app: add federation migration, #TASK-7192

opencb · Jan 20, 2025 · e1d5835 · e1d5835
1 parent 6ddaa78
commit e1d5835
Show file tree

Hide file tree

Showing 11 changed files with 107 additions and 52 deletions.
diff --git a/.../java/org/opencb/opencga/app/migrations/v4/v4_0_0/catalog/FederationChangesMigration.java b/.../java/org/opencb/opencga/app/migrations/v4/v4_0_0/catalog/FederationChangesMigration.java
@@ -0,0 +1,69 @@
+package org.opencb.opencga.app.migrations.v4.v4_0_0.catalog;
+
+import com.mongodb.client.MongoCollection;
+import com.mongodb.client.model.Filters;
+import com.mongodb.client.model.Updates;
+import org.bson.Document;
+import org.bson.conversions.Bson;
+import org.opencb.opencga.catalog.db.mongodb.OrganizationMongoDBAdaptorFactory;
+import org.opencb.opencga.catalog.migration.Migration;
+import org.opencb.opencga.catalog.migration.MigrationTool;
+
+import java.util.Arrays;
+import java.util.Collections;
+
+@Migration(id = "federationChanges__task_7192",
+        description = "Federation changes, #TASK-7192", version = "4.0.0",
+        language = Migration.MigrationLanguage.JAVA, domain = Migration.MigrationDomain.CATALOG, date = 20250120)
+public class FederationChangesMigration extends MigrationTool {
+
+    /*
+     * [NEW] Organization -> federation: {clients: [], servers: []}
+     * [NEW] Project -> federation: {id: "", description: "", version: ""}
+     *               -> internal.federated: [true|false]
+     * [NEW] Study -> federation: {id: "", description: "", version: ""}
+     *               -> internal.federated: [true|false]
+     * [NEW] User -> internal.account.authentication.federation: [true|false]
+     */
+
+    @Override
+    protected void run() throws Exception {
+        // Organization update
+        MongoCollection<Document> orgCollection = getMongoCollection(OrganizationMongoDBAdaptorFactory.ORGANIZATION_COLLECTION);
+        Bson query = Filters.exists("federation", false);
+        Bson update = Updates.set("federation", new Document()
+                .append("clients", Collections.emptyList())
+                .append("servers", Collections.emptyList())
+        );
+        orgCollection.updateMany(query, update);
+
+        // Project and Study
+        Bson projectStudyQuery = Filters.exists("federation", false);
+        Bson projectStudyUpdate = Updates.combine(
+                Updates.set("federation", new Document()
+                        .append("id", "")
+                        .append("description", "")
+                        .append("version", "")
+                ),
+                Updates.set("internal.federated", false)
+        );
+        for (String collectionStr : Arrays.asList(OrganizationMongoDBAdaptorFactory.PROJECT_COLLECTION,
+                OrganizationMongoDBAdaptorFactory.DELETED_PROJECT_COLLECTION, OrganizationMongoDBAdaptorFactory.STUDY_COLLECTION,
+                OrganizationMongoDBAdaptorFactory.DELETED_STUDY_COLLECTION)) {
+            getMongoCollection(collectionStr).updateMany(projectStudyQuery, projectStudyUpdate);
+        }
+
+        // User
+        Bson userQuery = Filters.exists("internal.account.authentication.federation", false);
+        Bson userUpdate = Updates.set("internal.account.authentication.federation", false);
+        for (String collectionStr : Arrays.asList(OrganizationMongoDBAdaptorFactory.USER_COLLECTION,
+                OrganizationMongoDBAdaptorFactory.DELETED_USER_COLLECTION)) {
+            getMongoCollection(collectionStr).updateMany(userQuery, userUpdate);
+        }
+
+        // Drop project id index (no longer unique)
+        Document oldIndex = new Document()
+                .append("id", 1);
+        dropIndex(OrganizationMongoDBAdaptorFactory.PROJECT_COLLECTION, oldIndex);
+    }
+}
diff --git a/...main/java/org/opencb/opencga/catalog/auth/authentication/azure/AuthenticationFactory.java b/...main/java/org/opencb/opencga/catalog/auth/authentication/azure/AuthenticationFactory.java
@@ -135,14 +135,14 @@ private String getFederationSecretKey(String organizationId, String userId) thro
         if (CollectionUtils.isNotEmpty(organization.getFederation().getServers())) {
             for (FederationServerParams server : organization.getFederation().getServers()) {
                 if (server.getUserId().equals(userId)) {
-                    return server.getSecretKey();
+                    return server.getSecurityKey();
                 }
             }
         }
         if (CollectionUtils.isNotEmpty(organization.getFederation().getClients())) {
             for (FederationClientParams client : organization.getFederation().getClients()) {
                 if (client.getUserId().equals(userId)) {
-                    return client.getSecretKey();
+                    return client.getSecurityKey();
                 }
             }
         }

