From 31958fb3296a73fc0486228d2271102cb0243c80 Mon Sep 17 00:00:00 2001 From: "Stefano.D'aversa" Date: Thu, 9 Mar 2023 11:57:10 +0100 Subject: [PATCH] update function services with authorized cidrs --- CreateService/handler.ts | 17 ++++++++++------- CreateService/index.ts | 17 ++++++++++++----- RegenerateServiceKey/handler.ts | 6 ++++-- RegenerateServiceKey/index.ts | 10 +++++++++- UpdateService/handler.ts | 6 ++++-- UpdateService/index.ts | 15 ++++++++++++++- UploadServiceLogo/handler.ts | 6 ++++-- UploadServiceLogo/index.ts | 10 +++++++++- package.json | 2 +- utils/domain-errors.ts | 2 ++ utils/logging.ts | 3 ++- yarn.lock | 8 ++++---- 12 files changed, 75 insertions(+), 27 deletions(-) diff --git a/CreateService/handler.ts b/CreateService/handler.ts index 479b4770..a4e48e7e 100644 --- a/CreateService/handler.ts +++ b/CreateService/handler.ts @@ -61,6 +61,7 @@ import { AzureUserAttributesManageMiddleware, IAzureUserAttributesManage } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/azure_user_attributes_manage"; +import { SubscriptionCIDRsModel } from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { APIClient } from "../clients/admin"; import { ServicePayload } from "../generated/definitions/ServicePayload"; import { ServiceWithSubscriptionKeys } from "../generated/definitions/ServiceWithSubscriptionKeys"; @@ -243,13 +244,15 @@ export function CreateServiceHandler( * Wraps a CreateService handler inside an Express request handler. */ // eslint-disable-next-line prefer-arrow/prefer-arrow-functions -export function CreateService( +export const CreateService = ( telemetryClient: ReturnType, - serviceModel: ServiceModel, - client: APIClient, + client: APIClient +) => ( productName: NonEmptyString, - sandboxFiscalCode: NonEmptyString -): express.RequestHandler { + sandboxFiscalCode: NonEmptyString, + serviceModel: ServiceModel, + subscriptionCIDRsModel: SubscriptionCIDRsModel +): express.RequestHandler => { const handler = CreateServiceHandler( telemetryClient, client, @@ -263,7 +266,7 @@ export function CreateService( ClientIpMiddleware, SequenceMiddleware(ResponseErrorForbiddenNotAuthorized)( AzureUserAttributesMiddleware(serviceModel), - AzureUserAttributesManageMiddleware() + AzureUserAttributesManageMiddleware(subscriptionCIDRsModel) ), RequiredBodyPayloadMiddleware(ServicePayload) ); @@ -272,4 +275,4 @@ export function CreateService( checkSourceIpForHandler(handler, (_, __, c, u, ___) => ipTuple(c, u)) ) ); -} +}; diff --git a/CreateService/index.ts b/CreateService/index.ts index 554415c0..63dbbd8d 100644 --- a/CreateService/index.ts +++ b/CreateService/index.ts @@ -10,6 +10,10 @@ import { secureExpressApp } from "@pagopa/io-functions-commons/dist/src/utils/ex import { setAppContext } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/context_middleware"; import createAzureFunctionHandler from "@pagopa/express-azure-functions/dist/src/createAzureFunctionsHandler"; +import { + SubscriptionCIDRsModel, + SUBSCRIPTION_CIDRS_COLLECTION_NAME +} from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { cosmosdbInstance } from "../utils/cosmosdb"; import { apiClient } from "../clients/admin"; @@ -31,18 +35,21 @@ const serviceModel = new ServiceModel( cosmosdbInstance.container(SERVICE_COLLECTION_NAME) ); +const subscriptionCIDRsModel = new SubscriptionCIDRsModel( + cosmosdbInstance.container(SUBSCRIPTION_CIDRS_COLLECTION_NAME) +); + const telemetryClient = initTelemetryClient( config.APPINSIGHTS_INSTRUMENTATIONKEY ); app.post( "/api/v1/services", - CreateService( - telemetryClient, - serviceModel, - apiClient, + CreateService(telemetryClient, apiClient)( config.DEFAULT_SUBSCRIPTION_PRODUCT_NAME, - config.SANDBOX_FISCAL_CODE + config.SANDBOX_FISCAL_CODE, + serviceModel, + subscriptionCIDRsModel ) ); diff --git a/RegenerateServiceKey/handler.ts b/RegenerateServiceKey/handler.ts index d8c3a9ae..ba45df42 100644 --- a/RegenerateServiceKey/handler.ts +++ b/RegenerateServiceKey/handler.ts @@ -48,6 +48,7 @@ import { AzureUserAttributesManageMiddleware, IAzureUserAttributesManage } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/azure_user_attributes_manage"; +import { SubscriptionCIDRsModel } from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { APIClient } from "../clients/admin"; import { SubscriptionKeys } from "../generated/definitions/SubscriptionKeys"; import { SubscriptionKeyTypePayload } from "../generated/definitions/SubscriptionKeyTypePayload"; @@ -141,7 +142,8 @@ export function RegenerateServiceKeyHandler( // eslint-disable-next-line prefer-arrow/prefer-arrow-functions export function RegenerateServiceKey( serviceModel: ServiceModel, - client: APIClient + client: APIClient, + subscriptionCIDRsModel: SubscriptionCIDRsModel ): express.RequestHandler { const handler = RegenerateServiceKeyHandler(client); const middlewaresWrap = withRequestMiddlewares( @@ -150,7 +152,7 @@ export function RegenerateServiceKey( ClientIpMiddleware, SequenceMiddleware(ResponseErrorForbiddenNotAuthorized)( AzureUserAttributesMiddleware(serviceModel), - AzureUserAttributesManageMiddleware() + AzureUserAttributesManageMiddleware(subscriptionCIDRsModel) ), RequiredParamMiddleware("service_id", NonEmptyString), RequiredBodyPayloadMiddleware(SubscriptionKeyTypePayload) diff --git a/RegenerateServiceKey/index.ts b/RegenerateServiceKey/index.ts index cecbed77..a3976292 100644 --- a/RegenerateServiceKey/index.ts +++ b/RegenerateServiceKey/index.ts @@ -9,6 +9,10 @@ import { secureExpressApp } from "@pagopa/io-functions-commons/dist/src/utils/ex import { setAppContext } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/context_middleware"; import createAzureFunctionHandler from "@pagopa/express-azure-functions/dist/src/createAzureFunctionsHandler"; +import { + SubscriptionCIDRsModel, + SUBSCRIPTION_CIDRS_COLLECTION_NAME +} from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { cosmosdbInstance } from "../utils/cosmosdb"; import { apiClient } from "../clients/admin"; @@ -22,9 +26,13 @@ const serviceModel = new ServiceModel( cosmosdbInstance.container(SERVICE_COLLECTION_NAME) ); +const subscriptionCIDRsModel = new SubscriptionCIDRsModel( + cosmosdbInstance.container(SUBSCRIPTION_CIDRS_COLLECTION_NAME) +); + app.put( "/api/v1/services/:service_id/keys", - RegenerateServiceKey(serviceModel, apiClient) + RegenerateServiceKey(serviceModel, apiClient, subscriptionCIDRsModel) ); const azureFunctionHandler = createAzureFunctionHandler(app); diff --git a/UpdateService/handler.ts b/UpdateService/handler.ts index 270bec60..59fbccf3 100644 --- a/UpdateService/handler.ts +++ b/UpdateService/handler.ts @@ -54,6 +54,7 @@ import { AzureUserAttributesManageMiddleware, IAzureUserAttributesManage } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/azure_user_attributes_manage"; +import { SubscriptionCIDRsModel } from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { APIClient } from "../clients/admin"; import { ServicePayload } from "../generated/definitions/ServicePayload"; import { ServiceWithSubscriptionKeys } from "../generated/definitions/ServiceWithSubscriptionKeys"; @@ -259,7 +260,8 @@ export function UpdateServiceHandler( export function UpdateService( telemetryClient: ReturnType, serviceModel: ServiceModel, - client: APIClient + client: APIClient, + subscriptionCIDRsModel: SubscriptionCIDRsModel ): express.RequestHandler { const handler = UpdateServiceHandler(telemetryClient, client); const middlewaresWrap = withRequestMiddlewares( @@ -268,7 +270,7 @@ export function UpdateService( ClientIpMiddleware, SequenceMiddleware(ResponseErrorForbiddenNotAuthorized)( AzureUserAttributesMiddleware(serviceModel), - AzureUserAttributesManageMiddleware() + AzureUserAttributesManageMiddleware(subscriptionCIDRsModel) ), RequiredParamMiddleware("service_id", NonEmptyString), RequiredBodyPayloadMiddleware(ServicePayload) diff --git a/UpdateService/index.ts b/UpdateService/index.ts index 978d8725..ad3767da 100644 --- a/UpdateService/index.ts +++ b/UpdateService/index.ts @@ -10,6 +10,10 @@ import { secureExpressApp } from "@pagopa/io-functions-commons/dist/src/utils/ex import { setAppContext } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/context_middleware"; import createAzureFunctionHandler from "@pagopa/express-azure-functions/dist/src/createAzureFunctionsHandler"; +import { + SubscriptionCIDRsModel, + SUBSCRIPTION_CIDRS_COLLECTION_NAME +} from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { cosmosdbInstance } from "../utils/cosmosdb"; import { apiClient } from "../clients/admin"; @@ -30,13 +34,22 @@ const serviceModel = new ServiceModel( cosmosdbInstance.container(SERVICE_COLLECTION_NAME) ); +const subscriptionCIDRsModel = new SubscriptionCIDRsModel( + cosmosdbInstance.container(SUBSCRIPTION_CIDRS_COLLECTION_NAME) +); + const telemetryClient = initTelemetryClient( config.APPINSIGHTS_INSTRUMENTATIONKEY ); app.put( "/api/v1/services/:service_id", - UpdateService(telemetryClient, serviceModel, apiClient) + UpdateService( + telemetryClient, + serviceModel, + apiClient, + subscriptionCIDRsModel + ) ); const azureFunctionHandler = createAzureFunctionHandler(app); diff --git a/UploadServiceLogo/handler.ts b/UploadServiceLogo/handler.ts index e65a781c..971f3c66 100644 --- a/UploadServiceLogo/handler.ts +++ b/UploadServiceLogo/handler.ts @@ -49,6 +49,7 @@ import { AzureUserAttributesManageMiddleware, IAzureUserAttributesManage } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/azure_user_attributes_manage"; +import { SubscriptionCIDRsModel } from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { APIClient } from "../clients/admin"; import { withApiRequestWrapper } from "../utils/api"; import { getLogger, ILogger } from "../utils/logging"; @@ -142,7 +143,8 @@ export function UploadServiceLogoHandler( // eslint-disable-next-line prefer-arrow/prefer-arrow-functions export function UploadServiceLogo( serviceModel: ServiceModel, - client: APIClient + client: APIClient, + subscriptionCIDRsModel: SubscriptionCIDRsModel ): express.RequestHandler { const handler = UploadServiceLogoHandler(client); const middlewaresWrap = withRequestMiddlewares( @@ -151,7 +153,7 @@ export function UploadServiceLogo( ClientIpMiddleware, SequenceMiddleware(ResponseErrorForbiddenNotAuthorized)( AzureUserAttributesMiddleware(serviceModel), - AzureUserAttributesManageMiddleware() + AzureUserAttributesManageMiddleware(subscriptionCIDRsModel) ), RequiredParamMiddleware("service_id", NonEmptyString), RequiredBodyPayloadMiddleware(Logo) diff --git a/UploadServiceLogo/index.ts