auth into separate class

duhizjame · duhizjame · commit b43a2ffa436d · 2024-02-09T12:12:25.000+01:00
diff --git a/server/app/src/main/java/io/whitefox/api/deltasharing/server/DeltaSharesApiImpl.java b/server/app/src/main/java/io/whitefox/api/deltasharing/server/DeltaSharesApiImpl.java
@@ -43,13 +43,12 @@ public DeltaSharesApiImpl(
   @Override
   public Response getShare(String share) {
     return wrapExceptions(
-        () ->
-            optionalToNotFound(shareService.getShare(share),
-                    foundShare ->
-                    shareToForbidden(foundShare, s -> {
-                        var resultShare = new Share().name(s.name()).id(s.id());
-                        return Response.ok(resultShare).build();
-                    })),
+        () -> optionalToNotFound(
+            shareService.getShare(share),
+            foundShare -> shareToForbidden(foundShare, s -> {
+              var resultShare = new Share().name(s.name()).id(s.id());
+              return Response.ok(resultShare).build();
+            })),
         exceptionToResponse);
   }
 
@@ -74,58 +73,67 @@ public Response getTableMetadata(
       String startingTimestampStr,
       String deltaSharingCapabilities) {
     return wrapExceptions(
-        () ->
-        optionalToNotFound(shareService.getShare(share), foundShare -> shareToForbidden(foundShare, s -> {
-            var startingTimestamp = parseTimestamp(startingTimestampStr);
-            return optionalToNotFound(
-                    deltaSharesService.getTableMetadata(share, schema, table, startingTimestamp),
-                    m -> optionalToNotFound(
-                            deltaSharesService.getTableVersion(share, schema, table, startingTimestamp),
-                            v -> Response.ok(
-                                            tableResponseSerializer.serialize(
-                                                    DeltaMappers.toTableResponseMetadata(m)),
-                                            ndjsonMediaType)
-                                    .status(Response.Status.OK.getStatusCode())
-                                    .header(DELTA_TABLE_VERSION_HEADER, String.valueOf(v))
-                                    .header(
-                                            DELTA_SHARE_CAPABILITIES_HEADER,
-                                            getResponseFormatHeader(
-                                                    DeltaMappers.toHeaderCapabilitiesMap(deltaSharingCapabilities)))
-                                    .build()));
-        })),
+        () -> optionalToNotFound(
+            shareService.getShare(share),
+            foundShare -> shareToForbidden(foundShare, s -> {
+              var startingTimestamp = parseTimestamp(startingTimestampStr);
+              return optionalToNotFound(
+                  deltaSharesService.getTableMetadata(
+                      share, schema, table, startingTimestamp, getRequestPrincipal()),
+                  m -> optionalToNotFound(
+                      deltaSharesService.getTableVersion(
+                          share, schema, table, startingTimestamp, getRequestPrincipal()),
+                      v -> Response.ok(
+                              tableResponseSerializer.serialize(
+                                  DeltaMappers.toTableResponseMetadata(m)),
+                              ndjsonMediaType)
+                          .status(Response.Status.OK.getStatusCode())
+                          .header(DELTA_TABLE_VERSION_HEADER, String.valueOf(v))
+                          .header(
+                              DELTA_SHARE_CAPABILITIES_HEADER,
+                              getResponseFormatHeader(
+                                  DeltaMappers.toHeaderCapabilitiesMap(deltaSharingCapabilities)))
+                          .build()));
+            })),
         exceptionToResponse);
   }
 
   @Override
   public Response getTableVersion(
       String share, String schema, String table, String startingTimestampStr) {
-
     return wrapExceptions(
-        () ->
-        optionalToNotFound(shareService.getShare(share), foundShare -> shareToForbidden(foundShare, s -> {
+        () -> {
           var startingTimestamp = parseTimestamp(startingTimestampStr);
           return optionalToNotFound(
-              deltaSharesService.getTableVersion(share, schema, table, startingTimestamp),
+              deltaSharesService.getTableVersion(
+                  share, schema, table, startingTimestamp, getRequestPrincipal()),
               t -> Response.ok().header(DELTA_TABLE_VERSION_HEADER, t).build());
-        })),
+        },
         exceptionToResponse);
   }
 
