release version 1.10.0

platform/runtime/security/secure-vault/secure-vault-design/src/main/java/ru/entaxy/security/vault/design/lookup/AddVaultsLookupCommand.java

@@ -0,0 +1,180 @@
+/*-
+ * ~~~~~~licensing~~~~~~
+ * secure-vault-design
+ * ==========
+ * Copyright (C) 2020 - 2024 EmDev LLC
+ * ==========
+ * You may not use this file except in accordance with the License Terms of the Copyright
+ * Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
+ * rights to the Software and any copies are the property of the Copyright Holder. Unless
+ * it is explicitly allowed the Copyright Holder, the User is prohibited from using the
+ * Software for commercial purposes to provide services to third parties.
+ * 
+ * The Copyright Holder hereby declares that the Software is provided on an "AS IS".
+ * Under no circumstances does the Copyright Holder guarantee or promise that the
+ * Software provided by him will be suitable or not suitable for the specific purposes
+ * of the User, that the Software will meet all commercial and personal subjective
+ * expectations of the User, that the Software will work properly, without technical
+ * errors, quickly and uninterruptedly.
+ * 
+ * Under no circumstances shall the Copyright Holder or its Affiliates is not liable
+ * to the User for any direct or indirect losses of the User, his expenses or actual
+ * damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
+ * or damage to data, property, etc.
+ * ~~~~~~/licensing~~~~~~
+ */
+package ru.entaxy.security.vault.design.lookup;
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.Reference;
+import org.osgi.service.component.annotations.ReferenceCardinality;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.gson.JsonObject;
+
+import ru.entaxy.esb.platform.runtime.base.connecting.generator.Generated;
+import ru.entaxy.platform.base.objects.EntaxyObject;
+import ru.entaxy.platform.base.objects.EntaxyObject.FIELDS;
+import ru.entaxy.platform.base.objects.factory.EntaxyFactory;
+import ru.entaxy.platform.base.objects.factory.EntaxyFactory.OutputInfo;
+import ru.entaxy.platform.base.objects.factory.exceptions.FactoryNotFoundException;
+import ru.entaxy.platform.base.support.CommonUtils;
+import ru.entaxy.platform.base.support.JSONUtils;
+import ru.entaxy.platform.core.producer.api.EntaxyProducerService;
+import ru.entaxy.platform.core.producer.api.ExecutionPlan.ExecutionPlanUpdate;
+import ru.entaxy.platform.core.producer.api.ProducerResult;
+import ru.entaxy.platform.core.producer.api.ProducerResult.CommandResult;
+import ru.entaxy.platform.core.producer.api.ProducingCommandExecutor;
+import ru.entaxy.platform.core.producer.executor.AbstractCommandExecutor;
+import ru.entaxy.platform.core.producer.executor.CommandExecutor;
+import ru.entaxy.platform.core.producer.executor.objectmodel.FactoredObject;
+import ru.entaxy.platform.core.producer.executor.objectmodel.FactoredObjectProxy;
+import ru.entaxy.platform.core.producer.executor.objectmodel.ObjectModel;
+
+@Component(service = ProducingCommandExecutor.class, immediate = true)
+@CommandExecutor(id = "add-vaults-lookup", predecessors = {"add-config"}, descendants = {"process-resources"})
+public class AddVaultsLookupCommand extends AbstractCommandExecutor implements ProducingCommandExecutor {
+
+    private static final Logger LOG = LoggerFactory.getLogger(AddVaultsLookupCommand.class);
+
+    public static final String SKIP_VAULTS_LOOKUP_DIRECTIVE = "@SKIP_VAULTS_LOOKUP";
+
+    public static final String VAULTS_LOOKUP_FIELD = "##vaults";
+
+    protected static final String VAULTS_FACTORY = "secure-vault-abstract";
+
+    protected static final String VAULTS_OUTPUT_FIELD = "vaultsField";
+
+    protected static final String VAULTS_OUTPUT_LOOKUP = "lookup";
+
+
+    @Reference(cardinality = ReferenceCardinality.MANDATORY)
+    EntaxyProducerService entaxyProducerServiceLocal;
+
+    Map<String, Object> vaultsFieldProperties = new HashMap<>();
+
+    public AddVaultsLookupCommand() {
+        super(null);
+    }
+
+    public AddVaultsLookupCommand(EntaxyProducerService entaxyProducerService) {
+        super(entaxyProducerService);
+    }
+
+    @Activate
+    public void activate() {
+        this.entaxyProducerService = this.entaxyProducerServiceLocal;
+        this.entaxyProducerService.registerCommand(this);
+        this.entaxyProducerService.extendLifecycle("general", this, Collections.emptyMap());
+
+        vaultsFieldProperties.put(EntaxyObject.FIELDS.FACTORY_ID, VAULTS_FACTORY);
+        vaultsFieldProperties.put(EntaxyObject.FIELDS.OBJECT_ID, "vaultsLookup");
+        vaultsFieldProperties.put(EntaxyObject.FIELDS.SCOPE, "private");
+        vaultsFieldProperties.put("outputType", VAULTS_OUTPUT_FIELD);
+        vaultsFieldProperties.put(EntaxyObject.FIELDS.PROPERTIES, Collections.emptyMap());
+
+    }
+
+    @Override
+    protected boolean doExecute(ProducerResult currentResult, CommandResult commandResult,
+            Map<String, Object> instructions) throws Exception {
+
+        ObjectModel objectModel = currentResult.findResultObject(ObjectModel.class);
+        objectModel.startTracking();
+
+        JsonObject incomingJson = objectModel.getJsonCurrent().deepCopy();
+
+        for (FactoredObject fo : objectModel.objects) {
+
+            // skip proxies
+            if (fo instanceof FactoredObjectProxy)
+                continue;
+
+            String factoryId = fo.factoryId;
+
+            EntaxyFactory factory = entaxyProducerService.findFactoryById(factoryId);
+            if (factory == null)
+                throw new FactoryNotFoundException(factoryId);
+
+            String output = fo.getOutputType();
+            OutputInfo oi = CommonUtils.isValid(output) ? factory.getOutputByType(output) : factory.getDefaultOutput();
+            Map<String, Object> config = oi.getConfig();
+            if (config != null) {
+                Object skipDirective = config.get(SKIP_VAULTS_LOOKUP_DIRECTIVE);
+                if (skipDirective != null) {
+                    LOG.debug("SKIPPING VAULTS LOOKUP FOR OBJECT :: {}/{}", fo.getObjectId(), fo.getObjectType());
+                    continue;
+                }
+            }
+            LOG.debug("OBJECT :: {}/{}", fo.getObjectId(), fo.getObjectType());
+
+            if (!fo.getObjectType().startsWith("entaxy.runtime") || "entaxy.runtime.config".equals(fo.getObjectType()))
+                continue;
+
+            JsonObject objectOrigin = fo.origin;
+            JsonObject objectProperties = objectOrigin.get(FIELDS.PROPERTIES).getAsJsonObject();
+
+            if (objectProperties.has(VAULTS_LOOKUP_FIELD))
+                continue;
+
+            Generated g = entaxyProducerService.findFactoryById(VAULTS_FACTORY).generate(VAULTS_OUTPUT_FIELD, "private",
+                    vaultsFieldProperties);
+
+            objectProperties.add(VAULTS_LOOKUP_FIELD,
+                    JSONUtils.getJsonRootObject(g.getObject().toString()));
+            objectModel.setDirty();
+
+        }
+
+        if (objectModel.stopTracking()) {
+
+            // remove ##embedded
+            for (FactoredObject fo : objectModel.objects)
+                fo.origin.remove(FactoredObject.EMBEDDED_FIELD);
+
+
+            commandResult.planUpdate = ExecutionPlanUpdate.create()
+                    // .updateInstructions().target("enrich").value("skip", true).complete()
+                    .reset().target("analyze").complete();
+        }
+
+        JsonObject outgoingJson = objectModel.getJsonCurrent();
+
+        printOutput("\n== INCOMING JSON ==\n");
+        printOutput(incomingJson.toString());
+        printOutput("\n== OUTGOING JSON ==\n");
+        printOutput(outgoingJson.toString());
+
+        commandResult.resultObject(outgoingJson);
+
+
+        return true;
+    }
+
+}

