Merge branch 'develop'

Author: Gerald Unterrainer

pom.xml

@@ -17,7 +17,7 @@
 
 	<modelVersion>4.0.0</modelVersion>
 	<artifactId>http-server</artifactId>
-	<version>0.2.6</version>
+	<version>0.2.7</version>
 	<name>HttpServer</name>
 	<packaging>jar</packaging>
 

src/main/java/info/unterrainer/commons/httpserver/GenericHandlerGroup.java

@@ -46,6 +46,11 @@ public class GenericHandlerGroup<P extends BasicJpa, J extends BasicJson, E> imp
 	private final LinkedHashMap<Endpoint, Role[]> accessRoles;
 	private final ExecutorService executorService;
 	private final HandlerUtils hu = new HandlerUtils();
+	private final String tenantIdRowName;
+	private final BasicDao<? extends BasicJpa, E> tenantDao;
+	private final Class<? extends BasicJpa> tenantJpaType;
+	private final String fieldRowName;
+	private final String tenantRowName;
 
 	@Override
 	public void addHandlers(final HttpServer server) {

src/main/java/info/unterrainer/commons/httpserver/GenericHandlerGroupBuilder.java

@@ -39,6 +39,12 @@ public class GenericHandlerGroupBuilder<P extends BasicJpa, J extends BasicJson,
 	private List<GetListInterceptor> getListInterceptors = new ArrayList<>();
 	private ExecutorService executorService;
 
+	private String tenantIdRowName;
+	private String tenantRowName;
+	private String tenantFieldRowName;
+	private BasicDao<? extends BasicJpa, E> tenantDao;
+	private Class<? extends BasicJpa> tenantJpaType;
+
 	HandlerExtensions<P, J, E> extensions = new HandlerExtensions<>();
 	private LinkedHashMap<Endpoint, Role[]> accessRoles = new LinkedHashMap<>();
 
@@ -51,7 +57,8 @@ public HttpServer add() {
 			executorService = server.executorService;
 		GenericHandlerGroup<P, J, E> handlerGroupInstance = new GenericHandlerGroup<>(dao, jpaType, jsonType,
 				daoTransactionManager, jsonMapper, orikaFactory.getMapperFacade(), path, endpoints, getListInterceptors,
-				extensions, accessRoles, executorService);
+				extensions, accessRoles, executorService, tenantIdRowName, tenantDao, tenantJpaType, tenantFieldRowName,
+				tenantRowName);
 		server.addHandlerGroup(handlerGroupInstance);
 		return server;
 	}
@@ -65,6 +72,21 @@ public GenericHandlerGroupBuilder<P, J, E> addRoleFor(final Endpoint endpoint, f
 		return this;
 	}
 
+	public GenericHandlerGroupBuilder<P, J, E> isMultiTenantEnabledByIdRow(final String tenantIdRowName) {
+		this.tenantIdRowName = tenantIdRowName;
+		return this;
+	}
+
+	public <TP extends BasicJpa> GenericHandlerGroupBuilder<P, J, E> isMultiTenantEnabledByTable(
+			final BasicDao<TP, E> tenantDao, final Class<TP> tenantJpaType, final String fieldRowName,
+			final String tenantRowName) {
+		this.tenantDao = tenantDao;
+		this.tenantJpaType = tenantJpaType;
+		this.tenantFieldRowName = fieldRowName;
+		this.tenantRowName = tenantRowName;
+		return this;
+	}
+
 	public GenericHandlerGroupBuilder<P, J, E> dao(final BasicDao<P, E> dao) {
 		this.dao = dao;
 		return this;

src/main/java/info/unterrainer/commons/httpserver/accessmanager/HttpAccessManager.java

@@ -8,6 +8,7 @@
 import java.net.http.HttpRequest;
 import java.net.http.HttpResponse.BodyHandlers;
 import java.security.PublicKey;
+import java.util.HashSet;
 import java.util.Set;
 import java.util.function.Consumer;
 
@@ -52,8 +53,7 @@ public HttpAccessManager(final String host, final String realm) {
 
 	@Override
 	public void manage(final Handler handler, final Context ctx, final Set<Role> permittedRoles) throws Exception {
-		checkAccess(ctx, permittedRoles,
-				((HttpServer) ctx.attribute(Attribute.JAVALIN_SERVER)).getUserAccessInterceptor());
+		checkAccess(ctx, permittedRoles);
 		handler.handle(ctx);
 	}
 
@@ -101,10 +101,9 @@ private void initPublicKey() {
 		}
 	}
 
-	private void checkAccess(final Context ctx, final Set<Role> permittedRoles,
-			final Consumer<UserDataJson> userAccessInterceptor) {
+	private void checkAccess(final Context ctx, final Set<Role> permittedRoles) {
 		try {
-			TokenVerifier<AccessToken> tokenVerifier = persistUserInfoInContext(ctx, userAccessInterceptor);
+			TokenVerifier<AccessToken> tokenVerifier = persistUserInfoInContext(ctx);
 
 			if (permittedRoles.isEmpty() || permittedRoles.contains(DefaultRole.OPEN) && permittedRoles.size() == 1)
 				return;
@@ -146,8 +145,7 @@ private boolean hasPermittedRole(final Context ctx, final Set<Role> permittedRol
 		return false;
 	}
 
