diff --git a/runtime/config-deployer-service/ballerina/APIClient.bal b/runtime/config-deployer-service/ballerina/APIClient.bal index 5fcdd78ee..2194f925a 100644 --- a/runtime/config-deployer-service/ballerina/APIClient.bal +++ b/runtime/config-deployer-service/ballerina/APIClient.bal @@ -595,7 +595,7 @@ public class APIClient { if apiArtifact.scopes.hasKey(scope) { scopeCr = apiArtifact.scopes.get(scope); } else { - scopeCr = self.generateScopeCR(apiArtifact, apkConf, organization, scope, count); + scopeCr = self.generateScopeCR(operation, apiArtifact, apkConf, organization, scope, count); count = count + 1; } model:HTTPRouteFilter scopeFilter = {'type: "ExtensionRef", extensionRef: {group: "dp.wso2.com", kind: scopeCr.kind, name: scopeCr.metadata.name}}; @@ -654,7 +654,7 @@ public class APIClient { if apiArtifact.scopes.hasKey(scope) { scopeCr = apiArtifact.scopes.get(scope); } else { - scopeCr = self.generateScopeCR(apiArtifact, apkConf, organization, scope, count); + scopeCr = self.generateScopeCR(operation, apiArtifact, apkConf, organization, scope, count); count = count + 1; } model:GQLRouteFilter scopeFilter = {extensionRef: {group: "dp.wso2.com", kind: scopeCr.kind, name: scopeCr.metadata.name}}; @@ -722,10 +722,10 @@ public class APIClient { return (); } - private isolated function generateScopeCR(model:APIArtifact apiArtifact, APKConf apkConf, commons:Organization organization, string scope, int count) returns model:Scope { + private isolated function generateScopeCR(APKOperations operation, model:APIArtifact apiArtifact, APKConf apkConf, commons:Organization organization, string scope, int count) returns model:Scope { model:Scope scopeCr = { metadata: { - name: apiArtifact.uniqueId + "-scope-" + count.toString(), + name: self.getScopeUid(apiArtifact, operation, count), labels: self.getLabels(apkConf, organization) }, spec: { @@ -1531,6 +1531,17 @@ public class APIClient { } } + public isolated function getScopeUid(model:APIArtifact apiArtifact, APKOperations? apiOperation, int count) returns string { + string scopeUid = apiArtifact.uniqueId; + if (apiOperation is APKOperations) { + if (apiOperation.target is string) { + byte[] hexBytes = string:toBytes(apiArtifact.uniqueId + apiOperation.target + apiOperation.verb); + scopeUid = crypto:hashSha1(hexBytes).toBase16(); + } + } + return scopeUid + "-scope-" + count.toString(); + } + public isolated function getBackendPolicyUid(APKConf api, string endpointType, commons:Organization organization) returns string { string concatanatedString = uuid:createType1AsString(); return "backendpolicy-" + concatanatedString; diff --git a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/employees_scope_test_conf.yaml b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/employees_scope_test_conf.yaml index aca40c889..8a6cecdd3 100644 --- a/test/cucumber-tests/src/test/resources/artifacts/apk-confs/employees_scope_test_conf.yaml +++ b/test/cucumber-tests/src/test/resources/artifacts/apk-confs/employees_scope_test_conf.yaml @@ -12,7 +12,14 @@ operations: - target: "/employeewithoutscope" verb: "GET" scopes: [] - - target: "/employeewithscope" + - target: "/employeewithscope1" verb: "GET" scopes: - - "wso2" + - "scope1" + - target: "/employeewithscope2" + verb: "GET" + scopes: + - "scope2" + - target: "/employeewithscopes" + verb: "GET" + scopes: ["scope1", "scope2"] diff --git a/test/cucumber-tests/src/test/resources/tests/api/BasicDeploymentAndApiInvocation.feature b/test/cucumber-tests/src/test/resources/tests/api/BasicDeploymentAndApiInvocation.feature index 466a55ae3..8fb5f7f62 100644 --- a/test/cucumber-tests/src/test/resources/tests/api/BasicDeploymentAndApiInvocation.feature +++ b/test/cucumber-tests/src/test/resources/tests/api/BasicDeploymentAndApiInvocation.feature @@ -7,10 +7,10 @@ Feature: API Deployment and invocation And make the API deployment request Then the response status code should be 200 Then I set headers - |Authorization|bearer ${accessToken}| + | Authorization | bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/test/3.14/employee/" with body "" And I eventually receive 200 response code, not accepting - |429| + | 429 | And I send "POST" request to "https://default.gw.wso2.com:9095/test/3.14/employee/" with body "" And the response status code should be 200 And I send "POST" request to "https://default.gw.wso2.com:9095/test/3.14/test/" with body "" @@ -20,7 +20,7 @@ Feature: API Deployment and invocation And I send "DELETE" request to "https://default.gw.wso2.com:9095/test/3.14/employee/12" with body "" And the response status code should be 200 Then I set headers - |Authorization|bearer