diff --git a/opencga-app/src/main/java/org/opencb/opencga/app/migrations/v4/v4_0_0/catalog/FederationChangesMigration.java b/opencga-app/src/main/java/org/opencb/opencga/app/migrations/v4/v4_0_0/catalog/FederationChangesMigration.java new file mode 100644 index 0000000000..47ce704da7 --- /dev/null +++ b/opencga-app/src/main/java/org/opencb/opencga/app/migrations/v4/v4_0_0/catalog/FederationChangesMigration.java @@ -0,0 +1,69 @@ +package org.opencb.opencga.app.migrations.v4.v4_0_0.catalog; + +import com.mongodb.client.MongoCollection; +import com.mongodb.client.model.Filters; +import com.mongodb.client.model.Updates; +import org.bson.Document; +import org.bson.conversions.Bson; +import org.opencb.opencga.catalog.db.mongodb.OrganizationMongoDBAdaptorFactory; +import org.opencb.opencga.catalog.migration.Migration; +import org.opencb.opencga.catalog.migration.MigrationTool; + +import java.util.Arrays; +import java.util.Collections; + +@Migration(id = "federationChanges__task_7192", + description = "Federation changes, #TASK-7192", version = "4.0.0", + language = Migration.MigrationLanguage.JAVA, domain = Migration.MigrationDomain.CATALOG, date = 20250120) +public class FederationChangesMigration extends MigrationTool { + + /* + * [NEW] Organization -> federation: {clients: [], servers: []} + * [NEW] Project -> federation: {id: "", description: "", version: ""} + * -> internal.federated: [true|false] + * [NEW] Study -> federation: {id: "", description: "", version: ""} + * -> internal.federated: [true|false] + * [NEW] User -> internal.account.authentication.federation: [true|false] + */ + + @Override + protected void run() throws Exception { + // Organization update + MongoCollection orgCollection = getMongoCollection(OrganizationMongoDBAdaptorFactory.ORGANIZATION_COLLECTION); + Bson query = Filters.exists("federation", false); + Bson update = Updates.set("federation", new Document() + .append("clients", Collections.emptyList()) + .append("servers", Collections.emptyList()) + ); + orgCollection.updateMany(query, update); + + // Project and Study + Bson projectStudyQuery = Filters.exists("federation", false); + Bson projectStudyUpdate = Updates.combine( + Updates.set("federation", new Document() + .append("id", "") + .append("description", "") + .append("version", "") + ), + Updates.set("internal.federated", false) + ); + for (String collectionStr : Arrays.asList(OrganizationMongoDBAdaptorFactory.PROJECT_COLLECTION, + OrganizationMongoDBAdaptorFactory.DELETED_PROJECT_COLLECTION, OrganizationMongoDBAdaptorFactory.STUDY_COLLECTION, + OrganizationMongoDBAdaptorFactory.DELETED_STUDY_COLLECTION)) { + getMongoCollection(collectionStr).updateMany(projectStudyQuery, projectStudyUpdate); + } + + // User + Bson userQuery = Filters.exists("internal.account.authentication.federation", false); + Bson userUpdate = Updates.set("internal.account.authentication.federation", false); + for (String collectionStr : Arrays.asList(OrganizationMongoDBAdaptorFactory.USER_COLLECTION, + OrganizationMongoDBAdaptorFactory.DELETED_USER_COLLECTION)) { + getMongoCollection(collectionStr).updateMany(userQuery, userUpdate); + } + + // Drop project id index (no longer unique) + Document oldIndex = new Document() + .append("id", 1); + dropIndex(OrganizationMongoDBAdaptorFactory.PROJECT_COLLECTION, oldIndex); + } +} diff --git a/opencga-catalog/src/main/java/org/opencb/opencga/catalog/auth/authentication/azure/AuthenticationFactory.java b/opencga-catalog/src/main/java/org/opencb/opencga/catalog/auth/authentication/azure/AuthenticationFactory.java index b6b272fa5f..48bf2ee07a 100644 --- a/opencga-catalog/src/main/java/org/opencb/opencga/catalog/auth/authentication/azure/AuthenticationFactory.java +++ b/opencga-catalog/src/main/java/org/opencb/opencga/catalog/auth/authentication/azure/AuthenticationFactory.java @@ -135,14 +135,14 @@ private String getFederationSecretKey(String organizationId, String userId) thro if (CollectionUtils.isNotEmpty(organization.getFederation().getServers())) { for (FederationServerParams server : organization.getFederation().getServers()) { if (server.getUserId().equals(userId)) { - return server.getSecretKey(); + return server.getSecurityKey(); } } } if (CollectionUtils.isNotEmpty(organization.getFederation().getClients())) { for (FederationClientParams client : organization.getFederation().getClients()) { if (client.getUserId().equals(userId)) { - return