From ba004ce9fef339e96d2b8af6c2e9ce3a114ebfc7 Mon Sep 17 00:00:00 2001 From: Sahil-tarento <140611066+Sahil-tarento@users.noreply.github.com> Date: Wed, 13 Mar 2024 19:41:55 +0530 Subject: [PATCH] Adding authToken validation in bulkUpload (#500) * Adding authToken validation in bulkUpload * Adding pr review comment --- .../sunbird/profile/controller/ProfileController.java | 5 +++-- .../java/org/sunbird/profile/service/ProfileService.java | 2 +- .../org/sunbird/profile/service/ProfileServiceImpl.java | 3 ++- .../sunbird/profile/service/UserBulkUploadService.java | 4 ++++ .../user/registration/model/UserRegistration.java | 9 +++++++++ .../org/sunbird/user/service/UserUtilityServiceImpl.java | 6 +++++- 6 files changed, 24 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/sunbird/profile/controller/ProfileController.java b/src/main/java/org/sunbird/profile/controller/ProfileController.java index d419a0dcc..11476cfe1 100644 --- a/src/main/java/org/sunbird/profile/controller/ProfileController.java +++ b/src/main/java/org/sunbird/profile/controller/ProfileController.java @@ -93,10 +93,11 @@ public ResponseEntity userSignup(@RequestBody Map request) { public ResponseEntity bulkUpload(@RequestParam(value = "file", required = true) MultipartFile multipartFile, @RequestHeader(Constants.X_AUTH_USER_ORG_ID) String rootOrgId, @RequestHeader(Constants.X_AUTH_USER_CHANNEL) String channel, - @RequestHeader(Constants.X_AUTH_USER_ID) String userId) throws UnsupportedEncodingException { + @RequestHeader(Constants.X_AUTH_USER_ID) String userId, + @RequestHeader(Constants.X_AUTH_TOKEN) String userAuthToken) throws UnsupportedEncodingException { log.info(String.format("bulkupload channel name:%s,OrgId:%s", URLDecoder.decode(channel, "UTF-8"), rootOrgId)); - SBApiResponse uploadResponse = profileService.bulkUpload(multipartFile, rootOrgId, URLDecoder.decode(channel, "UTF-8"), userId); + SBApiResponse uploadResponse = profileService.bulkUpload(multipartFile, rootOrgId, URLDecoder.decode(channel, "UTF-8"), userId, userAuthToken); return new ResponseEntity<>(uploadResponse, uploadResponse.getResponseCode()); } diff --git a/src/main/java/org/sunbird/profile/service/ProfileService.java b/src/main/java/org/sunbird/profile/service/ProfileService.java index ff5d5658a..f37e100cf 100644 --- a/src/main/java/org/sunbird/profile/service/ProfileService.java +++ b/src/main/java/org/sunbird/profile/service/ProfileService.java @@ -26,7 +26,7 @@ public interface ProfileService { SBApiResponse userSignup(Map request); - SBApiResponse bulkUpload(MultipartFile mFile, String orgId, String orgName, String userId); + SBApiResponse bulkUpload(MultipartFile mFile, String orgId, String orgName, String userId, String userAuthToken); SBApiResponse getBulkUploadDetails(String orgId); diff --git a/src/main/java/org/sunbird/profile/service/ProfileServiceImpl.java b/src/main/java/org/sunbird/profile/service/ProfileServiceImpl.java index 9c6195a30..cdc749d36 100644 --- a/src/main/java/org/sunbird/profile/service/ProfileServiceImpl.java +++ b/src/main/java/org/sunbird/profile/service/ProfileServiceImpl.java @@ -738,7 +738,7 @@ public SBApiResponse userSignup(Map request) { } @Override - public SBApiResponse bulkUpload(MultipartFile mFile, String orgId, String channel, String userId) { + public SBApiResponse bulkUpload(MultipartFile mFile, String orgId, String channel, String userId, String userAuthToken) { SBApiResponse response = ProjectUtil.createDefaultResponse(Constants.API_USER_BULK_UPLOAD); try { SBApiResponse uploadResponse = storageService.uploadFile(mFile, serverConfig.getBulkUploadContainerName()); @@ -770,6 +770,7 @@ public SBApiResponse bulkUpload(MultipartFile mFile, String orgId, String channe