Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature: Add getAllNotifications query #3671

Merged
merged 11 commits into from
Jun 12, 2024
Merged

Feature: Add getAllNotifications query #3671

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
ce268e6
Commiting progress
CGoodwin90 Mar 6, 2024
29795d6
Updated query
CGoodwin90 Mar 7, 2024
463e6e2
Included pid
CGoodwin90 Mar 12, 2024
c7d775e
Cleaned up comment
CGoodwin90 Mar 20, 2024
77dbe3a
Merge branch 'main' of https://github.com/uselagoon/lagoon into all-n…
CGoodwin90 Mar 20, 2024
2257447
Included permission
CGoodwin90 Mar 20, 2024
70537d6
Included migration
CGoodwin90 Mar 21, 2024
28ca609
Merged main
CGoodwin90 Apr 4, 2024
8dc06e9
Resolved conflict
CGoodwin90 May 31, 2024
6bac733
Updated function casing
CGoodwin90 Jun 7, 2024
6ccac35
fix: move migration function call
shreddedbacon Jun 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions services/api/src/resolvers.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,7 @@ const {
deleteNotificationRocketChat,
deleteNotificationSlack,
deleteNotificationWebhook,
getAllNotifications,
getNotificationsByProjectId,
getNotificationsByOrganizationId,
removeNotificationFromProject,
Expand Down Expand Up @@ -582,6 +583,7 @@ const resolvers = {
allProjectsInGroup: getAllProjectsInGroup,
allProblemHarborScanMatchers: getProblemHarborScanMatches,
allUsers: getAllUsers,
allNotifications: getAllNotifications,
userByEmail: getUserByEmail,
projectsByMetadata: getProjectsByMetadata,
projectsByFactSearch: getProjectsByFactSearch,
Expand Down
31 changes: 31 additions & 0 deletions services/api/src/resources/notification/helpers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,4 +56,35 @@ export const Helpers = (sqlClientPool: Pool) => ({
await query(sqlClientPool, Sql.deleteProjectNotificationByProjectId(project, "email"));
await query(sqlClientPool, Sql.deleteProjectNotificationByProjectId(project, "webhook"));
},
selectAllNotifications: async () => {
let type = "slack"
// get all notifications
const slacks = await query(
sqlClientPool,
Sql.selectAllNotifications(type)
);
type = "rocketchat"
const rcs = await query(
sqlClientPool,
Sql.selectAllNotifications(type)
);
type = "microsoftteams"
const teams = await query(
sqlClientPool,
Sql.selectAllNotifications(type)
);
type = "email"
const email = await query(
sqlClientPool,
Sql.selectAllNotifications(type)
);
type = "webhook"
const webhook = await query(
sqlClientPool,
Sql.selectAllNotifications(type)
);
let result = [...slacks, ...rcs, ...teams, ...email, ...webhook]

return result
},
});
12 changes: 12 additions & 0 deletions services/api/src/resources/notification/resolvers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -705,3 +705,15 @@ export const removeAllNotificationsFromAllProjects: ResolverFn = async (
// TODO: Check rows for success
return 'success';
};

export const getAllNotifications: ResolverFn = async (
root,
args,
{ sqlClientPool, hasPermission }
) => {
await hasPermission('notification', 'viewAll');

const rows = await Helpers(sqlClientPool).selectAllNotifications();

return rows;
};
4 changes: 4 additions & 0 deletions services/api/src/resources/notification/sql.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ export const Sql = {
.select('nt.*', 'pn.*', knex.raw('? as orig_type', [type]))
.toString();
},
selectAllNotifications: (type: string) =>
knex(`notification_${type}`)
.select('*', knex.raw(`'${type}' as type`))
.toString(),
deleteProjectNotification: input => {
const deleteQuery = knex.raw(
`DELETE pn
Expand Down
4 changes: 4 additions & 0 deletions services/api/src/typeDefs.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1439,6 +1439,10 @@ const typeDefs = gql`
deployTargetConfigsByDeployTarget(deployTarget: Int!) : [DeployTargetConfig] @deprecated(reason: "Unstable API, subject to breaking changes in any release. Use at your own risk")
allDeployTargetConfigs: [DeployTargetConfig] @deprecated(reason: "Unstable API, subject to breaking changes in any release. Use at your own risk")
"""
List all notifications
"""
allNotifications: [Notification]
"""
List all organizations
"""
allOrganizations: [Organization] @deprecated(reason: "Unstable API, subject to breaking changes in any release. Use at your own risk")
Expand Down
14 changes: 14 additions & 0 deletions services/keycloak/lagoon-realm-2.16.0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1044,6 +1044,9 @@
},
{
"name": "delete"
},
{
"name": "viewAll"
}
]
},
Expand Down Expand Up @@ -2290,6 +2293,17 @@
"applyPolicies": "[\"[Lagoon] User has access to project\",\"[Lagoon] Users role for project is Developer\"]"
}
},
{
"name": "View All Notifications",
"type": "scope",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"config": {
"resources": "[\"notification\"]",
"scopes": "[\"viewAll\"]",
"applyPolicies": "[\"[Lagoon] Users role for realm is Platform Owner\"]"
}
},
{
"name": "View All Groups",
"type": "scope",
Expand Down
29 changes: 29 additions & 0 deletions services/keycloak/startup-scripts/00-configure-lagoon.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,34 @@ function migrate_to_custom_group_mapper {

}

function add_notification_view_all {
local api_client_id=$(/opt/keycloak/bin/kcadm.sh get -r lagoon clients?clientId=api --config $CONFIG_PATH | jq -r '.[0]["id"]')
local view_all_notifications=$(/opt/keycloak/bin/kcadm.sh get -r lagoon clients/$api_client_id/authz/resource-server/permission?name=View+All+Notifications --config $CONFIG_PATH)


if [ "$view_all_notifications" != "[ ]" ]; then
echo "notification:viewAll already configured"
return 0
fi

echo creating \"View All Notifications\" permissions

NOTIFICATION_RESOURCE_ID=$(/opt/keycloak/bin/kcadm.sh get -r lagoon clients/$api_client_id/authz/resource-server/resource?name=notification --config $CONFIG_PATH | jq -r '.[0]["_id"]')
/opt/keycloak/bin/kcadm.sh update clients/$CLIENT_ID/authz/resource-server/resource/$NOTIFICATION_RESOURCE_ID --config $CONFIG_PATH -r ${KEYCLOAK_REALM:-master} -s 'scopes=[{"name":"add"},{"name":"delete"},{"name":"view"},{"name":"deleteAll"},{"name":"removeAll"},{"name":"update"},{"name":"viewAll"}]'

/opt/keycloak/bin/kcadm.sh create clients/$api_client_id/authz/resource-server/permission/scope --config $CONFIG_PATH -r lagoon -f - <<EOF
{
"name": "View All Notifications",
"type": "scope",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"resources": ["notification"],
"scopes": ["viewAll"],
"policies": ["[Lagoon] Users role for realm is Platform Owner"]
}
EOF
}

function service-api_add_query-groups_permission {
if /opt/keycloak/bin/kcadm.sh get-roles -r lagoon --uusername service-account-service-api --cclientid realm-management --config /tmp/kcadm.config | jq -e '.[].name|contains("query-groups")' >/dev/null; then
echo "service-api already has query-groups realm-management role"
Expand Down Expand Up @@ -241,6 +269,7 @@ function configure_keycloak {
migrate_to_custom_group_mapper
#post 2.18.0+ migrations after this point
service-api_add_query-groups_permission
add_notification_view_all

# always run last
sync_client_secrets
Expand Down