auth into separate class

Author: duhizjame

server/app/src/main/java/io/whitefox/api/deltasharing/server/DeltaSharesApiImpl.java

@@ -48,13 +48,12 @@ public DeltaSharesApiImpl(
   @Override
   public Response getShare(String share) {
     return wrapExceptions(
-        () ->
-            optionalToNotFound(shareService.getShare(share),
-                    foundShare ->
-                    shareToForbidden(foundShare, s -> {
-                        var resultShare = new Share().name(s.name()).id(s.id());
-                        return Response.ok(resultShare).build();
-                    })),
+        () -> optionalToNotFound(
+            shareService.getShare(share),
+            foundShare -> shareToForbidden(foundShare, s -> {
+              var resultShare = new Share().name(s.name()).id(s.id());
+              return Response.ok(resultShare).build();
+            })),
         exceptionToResponse);
   }
 
@@ -87,9 +86,15 @@ public Response getTableMetadata(
               clientCapabilitiesMapper.parseDeltaSharingCapabilities(deltaSharingCapabilities);
           return optionalToNotFound(
               deltaSharesService.getTableMetadata(
-                  share, schema, table, startingTimestamp, clientCapabilities),
+                  share,
+                  schema,
+                  table,
+                  startingTimestamp,
+                  clientCapabilities,
+                  getRequestPrincipal()),
               m -> optionalToNotFound(
-                  deltaSharesService.getTableVersion(share, schema, table, startingTimestamp),
+                  deltaSharesService.getTableVersion(
+                      share, schema, table, startingTimestamp, getRequestPrincipal()),
                   v -> Response.ok(
                           tableResponseSerializer.serialize(
                               DeltaMappers.toTableResponseMetadata(m)),
@@ -106,33 +111,39 @@ public Response getTableMetadata(
   @Override
   public Response getTableVersion(
       String share, String schema, String table, String startingTimestampStr) {
-
     return wrapExceptions(
-        () ->
-        optionalToNotFound(shareService.getShare(share), foundShare -> shareToForbidden(foundShare, s -> {
+        () -> {
           var startingTimestamp = parseTimestamp(startingTimestampStr);
           return optionalToNotFound(
-              deltaSharesService.getTableVersion(share, schema, table, startingTimestamp),
+              deltaSharesService.getTableVersion(
+                  share, schema, table, startingTimestamp, getRequestPrincipal()),
               t -> Response.ok().header(DELTA_TABLE_VERSION_HEADER, t).build());
-        })),
+        },
         exceptionToResponse);
   }
 
   @Override
   public Response listALLTables(String share, Integer maxResults, String pageToken) {
     return wrapExceptions(
-        () ->
-        optionalToNotFound(shareService.getShare(share), foundShare -> shareToForbidden(foundShare, s ->
-            optionalToNotFound(
-                            deltaSharesService.listTablesOfShare(
-                                    share, parseToken(pageToken), Optional.ofNullable(maxResults)),
-                            c -> Response.ok(c.getToken()
-                                            .map(t -> new ListTablesResponse()
-                                                    .items(mapList(c.getContent(), DeltaMappers::table2api))
-                                                    .nextPageToken(tokenEncoder.encodePageToken(t)))
-                                            .orElse(new ListTablesResponse()
-                                                    .items(mapList(c.getContent(), DeltaMappers::table2api))))
-                                    .build()))),
+        () -> optionalToNotFound(
+            shareService.getShare(share),
+            foundShare -> shareToForbidden(
+                foundShare,
+                s -> optionalToNotFound(
+                    deltaSharesService.listTablesOfShare(
+                        share,
+                        parseToken(pageToken),
+                        Optional.ofNullable(maxResults),
+                        getRequestPrincipal()),
+                    c -> Response.ok(c.getToken()
+                            .map(
+                                t -> new ListTablesResponse()
+                                    .items(mapList(c.getContent(), DeltaMappers::table2api))
+                                    .nextPageToken(tokenEncoder.encodePageToken(t)))
+                            .orElse(
+                                new ListTablesResponse()
+                                    .items(mapList(c.getContent(), DeltaMappers::table2api))))
+                        .build()))),
         exceptionToResponse);
   }
 
