From cc38bf6ca7aa94c4ead1a84de0f7f0145151b81c Mon Sep 17 00:00:00 2001
From: Martin Lowe <martin.lowe@eclipse-foundation.org>
Date: Wed, 5 Mar 2025 15:05:55 -0500
Subject: [PATCH 1/4] fix: update user calls to use updated authentication data
and calls
Previously, this API relied on fields that would fetch the eclipse user
when a user profile was requested. With new changes to the Commons SDK
to eagerly fetch when possible, this call was replaced.
---
pom.xml | 2 +-
.../openvsx/resources/ProfileResource.java | 2 +-
.../openvsx/resources/PublisherAgreementResource.java | 10 +++++-----
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/pom.xml b/pom.xml
index eae356a..afcae87 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@
<surefire-plugin.version>3.3.1</surefire-plugin.version>
<auto-value.version>1.10.4</auto-value.version>
<hibernate.version>5.5.6.Final</hibernate.version>
- <eclipse-api-version>1.2.1</eclipse-api-version>
+ <eclipse-api-version>1.2.2-SNAPSHOT</eclipse-api-version>
<org.mapstruct.version>1.5.5.Final</org.mapstruct.version>
<fdndb-api-version>1.1.2</fdndb-api-version>
<sonar.sources>src/main</sonar.sources>
diff --git a/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java b/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
index f0c754f..8223bb6 100644
--- a/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
+++ b/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
@@ -29,6 +29,6 @@ public class ProfileResource {
@GET
public Response getProfileInfo() {
// Returns the public profile data tied to the current user
- return Response.ok(Arrays.asList(userProfile.getUserPublicProfileData())).build();
+ return Response.ok(Arrays.asList(userProfile.getCurrentUser().getPublicProfile())).build();
}
}
diff --git a/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java b/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
index c346f50..62bf48e 100644
--- a/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
+++ b/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
@@ -58,7 +58,7 @@ public class PublisherAgreementResource {
public Response getAgreement() {
// Uses currently logged in user. Only an onwer can fetch their agreement
- String username = userProfile.getUserPublicProfileData().name();
+ String username = userProfile.getCurrentUser().name();
// Fetch agreement for user
Optional<PublisherAgreementData> result = agreementService.getPublisherAgreementByUsername(username);
@@ -73,7 +73,7 @@ public class PublisherAgreementResource {
public Response createAgreement(AgreementSigningRequest body) {
// Uses currently logged in user. Only an owner can create their agreement
- EfUser user = userProfile.getUserPublicProfileData();
+ EfUser user = userProfile.getCurrentUser();
// Check if body format is correct
validateSigningRequest(body);
@@ -124,7 +124,7 @@ public class PublisherAgreementResource {
throw new NotFoundException(String.format(NOT_FOUND_MSG_FORMAT, username));
}
- String currentUser = userProfile.getUserPublicProfileData().name();
+ String currentUser = userProfile.getCurrentUser().name();
Optional<PeopleDocumentData> updateResult = agreementService.revokePublisherAgreement(fetchResult.get(), currentUser);
if (updateResult.isEmpty()) {
@@ -150,7 +150,7 @@ public class PublisherAgreementResource {
}
// Ensure GH handle from current user same as in request body.
- if (!StringUtils.equalsIgnoreCase(userProfile.getUserPublicProfileData().githubHandle(), request.githubHandle())) {
+ if (!StringUtils.equalsIgnoreCase(userProfile.getCurrentUser().githubHandle(), request.githubHandle())) {
throw new BadRequestException("The github_handle does not match our records.");
}
}
@@ -164,7 +164,7 @@ public class PublisherAgreementResource {
*/
void checkIfAdminOrSelf(String urlUsername) {
// Reject request if current user is not in URL and they aren't an admin
- EfUser user = userProfile.getUserPrivateProfileData();
+ EfUser user = userProfile.getCurrentUser().getPublicProfile();
if (!urlUsername.equalsIgnoreCase(user.name())
&& config.adminUsers().stream().noneMatch(email -> email.equalsIgnoreCase(user.mail()))) {
throw new FinalForbiddenException(String.format("Access denied to resources for: %s", urlUsername));
--
GitLab
From 3bc7526b6302db34a714e93633b68829940a5df8 Mon Sep 17 00:00:00 2001
From: Martin Lowe <martin.lowe@eclipse-foundation.org>
Date: Tue, 11 Mar 2025 13:04:18 -0400
Subject: [PATCH 2/4] fix: address some issues with the tests and build from
1.2.2 snapshot
Fix some issues discovered with build, especially around the changed EF
user object in the authentication wrapper.
