kubernetes.io/managed-by: ansible | ||
git.branch: {{ SCHULCLOUD_SERVER_BRANCH_NAME }} | ||
git.repo: {{ SCHULCLOUD_SERVER_REPO_NAME }} | ||
spec: | ||
securityContext: | ||
runAsUser: 1000 | ||
runAsGroup: 1000 | ||
fsGroup: 1000 | ||
runAsNonRoot: true | ||
containers: | ||
- name: api-admin | ||
image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }} | ||
imagePullPolicy: IfNotPresent | ||
ports: | ||
- containerPort: 4030 | ||
name: admin | ||
protocol: TCP | ||
envFrom: | ||
- configMapRef: | ||
name: api-configmap | ||
- secretRef: | ||
name: api-secret | ||
command: ['npm', 'run', 'nest:start:admin-api-server:prod'] | ||
resources: | ||
limits: | ||
cpu: {{ ADMIN_API_SERVER_CPU_LIMITS|default("2000m", true) }} | ||
memory: {{ ADMIN_API_SERVER_MEMORY_LIMITS|default("4Gi", true) }} | ||
requests: | ||
cpu: {{ ADMIN_API_SERVER_CPU_REQUESTS|default("100m", true) }} | ||
memory: {{ ADMIN_API_SERVER_MEMORY_REQUESTS|default("150Mi", true) }} |
17 changes: 17 additions & 0 deletions
17
ansible/roles/schulcloud-server-core/templates/admin-api-server-svc.yml.j2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: api-admin-svc | ||
namespace: {{ NAMESPACE }} | ||
labels: | ||
app: api-admin | ||
spec: | ||
type: ClusterIP | ||
ports: | ||
# port for http managing drawing data | ||
- port: 4030 | ||
targetPort: 4030 | ||
protocol: TCP | ||
name: admin | ||
selector: | ||
app: api-admin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
/* istanbul ignore file */ | ||
import { NestFactory } from '@nestjs/core'; | ||
import { install as sourceMapInstall } from 'source-map-support'; | ||
import { LegacyLogger, Logger } from '@src/core/logger'; | ||
import { enableOpenApiDocs } from '@shared/controller/swagger'; | ||
import { AppStartLoggable } from '@src/apps/helpers/app-start-loggable'; | ||
import { ExpressAdapter } from '@nestjs/platform-express'; | ||
import express from 'express'; | ||
import { AdminApiServerModule } from '@src/modules/server/admin-api.server.module'; | ||
import { Configuration } from '@hpi-schul-cloud/commons/lib'; | ||
|
||
async function bootstrap() { | ||
sourceMapInstall(); | ||
|
||
const nestAdminServerExpress = express(); | ||
const nestAdminServerExpressAdapter = new ExpressAdapter(nestAdminServerExpress); | ||
nestAdminServerExpressAdapter.disable('x-powered-by'); | ||
|
||
const nestAdminServerApp = await NestFactory.create(AdminApiServerModule, nestAdminServerExpressAdapter); | ||
const logger = await nestAdminServerApp.resolve(Logger); | ||
const legacyLogger = await nestAdminServerApp.resolve(LegacyLogger); | ||
nestAdminServerApp.useLogger(legacyLogger); | ||
nestAdminServerApp.enableCors(); | ||
|
||
enableOpenApiDocs(nestAdminServerApp, 'docs'); | ||
nestAdminServerApp.setGlobalPrefix('/admin/api/v1'); | ||
|
||
await nestAdminServerApp.init(); | ||
|
||
const adminApiServerPort = Configuration.get('ADMIN_API__PORT') as number; | ||
|
||
nestAdminServerExpress.listen(adminApiServerPort, () => { | ||
logger.info( | ||
new AppStartLoggable({ | ||
appName: 'Admin API server app', | ||
port: adminApiServerPort, | ||
mountsDescription: `/admin/api/v1 --> Admin API Server`, | ||
}) | ||
); | ||
}); | ||
} | ||
|
||
void bootstrap(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
export * from './x-api-key.config'; |
3 changes: 3 additions & 0 deletions
3
apps/server/src/modules/authentication/config/x-api-key.config.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
export interface XApiKeyConfig { | ||
ADMIN_API__ALLOWED_API_KEYS: string[]; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
74 changes: 74 additions & 0 deletions
74
apps/server/src/modules/authentication/strategy/x-api-key.strategy.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
import { UnauthorizedException } from '@nestjs/common'; | ||
import { Test, TestingModule } from '@nestjs/testing'; | ||
import { ConfigService } from '@nestjs/config'; | ||
import { createMock } from '@golevelup/ts-jest'; | ||
import { XApiKeyStrategy } from './x-api-key.strategy'; | ||
import { XApiKeyConfig } from '../config/x-api-key.config'; | ||
|
||
describe('XApiKeyStrategy', () => { | ||
let module: TestingModule; | ||
let strategy: XApiKeyStrategy; | ||
let configService: ConfigService<XApiKeyConfig, true>; | ||
|
||
beforeAll(async () => { | ||
module = await Test.createTestingModule({ | ||
imports: [], | ||
providers: [ | ||
XApiKeyStrategy, | ||
{ | ||
provide: ConfigService, | ||
useValue: createMock<ConfigService<XApiKeyConfig, true>>({ get: () => ['1ab2c3d4e5f61ab2c3d4e5f6'] }), | ||
}, | ||
], | ||
}).compile(); | ||
|
||
strategy = module.get(XApiKeyStrategy); | ||
configService = module.get(ConfigService<XApiKeyConfig, true>); | ||
}); | ||
|
||
afterAll(async () => { | ||
await module.close(); | ||
}); | ||
|
||
beforeEach(() => { | ||
jest.resetAllMocks(); | ||
}); | ||
|
||
describe('validate', () => { | ||
// eslint-disable-next-line @typescript-eslint/no-unused-vars | ||
