Merge branch 'master' into issue-24307-chainable-metadata-provider-li…

…cense-only
dotCMS · Jan 17, 2024 · e5d6be1 · e5d6be1
2 parents a853e05 + 6dac7ca
commit e5d6be1
Show file tree

Hide file tree

Showing 4 changed files with 361 additions and 20 deletions.
diff --git a/dotCMS/src/curl-test/EMA.postman_collection.json b/dotCMS/src/curl-test/EMA.postman_collection.json
@@ -0,0 +1,231 @@
+{
+	"info": {
+		"_postman_id": "029879f9-ad5c-48a1-94b8-12f0369d3605",
+		"name": "EMA",
+		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
+		"_exporter_id": "781456"
+	},
+	"item": [
+		{
+			"name": "GetCurrentSite",
+			"event": [
+				{
+					"listen": "test",
+					"script": {
+						"exec": [
+							"var jsonData = pm.response.json();",
+							"pm.collectionVariables.set(\"currentSiteId\", jsonData.entity.identifier);"
+						],
+						"type": "text/javascript"
+					}
+				}
+			],
+			"request": {
+				"auth": {
+					"type": "basic",
+					"basic": [
+						{
+							"key": "password",
+							"value": "admin",
+							"type": "string"
+						},
+						{
+							"key": "username",
+							"value": "admin@dotcms.com",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "{{serverURL}}/api/v1/site/currentSite",
+					"host": [
+						"{{serverURL}}"
+					],
+					"path": [
+						"api",
+						"v1",
+						"site",
+						"currentSite"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "NoConfig",
+			"event": [
+				{
+					"listen": "test",
+					"script": {
+						"exec": [
+							"pm.test(\"User FE has not access to EMA\", function () {",
+							"    pm.response.to.have.status(404);",
+							"",
+							"    ",
+							"});"
+						],
+						"type": "text/javascript"
+					}
+				}
+			],
+			"request": {
+				"auth": {
+					"type": "basic",
+					"basic": [
+						{
+							"key": "password",
+							"value": "admin",
+							"type": "string"
+						},
+						{
+							"key": "username",
+							"value": "admin@dotcms.com",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "{{serverURL}}/api/v1/ema",
+					"host": [
+						"{{serverURL}}"
+					],
+					"path": [
+						"api",
+						"v1",
+						"ema"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "app-save1",
+			"event": [
+				{
+					"listen": "test",
+					"script": {
+						"exec": [
+							"pm.test(\"Status code is 200\", function () {",
+							"    pm.response.to.have.status(200);",
+							"});"
+						],
+						"type": "text/javascript"
+					}
+				}
+			],
+			"request": {
+				"auth": {
+					"type": "basic",
+					"basic": [
+						{
+							"key": "password",
+							"value": "admin",
+							"type": "string"
+						},
+						{
+							"key": "username",
+							"value": "admin@dotCMS.com",
+							"type": "string"
+						},
+						{
+							"key": "saveHelperData",
+							"type": "any"
+						},
+						{
+							"key": "showPassword",
+							"value": false,
+							"type": "boolean"
+						}
+					]
+				},
+				"method": "POST",
+				"header": [
+					{
+						"key": "Content-Type",
+						"name": "Content-Type",
+						"type": "text",
+						"value": "application/json"
+					}
+				],
+				"body": {
+					"mode": "raw",
+					"raw": "{ \n\t  \"configuration\": {\n\t\t \"value\": \"{\\r\\n         \\\"config\\\":[\\r\\n                  {\\r\\n                  \\\"pattern\\\":\\\"\\/blogs\\/(.*)\\\",\\r\\n                  \\\"url\\\":\\\"https:\\/\\/myspa.blogs.com:3000\\\",\\r\\n                  \\\"options\\\":{\\r\\n                  \\\"authenticationToken\\\":\\\"123\\\",\\r\\n                  \\\"depth\\\":3,\\r\\n                  \\\"X-CONTENT-APP\\\":\\\"dotCMS\\\"\\r\\n                  }\\r\\n                  },\\r\\n                  {\\r\\n                  \\\"pattern\\\":\\\".*\\\",\\r\\n                  \\\"url\\\":\\\"https:\\/\\/myspa.com:3000\\\",\\r\\n                  \\\"options\\\":{\\r\\n                  \\\"authenticationToken\\\":\\\"456\\\",\\r\\n                  \\\"depth\\\":1,\\r\\n                  \\\"X-CONTENT-APP\\\":\\\"dotCMS\\\"\\r\\n                  }\\r\\n                  }\\r\\n        ]\\r\\n      }\"\n      }\n}\n"
+				},
+				"url": {
+					"raw": "{{serverURL}}/api/v1/apps/dotema-config-v2/{{currentSiteId}}",
+					"host": [
+						"{{serverURL}}"
+					],
+					"path": [
+						"api",
+						"v1",
+						"apps",
+						"dotema-config-v2",
+						"{{currentSiteId}}"
+					]
+				},
+				"description": "This tests the endpoint that brings back one specific App/integration given the App-key followed by the site-id"
+			},
+			"response": []
+		},
+		{
+			"name": "TestConfig",
+			"event": [
+				{
+					"listen": "test",
+					"script": {
+						"exec": [
+							"pm.test(\"Now available the EMA\", function () {",
+							"    pm.response.to.have.status(200);",
+							"",
+							"    ",
+							"});"
+						],
+						"type": "text/javascript"
+					}
+				}
+			],
+			"request": {
+				"auth": {
+					"type": "basic",
+					"basic": [
+						{
+							"key": "password",
+							"value": "admin",
+							"type": "string"
+						},
+						{
+							"key": "username",