---
spec/openapi.yaml | 72 -------------------
.../openvsx/resources/ProfileResource.java | 7 +-
.../resources/PublisherAgreementResource.java | 2 +-
.../openvsx/test/api/MockProfileAPI.java | 2 +-
src/test/resources/application.properties | 2 +-
5 files changed, 7 insertions(+), 78 deletions(-)
diff --git a/spec/openapi.yaml b/spec/openapi.yaml
index dde562d..cd355e8 100644
--- a/spec/openapi.yaml
+++ b/spec/openapi.yaml
@@ -221,42 +221,6 @@ components:
type: array
items:
$ref: "#/components/schemas/EfUser"
- example:
- - uid: "606609"
- name: zacharysabourin
- mail: zachary.sabourin@eclipse-foundation.org
- picture: https://secure.gravatar.com/avatar/fbbbb03860062596a5cf11105dcc7d47.jpg?d=mm&s=185&r=G
- eca:
- signed: true
- can_contribute_spec_project: true
- is_committer: true
- first_name: Zachary
- last_name: Sabourin
- github_handle: zacharysabourin
- twitter_handle: sometwitteruser
- publisher_agreements:
- "open-vsx":
- version: "1"
- org: Eclipse Foundation
- org_id: null
- job_title: Web Developer
- website: https://google.com
- country:
- code: CA
- name: Canada
- bio: This is my bio. Hello!
- interests:
- - MTG
- - Warhammer
- - Bass guitar
- working_groups_interests:
- - adoptium
- - oniro
- eca_url: https://api.eclipse.org/account/profile/zacharysabourin/eca
- projects_url: https://api.eclipse.org/account/profile/zacharysabourin/projects
- gerrit_url: https://api.eclipse.org/account/profile/zacharysabourin/gerrit
- mailinglist_url: https://api.eclipse.org/account/profile/zacharysabourin/mailing-list
- mpc_favorites_url: https://api.eclipse.org/marketplace/favorites?name=zacharysabourin
EfUser:
type: object
@@ -370,42 +334,6 @@ components:
- type: string
- type: "null"
description: "The user's Marketplace favorites URL."
- example:
- uid: "606609"
- name: zacharysabourin
- mail: zachary.sabourin@eclipse-foundation.org
- picture: https://secure.gravatar.com/avatar/fbbbb03860062596a5cf11105dcc7d47.jpg?d=mm&s=185&r=G
- eca:
- signed: true
- can_contribute_spec_project: true
- is_committer: true
- first_name: Zachary
- last_name: Sabourin
- github_handle: zacharysabourin
- twitter_handle: sometwitteruser
- publisher_agreements:
- "open-vsx":
- version: "1"
- org: Eclipse Foundation
- org_id: null
- job_title: Web Developer
- website: https://google.com
- country:
- code: CA
- name: Canada
- bio: This is my bio. Hello!
- interests:
- - MTG
- - Warhammer
- - Bass guitar
- working_groups_interests:
- - adoptium
- - oniro
- eca_url: https://api.eclipse.org/account/profile/zacharysabourin/eca
- projects_url: https://api.eclipse.org/account/profile/zacharysabourin/projects
- gerrit_url: https://api.eclipse.org/account/profile/zacharysabourin/gerrit
- mailinglist_url: https://api.eclipse.org/account/profile/zacharysabourin/mailing-list
- mpc_favorites_url: https://api.eclipse.org/marketplace/favorites?name=zacharysabourin
Eca:
type: object
diff --git a/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java b/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
index 8223bb6..eb424ae 100644
--- a/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
+++ b/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
@@ -12,13 +12,14 @@
package org.eclipsefoundation.openvsx.resources;
import java.util.Arrays;
+import java.util.List;
+import org.eclipsefoundation.efservices.api.models.EfUser;
import org.eclipsefoundation.efservices.models.AuthenticatedRequestWrapper;
import jakarta.inject.Inject;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
-import jakarta.ws.rs.core.Response;
@Path("profile")
public class ProfileResource {
@@ -27,8 +28,8 @@ public class ProfileResource {
AuthenticatedRequestWrapper userProfile;
@GET
- public Response getProfileInfo() {
+ public List<EfUser> getProfileInfo() {
// Returns the public profile data tied to the current user
- return Response.ok(Arrays.asList(userProfile.getCurrentUser().getPublicProfile())).build();
+ return Arrays.asList(userProfile.getCurrentUser().getPublicProfile());
}
}
diff --git a/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java b/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
index 62bf48e..cfff5a7 100644
--- a/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
+++ b/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
@@ -164,7 +164,7 @@ public class PublisherAgreementResource {
*/
void checkIfAdminOrSelf(String urlUsername) {
// Reject request if current user is not in URL and they aren't an admin
- EfUser user = userProfile.getCurrentUser().getPublicProfile();
+ EfUser user = userProfile.getCurrentUser();
if (!urlUsername.equalsIgnoreCase(user.name())
&& config.adminUsers().stream().noneMatch(email -> email.equalsIgnoreCase(user.mail()))) {
