[RND-701] put descriptor load under authorization (#343)

Ed-Fi-Exchange-OSS · Jan 19, 2024 · 849e026 · 849e026
1 parent 3d9ebb3
commit 849e026
Show file tree

Hide file tree

Showing 16 changed files with 82 additions and 59 deletions.
diff --git a/Meadowlark-js/backends/meadowlark-elasticsearch-backend/package.json b/Meadowlark-js/backends/meadowlark-elasticsearch-backend/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@edfi/meadowlark-elasticsearch-backend",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark backend plugin for elasticsearch",
   "license": "Apache-2.0",
   "publishConfig": {
@@ -19,8 +19,8 @@
     "build:copy-non-ts": "copyfiles -u 1 -e \"**/*.ts\" \"src/**/*\" dist --verbose"
   },
   "dependencies": {
-    "@edfi/meadowlark-core": "0.4.1-pre.7",
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-core": "0.4.1-pre.8",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "@elastic/elasticsearch": "^8.10.0",
     "@elastic/transport": "^8.3.4"
   },

diff --git a/Meadowlark-js/backends/meadowlark-mongodb-backend/package.json b/Meadowlark-js/backends/meadowlark-mongodb-backend/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@edfi/meadowlark-mongodb-backend",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark backend plugin for MongoDB",
   "license": "Apache-2.0",
   "publishConfig": {
@@ -19,9 +19,9 @@
     "build:copy-non-ts": "copyfiles -u 1 -e \"**/*.ts\" \"src/**/*\" dist --verbose"
   },
   "dependencies": {
-    "@edfi/meadowlark-authz-server": "0.4.1-pre.7",
-    "@edfi/meadowlark-core": "0.4.1-pre.7",
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-authz-server": "0.4.1-pre.8",
+    "@edfi/meadowlark-core": "0.4.1-pre.8",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "async-retry": "^1.3.3",
     "mongodb": "^5.9.2",
     "ramda": "0.29.1"

diff --git a/Meadowlark-js/backends/meadowlark-opensearch-backend/package.json b/Meadowlark-js/backends/meadowlark-opensearch-backend/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@edfi/meadowlark-opensearch-backend",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark backend plugin for OpenSearch",
   "license": "Apache-2.0",
   "publishConfig": {
@@ -19,8 +19,8 @@
     "build:copy-non-ts": "copyfiles -u 1 -e \"**/*.ts\" \"src/**/*\" dist --verbose"
   },
   "dependencies": {
-    "@edfi/meadowlark-core": "0.4.1-pre.7",
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-core": "0.4.1-pre.8",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "@opensearch-project/opensearch": "^2.4.0"
   },
   "devDependencies": {

diff --git a/Meadowlark-js/backends/meadowlark-postgresql-backend/package.json b/Meadowlark-js/backends/meadowlark-postgresql-backend/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@edfi/meadowlark-postgresql-backend",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark backend plugin for PostgreSQL",
   "license": "Apache-2.0",
   "publishConfig": {
@@ -19,9 +19,9 @@
     "build:copy-non-ts": "copyfiles -u 1 -e \"**/*.ts\" \"src/**/*\" dist --verbose"
   },
   "dependencies": {
-    "@edfi/meadowlark-authz-server": "0.4.1-pre.7",
-    "@edfi/meadowlark-core": "0.4.1-pre.7",
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-authz-server": "0.4.1-pre.8",
+    "@edfi/meadowlark-core": "0.4.1-pre.8",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "pg": "^8.11.3",
     "pg-format": "^1.0.4",
     "ramda": "0.29.1"