client.getSecretKey(); + return client.getSecurityKey(); } } } diff --git a/opencga-catalog/src/main/java/org/opencb/opencga/catalog/managers/AuditManager.java b/opencga-catalog/src/main/java/org/opencb/opencga/catalog/managers/AuditManager.java index 6c25baa36f..7d991dff2a 100644 --- a/opencga-catalog/src/main/java/org/opencb/opencga/catalog/managers/AuditManager.java +++ b/opencga-catalog/src/main/java/org/opencb/opencga/catalog/managers/AuditManager.java @@ -200,6 +200,13 @@ public void audit(String organizationId, String operationId, String userId, Enum public void audit(String organizationId, String operationId, String userId, Enums.Action action, Enums.Resource resource, String resourceId, String resourceUuid, String studyId, String studyUuid, ObjectMap params, AuditRecord.Status status, ObjectMap attributes) { + audit(organizationId, operationId, userId, action.name(), resource, resourceId, resourceUuid, studyId, studyUuid, params, status, + attributes); + } + + protected void audit(String organizationId, String operationId, String userId, String action, Enums.Resource resource, + String resourceId, String resourceUuid, String studyId, String studyUuid, ObjectMap params, AuditRecord.Status status, + ObjectMap attributes) { String apiVersion = GitRepositoryState.getInstance().getBuildVersion(); Date date = TimeUtils.getDate(); diff --git a/opencga-catalog/src/test/java/org/opencb/opencga/catalog/db/mongodb/AuditMongoDBAdaptorTest.java b/opencga-catalog/src/test/java/org/opencb/opencga/catalog/db/mongodb/AuditMongoDBAdaptorTest.java index 228ca61f98..68a165ba7a 100644 --- a/opencga-catalog/src/test/java/org/opencb/opencga/catalog/db/mongodb/AuditMongoDBAdaptorTest.java +++ b/opencga-catalog/src/test/java/org/opencb/opencga/catalog/db/mongodb/AuditMongoDBAdaptorTest.java @@ -37,17 +37,17 @@ public class AuditMongoDBAdaptorTest extends AbstractMongoDBAdaptorTest { public void testInsertAuditRecord() throws Exception { dbAdaptorFactory.getCatalogAuditDbAdaptor(organizationId) .insertAuditRecord(new AuditRecord(UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), - UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE, + UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE.name(), Enums.Resource.SAMPLE, "sampleId", "sampleUuid", "studyId", "studyUuid", new ObjectMap(), new AuditRecord.Status(AuditRecord.Status.Result.SUCCESS), TimeUtils.getDate(), new ObjectMap())); dbAdaptorFactory.getCatalogAuditDbAdaptor(organizationId) .insertAuditRecord(new AuditRecord(UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), - UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE, + UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE.name(), Enums.Resource.SAMPLE, "sampleId2", "sampleUuid2", "studyId", "studyUuid", new ObjectMap(), new AuditRecord.Status(AuditRecord.Status.Result.SUCCESS), TimeUtils.getDate(), new ObjectMap())); dbAdaptorFactory.getCatalogAuditDbAdaptor(organizationId) .insertAuditRecord(new AuditRecord(UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), - UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE, + UuidUtils.generateOpenCgaUuid(UuidUtils.Entity.AUDIT), "user", "api", Enums.Action.CREATE.name(), Enums.Resource.SAMPLE, "sampleId3", "sampleUuid3", "studyId", "studyUuid", new ObjectMap(), new AuditRecord.Status(AuditRecord.Status.Result.SUCCESS), TimeUtils.getDate(), new ObjectMap())); } diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/api/FieldConstants.java b/opencga-core/src/main/java/org/opencb/opencga/core/api/FieldConstants.java index b913f1d79d..0b22a122b2 100644 --- a/opencga-core/src/main/java/org/opencb/opencga/core/api/FieldConstants.java +++ b/opencga-core/src/main/java/org/opencb/opencga/core/api/FieldConstants.java @@ -81,13 +81,13 @@ public class FieldConstants { public static final String FEDERATION_CLIENT_USER_ID_DESCRIPTION = "User ID to access the federation server."; public static final String FEDERATION_CLIENT_PASSWORD_DESCRIPTION = "User password to access the federation server."; public static final String FEDERATION_CLIENT_TOKEN_DESCRIPTION = "Token to access the federation server."; - public static final String FEDERATION_CLIENT_SECRET_KEY_DESCRIPTION = "Secret key auto-generated by the federation server."; + public static final String FEDERATION_CLIENT_SECURITY_KEY_DESCRIPTION = "Security key auto-generated by the federation server."; public static final String