throw new FinalForbiddenException(String.format("Access denied to resources for: %s", urlUsername));
diff --git a/src/test/java/org/eclipsefoundation/openvsx/test/api/MockProfileAPI.java b/src/test/java/org/eclipsefoundation/openvsx/test/api/MockProfileAPI.java
index b1f214b..3adbc41 100644
--- a/src/test/java/org/eclipsefoundation/openvsx/test/api/MockProfileAPI.java
+++ b/src/test/java/org/eclipsefoundation/openvsx/test/api/MockProfileAPI.java
@@ -143,7 +143,7 @@ public class MockProfileAPI implements ProfileAPI {
// Only filter via additional fields if it can't find with previous ones
if (params.uid != null) {
- results = users.stream().filter(u -> u.uid().compareTo(params.uid) == 0).collect(Collectors.toList());
+ results = users.stream().filter(u -> u.uid().equals(params.uid)).collect(Collectors.toList());
}
if (StringUtils.isNotBlank(params.name) && results.isEmpty()) {
results = users.stream().filter(u -> u.name().equalsIgnoreCase(params.name)).collect(Collectors.toList());
diff --git a/src/test/resources/application.properties b/src/test/resources/application.properties
index 61b37f7..9397921 100644
--- a/src/test/resources/application.properties
+++ b/src/test/resources/application.properties
@@ -17,4 +17,4 @@ eclipse.security.oauth2.token-generation.client-secret=sample
eclipse.security.oauth2.token-generation.client-id=sample
eclipse.security.oauth2.token-generation.scope=sample
-quarkus.jacoco.includes=**/openvsx/**/*
\ No newline at end of file
+quarkus.jacoco.includes=**/openvsx/**/*
--
GitLab
From 4d7a9d0647617c0543591df3cb105cce9f269837 Mon Sep 17 00:00:00 2001
From: Martin Lowe <martin.lowe@eclipse-foundation.org>
Date: Wed, 12 Mar 2025 11:37:40 -0400
Subject: [PATCH 3/4] fix: remove rolesallowed as it forward request auth in
newer versions
---
pom.xml | 2 +-
.../java/org/eclipsefoundation/openvsx/api/PeopleAPI.java | 5 -----
2 files changed, 1 insertion(+), 6 deletions(-)
diff --git a/pom.xml b/pom.xml
index afcae87..8db52a5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -87,7 +87,7 @@
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
- <artifactId>quarkus-oidc-client</artifactId>
+ <artifactId>quarkus-rest-client-oidc-filter</artifactId>
</dependency>
<!-- Testing dependencies only -->
diff --git a/src/main/java/org/eclipsefoundation/openvsx/api/PeopleAPI.java b/src/main/java/org/eclipsefoundation/openvsx/api/PeopleAPI.java
index 5bb58d8..cf00b59 100644
--- a/src/main/java/org/eclipsefoundation/openvsx/api/PeopleAPI.java
+++ b/src/main/java/org/eclipsefoundation/openvsx/api/PeopleAPI.java
@@ -19,7 +19,6 @@ import org.eclipsefoundation.foundationdb.client.runtime.model.people.PeopleDocu
import org.eclipsefoundation.openvsx.api.models.ModLogHeaders;
import io.quarkus.oidc.client.filter.OidcClientFilter;
-import jakarta.annotation.security.RolesAllowed;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.ws.rs.BeanParam;
import jakarta.ws.rs.GET;
@@ -48,7 +47,6 @@ public interface PeopleAPI {
* @return A Response containing the persisted person.
*/
@PUT
- @RolesAllowed("fdb_write_people")
Response persistPersonEntity(PeopleData src);
/**
@@ -59,7 +57,6 @@ public interface PeopleAPI {
*/
@GET
@Path("{personID}")
- @RolesAllowed("fdb_read_people")
PeopleData getPerson(@PathParam("personID") String personId);
/**
@@ -71,7 +68,6 @@ public interface PeopleAPI {
*/
@GET
@Path("{personID}/documents")
- @RolesAllowed("fdb_read_people_documents")
List<PeopleDocumentData> getPeopleDocument(@PathParam("personID") String personId, @QueryParam("documentID") String documentId,
@QueryParam("include_bytes") boolean includeBytes);
@@ -86,7 +82,6 @@ public interface PeopleAPI {
*/
@PUT
@Path("{personID}/documents")
- @RolesAllowed("fdb_write_people_documents")
List<PeopleDocumentData> persistPeopleDocument(@BeanParam ModLogHeaders modLog, @PathParam("personID") String personId,
PeopleDocumentData src);
}
--
GitLab
From 622087d09a59e4ffd18552bad2a2d80a093d7dc5 Mon Sep 17 00:00:00 2001
From: Martin Lowe <martin.lowe@eclipse-foundation.org>
Date: Wed, 19 Mar 2025 13:30:18 -0400
Subject: [PATCH 4/4] set version to 1.2.2 instead of snapshot release
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 8db52a5..e29331e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@
<surefire-plugin.version>3.3.1</surefire-plugin.version>
<auto-value.version>1.10.4</auto-value.version>
<hibernate.version>5.5.6.Final</hibernate.version>
- <eclipse-api-version>1.2.2-SNAPSHOT</eclipse-api-version>
+ <eclipse-api-version>1.2.2</eclipse-api-version>
<org.mapstruct.version>1.5.5.Final</org.mapstruct.version>
<fdndb-api-version>1.1.2</fdndb-api-version>
<sonar.sources>src/main</sonar.sources>
--
GitLab