   @Override
   public Response listALLTables(String share, Integer maxResults, String pageToken) {
     return wrapExceptions(
-        () ->
-        optionalToNotFound(shareService.getShare(share), foundShare -> shareToForbidden(foundShare, s ->
-            optionalToNotFound(
-                            deltaSharesService.listTablesOfShare(
-                                    share, parseToken(pageToken), Optional.ofNullable(maxResults)),
-                            c -> Response.ok(c.getToken()
-                                            .map(t -> new ListTablesResponse()
-                                                    .items(mapList(c.getContent(), DeltaMappers::table2api))
-                                                    .nextPageToken(tokenEncoder.encodePageToken(t)))
-                                            .orElse(new ListTablesResponse()
-                                                    .items(mapList(c.getContent(), DeltaMappers::table2api))))
-                                    .build()))),
+        () -> optionalToNotFound(
+            shareService.getShare(share),
+            foundShare -> shareToForbidden(
+                foundShare,
+                s -> optionalToNotFound(
+                    deltaSharesService.listTablesOfShare(
+                        share,
+                        parseToken(pageToken),
+                        Optional.ofNullable(maxResults),
+                        getRequestPrincipal()),
+                    c -> Response.ok(c.getToken()
+                            .map(
+                                t -> new ListTablesResponse()
+                                    .items(mapList(c.getContent(), DeltaMappers::table2api))
+                                    .nextPageToken(tokenEncoder.encodePageToken(t)))
+                            .orElse(
+                                new ListTablesResponse()
+                                    .items(mapList(c.getContent(), DeltaMappers::table2api))))
+                        .build()))),
         exceptionToResponse);
   }
 
@@ -134,7 +142,11 @@ public Response listSchemas(String share, Integer maxResults, String pageToken)
     return wrapExceptions(
         () -> optionalToNotFound(
             deltaSharesService
-                .listSchemas(share, parseToken(pageToken), Optional.ofNullable(maxResults))
+                .listSchemas(
+                    share,
+                    parseToken(pageToken),
+                    Optional.ofNullable(maxResults),
+                    getRequestPrincipal())
                 .map(ct -> ct.getToken()
                     .map(t -> new ListSchemasResponse()
                         .nextPageToken(tokenEncoder.encodePageToken(t))
@@ -149,8 +161,8 @@ public Response listSchemas(String share, Integer maxResults, String pageToken)
   public Response listShares(Integer maxResults, String pageToken) {
     return wrapExceptions(
         () -> {
-          var c =
-              deltaSharesService.listShares(parseToken(pageToken), Optional.ofNullable(maxResults));
+          var c = deltaSharesService.listShares(
+              parseToken(pageToken), Optional.ofNullable(maxResults), getRequestPrincipal());
           var response =
               new ListShareResponse().items(mapList(c.getContent(), DeltaMappers::share2api));
           return Response.ok(c.getToken()
@@ -166,7 +178,11 @@ public Response listTables(String share, String schema, Integer maxResults, Stri
     return wrapExceptions(
         () -> optionalToNotFound(
             deltaSharesService.listTables(
-                share, schema, parseToken(pageToken), Optional.ofNullable(maxResults)),
+                share,
+                schema,
+                parseToken(pageToken),
+                Optional.ofNullable(maxResults),
+                getRequestPrincipal()),
             c -> Response.ok(c.getToken()
                     .map(t -> new ListTablesResponse()
                         .items(mapList(c.getContent(), DeltaMappers::table2api))
@@ -195,7 +211,11 @@ public Response queryTable(
     return wrapExceptions(
         () -> {
           var readResult = deltaSharesService.queryTable(
-              share, schema, table, DeltaMappers.api2ReadTableRequest(queryRequest));
+              share,
+              schema,
+              table,
+              DeltaMappers.api2ReadTableRequest(queryRequest),
+              getRequestPrincipal());
           var serializedReadResult =
               tableQueryResponseSerializer.serialize(DeltaMappers.readTableResult2api(readResult));
           return Response.ok(serializedReadResult, ndjsonMediaType)
diff --git a/server/app/src/main/java/io/whitefox/api/server/ApiUtils.java b/server/app/src/main/java/io/whitefox/api/server/ApiUtils.java
@@ -72,10 +72,8 @@ default <T> Response optionalToNotFound(Optional<T> opt, Function<T, Response> f
   }
 
   default Response shareToForbidden(Share value, Function<Share, Response> fn) {
-    if (value.recipients().contains(getRequestPrincipal()))
-      return fn.apply(value);
-    else
-      return Response.status(Response.Status.FORBIDDEN).build();
+    if (value.recipients().contains(getRequestPrincipal())) return fn.apply(value);
+    else return Response.status(Response.Status.FORBIDDEN).build();
   }
 