@@ -141,7 +152,11 @@ public Response listSchemas(String share, Integer maxResults, String pageToken)
     return wrapExceptions(
         () -> optionalToNotFound(
             deltaSharesService
-                .listSchemas(share, parseToken(pageToken), Optional.ofNullable(maxResults))
+                .listSchemas(
+                    share,
+                    parseToken(pageToken),
+                    Optional.ofNullable(maxResults),
+                    getRequestPrincipal())
                 .map(ct -> ct.getToken()
                     .map(t -> new ListSchemasResponse()
                         .nextPageToken(tokenEncoder.encodePageToken(t))
@@ -156,8 +171,8 @@ public Response listSchemas(String share, Integer maxResults, String pageToken)
   public Response listShares(Integer maxResults, String pageToken) {
     return wrapExceptions(
         () -> {
-          var c =
-              deltaSharesService.listShares(parseToken(pageToken), Optional.ofNullable(maxResults));
+          var c = deltaSharesService.listShares(
+              parseToken(pageToken), Optional.ofNullable(maxResults), getRequestPrincipal());
           var response =
               new ListShareResponse().items(mapList(c.getContent(), DeltaMappers::share2api));
           return Response.ok(c.getToken()
@@ -173,7 +188,11 @@ public Response listTables(String share, String schema, Integer maxResults, Stri
     return wrapExceptions(
         () -> optionalToNotFound(
             deltaSharesService.listTables(
-                share, schema, parseToken(pageToken), Optional.ofNullable(maxResults)),
+                share,
+                schema,
+                parseToken(pageToken),
+                Optional.ofNullable(maxResults),
+                getRequestPrincipal()),
             c -> Response.ok(c.getToken()
                     .map(t -> new ListTablesResponse()
                         .items(mapList(c.getContent(), DeltaMappers::table2api))
@@ -206,7 +225,8 @@ public Response queryTable(
               schema,
               table,
               DeltaMappers.api2ReadTableRequest(queryRequest),
-              clientCapabilitiesMapper.parseDeltaSharingCapabilities(deltaSharingCapabilities));
+              clientCapabilitiesMapper.parseDeltaSharingCapabilities(deltaSharingCapabilities),
+              getRequestPrincipal());
           var serializedReadResult =
               tableQueryResponseSerializer.serialize(DeltaMappers.readTableResult2api(readResult));
           return Response.ok(serializedReadResult, ndjsonMediaType)

server/app/src/main/java/io/whitefox/api/server/ApiUtils.java

@@ -12,6 +12,7 @@
 import java.time.OffsetDateTime;
 import java.time.format.DateTimeFormatter;
 import java.time.format.DateTimeParseException;
+import java.util.Map;
 import java.util.Optional;
 import java.util.function.Function;
 import java.util.function.Supplier;
@@ -71,22 +72,8 @@ default <T> Response optionalToNotFound(Optional<T> opt, Function<T, Response> f
   }
 
   default Response shareToForbidden(Share value, Function<Share, Response> fn) {
-    if (value.recipients().contains(getRequestPrincipal()))
-      return fn.apply(value);
-    else
-      return Response.status(Response.Status.FORBIDDEN).build();
-  }
-
-  default String getResponseFormatHeader(Map<String, String> deltaSharingCapabilities) {
-    return String.format(
-        "%s=%s",
-        DeltaHeaders.DELTA_SHARING_RESPONSE_FORMAT, getResponseFormat(deltaSharingCapabilities));
-  }
-
-  default String getResponseFormat(Map<String, String> deltaSharingCapabilities) {
-    return deltaSharingCapabilities.getOrDefault(
-        DeltaHeaders.DELTA_SHARING_RESPONSE_FORMAT,
-        DeltaSharedTable.DeltaShareTableFormat.RESPONSE_FORMAT_PARQUET);
+    if (value.recipients().contains(getRequestPrincipal())) return fn.apply(value);
+    else return Response.status(Response.Status.FORBIDDEN).build();
   }
 
   default Principal getRequestPrincipal() {

server/app/src/test/java/io/whitefox/api/deltasharing/server/DeltaSharesApiImplAwsTest.java

@@ -91,7 +91,7 @@ public void updateStorageManagerWithS3Tables() {
                         "s3share",
                         s3IcebergTable1(s3TestConfig, awsGlueTestConfig))),
                 "s3share")),
-        new Principal("Mr fox"),
+        new Principal("Mr. Fox"),
         0L));
   }
 