const done = jest.fn((error: Error | null, data: boolean | null) => {}); | ||
describe('when a valid api key is provided', () => { | ||
const setup = () => { | ||
const CORRECT_API_KEY = '1ab2c3d4e5f61ab2c3d4e5f6'; | ||
|
||
return { CORRECT_API_KEY, done }; | ||
}; | ||
it('should do nothing', () => { | ||
const { CORRECT_API_KEY } = setup(); | ||
strategy.validate(CORRECT_API_KEY, done); | ||
expect(done).toBeCalledWith(null, true); | ||
}); | ||
}); | ||
|
||
describe('when a invalid api key is provided', () => { | ||
const setup = () => { | ||
const INVALID_API_KEY = '1ab2c3d4e5f61ab2c3d4e5f6778173'; | ||
|
||
return { INVALID_API_KEY, done }; | ||
}; | ||
it('should throw error', () => { | ||
const { INVALID_API_KEY } = setup(); | ||
strategy.validate(INVALID_API_KEY, done); | ||
expect(done).toBeCalledWith(new UnauthorizedException(), null); | ||
}); | ||
}); | ||
}); | ||
|
||
describe('constructor', () => { | ||
it('should create strategy', () => { | ||
const ApiKeyStrategy = new XApiKeyStrategy(configService); | ||
expect(ApiKeyStrategy).toBeDefined(); | ||
expect(ApiKeyStrategy).toBeInstanceOf(XApiKeyStrategy); | ||
}); | ||
}); | ||
}); |
22 changes: 22 additions & 0 deletions
22
apps/server/src/modules/authentication/strategy/x-api-key.strategy.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
import { Injectable, UnauthorizedException } from '@nestjs/common'; | ||
import { PassportStrategy } from '@nestjs/passport'; | ||
import { ConfigService } from '@nestjs/config'; | ||
import Strategy from 'passport-headerapikey'; | ||
import { XApiKeyConfig } from '../config/x-api-key.config'; | ||
|
||
@Injectable() | ||
export class XApiKeyStrategy extends PassportStrategy(Strategy, 'api-key') { | ||
private readonly allowedApiKeys: string[]; | ||
|
||
constructor(private readonly configService: ConfigService<XApiKeyConfig, true>) { | ||
super({ header: 'X-API-KEY' }, false); | ||
this.allowedApiKeys = this.configService.get<string[]>('ADMIN_API__ALLOWED_API_KEYS'); | ||
} | ||
|
||
public validate = (apiKey: string, done: (error: Error | null, data: boolean | null) => void) => { | ||
if (this.allowedApiKeys.includes(apiKey)) { | ||
done(null, true); | ||
} | ||
done(new UnauthorizedException(), null); | ||
}; | ||
} |
4 changes: 2 additions & 2 deletions
4
...h-deletion-summary-detail.builder.spec.ts → ...h-deletion-summary-detail.builder.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
.../batch-deletion-summary-detail.builder.ts → .../batch-deletion-summary-detail.builder.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
4 changes: 2 additions & 2 deletions
4
...er/deletion-log-statistic.builder.spec.ts → ...er/deletion-log-statistic.builder.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...builder/deletion-log-statistic.builder.ts → ...builder/deletion-log-statistic.builder.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
apps/server/src/modules/deletion/builder/deletion-request-body-props.builder.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
import { ObjectId } from 'bson'; | ||
import { DeletionDomainModel } from '../domain/types'; | ||
import { DeletionRequestBodyPropsBuilder } from './deletion-request-body-props.builder'; | ||
|
||
describe(DeletionRequestBodyPropsBuilder.name, () => { | ||
afterAll(() => { | ||
jest.clearAllMocks(); | ||
}); | ||
describe('when create deletionRequestBodyParams', () => { | ||
const setup = () => { | ||
const domain = DeletionDomainModel.PSEUDONYMS; | ||
const refId = new ObjectId().toHexString(); | ||
const deleteInMinutes = 1000; | ||
return { domain, refId, deleteInMinutes }; | ||
}; | ||
it('should build deletionRequestBodyParams with all attributes', () => { | ||
const { domain, refId, deleteInMinutes } = setup(); | ||
|
||
const result = DeletionRequestBodyPropsBuilder.build(domain, refId, deleteInMinutes); | ||
|
||
// Assert | ||
expect(result.targetRef.domain).toEqual(domain); | ||
expect(result.targetRef.id).toEqual(refId); | ||
expect(result.deleteInMinutes).toEqual(deleteInMinutes); | ||
}); | ||
}); | ||
}); |
14 changes: 14 additions & 0 deletions
14
apps/server/src/modules/deletion/builder/deletion-request-body-props.builder.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
import { EntityId } from '@shared/domain'; | ||
import { DeletionDomainModel } from '../domain/types'; | ||
import { DeletionRequestBodyProps } from '../controller/dto'; | ||
|
||
export class DeletionRequestBodyPropsBuilder { | ||
static build(domain: DeletionDomainModel, id: EntityId, deleteInMinutes?: number): DeletionRequestBodyProps { | ||
const deletionRequestItem = { | ||
targetRef: { domain, id }, | ||
deleteInMinutes, | ||
}; | ||
|
||
return deletionRequestItem; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 4 additions & 3 deletions
7
...c/builder/deletion-request-log.builder.ts → .../deletion-request-log-response.builder.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.