   default String getResponseFormatHeader(Map<String, String> deltaSharingCapabilities) {
diff --git a/server/app/src/test/java/io/whitefox/api/deltasharing/server/DeltaSharesApiImplAwsTest.java b/server/app/src/test/java/io/whitefox/api/deltasharing/server/DeltaSharesApiImplAwsTest.java
@@ -84,7 +84,7 @@ public void updateStorageManagerWithS3Tables() {
                         "s3share",
                         s3IcebergTable1(s3TestConfig, awsGlueTestConfig))),
                 "s3share")),
-        new Principal("Mr fox"),
+        new Principal("Mr. Fox"),
         0L));
   }
 
diff --git a/server/app/src/test/java/io/whitefox/api/server/ShareV1ApiImplTest.java b/server/app/src/test/java/io/whitefox/api/server/ShareV1ApiImplTest.java
@@ -57,7 +57,7 @@ void createShare() {
         .statusCode(201)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(0)))
+        .body("recipients", is(hasSize(1)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -89,7 +89,7 @@ void addRecipientsToShare() {
         .statusCode(200)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(3)))
+        .body("recipients", is(hasSize(4)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -105,7 +105,7 @@ void addSameRecipientTwice() {
         .statusCode(200)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(3)))
+        .body("recipients", is(hasSize(4)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -121,7 +121,7 @@ void addAnotherRecipient() {
         .statusCode(200)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(4)))
+        .body("recipients", is(hasSize(5)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -143,7 +143,7 @@ public void createSchema() {
         .statusCode(201)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(4)))
+        .body("recipients", is(hasSize(5)))
         .body("schemas", is(hasSize(1)))
         .body("schemas[0]", is("schema1"))
         .body("createdAt", is(0))
@@ -185,7 +185,7 @@ public void addTableToSchema() {
         .statusCode(201)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(4)))
+        .body("recipients", is(hasSize(5)))
         .body("schemas", is(hasSize(1)))
         .body("schemas[0]", is("schema1"))
         .body("createdAt", is(0))
@@ -200,7 +200,7 @@ ValidatableResponse createEmptyShare(String name) {
         .when()
         .filter(whitefoxFilter)
         .body(
-            new CreateShareInput().name(name).recipients(List.of()).schemas(List.of()),
+            new CreateShareInput().name(name).recipients(List.of("Mr. Fox")).schemas(List.of()),
             new Jackson2Mapper((cls, charset) -> objectMapper))
         .header(new Header("Content-Type", "application/json"))
         .post("/whitefox-api/v1/shares")
diff --git a/server/core/build.gradle.kts b/server/core/build.gradle.kts
@@ -19,9 +19,9 @@ dependencies {
     implementation(enforcedPlatform("${quarkusPlatformGroupId}:${quarkusPlatformArtifactId}:${quarkusPlatformVersion}"))
     // QUARKUS
     compileOnly("jakarta.enterprise:jakarta.enterprise.cdi-api")
-    compileOnly("jakarta.ws.rs:jakarta.ws.rs-api")
+    implementation("jakarta.ws.rs:jakarta.ws.rs-api")
     compileOnly("org.eclipse.microprofile.config:microprofile-config-api")
-
+    implementation("org.glassfish.jersey.core:jersey-common:3.1.2")
 
     testFixturesImplementation(String.format("jakarta.inject:jakarta.inject-api:%s", jakartaVersion))
     testFixturesImplementation(String.format("org.eclipse.microprofile.config:microprofile-config-api:%s", microprofileConfigVersion))
diff --git a/server/core/src/main/java/io/whitefox/core/Share.java b/server/core/src/main/java/io/whitefox/core/Share.java
@@ -50,7 +50,7 @@ public Share(
         id,
         schemas,
         Optional.empty(),
-        Set.of(),
+        Set.of(createPrincipal),
         createTime,
         createPrincipal,
         createTime,
diff --git a/server/core/src/main/java/io/whitefox/core/WhitefoxAuthorization.java b/server/core/src/main/java/io/whitefox/core/WhitefoxAuthorization.java
@@ -0,0 +1,19 @@
+package io.whitefox.core;
+
+import jakarta.enterprise.context.ApplicationScoped;
+import lombok.Data;
+
+public interface WhitefoxAuthorization {
+
+  Boolean authorize(Share share, Principal principal);
+
+  @Data
+  @ApplicationScoped
+  class WhitefoxSimpleAuthorization implements WhitefoxAuthorization {
+
+    @Override
+    public Boolean authorize(Share share, Principal principal) {
+      return share.recipients().contains(principal);
+    }
+  }
+}
diff --git a/server/core/src/main/java/io/whitefox/core/services/DeltaSharesService.java b/server/core/src/main/java/io/whitefox/core/services/DeltaSharesService.java
@@ -12,26 +12,47 @@
 public interface DeltaSharesService {
 