server/app/src/test/java/io/whitefox/api/server/ShareV1ApiImplTest.java

@@ -57,7 +57,7 @@ void createShare() {
         .statusCode(201)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(0)))
+        .body("recipients", is(hasSize(1)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -89,7 +89,7 @@ void addRecipientsToShare() {
         .statusCode(200)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(3)))
+        .body("recipients", is(hasSize(4)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -105,7 +105,7 @@ void addSameRecipientTwice() {
         .statusCode(200)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(3)))
+        .body("recipients", is(hasSize(4)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -121,7 +121,7 @@ void addAnotherRecipient() {
         .statusCode(200)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(4)))
+        .body("recipients", is(hasSize(5)))
         .body("schemas", is(hasSize(0)))
         .body("createdAt", is(0))
         .body("createdBy", is("Mr. Fox"))
@@ -143,7 +143,7 @@ public void createSchema() {
         .statusCode(201)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(4)))
+        .body("recipients", is(hasSize(5)))
         .body("schemas", is(hasSize(1)))
         .body("schemas[0]", is("schema1"))
         .body("createdAt", is(0))
@@ -185,7 +185,7 @@ public void addTableToSchema() {
         .statusCode(201)
         .body("name", is("share1"))
         .body("comment", is(nullValue()))
-        .body("recipients", is(hasSize(4)))
+        .body("recipients", is(hasSize(5)))
         .body("schemas", is(hasSize(1)))
         .body("schemas[0]", is("schema1"))
         .body("createdAt", is(0))
@@ -200,7 +200,7 @@ ValidatableResponse createEmptyShare(String name) {
         .when()
         .filter(whitefoxFilter)
         .body(
-            new CreateShareInput().name(name).recipients(List.of()).schemas(List.of()),
+            new CreateShareInput().name(name).recipients(List.of("Mr. Fox")).schemas(List.of()),
             new Jackson2Mapper((cls, charset) -> objectMapper))
         .header(new Header("Content-Type", "application/json"))
         .post("/whitefox-api/v1/shares")

server/core/build.gradle.kts

@@ -19,9 +19,9 @@ dependencies {
     implementation(enforcedPlatform("${quarkusPlatformGroupId}:${quarkusPlatformArtifactId}:${quarkusPlatformVersion}"))
     // QUARKUS
     compileOnly("jakarta.enterprise:jakarta.enterprise.cdi-api")
-    compileOnly("jakarta.ws.rs:jakarta.ws.rs-api")
+    implementation("jakarta.ws.rs:jakarta.ws.rs-api")
     compileOnly("org.eclipse.microprofile.config:microprofile-config-api")
-
+    implementation("org.glassfish.jersey.core:jersey-common:3.1.2")
 
     testFixturesImplementation(String.format("jakarta.inject:jakarta.inject-api:%s", jakartaVersion))
     testFixturesImplementation(String.format("org.eclipse.microprofile.config:microprofile-config-api:%s", microprofileConfigVersion))

server/core/src/main/java/io/whitefox/core/Share.java

@@ -50,7 +50,7 @@ public Share(
         id,
         schemas,
         Optional.empty(),
-        Set.of(),
+        Set.of(createPrincipal),
         createTime,
         createPrincipal,
         createTime,

server/core/src/main/java/io/whitefox/core/WhitefoxAuthorization.java

@@ -0,0 +1,19 @@
+package io.whitefox.core;
+
+import jakarta.enterprise.context.ApplicationScoped;
+import lombok.Data;
+
+public interface WhitefoxAuthorization {
+
+  Boolean authorize(Share share, Principal principal);
+
+  @Data
+  @ApplicationScoped
+  class WhitefoxSimpleAuthorization implements WhitefoxAuthorization {
+
+    @Override
+    public Boolean authorize(Share share, Principal principal) {
+      return share.recipients().contains(principal);
+    }
+  }
+}

server/core/src/main/java/io/whitefox/core/services/DeltaSharesService.java

@@ -13,34 +13,49 @@
 public interface DeltaSharesService {
 
   Optional<Long> getTableVersion(
-      String share, String schema, String table, Optional<Timestamp> startingTimestamp);
+      String share,
+      String schema,
+      String table,
+      Optional<Timestamp> startingTimestamp,
+      Principal principal);
 
   ContentAndToken<List<Share>> listShares(
-      Optional<ContentAndToken.Token> nextPageToken, Optional<Integer> maxResults);
+      Optional<ContentAndToken.Token> nextPageToken,
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   Optional<Metadata> getTableMetadata(
       String share,
       String schema,
       String table,
       Optional<Timestamp> startingTimestamp,
-      ClientCapabilities clientCapabilities);
+      ClientCapabilities clientCapabilities,
+      Principal currentPrincipal);
 
   Optional<ContentAndToken<List<Schema>>> listSchemas(
-      String share, Optional<ContentAndToken.Token> nextPageToken, Optional<Integer> maxResults);
+      String share,
+      Optional<ContentAndToken.Token> nextPageToken,
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   Optional<ContentAndToken<List<SharedTable>>> listTables(
       String share,
       String schema,
       Optional<ContentAndToken.Token> nextPageToken,
-      Optional<Integer> maxResults);
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   Optional<ContentAndToken<List<SharedTable>>> listTablesOfShare(
-      String share, Optional<ContentAndToken.Token> token, Optional<Integer> maxResults);
+      String share,
+      Optional<ContentAndToken.Token> token,
+      Optional<Integer> maxResults,
+      Principal currentPrincipal);
 
   ReadTableResult queryTable(
       String share,
       String schema,
       String table,
       ReadTableRequest queryRequest,
-      ClientCapabilities clientCapabilities);
+      ClientCapabilities clientCapabilities,
+      Principal currentPrincipal);
 }