diff --git a/opencga-catalog/src/main/java/org/opencb/opencga/catalog/managers/AuditManager.java b/opencga-catalog/src/main/java/org/opencb/opencga/catalog/managers/AuditManager.java
@@ -200,6 +200,13 @@ public void audit(String organizationId, String operationId, String userId, Enum
     public void audit(String organizationId, String operationId, String userId, Enums.Action action, Enums.Resource resource,
                       String resourceId, String resourceUuid, String studyId, String studyUuid, ObjectMap params, AuditRecord.Status status,
                       ObjectMap attributes) {
+        audit(organizationId, operationId, userId, action.name(), resource, resourceId, resourceUuid, studyId, studyUuid, params, status,
+                attributes);
+    }
+
+    protected void audit(String organizationId, String operationId, String userId, String action, Enums.Resource resource,
+                      String resourceId, String resourceUuid, String studyId, String studyUuid, ObjectMap params, AuditRecord.Status status,
+                      ObjectMap attributes) {
         String apiVersion = GitRepositoryState.getInstance().getBuildVersion();
         Date date = TimeUtils.getDate();
 

diff --git a/...-catalog/src/test/java/org/opencb/opencga/catalog/db/mongodb/AuditMongoDBAdaptorTest.java b/...-catalog/src/test/java/org/opencb/opencga/catalog/db/mongodb/AuditMongoDBAdaptorTest.java
@@ -37,17 +37,17 @@ public class AuditMongoDBAdaptorTest extends AbstractMongoDBAdaptorTest {
     public void testInsertAuditRecord() throws Exception {
         dbAdaptorFactory.getCatalogAuditDbAdaptor(organizationId)
                 .insertAuditRecord(new AuditRecord(UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT),
-                        UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE,
+                        UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE.name(),
                         Enums.Resource.SAMPLE, "sampleId", "sampleUuid", "studyId", "studyUuid", new ObjectMap(),
                         new AuditRecord.Status(AuditRecord.Status.Result.SUCCESS), TimeUtils.getDate(), new ObjectMap()));
         dbAdaptorFactory.getCatalogAuditDbAdaptor(organizationId)
                 .insertAuditRecord(new AuditRecord(UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT),
-                        UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE,
+                        UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE.name(),
                         Enums.Resource.SAMPLE, "sampleId2", "sampleUuid2", "studyId", "studyUuid", new ObjectMap(),
                         new AuditRecord.Status(AuditRecord.Status.Result.SUCCESS), TimeUtils.getDate(), new ObjectMap()));
         dbAdaptorFactory.getCatalogAuditDbAdaptor(organizationId)
                 .insertAuditRecord(new AuditRecord(UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT),
-                        UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE,
+                        UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE.name(),
                         Enums.Resource.SAMPLE, "sampleId3", "sampleUuid3", "studyId", "studyUuid", new ObjectMap(),
                         new AuditRecord.Status(AuditRecord.Status.Result.SUCCESS), TimeUtils.getDate(), new ObjectMap()));
     }

diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/api/FieldConstants.java b/opencga-core/src/main/java/org/opencb/opencga/core/api/FieldConstants.java
@@ -81,13 +81,13 @@ public class FieldConstants {
     public static final String FEDERATION_CLIENT_USER_ID_DESCRIPTION = "User ID to access the federation server.";
     public static final String FEDERATION_CLIENT_PASSWORD_DESCRIPTION = "User password to access the federation server.";
     public static final String FEDERATION_CLIENT_TOKEN_DESCRIPTION = "Token to access the federation server.";
-    public static final String FEDERATION_CLIENT_SECRET_KEY_DESCRIPTION = "Secret key auto-generated by the federation server.";
+    public static final String FEDERATION_CLIENT_SECURITY_KEY_DESCRIPTION = "Security key auto-generated by the federation server.";
 