   Optional<Long> getTableVersion(
-      String share, String schema, String table, Optional<Timestamp> startingTimestamp);
+      String share,
+      String schema,
+      String table,
+      Optional<Timestamp> startingTimestamp,
+      Principal principal);
 
   ContentAndToken<List<Share>> listShares(
-      Optional<ContentAndToken.Token> nextPageToken, Optional<Integer> maxResults);
+      Optional<ContentAndToken.Token> nextPageToken,
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   Optional<Metadata> getTableMetadata(
-      String share, String schema, String table, Optional<Timestamp> startingTimestamp);
+      String share,
+      String schema,
+      String table,
+      Optional<Timestamp> startingTimestamp,
+      Principal currentPrincipal);
 
   Optional<ContentAndToken<List<Schema>>> listSchemas(
-      String share, Optional<ContentAndToken.Token> nextPageToken, Optional<Integer> maxResults);
+      String share,
+      Optional<ContentAndToken.Token> nextPageToken,
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   Optional<ContentAndToken<List<SharedTable>>> listTables(
       String share,
       String schema,
       Optional<ContentAndToken.Token> nextPageToken,
-      Optional<Integer> maxResults);
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   Optional<ContentAndToken<List<SharedTable>>> listTablesOfShare(
-      String share, Optional<ContentAndToken.Token> token, Optional<Integer> maxResults);
+      String share,
+      Optional<ContentAndToken.Token> token,
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   ReadTableResult queryTable(
-      String share, String schema, String table, ReadTableRequest queryRequest);
+      String share,
+      String schema,
+      String table,
+      ReadTableRequest queryRequest,
+      Principal currentPrincipal);
 }
diff --git a/server/core/src/main/java/io/whitefox/core/services/DeltaSharesServiceImpl.java b/server/core/src/main/java/io/whitefox/core/services/DeltaSharesServiceImpl.java
diff --git a/server/core/src/main/java/io/whitefox/core/services/ShareService.java b/server/core/src/main/java/io/whitefox/core/services/ShareService.java
diff --git a/server/core/src/test/java/io/whitefox/core/services/DeltaShareServiceTest.java b/server/core/src/test/java/io/whitefox/core/services/DeltaShareServiceTest.java
diff --git a/server/core/src/test/java/io/whitefox/core/services/ShareServiceTest.java b/server/core/src/test/java/io/whitefox/core/services/ShareServiceTest.java

Original file line number	Diff line number	Diff line change
`@@ -72,10 +72,8 @@ default <T> Response optionalToNotFound(Optional<T> opt, Function<T, Response> f`
`72`	`72`	`}`
`73`	`73`
`74`	`74`	`default Response shareToForbidden(Share value, Function<Share, Response> fn) {`
`75`		`- if (value.recipients().contains(getRequestPrincipal()))`
`76`		`- return fn.apply(value);`
`77`		`- else`
`78`		`- return Response.status(Response.Status.FORBIDDEN).build();`
	`75`	`+ if (value.recipients().contains(getRequestPrincipal())) return fn.apply(value);`
	`76`	`+ else return Response.status(Response.Status.FORBIDDEN).build();`
`79`	`77`	`}`
`80`	`78`
`81`	`79`	`default String getResponseFormatHeader(Map<String, String> deltaSharingCapabilities) {`
Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,7 @@ public void updateStorageManagerWithS3Tables() {`
`84`	`84`	`"s3share",`
`85`	`85`	`s3IcebergTable1(s3TestConfig, awsGlueTestConfig))),`
`86`	`86`	`"s3share")),`
`87`		`- new Principal("Mr fox"),`
	`87`	`+ new Principal("Mr. Fox"),`
`88`	`88`	`0L));`
`89`	`89`	`}`
`90`	`90`