platform/runtime/security/secure-vault/secure-vault-design/src/main/resources/ru/entaxy/extensions/objectproducer/producer/config.json

@@ -0,0 +1,3 @@
+{
+	"supportedTypes": ["entaxy.security.vault"]
+}

platform/runtime/security/secure-vault/secure-vault-design/src/main/resources/ru/entaxy/factory/secure-vault-abstract.json

@@ -0,0 +1,35 @@
+{
+  "factory": {
+    "id": "secure-vault-abstract",
+    "type": "entaxy.security.vault",
+    "isAbstract": true,
+    "description": "Abstract factory for secure-vault"
+  },
+  "entaxy.security.vault": {},
+  "fields": {
+  },
+  "outputs": {
+    "init": {
+      "isDefault": true,
+      "config": {
+      	"configurable": false
+      }
+    },
+    "vaultsField": {
+      "isDefault": false,
+      "scopes": ["private", "public"],
+      "config": {
+      	"@SKIP_PUBLISH": {},
+      	"configurable": false
+      }
+    },
+    "lookup": {
+      "isDefault": false,
+      "scopes": ["private", "public"],
+      "config": {
+      	"@SKIP_PUBLISH": {},
+      	"configurable": false
+      }
+    }
+  }
+}

platform/runtime/security/secure-vault/secure-vault-design/src/main/resources/ru/entaxy/factory/secure-vault-resources.json