FEDERATION_SERVER_ID_DESCRIPTION = "Unique ID to identify the federation client."; public static final String FEDERATION_SERVER_DESCRIPTION_DESCRIPTION = "Description of the federation client."; public static final String FEDERATION_SERVER_EMAIL_DESCRIPTION = "Contact email of the federation client."; public static final String FEDERATION_SERVER_USER_ID_DESCRIPTION = "User ID to be used by the federation client."; - public static final String FEDERATION_SERVER_SECRET_KEY_DESCRIPTION = "Secret key shared with the federation client to gain access" + public static final String FEDERATION_SERVER_SECURITY_KEY_DESCRIPTION = "Security key shared with the federation client to gain access" + " to the server."; public static final String FEDERATION_SERVER_ACTIVE_DESCRIPTION = "Flag to indicate if the federation client account is active."; public static final String FEDERATION_SERVER_EXPIRATION_TIME_DESCRIPTION = "Expiration time of the federation client account."; diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/audit/AuditRecord.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/audit/AuditRecord.java index f8ba4b924b..11ba4454ed 100644 --- a/opencga-core/src/main/java/org/opencb/opencga/core/models/audit/AuditRecord.java +++ b/opencga-core/src/main/java/org/opencb/opencga/core/models/audit/AuditRecord.java @@ -47,7 +47,7 @@ public class AuditRecord { /** * Action performed (CREATE, SEARCH, DOWNLOAD...). */ - private Enums.Action action; + private String action; /** * Involved resource (User, Study, Sample, File...). @@ -93,7 +93,7 @@ public class AuditRecord { public AuditRecord() { } - public AuditRecord(String id, String operationId, String userId, String apiVersion, Enums.Action action, Enums.Resource resource, + public AuditRecord(String id, String operationId, String userId, String apiVersion, String action, Enums.Resource resource, String resourceId, String resourceUuid, String studyId, String studyUuid, ObjectMap params, Status status, Date date, ObjectMap attributes) { this.id = id; @@ -169,11 +169,11 @@ public AuditRecord setApiVersion(String apiVersion) { return this; } - public Enums.Action getAction() { + public String getAction() { return action; } - public AuditRecord setAction(Enums.Action action) { + public AuditRecord setAction(String action) { this.action = action; return this; } diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/common/Enums.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/common/Enums.java index 0c9267bd33..0617d6c65a 100644 --- a/opencga-core/src/main/java/org/opencb/opencga/core/models/common/Enums.java +++ b/opencga-core/src/main/java/org/opencb/opencga/core/models/common/Enums.java @@ -214,9 +214,6 @@ public enum Action { RESET_USER_PASSWORD, CHANGE_USER_CONFIG, FETCH_USER_CONFIG, - - UPDATE_FEDERATION_SECRET_KEY, - INCREMENT_PROJECT_RELEASE, FETCH_STUDY_GROUPS, @@ -261,9 +258,6 @@ public enum Action { IMPORT_EXTERNAL_GROUP_OF_USERS, SYNC_EXTERNAL_GROUP_OF_USERS, - CREATE_FEDERATION_CLIENT, - EXPOSE_FEDERATION_SERVER, - // RGA RESET_RGA_INDEXES, UPDATE_RGA_INDEX, diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParams.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParams.java index 9ab0f0a317..459079178d 100644 --- a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParams.java +++ b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParams.java @@ -33,14 +33,14 @@ public class FederationClientParams { @DataField(id = "token", description = FieldConstants.FEDERATION_CLIENT_TOKEN_DESCRIPTION) private String token; - @DataField(id = "secretKey", description = FieldConstants.FEDERATION_CLIENT_SECRET_KEY_DESCRIPTION) - private String secretKey; + @DataField(id = "securityKey", description = FieldConstants.FEDERATION_CLIENT_SECURITY_KEY_DESCRIPTION) + private String securityKey; public FederationClientParams() { } public FederationClientParams(String id, String description, String version, String email, String url, String organizationId, - String userId, String password, String token, String secretKey) { + String userId, String password, String token, String securityKey) { this.id = id; this.description = description; this.version = version; @@ -50,7 +50,7 @@ public FederationClientParams(String id, String description, String version, Str this.userId = userId; this.password = password; this.token = token; - this.secretKey = secretKey; + this.securityKey = securityKey; } @Override @@ -64,7 +64,7 @@ public String toString() { sb.append(", organizationId='").append(organizationId).append('\''); sb.append(", userId='").append(userId).append('\''); sb.append(", password='").append("xxxxxxxx").append('\''); - sb.append(", secretKey='").append("xxxxxxxx").append('\''); + sb.append(", securityKey='").append("xxxxxxxx").append('\''); sb.append('}'); return sb.toString(); } @@ -141,12 +141,12 @@ public FederationClientParams setPassword(String password) { return this; } - public String getSecretKey() { - return secretKey; + public String getSecurityKey() { + return securityKey; } - public FederationClientParams setSecretKey(String secretKey) { - this.secretKey = secretKey; + public FederationClientParams setSecurityKey(String securityKey) { + this.securityKey = securityKey; return this; } diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParamsMixin.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParamsMixin.java index 24df5661fe..ecf0be95ca 100644 --- a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParamsMixin.java +++ b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationClientParamsMixin.java @@ -2,6 +2,6 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -@JsonIgnoreProperties({"password", "secretKey", "token"}) +@JsonIgnoreProperties({"password", "securityKey", "token"}) public class FederationClientParamsMixin { } diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParams.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParams.java index e9e657460b..59860fd729 100644 --- a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParams.java +++ b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParams.java @@ -21,24 +21,19 @@ public class FederationServerParams { @DataField(id = "active", description = FieldConstants.FEDERATION_SERVER_ACTIVE_DESCRIPTION) private boolean active; - @DataField(id = "expirationTime", description = FieldConstants.FEDERATION_SERVER_EXPIRATION_TIME_DESCRIPTION) - private String expirationTime; - - @DataField(id = "secretKey", description = FieldConstants.FEDERATION_SERVER_SECRET_KEY_DESCRIPTION) - private String secretKey; + @DataField(id = "securityKey", description = FieldConstants.FEDERATION_SERVER_SECURITY_KEY_DESCRIPTION) + private String securityKey; public FederationServerParams() { } - public FederationServerParams(String id, String description, String email, String userId, boolean active, String expirationTime, - String secretKey) { + public FederationServerParams(String id, String description, String email, String userId, boolean active, String securityKey) { this.id = id; this.description = description; this.email = email; this.userId = userId; this.active = active; - this.expirationTime = expirationTime; - this.secretKey = secretKey; + this.securityKey = securityKey; } @Override @@ -49,8 +44,7 @@ public String toString() { sb.append(", email='").append(email).append('\''); sb.append(", userId='").append(userId).append('\''); sb.append(", active=").append(active); - sb.append(", expirationTime='").append(expirationTime).append('\''); - sb.append(", secretKey='").append("xxxxxxxx").append('\''); + sb.append(", securityKey='").append("xxxxxxxx").append('\''); sb.append('}'); return sb.toString(); } @@ -100,21 +94,12 @@ public FederationServerParams setActive(boolean active) { return this; } - public String getExpirationTime() { - return expirationTime; - } - - public FederationServerParams setExpirationTime(String expirationTime) { - this.expirationTime = expirationTime; - return this; - } - - public String getSecretKey() { - return secretKey; + public String getSecurityKey() { + return securityKey; } - public FederationServerParams setSecretKey(String secretKey) { - this.secretKey = secretKey; + public FederationServerParams setSecurityKey(String securityKey) { + this.securityKey = securityKey; return this; } } diff --git a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParamsMixin.java b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParamsMixin.java index fb593eb917..76d918a416 100644 --- a/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParamsMixin.java +++ b/opencga-core/src/main/java/org/opencb/opencga/core/models/federation/FederationServerParamsMixin.java @@ -2,6 +2,6 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -@JsonIgnoreProperties({"secretKey"}) +@JsonIgnoreProperties({"securityKey"}) public class FederationServerParamsMixin { }