response.setResponseCode(HttpStatus.OK); response.getResult().putAll(uploadedFile); uploadedFile.put(Constants.ORG_NAME, channel); + uploadedFile.put(Constants.X_AUTH_TOKEN, userAuthToken); kafkaProducer.push(serverConfig.getUserBulkUploadTopic(), uploadedFile); sendBulkUploadNotification(orgId, channel, (String) uploadResponse.getResult().get(Constants.URL)); } catch (Exception e) { diff --git a/src/main/java/org/sunbird/profile/service/UserBulkUploadService.java b/src/main/java/org/sunbird/profile/service/UserBulkUploadService.java index 722c65909..d0fd8dd7e 100644 --- a/src/main/java/org/sunbird/profile/service/UserBulkUploadService.java +++ b/src/main/java/org/sunbird/profile/service/UserBulkUploadService.java @@ -251,6 +251,7 @@ private void processBulkUpload(HashMap inputDataMap) throws IOEx } else { invalidErrList.addAll(validateEmailContactAndDomain(userRegistration)); if (invalidErrList.isEmpty()) { + userRegistration.setUserAuthToken(inputDataMap.get(Constants.X_AUTH_TOKEN)); String responseCode = userUtilityService.createBulkUploadUser(userRegistration); if (!responseCode.equalsIgnoreCase(Constants.OK)) { failedRecordsCount++; @@ -354,6 +355,9 @@ private List validateReceivedKafkaMessage(HashMap inputD if (StringUtils.isEmpty(inputDataMap.get(Constants.ORG_NAME))) { errList.add("Orgname is not present"); } + if (StringUtils.isEmpty(inputDataMap.get(Constants.X_AUTH_TOKEN))) { + errList.add("User Token is not present"); + } if (!errList.isEmpty()) { str.append("Failed to Validate User Details. Error Details - [").append(errList.toString()).append("]"); } diff --git a/src/main/java/org/sunbird/user/registration/model/UserRegistration.java b/src/main/java/org/sunbird/user/registration/model/UserRegistration.java index 462d923c0..311a941ce 100644 --- a/src/main/java/org/sunbird/user/registration/model/UserRegistration.java +++ b/src/main/java/org/sunbird/user/registration/model/UserRegistration.java @@ -20,6 +20,7 @@ public class UserRegistration extends UserRegistrationInfo { private String userId; private String userName; private String proposedDeptName; + private String userAuthToken; public String getWfId() { return wfId; @@ -101,6 +102,14 @@ public void setProposedDeptName(String proposedDeptName) { this.proposedDeptName = proposedDeptName; } + public String getUserAuthToken() { + return userAuthToken; + } + + public void setUserAuthToken(String userAuthToken) { + this.userAuthToken = userAuthToken; + } + public String toMininumString() { StringBuilder strBuilder = new StringBuilder("[ UserRegistrationCode : "); strBuilder.append(this.getRegistrationCode()).append(", UserId : ").append(this.getUserId()).append("]"); diff --git a/src/main/java/org/sunbird/user/service/UserUtilityServiceImpl.java b/src/main/java/org/sunbird/user/service/UserUtilityServiceImpl.java index 4c307ebf8..ff6e918fb 100644 --- a/src/main/java/org/sunbird/user/service/UserUtilityServiceImpl.java +++ b/src/main/java/org/sunbird/user/service/UserUtilityServiceImpl.java @@ -589,9 +589,13 @@ public String createBulkUploadUser(UserRegistration userRegistration) { requestBody.put(Constants.PHONE_VERIFIED, true); requestBody.put(Constants.ROLES, Arrays.asList(Constants.PUBLIC)); request.put(Constants.REQUEST, requestBody); + Map headerValues = ProjectUtil.getDefaultHeaders(); + if (StringUtils.isNotEmpty(userRegistration.getUserAuthToken())) { + headerValues.put(Constants.X_AUTH_TOKEN, userRegistration.getUserAuthToken()); + } try { Map readData = (Map) outboundRequestHandlerService.fetchResultUsingPost( - props.getSbUrl() + props.getLmsUserCreatePath(), request, ProjectUtil.getDefaultHeaders()); + props.getSbUrl() + props.getLmsUserCreatePath(), request, headerValues); if (readData != null && !Constants.OK.equalsIgnoreCase((String) readData.get(Constants.RESPONSE_CODE))) { Map params = (Map) readData.get(Constants.PARAMS); if (!MapUtils.isEmpty(params)) {