+							"value": "admin@dotcms.com",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "{{serverURL}}/api/v1/ema",
+					"host": [
+						"{{serverURL}}"
+					],
+					"path": [
+						"api",
+						"v1",
+						"ema"
+					]
+				}
+			},
+			"response": []
+		}
+	],
+	"variable": [
+		{
+			"key": "currentSiteId",
+			"value": ""
+		}
+	]
+}
diff --git a/dotCMS/src/main/java/com/dotcms/rest/api/v1/ema/EMAResource.java b/dotCMS/src/main/java/com/dotcms/rest/api/v1/ema/EMAResource.java
@@ -0,0 +1,106 @@
+package com.dotcms.rest.api.v1.ema;
+
+import com.dotcms.rest.InitDataObject;
+import com.dotcms.rest.ResponseEntityView;
+import com.dotcms.rest.WebResource;
+import com.dotcms.rest.annotation.NoCache;
+import com.dotcms.security.apps.AppDescriptor;
+import com.dotcms.security.apps.AppSecrets;
+import com.dotcms.security.apps.AppsAPI;
+import com.dotcms.security.apps.Secret;
+import com.dotmarketing.beans.Host;
+import com.dotmarketing.business.APILocator;
+import com.dotmarketing.business.web.WebAPILocator;
+import com.dotmarketing.exception.DoesNotExistException;
+import com.dotmarketing.exception.DotDataException;
+import com.dotmarketing.exception.DotSecurityException;
+import com.dotmarketing.util.Logger;
+import com.dotmarketing.util.json.JSONObject;
+import com.fasterxml.jackson.jaxrs.json.annotation.JSONP;
+import com.google.common.annotations.VisibleForTesting;
+import com.liferay.portal.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import java.util.Optional;
+
+
+/**
+ * Resource API that deals with secrets and their usage on third-party apps integrations.
+ * @author jsanca
+ */
+@Path("/v1/ema")
+public class EMAResource {
+
+    private static final String EMA_APP_KEY = "dotema-config-v2";
+
+    private final WebResource webResource;
+    private AppsAPI appsAPI;
+
+    @VisibleForTesting
+    public EMAResource(final WebResource webResource,
+            final AppsAPI appsAPI) {
+        this.webResource = webResource;
+        this.appsAPI = appsAPI;
+    }
+
+    public EMAResource() {
+        this(new WebResource(), APILocator.getAppsAPI());
+    }
+
+
+    /**
+     * Returns the ema config for the current site
+     * @param request
+     * @param response
+     * @return Response
+     * @throws DotDataException
+     * @throws DotSecurityException
+     */
+    @GET
+    @JSONP
+    @NoCache
+    @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+    public final Response getDetails(
+            @Context final HttpServletRequest request,
+            @Context final HttpServletResponse response
+    ) throws DotDataException, DotSecurityException {
+
+        final Host site  = WebAPILocator.getHostWebAPI().getCurrentHostNoThrow(request);
+        final InitDataObject initData =
+                new WebResource.InitBuilder(webResource)
+                        .requiredBackendUser(true)
+                        .requiredFrontendUser(false)
+                        .requestAndResponse(request, response)
+                        .rejectWhenNoUser(true)
+                        .init();
+
+        Logger.debug(this, ()-> "Getting EMA config for site: " + site.getHostname());
+
+        final Optional<AppDescriptor> appDescriptorOptional = appsAPI
+                .getAppDescriptor(EMA_APP_KEY, APILocator.systemUser()); // we use the system b/c we don't want to check permissions, but only have access to this app and should be backend
+        if (appDescriptorOptional.isPresent()) {
+
+            final Optional<AppSecrets> optionalAppSecrets = appsAPI
+                    .getSecrets(EMA_APP_KEY, false, site, APILocator.systemUser());
+
+            if (optionalAppSecrets.isPresent()) {
+
+                final AppSecrets appSecrets = optionalAppSecrets.get();
+                final Secret configSecret = appSecrets.getSecrets().get("configuration");
+                final String configJson   = configSecret.getString();
+
+                return Response.ok(new ResponseEntityView<>(new JSONObject(configJson))).build();
+            }
+        }
+
+        throw new DoesNotExistException(String.format(
+                "No configuration was found for EMA on the current site `%s`. ", site.getHostname()));
+    }
+}
diff --git a/dotCMS/src/main/java/com/dotcms/rest/config/DotRestApplication.java b/dotCMS/src/main/java/com/dotcms/rest/config/DotRestApplication.java
@@ -42,6 +42,7 @@
 import com.dotcms.rest.api.v1.contenttype.ContentTypeResource;
 import com.dotcms.rest.api.v1.contenttype.FieldResource;
 import com.dotcms.rest.api.v1.contenttype.FieldVariableResource;
+import com.dotcms.rest.api.v1.ema.EMAResource;
 import com.dotcms.rest.api.v1.event.EventsResource;
 import com.dotcms.rest.api.v1.experiments.ExperimentsResource;
 import com.dotcms.rest.api.v1.fileasset.FileAssetsResource;
@@ -234,6 +235,7 @@ public class DotRestApplication extends Application {
 			.add(TempFileResource.class)
 			.add(UpgradeTaskResource.class)
 			.add(AppsResource.class)
+			.add(EMAResource.class)
 			.add(BrowserResource.class)
 			.add(ResourceLinkResource.class)
 			.add(PushPublishFilterResource.class)