-	private TokenVerifier<AccessToken> persistUserInfoInContext(final Context ctx,
-			final Consumer<UserDataJson> userAccessInterceptor) {
+	private TokenVerifier<AccessToken> persistUserInfoInContext(final Context ctx) {
 		String authorizationHeader = ctx.header(HttpHeader.AUTHORIZATION.asString());
 
 		if (authorizationHeader == null || authorizationHeader.isBlank())
@@ -171,24 +169,32 @@ private TokenVerifier<AccessToken> persistUserInfoInContext(final Context ctx,
 			ctx.attribute(Attribute.USER_EMAIL_VERIFIED, token.getEmailVerified());
 			ctx.attribute(Attribute.USER_REALM_ROLES, token.getRealmAccess().getRoles());
 
+			String tenant = (String) token.getOtherClaims().get("tenant");
+			ctx.attribute(Attribute.USER_CLIENT_ATTRIBUTE_TENANT, tenant);
+			ctx.attribute(Attribute.USER_TENANT_SET, createTenantSetFrom(tenant));
+
 			Set<String> clientRoles = Set.of();
 			String key = token.getIssuedFor();
 			if (token.getResourceAccess().containsKey(key))
 				clientRoles = token.getResourceAccess().get(key).getRoles();
 			ctx.attribute(Attribute.USER_CLIENT_ROLES, clientRoles);
 
-			userAccessInterceptor.accept(UserDataJson.builder()
-					.userName(userName)
-					.givenName(token.getGivenName())
-					.client(token.getIssuedFor())
-					.familyName(token.getFamilyName())
-					.email(token.getEmail())
-					.emailVerified(token.getEmailVerified())
-					.realmRoles(token.getRealmAccess().getRoles())
-					.clientRoles(clientRoles)
-					.isActive(token.isActive())
-					.isBearer(token.getType().equalsIgnoreCase("bearer"))
-					.build());
+			Consumer<UserDataJson> userAccessInterceptor = ((HttpServer) ctx.attribute(Attribute.JAVALIN_SERVER))
+					.getUserAccessInterceptor();
+			if (userAccessInterceptor != null)
+				userAccessInterceptor.accept(UserDataJson.builder()
+						.userName(userName)
+						.givenName(token.getGivenName())
+						.client(token.getIssuedFor())
+						.familyName(token.getFamilyName())
+						.email(token.getEmail())
+						.emailVerified(token.getEmailVerified())
+						.realmRoles(token.getRealmAccess().getRoles())
+						.tenant(tenant)
+						.clientRoles(clientRoles)
+						.isActive(token.isActive())
+						.isBearer(token.getType().equalsIgnoreCase("bearer"))
+						.build());
 
 			if (!token.isActive()) {
 				setTokenRejectionReason(ctx, "Token is inactive.");
@@ -211,6 +217,20 @@ private TokenVerifier<AccessToken> persistUserInfoInContext(final Context ctx,
 		}
 	}
 
+	private Object createTenantSetFrom(final String tenant) {
+		Set<String> tenantSet = new HashSet<>();
+		if (tenant == null || tenant.isBlank())
+			return tenantSet;
+
+		String[] tenants = tenant.split(",");
+		for (String t : tenants) {
+			if (t.isBlank())
+				continue;
+			tenantSet.add(t.trim());
+		}
+		return tenantSet;
+	}
+
 	private void setTokenRejectionReason(final Context ctx, final String reason) {
 		ctx.attribute(Attribute.KEYCLOAK_TOKEN_REJECTION_REASON, reason);
 	}

src/main/java/info/unterrainer/commons/httpserver/daos/BasicAsyncDao.java

@@ -1,49 +1,40 @@
 package info.unterrainer.commons.httpserver.daos;
 
-import javax.persistence.TypedQuery;
-
 import info.unterrainer.commons.httpserver.jsons.ListJson;
 import info.unterrainer.commons.rdbutils.entities.BasicJpa;
 
 public interface BasicDao<P extends BasicJpa, E> {
 
 	P getById(Long id);
 
-	ListJson<P> getList(long offset, long size);
-
-	ListJson<P> getList(long offset, long size, String whereClause, ParamMap params);
-
 	P create(P entity);
 
 	P update(P entity);
 
+	ListJson<P> getList(E em, long offset, long size, String selectClause, String joinClause, String whereClause,
+			ParamMap params, String orderByClause);
+
 	UpsertResult<P> upsert(String whereClause, ParamMap params, P entity);
 
-	UpsertResult<P> upsert(TypedQuery<P> query, P entity);
+	UpsertResult<P> upsert(Query<P, P> query, P entity);
 
 	void delete(Long id);
 
 	P getById(E em, Long id);
 
-	ListJson<P> getList(E em, long offset, long size);
+	<T> QueryBuilder<P, T> query(Class<T> resultType);
 
-	ListJson<P> getList(E em, long offset, long size, String whereClause, ParamMap params);
+	QueryBuilder<P, P> query();
 
-	ListJson<P> getList(E em, long offset, long size, String joinClause, String whereClause, ParamMap params);
-
-	ListJson<P> getList(E em, long offset, long size, String selectClause, String joinClause, String whereClause,
-			ParamMap params);
-
-	ListJson<P> getList(E em, long offset, long size, String selectClause, String joinClause, String whereClause,
-			ParamMap params, String orderByClause);
+	CountQueryBuilder<P> countQuery();
 
 	P create(E em, P entity);
 
 	P update(E em, P entity);
 
 	UpsertResult<P> upsert(E em, String whereClause, ParamMap params, P entity);
 
-	UpsertResult<P> upsert(E em, TypedQuery<P> query, P entity);
+	UpsertResult<P> upsert(E em, Query<P, P> query, P entity);
 
 	void delete(E em, Long id);
 }