     public static final String FEDERATION_SERVER_ID_DESCRIPTION = "Unique ID to identify the federation client.";
     public static final String FEDERATION_SERVER_DESCRIPTION_DESCRIPTION = "Description of the federation client.";
     public static final String FEDERATION_SERVER_EMAIL_DESCRIPTION = "Contact email of the federation client.";
     public static final String FEDERATION_SERVER_USER_ID_DESCRIPTION = "User ID to be used by the federation client.";
-    public static final String FEDERATION_SERVER_SECRET_KEY_DESCRIPTION = "Secret key shared with the federation client to gain access"
+    public static final String FEDERATION_SERVER_SECURITY_KEY_DESCRIPTION = "Security key shared with the federation client to gain access"
             + " to the server.";
     public static final String FEDERATION_SERVER_ACTIVE_DESCRIPTION = "Flag to indicate if the federation client account is active.";
     public static final String FEDERATION_SERVER_EXPIRATION_TIME_DESCRIPTION = "Expiration time of the federation client account.";

diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/audit/AuditRecord.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/audit/AuditRecord.java
@@ -47,7 +47,7 @@ public class AuditRecord {
     /**
      * Action performed (CREATE, SEARCH, DOWNLOAD...).
      */
-    private Enums.Action action;
+    private String action;
 
     /**
      * Involved resource (User, Study, Sample, File...).
@@ -93,7 +93,7 @@ public class AuditRecord {
     public AuditRecord() {
     }
 
-    public AuditRecord(String id, String operationId, String userId, String apiVersion, Enums.Action action, Enums.Resource resource,
+    public AuditRecord(String id, String operationId, String userId, String apiVersion, String action, Enums.Resource resource,
                        String resourceId, String resourceUuid, String studyId, String studyUuid, ObjectMap params, Status status, Date date,
                        ObjectMap attributes) {
         this.id = id;
@@ -169,11 +169,11 @@ public AuditRecord setApiVersion(String apiVersion) {
         return this;
     }
 
-    public Enums.Action getAction() {
+    public String getAction() {
         return action;
     }
 
-    public AuditRecord setAction(Enums.Action action) {
+    public AuditRecord setAction(String action) {
         this.action = action;
         return this;
     }

diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/common/Enums.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/common/Enums.java
@@ -214,9 +214,6 @@ public enum Action {
         RESET_USER_PASSWORD,
         CHANGE_USER_CONFIG,
         FETCH_USER_CONFIG,
-
-        UPDATE_FEDERATION_SECRET_KEY,
-
         INCREMENT_PROJECT_RELEASE,
 
         FETCH_STUDY_GROUPS,
@@ -261,9 +258,6 @@ public enum Action {
         IMPORT_EXTERNAL_GROUP_OF_USERS,
         SYNC_EXTERNAL_GROUP_OF_USERS,
 
-        CREATE_FEDERATION_CLIENT,
-        EXPOSE_FEDERATION_SERVER,
-
         // RGA
         RESET_RGA_INDEXES,
         UPDATE_RGA_INDEX,

diff --git a/...-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParams.java b/...-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParams.java
@@ -33,14 +33,14 @@ public class FederationClientParams {
     @DataField(id = "token", description = FieldConstants.FEDERATION_CLIENT_TOKEN_DESCRIPTION)
     private String token;
 
-    @DataField(id = "secretKey", description = FieldConstants.FEDERATION_CLIENT_SECRET_KEY_DESCRIPTION)
-    private String secretKey;
+    @DataField(id = "securityKey", description = FieldConstants.FEDERATION_CLIENT_SECURITY_KEY_DESCRIPTION)
+    private String securityKey;
 
     public FederationClientParams() {
     }
 
     public FederationClientParams(String id, String description, String version, String email, String url, String organizationId,
-                                  String userId, String password, String token, String secretKey) {
+                                  String userId, String password, String token, String securityKey) {
         this.id = id;
         this.description = description;
         this.version = version;
@@ -50,7 +50,7 @@ public FederationClientParams(String id, String description, String version, Str
         this.userId = userId;
         this.password = password;
         this.token = token;
-        this.secretKey = secretKey;
+        this.securityKey = securityKey;
     }
 