invalidToken| + | Authorization | bearer invalidToken | And I send "GET" request to "https://default.gw.wso2.com:9095/test/3.14/employee/" with body "" And the response status code should be 401 And I send "POST" request to "https://default.gw.wso2.com:9095/test/3.14/employee/" with body "" @@ -42,14 +42,14 @@ Feature: API Deployment and invocation And make the API deployment request Then the response status code should be 200 Then I set headers - |Authorization|bearer ${accessToken}| + | Authorization | bearer ${accessToken} | And I wait for next minute And I send "GET" request to "https://default.gw.wso2.com:9095/test-version/1.0/employee/" with body "" And I eventually receive 200 response code, not accepting - |429| + | 429 | And I send "GET" request to "https://default.gw.wso2.com:9095/test-version/2.0/employee/" with body "" And I eventually receive 200 response code, not accepting - |429| + | 429 | Scenario: Deploying an API with default version Given The system is ready @@ -59,10 +59,10 @@ Feature: API Deployment and invocation And make the API deployment request Then the response status code should be 200 Then I set headers - |Authorization|bearer ${accessToken}| + | Authorization | bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/test-default/3.14/employee/" with body "" And I eventually receive 200 response code, not accepting - |429| + | 429 | And I send "POST" request to "https://default.gw.wso2.com:9095/test-default/3.14/employee/" with body "" And the response status code should be 200 And I send "POST" request to "https://default.gw.wso2.com:9095/test-default/3.14/test/" with body "" @@ -71,10 +71,9 @@ Feature: API Deployment and invocation And the response status code should be 200 And I send "DELETE" request to "https://default.gw.wso2.com:9095/test-default/3.14/employee/12" with body "" And the response status code should be 200 - And I send "GET" request to "https://default.gw.wso2.com:9095/test-default/employee/" with body "" And I eventually receive 200 response code, not accepting - |429| + | 429 | And I send "POST" request to "https://default.gw.wso2.com:9095/test-default/employee/" with body "" And the response status code should be 200 And I send "POST" request to "https://default.gw.wso2.com:9095/test-default/test/" with body "" @@ -92,22 +91,37 @@ Feature: API Deployment and invocation And make the API deployment request Then the response status code should be 200 Then I set headers - |Authorization|bearer ${accessToken}| + | Authorization | bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithoutscope/" with body "" And I eventually receive 200 response code, not accepting - |429| - And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithscope/" with body "" + | 429 | + And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithscope1/" with body "" And the response status code should be 403 Given I have a valid subscription with scopes - |wso2| + | scope1 | Then I set headers - |Authorization|bearer ${accessToken}| + | Authorization | bearer ${accessToken} | And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithoutscope/" with body "" And I eventually receive 200 response code, not accepting - |429| - And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithscope/" with body "" + | 429 | + And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithscope1/" with body "" And I eventually receive 200 response code, not accepting - |429| + | 429 | + And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithscope2/" with body "" + And I eventually receive 403 response code, not accepting + | 200 | + And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithscopes/" with body "" + And I eventually receive 403 response code, not accepting + | 429 | + Given I have a valid subscription with scopes + | scope1 | + | scope2 | + Then I set headers + | Authorization | bearer ${accessToken} | + And I send "GET" request to "https://default.gw.wso2.com:9095/test-scope/1.0.0/employeewithscopes/" with body "" + And I eventually receive 200 response code, not accepting + | 429 | + Scenario Outline: Undeploy API Given The system is ready @@ -116,9 +130,9 @@ Feature: API Deployment and invocation Then the response status code should be Examples: - | apiID | expectedStatusCode | - | f7996dce4ac15e2af0f8ee14546c4f72988eddae | 202 | - | default-version-api-test | 202 | - | emp-api-test-scope | 202 | - | version-api-test | 202 | - | version-api-test2 | 202 | + | apiID | expectedStatusCode | + | f7996dce4ac15e2af0f8ee14546c4f72988eddae | 202 | + | default-version-api-test | 202 | + | emp-api-test-scope | 202 | + | version-api-test | 202 | + | version-api-test2 | 202 |