IGDD-2010 Make health check public #141
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Updating "format" of the group-role-mapping.json file. Not a content change. Just setting to the format that the API interaction will end up re-formatting the file to so that we aren't constantly seeing the "default" file change. * Update GroupRoleMapping model with more descriptive error message. Change groupName to NotBlank validation so that one can't create a Group/Role mapping with an empty string for the name. * Update ApiController to add CRUD calls for GroupRoleMapping. * Update Postman tests to add checks for GroupRoleMapping API. * Removed TODO from ApiController
* IGDD-1960 - CVE hotfix (#123) * Update pom.xml to remove specifying Spring versions for different dependencies now that 3.4.4 starter covers scenarios. * Update pom.xml to remove individual dependencies that are already being pulled in by parent. * Update pom.xml to bump up openapi version to be compatible with Spring 6.4.4 change. Create hotfix 0.6.1 * Update pom.xml to bump up openapi version to last version compatible with Spring 6.4.4. * Update Postman tests to add check for Swagger. * Bump up to hotfix version 0.6.1. Add configuration to make updating Camel versions easier. * Bump up camel version. * Revert "IGDD-1960 - CVE hotfix (#123)" This reverts commit 5b5a8e4. * IGDD-1960 - CVE hotfix (#124) (#128) * Update pom.xml to remove specifying Spring versions for different dependencies now that 3.4.4 starter covers scenarios. * Update pom.xml to remove individual dependencies that are already being pulled in by parent. * Update pom.xml to bump up openapi version to be compatible with Spring 6.4.4 change. Create hotfix 0.6.1 * Update pom.xml to bump up openapi version to last version compatible with Spring 6.4.4. * Update Postman tests to add check for Swagger. * Bump up to hotfix version 0.6.1. Add configuration to make updating Camel versions easier. * Bump up camel version. * Remove unused and unnecessary precondition-fields.json configuration file. (#126) * IGDD-1955 - Group/Role Mapping API (#127) * Updating "format" of the group-role-mapping.json file. Not a content change. Just setting to the format that the API interaction will end up re-formatting the file to so that we aren't constantly seeing the "default" file change. * Update GroupRoleMapping model with more descriptive error message. Change groupName to NotBlank validation so that one can't create a Group/Role mapping with an empty string for the name. * Update ApiController to add CRUD calls for GroupRoleMapping. * Update Postman tests to add checks for GroupRoleMapping API. * Removed TODO from ApiController * Bump develop branch up to 0.7.0
* Add .run folder (create by IntellJ depending on configuration) to .gitignore. * Add CRUD calls for AccessControl to ApiController. Update validation messages on AccessControl model. * Add user validation so that checks can be done in Access Control API that a valid userId is being passed. * Add CRUD calls for User to ApiController. * Update User model with more validations and updated validation messages. Check in users.json default configuration with space/syntax to match how it gets updated via API. * Fix validation message in User model. Add Postman tests for Users api. Start of Postman tests for Access Controls. * Update spacing/syntax on default access-control.json file to match format set by processing via API. * Finish Access Control tests in Postman. * Create BaseApiController as start of splitting monster ApiController. Create UserApiController. * Create PipelineApiController * Split the rest of the API endpoints into their own files. Removed ApiController. Tweaks to postman for some access control tests to work (needed to look for a specific validation error inside the message instead of assuming the whole message would be equal). * Tweak Access Control postman tests so that the temporary Organization and User needed are always added as active. Was randomly picking a boolean value, resulting in false errors when the User and/or Organization were added active = false. * Removed ability to delete User via API after internal discussion. Update Postman tests to account for the idea that we won't be able to add a temporary user, both to test the User endpoints but also the Access Control test.
* Adding $convert operation * Fixed one conflict in pom.xml * Add C-CDA Header * Update for R01 Requester * Added C-CDA converter for Labs and Immunizations * Fixing conflict in pom.xml * Removing .checkstyle * Move FHIR Converter to utils package of v2tofhir * Removing unused FhirConverter import. * Address name change for v2tofhir. * Completing the rebase to develop. Small formatting changes to config files. --------- Co-authored-by: Paul Cahill <[email protected]>
* IGDD-1971 Verify roles when creating or updating group mappings Added code to check the values in GroupMapping.setRoles() and Roles.ALL_ROLES to list all legal roles. * Added tests for create/update with invalid role. * Update Postman checks for invalid roles. The post-response script was checking for the wrong HTTP response code and payload. --------- Co-authored-by: Austin Moody <[email protected]>
* Refactoring and warning cleanup * Resolving IGDD-1889
…ations (#135) * Adding logic to handle user-org access controls for pipelines. * Latest updates to access control for pipelines. * Fixing minor typo. * Changing the code to not force a ussr to have at least one organization. * Modifying the GenericService to filter objects that do not have organizations that are related to the user. qModifying code to validate objects requiring a single organization and those that require a list of organizations. Changing organizationId to be a UUID instead of a string. Adding an OrganizationAware interface for those objects that support an organizationId. * Refactoring organization validation to use common code. * Documentation change to specify 'object' instead of 'pipeline'. * Restoring config files. Adding organizations to existing users in users.json file. * Updating the Postman tests. * Update Postman so that "TS_TC_02 VXU Mapping" for certficate uses x-xform-organization with value d339cd15-2e57-4456-94b6-1e14f079a0de. All other integration tests for certificate use this. The previous value of 0d15449b-fb08-4013-8985-20c148b353fe isn't assigned to all users. --------- Co-authored-by: Austin Moody <[email protected]>
* Add Austin jwt user. Update administrator group/role mapping to match IDP. * Start of updates to Postman for Okta JWT. * Finished updates to Postman tests for Okta * Override org.apache.httpcomponents.client5 being brought in by camel-http for vulnerability score. Update owasp scanner. * Exclude mysql from izgw-core depedency. Xform Service currently does not use a database. * Final Postman change for Okta JWT integration * Bump spring boot version --------- Co-authored-by: Austin Moody <[email protected]>
* Update pom.xml for 0.8.0 release * Update pom.xml to fix version
… to allow public access.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Added code to use a new role called "public-access" in API controllers, then using it AccessControlService to allow access to it.