     @Override
@@ -64,7 +64,7 @@ public String toString() {
         sb.append(", organizationId='").append(organizationId).append('\'');
         sb.append(", userId='").append(userId).append('\'');
         sb.append(", password='").append("xxxxxxxx").append('\'');
-        sb.append(", secretKey='").append("xxxxxxxx").append('\'');
+        sb.append(", securityKey='").append("xxxxxxxx").append('\'');
         sb.append('}');
         return sb.toString();
     }
@@ -141,12 +141,12 @@ public FederationClientParams setPassword(String password) {
         return this;
     }
 
-    public String getSecretKey() {
-        return secretKey;
+    public String getSecurityKey() {
+        return securityKey;
     }
 
-    public FederationClientParams setSecretKey(String secretKey) {
-        this.secretKey = secretKey;
+    public FederationClientParams setSecurityKey(String securityKey) {
+        this.securityKey = securityKey;
         return this;
     }
 

diff --git a/.../src/main/java/org/opencb/opencga/core/models/federation/FederationClientParamsMixin.java b/.../src/main/java/org/opencb/opencga/core/models/federation/FederationClientParamsMixin.java
@@ -2,6 +2,6 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 
-@JsonIgnoreProperties({"password", "secretKey", "token"})
+@JsonIgnoreProperties({"password", "securityKey", "token"})
 public class FederationClientParamsMixin {
 }
diff --git a/...-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParams.java b/...-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParams.java
@@ -21,24 +21,19 @@ public class FederationServerParams {
     @DataField(id = "active", description = FieldConstants.FEDERATION_SERVER_ACTIVE_DESCRIPTION)
     private boolean active;
 
-    @DataField(id = "expirationTime", description = FieldConstants.FEDERATION_SERVER_EXPIRATION_TIME_DESCRIPTION)
-    private String expirationTime;
-
-    @DataField(id = "secretKey", description = FieldConstants.FEDERATION_SERVER_SECRET_KEY_DESCRIPTION)
-    private String secretKey;
+    @DataField(id = "securityKey", description = FieldConstants.FEDERATION_SERVER_SECURITY_KEY_DESCRIPTION)
+    private String securityKey;
 
     public FederationServerParams() {
     }
 
-    public FederationServerParams(String id, String description, String email, String userId, boolean active, String expirationTime,
-                                  String secretKey) {
+    public FederationServerParams(String id, String description, String email, String userId, boolean active, String securityKey) {
         this.id = id;
         this.description = description;
         this.email = email;
         this.userId = userId;
         this.active = active;
-        this.expirationTime = expirationTime;
-        this.secretKey = secretKey;
+        this.securityKey = securityKey;
     }
 
     @Override
@@ -49,8 +44,7 @@ public String toString() {
         sb.append(", email='").append(email).append('\'');
         sb.append(", userId='").append(userId).append('\'');
         sb.append(", active=").append(active);
-        sb.append(", expirationTime='").append(expirationTime).append('\'');
-        sb.append(", secretKey='").append("xxxxxxxx").append('\'');
+        sb.append(", securityKey='").append("xxxxxxxx").append('\'');
         sb.append('}');
         return sb.toString();
     }
@@ -100,21 +94,12 @@ public FederationServerParams setActive(boolean active) {
         return this;
     }
 
-    public String getExpirationTime() {
-        return expirationTime;
-    }
-
-    public FederationServerParams setExpirationTime(String expirationTime) {
-        this.expirationTime = expirationTime;
-        return this;
-    }
-
-    public String getSecretKey() {
-        return secretKey;
+    public String getSecurityKey() {
+        return securityKey;
     }
 
-    public FederationServerParams setSecretKey(String secretKey) {
-        this.secretKey = secretKey;
+    public FederationServerParams setSecurityKey(String securityKey) {
+        this.securityKey = securityKey;
         return this;
     }
 }
diff --git a/.../src/main/java/org/opencb/opencga/core/models/federation/FederationServerParamsMixin.java b/.../src/main/java/org/opencb/opencga/core/models/federation/FederationServerParamsMixin.java
@@ -2,6 +2,6 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 
-@JsonIgnoreProperties({"secretKey"})
+@JsonIgnoreProperties({"securityKey"})
 public class FederationServerParamsMixin {
 }