diff --git a/Meadowlark-js/lerna.json b/Meadowlark-js/lerna.json
@@ -1,5 +1,5 @@
 {
   "lerna": "8.0.2",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "npmClient": "npm"
 }
diff --git a/Meadowlark-js/package-lock.json b/Meadowlark-js/package-lock.json
diff --git a/Meadowlark-js/packages/meadowlark-authz-server/package.json b/Meadowlark-js/packages/meadowlark-authz-server/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@edfi/meadowlark-authz-server",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark authorization server",
   "license": "Apache-2.0",
   "publishConfig": {
@@ -14,7 +14,7 @@
   ],
   "dependencies": {
     "@apideck/better-ajv-errors": "^0.3.6",
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "ajv": "^8.12.0",
     "didyoumean2": "^6.0.1",
     "dotenv": "^16.3.1",

diff --git a/Meadowlark-js/packages/meadowlark-core/package.json b/Meadowlark-js/packages/meadowlark-core/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@edfi/meadowlark-core",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark core functionality",
   "license": "Apache-2.0",
   "publishConfig": {
@@ -14,7 +14,7 @@
   ],
   "dependencies": {
     "@apideck/better-ajv-errors": "^0.3.6",
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "@isaacs/ttlcache": "^1.4.1",
     "ajv": "^8.12.0",
     "ajv-formats": "^2.1.1",

diff --git a/Meadowlark-js/packages/meadowlark-core/src/handler/DescriptorLoader.ts b/Meadowlark-js/packages/meadowlark-core/src/handler/DescriptorLoader.ts
@@ -169,7 +169,7 @@ async function loadParsedDescriptors(descriptorData: XmlDescriptorData): Promise
   Logger.info(`${loadCount} descriptors loaded`, '-');
 }
 
-export async function loadDescriptors(): Promise<void> {
+export async function loadDescriptorsFromFile(): Promise<void> {
   Logger.info('Loading descriptors', 'n/a');
   await loadDocumentStore();
   const data: XmlDescriptorData = await readDescriptors(descriptorPath);

diff --git a/Meadowlark-js/packages/meadowlark-core/src/handler/FrontendFacade.ts b/Meadowlark-js/packages/meadowlark-core/src/handler/FrontendFacade.ts
@@ -26,6 +26,7 @@ import { logTheResponse } from '../middleware/ResponseLoggingMiddleware';
 import { equalityConstraintValidation } from '../middleware/ValidateEqualityConstraintMiddleware';
 import { timestampRequest } from '../middleware/TimestampRequestMiddleware';
 import { loadApiSchema } from '../middleware/ApiSchemaLoadingMiddleware';
+import { loadDescriptorsFromFile } from './DescriptorLoader';
 
 type MiddlewareStack = (model: MiddlewareModel) => Promise<MiddlewareModel>;
 
@@ -271,3 +272,25 @@ export async function closeConnection(): Promise<void> {
     writeErrorToLog(moduleName, '', 'closeConnection', 500, e);
   }
 }
+
+/**
+ * Entry point for loading descriptors
+ */
+export async function loadDescriptors(frontendRequest: FrontendRequest): Promise<FrontendResponse> {
+  try {
+    await initialize();
+
+    const authorizeResponse: FrontendResponse | null = (await authorize({ frontendRequest, frontendResponse: null }))
+      .frontendResponse;
+
+    // if there is a response posted by authorize, there was an auth failure so we are done
+    if (authorizeResponse != null) return authorizeResponse;
+
+    await loadDescriptorsFromFile();
+
+    return { statusCode: 202 };
+  } catch (e) {
+    writeErrorToLog(moduleName, frontendRequest.traceId, 'loadDescriptors', 500, e);
+    return { statusCode: 500 };
+  }
+}
diff --git a/Meadowlark-js/packages/meadowlark-core/src/index.ts b/Meadowlark-js/packages/meadowlark-core/src/index.ts
@@ -50,8 +50,7 @@ export type { DocumentObjectKey } from './model/api-schema/DocumentObjectKey';
 export type { SemVer } from './model/api-schema/SemVer';
 