b/UploadServiceLogo/index.ts index 77f942db..b6321b60 100644 --- a/UploadServiceLogo/index.ts +++ b/UploadServiceLogo/index.ts @@ -9,6 +9,10 @@ import { secureExpressApp } from "@pagopa/io-functions-commons/dist/src/utils/ex import { setAppContext } from "@pagopa/io-functions-commons/dist/src/utils/middlewares/context_middleware"; import createAzureFunctionHandler from "@pagopa/express-azure-functions/dist/src/createAzureFunctionsHandler"; +import { + SubscriptionCIDRsModel, + SUBSCRIPTION_CIDRS_COLLECTION_NAME +} from "@pagopa/io-functions-commons/dist/src/models/subscription_cidrs"; import { cosmosdbInstance } from "../utils/cosmosdb"; import { apiClient } from "../clients/admin"; @@ -22,9 +26,13 @@ const serviceModel = new ServiceModel( cosmosdbInstance.container(SERVICE_COLLECTION_NAME) ); +const subscriptionCIDRsModel = new SubscriptionCIDRsModel( + cosmosdbInstance.container(SUBSCRIPTION_CIDRS_COLLECTION_NAME) +); + app.put( "/api/v1/services/:service_id/logo", - UploadServiceLogo(serviceModel, apiClient) + UploadServiceLogo(serviceModel, apiClient, subscriptionCIDRsModel) ); const azureFunctionHandler = createAzureFunctionHandler(app); diff --git a/package.json b/package.json index 6f1c54d2..b4ac90af 100644 --- a/package.json +++ b/package.json @@ -61,7 +61,7 @@ "@pagopa/express-azure-functions": "^2.0.0", "@pagopa/io-backend-notifications-sdk": "x", "@pagopa/io-functions-admin-sdk": "x", - "@pagopa/io-functions-commons": "^26.6.0", + "@pagopa/io-functions-commons": "^27.4.0", "@pagopa/ts-commons": "^10.14.0", "applicationinsights": "^1.7.4", "azure-storage": "^2.10.4", diff --git a/utils/domain-errors.ts b/utils/domain-errors.ts index bb6ee035..835c6c3b 100644 --- a/utils/domain-errors.ts +++ b/utils/domain-errors.ts @@ -56,6 +56,8 @@ export const cosmosErrorsToString = (errs: CosmosErrors): NonEmptyString => pipe( errs.kind === "COSMOS_EMPTY_RESPONSE" ? "Empty response" + : errs.kind === "COSMOS_CONFLICT_RESPONSE" + ? "Conflict response" : errs.kind === "COSMOS_DECODING_ERROR" ? "Decoding error: " + errorsToReadableMessages(errs.error).join("/") : "Generic error: " + JSON.stringify(errs.error), diff --git a/utils/logging.ts b/utils/logging.ts index 0d4ccc2c..a536ec1d 100644 --- a/utils/logging.ts +++ b/utils/logging.ts @@ -12,7 +12,8 @@ export const getLogger = ( logCosmosErrors: (errs: CosmosErrors): void => context.log.error( `${logPrefix}|${name}|COSMOS_ERROR|ERROR_DETAILS=${ - errs.kind === "COSMOS_EMPTY_RESPONSE" + errs.kind === "COSMOS_EMPTY_RESPONSE" || + errs.kind === "COSMOS_CONFLICT_RESPONSE" ? errs.kind : errs.kind === "COSMOS_DECODING_ERROR" ? errorsToReadableMessages(errs.error).join("/") diff --git a/yarn.lock b/yarn.lock index a344db9a..18655b8c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -654,10 +654,10 @@ fp-ts "^2.10.5" io-ts "^2.2.16" -"@pagopa/io-functions-commons@^26.6.0": - version "26.6.0" - resolved "https://registry.yarnpkg.com/@pagopa/io-functions-commons/-/io-functions-commons-26.6.0.tgz#a51b16708393d86104dc980ca05c4bbcb3c59f67" - integrity sha512-U40ckW7+Re6slOMY0u9rpwzTjZeYRkDn54bc2/Pl4eDFgOmKjUMlPvd8qergfeq+MsBVfY5tIS6cQ4H4OqfWcw== +"@pagopa/io-functions-commons@^27.4.0": + version "27.4.0" + resolved "https://registry.yarnpkg.com/@pagopa/io-functions-commons/-/io-functions-commons-27.4.0.tgz#fe0fa128954286a7aec665aeeb21e73d6e54d02b" + integrity sha512-M8g89OM1w4KB7VLPntyc+vRO+tuZRXlKK6GtI8+4G2H3XihiidlXdia+CUv3sqKs4FhwWfnY8GFrc75nt1GcYQ== dependencies: "@azure/cosmos" "^3.17.1" "@pagopa/ts-commons" "^10.13.0"