@@ -0,0 +1,45 @@
+{
+  "factory": {
+    "id": "secure-vault-resources",
+    "type": "entaxy.security.vault",
+    "displayName": "SECURE VAULT :: RESOURCES",
+    "isAbstract": false,
+    "parent": "secure-vault-abstract",
+    "description": "Factory secure-vault-resources of entaxy.security.vault. For more details see <a target=\"_blank\" href=\"https://docs.entaxy.ru/entaxy-core/${project.version}/core/security/vaults.html\">Entaxy docs</a>"
+  },
+  "entaxy.security.vault": {},
+  "fields": {
+    "resourceProvider": {
+      "type": "String",
+      "required": true,
+      "displayName": "Resource provider",
+      "description": "A customizable component defining and managing resource types within the storage system. By default, it's set to \"entaxy-file-internal\". For more details see <a target=\"_blank\" href=\"https://docs.entaxy.ru/entaxy-core/${project.version}/core/security/vaults.html\">Entaxy docs</a>",
+      "defaultValue": "entaxy-file-internal",
+      "#TODO": "Add enum to choose form existing resource providers"
+    },
+    "path": {
+      "type": "String",
+      "description": "Specifies the directory location for storing vault resources. If not explicitly defined, it defaults to .security/.vault/.test. For more details see <a target=\"_blank\" href=\"https://docs.entaxy.ru/entaxy-core/${project.version}/core/security/vaults.html\">Entaxy docs</a>",
+      "required": true,
+      "displayName": "Path",
+      "defaultValue": {
+        "@CALCULATED": {
+          "expression": ".security/.vault/.${objectId}",
+          "lazy": false
+        }
+      }
+    }
+  },
+  "outputs": {
+    "init": {
+      "isDefault": true,
+      "config": {
+        "configurable": false
+      },
+      "fields": {
+        "resourceProvider": {},
+        "path": {}
+      }
+    }
+  }
+}

platform/runtime/security/secure-vault/secure-vault-design/src/main/resources/ru/entaxy/templates/secure-vault-abstract/lookup.ftl

@@ -0,0 +1,15 @@
+[#ftl attributes={"generated.type":"blueprint.fragment"}]
+<!--
+	BEGIN secure vaults lookup components 
+-->
+<bean id="vaults.data.provider" class="ru.entaxy.security.vault.runtime.lookup.CmPropertiesDefaultsLookup" activation="eager">
+	<property name="bundleContext" ref="blueprintBundleContext" />
+</bean>	
+	
+<cm:property-placeholder id="vaults.lookup.placholder" xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.4.0" persistent-id="entaxy.secrets" update-strategy="reload" placeholder-prefix="$ENTAXY_SECRETS{" placeholder-suffix="}" defaults-ref="vaults.data.provider">
+</cm:property-placeholder>
+
+<bean id="vaults.data.provider.camel" class="ru.entaxy.security.vault.runtime.camel.EntaxyVaultAccessorFunction" activation="eager">
+</bean>
+
+<propertiesFunction xmlns="http://camel.apache.org/schema/blueprint" ref="vaults.data.provider.camel"/>

platform/runtime/security/secure-vault/secure-vault-design/src/main/resources/ru/entaxy/templates/secure-vault-abstract/vaultsField.ftl

@@ -0,0 +1,12 @@
+[#ftl attributes={"generated.type":"json"}]
+{
+	"factoryId": "secure-vault-abstract",
+	"objectId": "vaultsLookup",
+	"scope": "private",
+	"outputType": "lookup",
+	"properties": {},
+	"@INTERNAL": true,
+	"refConfig": {
+		"@INTERNAL": true
+	}
+}

platform/runtime/security/secure-vault/secure-vault-design/src/main/resources/ru/entaxy/templates/secure-vault-resources/init.ftl

@@ -0,0 +1,25 @@
+[#ftl attributes={"generated.type":"blueprint"}]
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd">
+	
+	<reference id="resource-service-ref" interface="ru.entaxy.esb.resources.EntaxyResourceService"/>
+
+	<reference id="[=properties.resourceProvider]-ref" interface="ru.entaxy.esb.resources.EntaxyResourceProvider"
+           filter="(protocol=[=properties.resourceProvider])"/>
+           	
+	<bean id="secure-vault-[=objectId]" class="ru.entaxy.security.vault.runtime.resourcevault.ResourceBasedVault" activation="eager" init-method="init">
+		<property name="resourceProtocol" value="[=properties.resourceProvider]" />
+		<property name="resourceProvider" ref="[=properties.resourceProvider]-ref" />
+		<property name="resourceService" ref="resource-service-ref" />
+		<property name="path" value="[=properties.path]" />
+	</bean>           
+	                                 
+   <service interface="ru.entaxy.security.vault.runtime.EntaxyVault" ref="secure-vault-[=objectId]">
+      <service-properties>
+         <entry key="name" value="[=objectId]"/>
+      </service-properties>
+   </service>		                                 
+	                                 
+</blueprint>