 // Handlers
-export { upsert, deleteIt, get, update, closeConnection } from './handler/FrontendFacade';
-export { loadDescriptors } from './handler/DescriptorLoader';
+export { upsert, deleteIt, get, update, loadDescriptors, closeConnection } from './handler/FrontendFacade';
 export {
   apiVersion,
   openApiUrlList,

diff --git a/Meadowlark-js/packages/meadowlark-utilities/package.json b/Meadowlark-js/packages/meadowlark-utilities/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@edfi/meadowlark-utilities",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark shared utilities",
   "license": "Apache-2.0",
   "publishConfig": {

diff --git a/Meadowlark-js/services/meadowlark-fastify/package.json b/Meadowlark-js/services/meadowlark-fastify/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@edfi/meadowlark-fastify",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark service using Fastify",
   "license": "Apache-2.0",
   "publishConfig": {
@@ -12,9 +12,9 @@
     "/package.json"
   ],
   "dependencies": {
-    "@edfi/meadowlark-authz-server": "0.4.1-pre.7",
-    "@edfi/meadowlark-core": "0.4.1-pre.7",
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-authz-server": "0.4.1-pre.8",
+    "@edfi/meadowlark-core": "0.4.1-pre.8",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "@fastify/rate-limit": "^6.0.1",
     "dotenv": "^16.3.1",
     "fastify": "^3.29.5"

diff --git a/Meadowlark-js/services/meadowlark-fastify/src/handler/DescriptorLoader.ts b/Meadowlark-js/services/meadowlark-fastify/src/handler/DescriptorLoader.ts
@@ -6,16 +6,16 @@
 /* istanbul ignore file */
 import { loadDescriptors as meadowlarkLoadDescriptors } from '@edfi/meadowlark-core';
 import { FastifyRequest, FastifyReply } from 'fastify';
+import { respondWith, fromRequest } from './MeadowlarkConverter';
 
 /**
  * A trigger to call the loadDescriptors function via a Fastify endpoint.
  * Only available when the stage is explicitly set to "local".
  */
-export async function loadDescriptors(_request: FastifyRequest, reply: FastifyReply): Promise<void> {
+export async function loadDescriptors(request: FastifyRequest, reply: FastifyReply): Promise<void> {
   if (process.env.MEADOWLARK_STAGE !== 'local') {
     await reply.code(404).send('');
     return;
   }
-  await meadowlarkLoadDescriptors();
-  await reply.code(202).send('');
+  respondWith(await meadowlarkLoadDescriptors(fromRequest(request)), reply);
 }
diff --git a/Meadowlark-js/tests/e2e/package.json b/Meadowlark-js/tests/e2e/package.json
@@ -1,13 +1,13 @@
 {
   "name": "@edfi/meadowlark-e2e-tests",
   "main": "dist/index.js",
-  "version": "0.4.1-pre.7",
+  "version": "0.4.1-pre.8",
   "description": "Meadowlark Ed-Fi API end to end tests",
   "license": "Apache-2.0",
   "private": true,
   "files": [],
   "devDependencies": {
-    "@edfi/meadowlark-utilities": "0.4.1-pre.7",
+    "@edfi/meadowlark-utilities": "0.4.1-pre.8",
     "@testcontainers/mongodb": "^10.3.1",
     "@testcontainers/postgresql": "^10.3.1",
     "@types/chance": "^1.1.6",

diff --git a/Meadowlark-js/tests/e2e/scenarios/ResourcesCRUDValidation.test.ts b/Meadowlark-js/tests/e2e/scenarios/ResourcesCRUDValidation.test.ts
@@ -73,8 +73,9 @@ describe('when performing crud operations', () => {
         expect(getResponse.body).toEqual(expect.objectContaining(resourceBody));
       });
 
-      it('returns 404 when the resource does not exist', async () => {
-        const response = await getResourceByLocation(`${createdResourceLocation.slice(0, -1)}F`);
+      it('returns 404 when getting a different resource', async () => {
+        const randomUuid = '9fab6588-4082-4f1f-aca2-1ea345075dcf';
+        const response = await getResourceByLocation(`${createdResourceLocation.slice(0, -36)}${randomUuid}`);
         expect(response.statusCode).toEqual(404);
       });